File: [local] / OpenXM / doc / OpenXM-specs / OX-RFC-103.oxw (download)
Revision 1.5, Sun Sep 19 12:17:40 2004 UTC (19 years, 9 months ago) by takayama
Branch: MAIN
CVS Tags: RELEASE_1_2_3 Changes since 1.4: +134 -75
lines
A rough description of OX-RFC-104 (OpenXM grid) has been completed.
The next step is implementing an experimental server.
After testing the experimental server, OX-RFC-104 will be revised.
|
% $OpenXM: OpenXM/doc/OpenXM-specs/OX-RFC-103.oxw,v 1.5 2004/09/19 12:17:40 takayama Exp $
/*&C
OX-RFC: 103 OpenXM committers
December 9, 2003,
September 19, 2004
*/
//&en Supplement to OX-RFC-100
//&en --- Broadcasting in process trees and engine authentication
//&ja OX-RFC-100 $B$X$NDI2C5!G=(B
//&ja --- $B%W%m%;%9LZ9=B$$G$NF1Js$H%(%s%8%sG'>Z(B
/*&C
Status of this memo
This is an experimental specification.
Distribution of this memo is unlimited.
Copyright Notice
OpenXM.org, 2003, 2004
*/
/*&ja
@@$BMWLs(B
$B$3$N(B RFC $B$O(B OpenXM RFC 100 ($B$*$h$S(B 101) $B$N<BAu$K$h$jL@$i$+$K$J$C$?<o!9$NLdBjE@$r$b$H$K(B
RFC 100 $B%W%m%H%3%k$X$N4v$D$+$NDI2C$rDs0F$9$k(B.
*/
//&ja @@$BCfCG$*$h$SJQ?t$NEAGE(B
//&en @@Propagation of an interruption and a value of a variable
//&ja @@@$BCfCG(B
//&en @@@Interruption
/*&ja
OX RFC 103 $B$G$O(B,
$B%(%s%8%s$O(B OX RFC 100 $B$KDj5A$5$l$?CfCG=hM}$r40N;$7$?$N$A(B,
$B$5$i$K<!$N=hM}$r$*$3$J$o$J$$$H$$$1$J$$(B.
$B>e0U2<C#$NCfCG=hM}(B:
1. $B<+J,$N;R6!%W%m%;%9$r$9$Y$F%j%9%H$9$k(B
($B$?$H$($P(B asir $B$N>l9g$O(B ox_get_serverinfo())
2. $B;R6!%W%m%;%9$K=gHV$K(B OpenXM-RFC 100 $B$NCfCG%a%C%;!<%8$rAw$k(B.
*/
/*&en
Engines complient to OX RFC 103 must execute the following
procedures after finishing the interruption exception
defined by OX RFC 100.
1. List all the child processes.
(For example, use the function ox_get_serverinfo() in case of asir).
2. Send all the child processes the interruption message defined
OX RFC 100.
*/
//&ja @@@$B%5!<%PLZ$NBg0hJQ?t(B
//&en @@@Global variable of the tree of the servers
//&ja OX RFC 103 $BBP1~$N%(%s%8%s$O%(%s%8%s4X?t(B
/*&en
The engines complient to OX RFC 103 implement the engine function
*/
/*&C
ox103_set_shared_variable(CMO string Name, CMO object value)
*/
/*&ja
$B$r<BAu$7$F$$$k(B.
$B$3$N4X?t$,8F$P$l$k$H(B, $B%(%s%8%s%9%?%C%/%^%7%s$NJQ?t(B Name $B$KCM(B value
$B$,@_Dj$5$l(B, $B$5$i$K;R$I$b$N%W%m%;%9$9$Y$F$N%(%s%8%s4X?t(B
ox103_set_shared_variable
$B$r$h$V(B.
*/
/*&en
When this function is called,
the value value is assigned to
the variable Name of the engine stackmachine
and the engine calls the function
ox103_set_shared_variable
of all the child processes with the same arguments.
*/
/*&ja
$B$?$H$($P(B,
$B$3$N5!G=$O(B asir-contrib $B$K$*$$$FJQ?t(B Xm_noX (ox server $BMQ$N(B debug
window $B$rI=<($9$k$+$7$J$$$+$N%U%i%0(B) $B$NCM$rF1Js$9$k$N$KMQ$$$F$$$k(B.
*/
/*&en
For example,
this protocol is used in the asir-contrib
to broad cast the value of the variable Xm\_noX,
which is the flag of hiding the debug window of an ox server.
*/
//&ja @@$B?7$7$$(B CMO
//&en @@New CMO
//&ja @@$B%U%!%$%k$X$NFI$_=q$-(B
//&en @@File IO
//&ja @@$B%(%s%8%sG'>Z<jB3$-(B
//&en @@Engine authentication
/*&ja
$B%P%$%H%*!<%@!<$r7h$a$k$?$a$N>pJs8r49(B (OX-RFC 100 $B;2>H(B) $B$NA0$K(B
$B%(%s%8%sG'>Z<jB3$-$r$*$3$J$&(B.
$BG'>Z%W%m%H%3%k$K$O2<$N?^$N(B step 1, step 2, step 3 $B$G$"$k(B.
client server
---------------- step 1 ----------------------->
ssh $B$K$h$k(B server $B$X$N(B login.
controle server, engine server $B$H$N@\B3$r3NN)$9$k$?$a$N(B
$B%]!<%HHV9f$*$h$S(B -control= ... , -data=...
$BG'>ZJ}K!$*$h$S(B -authtype=NONE | <<oneTimePassword>>
$BG'>Z%Q%9%o!<%I(B -passControl=... , -passData=...
$B$bAw?.$5$l$k(B.
$BG'>Z%Q%9%o!<%I$N0E9f(B -authEncoding=<<NONE>> | file | RSA
$B2=J}K!$N;XDj(B.
<< >> $B$O(B src/kxx/ox $B$NI8=`CM(B
<---------------- step 2 -------------------------->
-reverse $B$N>l9g$O(B <--- $B$N8~$-$K(B TCP/IP $B@\B3$,3NN)$5$l$k(B.
$B$=$&$G$J$$$H$-$O(B ---> $B$N8~$-$K(B TCP/IP $B@\B3$,3NN)$5$l$k(B.
<---------------- step 3 -------------------------->
-authtype=oneTimePassword $B$N;~(B.
connect $B$7$?B&$,(B accept $B$7$?B&$X(B oneTimePassword $B$rAw$k(B.
$BKvHx$N(B 0 $B$rAw?.$9$k(B.
$B0J2<(B launcher $B$N;E;v$O=*N;$7$F(B, engine $B$H(B control $B$K@)8f$,0\$k(B.
<---------------- step 4 -------------------------->
engine $B$N(B byte order $B$r@_Dj(B.
<---------------------------------------------------->
OpenXM $B$N%Q%1%C%H8r49(B
*/
/*&ja
authtype $B$O(B NONE $B$+(B oneTimePassword $B$G$"$k(B.
oneTimePassword $B$O1Q?t;z$G9=@.$5$l$?Ns$G$"$k(B.
oneTimePassword $B$O>o$K%/%i%$%"%s%H$G@8@.$5$l$F(B, $B$J$s$i$+$NJ}K!$G%5!<%P$K(B
$BG[Aw$5$l$k(B. connect $BB&$,(B oneTimePassword $B$rJ?J8$G(B accept $BB&$KAw?.$7$F(B
$BG'>Z$,=*N;$9$k(B.
authEncoding $B$G(B oneTimePassword $B$NG[AwJ}K!$r5,Dj$9$k(B.
authEncoding $B$O(B NONE $B$+(B file $B$+(B RSA $B$G$"$k(B.
authEncoding=NONE $B$,A*Br$5$l$?>l9g(B oneTimePassword $B$NG[Aw$KFCJL$JJ}K!$rMxMQ(B
$B$7$J$$(B.
NONE $B$rA*Br$7$?>l9g(B, $B8=:_$N(B ox launcher $B$N<BAu$G$O$?$H$($P(B -passControl
$B$N$"$H$K(B oneTimePassword $B$,@8$N7A$G8=$l$k$3$H$H$J$k(B.
Unix $B$N>l9g$3$l$O(B command $B$N0z?t$G$"$j(B client $B$H(B server $B$NDL?.O)$,(B
ssh $BEy$G0E9f2=$5$l$F$$$?$H$9$k$H%M%C%H%o!<%/%f!<%6$OGA$-$_$k$3$H$O$G$-$J$$$,(B,
$BF10l5!$N%f!<%6$O8+$k$3$H$,2DG=$G$"$k(B.
$B$7$?$,$C$F(B NONE $B$NA*Br$,2DG=$G$"$k$N$O(B client $B$*$h$S(B server $B$,==J,?.Mj(B
$B$G$-$k$H$-$K8B$k(B.
*/
/*&ja
@@@authEncoding=file $B$N>l9g(B.
authEncoding=file $B$rA*Br$7$?>l9g$O(B oneTimePassword $B$OJL$KMQ0U$5$l$?0BA4$J(B
$BDL?.7PO)(B($B$?$H$($P(B scp) $B$rMQ$$$F(B file $B$H$7$FG[Aw$5$l$k(B.
oneTimePassword $B$,3JG<$5$l$?(B file $BL>$r(B -passControl, -passData $B0z?t$GEO$9(B.
file $BL>$O(B $HOME/.openxm/tmp.otp/ $B$+$i$NAjBP%Q%9L>$G$"$k(B.
$B%Q%9$N6h@Z$jJ8;z$O(B windows $B$G$b(B / $B$rMQ$$$k(B.
$B%/%i%$%"%s%H$O<!$N5,B'$G%U%!%$%kL>$r@8@.$9$k(B.
$B%U%!%$%kL>$K$O1Q?t;z$H(B . - _ $B$NMxMQ$7$+$f$k$5$l$J$$(B. $B%U%!%$%kL>$O<!$N7A<0(B
$B$G$"$k(B.
clientname-servernameUidPidSerial-time.pass
$B$3$3$G(B time $B$O(B time(2) $B$NLa$jCM$r?t;zJ8;zNs$KJQ49$7$?7A<0$G$"$k(B.
oneTimePassword $B$N@8@.;~9o$r@Z$j>e$2$F(B 10 $BJ,Kh$N@5;~$KJQ49$7$?$b$N$H$9$k(B.
servernameUidPidSerial $B$O(B client $B$,(B oneTimePassword $B$r@8@.$7$F$+$i(B
10 $BJ,4V(B, $B%/%i%$%"%s%H%7%9%F%`$G9b$$3NN($G0l0UE*$G$"$k$3$H$,J]>Z$5$l$F$$$k(B
$BJ8;zNs$J$i$J$s$G$b$h$$(B.
$BNc(B
client server
oneTimePassword 1342546 $B$r3JG<$7$?%U%!%$%k(B
yama.openxm.org-00001-2312123123.pass $B$r@8@.(B
oneTimePassword 89123888 $B$r3JG<$7$?%U%!%$%k(B
yama.openxm.org-00002-2312123124.pass $B$r@8@.(B
----------------------------------------------------->
$B>e$NFs$D$N%U%!%$%k$r0BA4$JDL?.O)$rMQ$$$FG[Aw$9$k(B.
($B$?$H$($P(B scp )
----------------------------------------------------->
ox -authtype oneTimePassword
-authEncoding file
-passControl yama.openxm.org-00001-2312123123.pass
-passData yama.openxm.org-00002-2312123124.pass
<---------------- step 2 -------------------------->
-reverse $B$N>l9g$O(B <--- $B$N8~$-$K(B TCP/IP $B@\B3$,3NN)$5$l$k(B.
$B$=$&$G$J$$$H$-$O(B ---> $B$N8~$-$K(B TCP/IP $B@\B3$,3NN)$5$l$k(B.
<---------------- step 3 -------------------------->
connect $B$7$?B&$,(B accept $B$7$?B&$X(B oneTimePassword $B$rJ?J8$G$*$/$k(B.
oneTimePassword 1342546 $B$r3JG<$7$?%U%!%$%k(B
yama.openxm.org-00001-2312123123.pass $B$r(B server $B$K@8@.$9$k$?$a$K(B
$B$?$H$($P(B sendStringAsAfile(char *servername, char *serveruser,
char *filename, char *otp);
$B$N$h$&$J(B API $B$rMQ0U$7$F$*$/$H$h$$$G$"$m$&(B.
*/
/*&ja
@@@authEncoding=RSA $B$N>l9g(B.
RSA $B$NHkL)80(B, $B8x3+80$r3JG<$9$k%U%!%$%kL>$O0J2<$N$H$*$j(B.
$HOME/.openxm/rsa/ox103-rsa0-identity ($BHkL)80$r$J$i$Y$?$b$N(B)
$HOME/.openxm/rsa/ox103-rsa0-identity.pub ($B8x3+80(B: $B$3$N7A<0$G$OMxMQ$5$l$:(B)
$HOME/.openxm/rsa/ox103-rsa0-authorizedkeys ($B8x3+80$r$J$i$Y$?$b$N(B)
$B80%U%!%$%k$O<!$N%G!<%?$r6uGr$G6h@Z$C$FJB$Y$?$b$N$G$"$k(B.
user$B<1JL;R(B $B80(B($B#1#0?J?t;zNs(B) RSA$B%U%)!<%^%C%H<1JL;R(B(optional)
$B%3%a%s%H9T$O(B # $B$G;O$^$k(B.
$B3F%G!<%?$N6h@Z$j$O(B 0xd $B$^$?$O(B 0xa $B$^$?$O(B $BN>J}$G$"$k(B.
$B%U%)!<%^%C%H<1JL;R$,(B 0 $B$N>l9g$O8x3+800E9f2=(B
x --> x^65537 mod n $B$rMQ$$(B, 128 byte (1024 bit) $B$E$D%G!<%?$r6h@Z$C$F=hM}$9$k(B.
$BHkL)800E9f2=$O(B x --> x^d mod n $B$rMQ$$$k(B.
$B%U%)!<%^%C%H<1JL;R(B 0 $B$O<B83MQ$N0UL#(B.
$BHkL)80$O(B n,d , $B8x3+80$O(B n $B$N7A<0$G(B n $B$H(B d $B$O(B , $B$G6h@Z$k(B.
$BJ8;zNs$rAw?.$9$k$H$-$O(B 0 $B$,J8;zNs=*$j$N%^!<%/$H$J$j(B,
0 $B$G$N$3$jItJ,$rKd$a$k(B. $B%P%$%HNs$rAw$k$H$-$O%G!<%?$ND9$5$OJLAw$9$k(B.
Todo: $B80$N3JG<J}K!(B, $B%G!<%?6h@Z$j$NJ}K!$J$I2DG=$J8B$j(B
RFC3447 $B$K=`5r$9$k$h$&$KJQ99$;$h(B. $B=`5r$,40N;$7$?$i(B -rsa0- $B$r(B
-rsa- $B$HJQ99$9$k(B.
$BNc(B:
client $BB&(B
ox103-rsa0-identity
# client $BB&$,;H$&HkL)80(B
takayama@client.math.kobe-u.ac.jp 1234523....
ox103-rsa0-authorizedkeys
@ server $BB&$,;H$&HkL)80$KBP1~$9$k8x3+80(B
takayama@server.math.kobe-u.ac.jp 8989898....
server $BB&(B
ox103-rsa0-identity
# server $BB&$,;H$&HkL)80(B
takayama@server.math.kobe-u.ac.jp 8781234....
ox103-rsa0-authorizedkeys
@ client $BB&$,;H$&HkL)80$KBP1~$9$k8x3+80(B
takayama@client.math.kobe-u.ac.jp 89891....
authEncoding=RSA $B$rMxMQ$9$k>l9g$O$3$l$i$N80$rE,@Z$K(B .openxm/rsa $B$N2<$K(B
$BCV$+$J$$$H$$$1$J$$(B. .openxm/rsa $B$N(B permission $B$O(B rwx------ $B$G$"$k$3$H(B.
$BCm0U(B: $BHkL)80$r@8$G3JG<$7$J$$>l9g%U%!%$%kL>$r(B ox103-rsa2-* $BEy$HJQ99$9$k(B
$BM=Dj(B. RSA encoding $BJ}K!$O?t;zL5$7(B, $B?t;z$NBg$-$$$b$N$+$i80%U%!%$%k$r(B
$B=gHV$K%5!<%A$7$F(B RSA $B$N%U%)!<%^%C%H$r7hDj$9$k(B.
authEncoding=RSA $B$N>l9g(B -passData $B$*$h$S(B -passControl $B$O(B
oneTimePassword ($BJ8;zNs(B) $B$r(B bit data $B$H$_$F(B rsa $B$G0E9f2=$7$?$b$N$r(B
URL encoding $B$7$?7A$GAw$k(B.
oneTimePassword $B$N<~4|$O==J,Bg$-$/$J$$$H$$$1$J$$(B.
$B0lG/$O(B 31536000 $BIC$G$"$k(B. 100 $BG/$O(B 3153600000 $BIC(B (10 $B7e(B) $B$G$"$k(B.
oneTimePassword $B$O?t;z$N>l9g(B 10 $B7e0J>e$G$"$k$3$H$,I,?\$G$"$j(B,
20 $B7e0J>e$G$"$k$3$H$,K>$^$7$$(B.
*/
/*&ja
@@@Step 1 $B$,<:GT$7$?>l9g$K$D$$$F(B.
Step 1 $B$N<:GT$N860x$K$O<!$N$h$&$J2DG=@-$,$"$k(B.
1. ssh $B$K$h$k(B remote login $B$N<:GT(B.
2. Remote server $B$N%Q%9$K(B ox100start/ox $BEy$N%m!<%s%A%c$,B8:_$7$J$$(B.
3. Remote server $B$K(B xterm $B$,B8:_$7$J$$$+(B, $BB8:_$7$F$b(B X $B%5!<%P$N@\B3$K<:GT$9$k(B.
4. Remote server $B$K%(%s%8%s$,B8:_$7$J$$(B.
5. Remote server $B$H(B client $B$N(B TCP/IP $B@\B3$,$J$s$i$+$N860x$G<:GT$9$k(B.
$B<:GT$N>l9g$KBP1~$9$k$?$a(B,
TCP/IP $B@\B3$G$N(B Accept $BB&$O%?%$%`%"%&%HF0:n$r$9$k$3$H(B.
$B<:GT$N860x$rCN$i$;$k%W%m%H%3%k$O$-$a$i$l$F$$$J$$$,(B,
$B<BAu>e$NBP:v$H$7$F0J2<$N$b$N$,$"$k(B.
1. $B%(%i!<%a%C%;!<%8$r=PNO$7$F(B sleep(10); $B$9$k(B.
2. $B%(%i!<%a%C%;!<%8$r%U%!%$%kEy$K=PNO$9$k(B.
$B$J$*(B OX-RFC-101 $B$G$O(B Step 1 $B$,J,N%$7$F$$$k$?$a(B, $B%(%i!<$NDLCN$,$h$j4JC1$G$"$k(B.
*/
//&ja @@$B9W8%<T$*$h$S;n83<BAu(B
//&en @@Contributors and sample implementations
/*&ja
$BCfCG$*$h$SJQ?t$NEAGE$K$D$$$F$O9b;3$,@_7W(B, asir $B$*$h$S(B kan/sm1 $B$X$N(B
$B<BAu(B, $BI>2A$r$*$3$J$C$?(B.
(OpenXM/src/asir-contrib/packages/src/oxrfc103.rr,
OpenXM/src/kan96xx/Doc/oxrfc103.sm1
$B$r$_$h(B).
$B%(%s%8%sG'>Z<jB3$-$N(B file encoding $BK!$OLnO$$H9b;3$N5DO@$+$i@8$^$l$?(B.
$B%(%s%8%sG'>Z<jB3$-$O(B ox100start, ox $B$KItJ,<BAu$5$l$F$$$k(B.
OpenXM/src/kxx/
$B$N%U%!%$%k72$*$h$S(B
OpenXM/src/kan96xx/Doc/ox.sm1
$B$r$_$h(B.
$BNc(B: sm1$B$r5/F08e(B, (ox.sm1) run asirconnectr
*/
/*&ja
$B9TNs(B, $B%Y%/%H%k$N(B CMO $B$O(B NTL $B$N%5!<%P2=$r%F%9%H%1!<%9$H$7$F(B
$B4d:,$,@_7W(B, $B<BAu(B, $BI>2A$r9T$C$?(B.
RSA $B$N%-!<@8@.(B, DES $BEy$N(B OpenXM crypt $B%i%$%V%i%j$N<BAu$O4d:,$,$*$3$J$C$F$$$k(B.
OpenXM/src/ox_ntl/crypt $B$r$_$h(B.
*/
//&ja @@$B;29MJ88%(B
//&en @@Bibliography
/*&C
[OpenXM-RFC-100] Design and Implementation of OpenXM Client-Server Model
and Common Mathematical Object Format. M.Noro, N.Takayama
[OpenXM-RFC-101] Protocol to Start Engines. K.Ohara
[RFC3447] Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography
Specifications Version 2.1. J. Jonsson, B. Kaliski. February 2003.
(Format: TXT=143173 bytes) (Obsoletes RFC2437) (Status:
INFORMATIONAL)
*/