-
Notifications
You must be signed in to change notification settings - Fork 7
Migrate from callbacks to sockopts #34
Comments
The new code should define two new socket options: Inside the handshake function, we need to determine if the peer wants to use authentication (PSK or otherwise). If so, we need to return After the caller receives @frozencemetery @puiterwijk Thoughts? |
I agree with the idea of moving away from callbacks - that's closer to the design I went with in GSSAPI as well. My one concern would be making sure that the same interface works with the different TLS backends we have, but barring that, it sounds good to me. |
So, I think that this might work reasonably, but we should make sure there's a way for the application to figure out what kind of keys they are requested to set (PSK user/pass, cert/key, ...). I do think this makes it less clear that all of these options can be clearer again after handshake: the memory management could become somewhat more complicated: Does tlssock copy option values or do we expect pointers to options to remain valid for the duration of the handshake? How about post-handshake for a renegotiation or re-authentication? |
Changes in main.c, remove the callback functions. Change the structure in on_conn() function. Use setsockopt() and getsockopt() to set or get handshake parameters. This is a series of commits that are related to issue:enarx-archive#33, enarx-archive#34
Changes in main.c, remove the callback functions. Change the structure in on_conn() function. Use setsockopt() and getsockopt() to set or get handshake parameters. This is a series of commits that are related to issue:enarx-archive#33, enarx-archive#34
Currently, the HANDSHAKE sockopt calls callbacks. Let's move to socket options instead of callbacks.
The text was updated successfully, but these errors were encountered: