From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-lj1-f177.google.com (mail-lj1-f177.google.com [209.85.208.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id 6F82D442BB1 for ; Fri, 27 Mar 2020 11:28:30 +0300 (MSK) Received: by mail-lj1-f177.google.com with SMTP id g12so9329744ljj.3 for ; Fri, 27 Mar 2020 01:28:30 -0700 (PDT) Date: Fri, 27 Mar 2020 11:28:28 +0300 From: Konstantin Osipov Message-ID: <20200327082828.GB3620@atlas> References: <7982fc7b062b2424689a990de1f76ca2ff0e4f50.1585053743.git.lvasiliev@tarantool.org> <20200324200216.GA18984@atlas> <178dd6a0-cdee-532c-3d0a-af76062d5f6c@tarantool.org> <20200326211343.yx5zretcu6fwrlfr@tkn_work_nb> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200326211343.yx5zretcu6fwrlfr@tkn_work_nb> Subject: Re: [Tarantool-patches] [PATCH 3/6] iproto: Add negotiation phase List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Alexander Turenko Cc: tarantool-patches@dev.tarantool.org * Alexander Turenko [20/03/27 11:14]: I think the criteria for making the decision is checking that clients can cope with extra fields in AUTH response map. If they do, no need to add a new packet, simply use existing packet after renaming. Otherwise introduce a new one. Please check auth implementation in iproto - AFAIR it flushes the iproto_msg pipe, so is synchronous. We also had a proposal to introduce stream identifiers, necessary for interactive transactions. Perhaps we need to revive this proposal to make sure we don't have to change the protocol one more time to add streams, and introduce all the keys for streams right away - it's also a session control statement. > > > * Leonid Vasiliev [20/03/24 16:02]: > > > > The negotiation phase has been added to IPROTO > > > > > > > > For possibility to have a custom parameters of session the negotiation > > > > phase has been added. This is necessary to enable the transmission of > > > > an error in different formats(depending on the choice of the client). > > > > > > > > @TarantoolBot document > > > > Title: IPROTO: The negatiation phase > > > > For backward compatibility of the data transmission format, > > > > the negotiation phase has been added to IPROTO. > > > > A new key (IPROTO_NEGOTIATION) has been added to IPROTO command codes. > > > > NEGOTIATION BODY: CODE = 0x0E > > > > +==========================+ > > > > | | > > > > | NEGOTIATION PARAMETERS | > > > > | | > > > > +==========================+ > > > > MP_MAP > > > > Session negotiation parameters are a map with keys like ERROR_FORMAT_VERSION ... > > > > The response is a map with all stated negotiation parameters. > > > > So, for work with the new format of errors, it is necessary to perform the negotiation phase, > > > > otherwise errors will be transmitted in the old format (by default). > > > > > > Why not make it a key in IPROTO_AUTH, and require a separate > > > round-trip? > > Hi. Because it's not a part of AAA. > > We discussed it a bit with Leonid and his main concern is naming. AUTH > is not about session settings. > > We can rename the packet identifier to, say, ALTER_SESSION within our > code, but keep the code (a number) the same. (Alternative: introduce a > new ALTER_SESSION packet, which able to authorize and set session > parameters; don't sure what is better.) > > (If we'll look into the variant with keeping the packet number.) This > ALTER_SESSION packet should be backward compatible with AUTH by the > request and response format (at least for responses for requests w/o > newly introduced fields). > > ALTER_SESSION should support: > > * Request: acquiring a specific value for a session parameter (any of > supported session sessings, not only one). > * Response: explicitly state that all requested settings were applied > (to distinguish old/new server responses, the old one will only do > authorization). > * Should support altering of session settings w/o (re)auth. > > Is it looks okay for you, Leonid? > > WBR, Alexander Turenko. -- Konstantin Osipov, Moscow, Russia