From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id 92FCF2DE73 for ; Wed, 8 May 2019 04:52:04 -0400 (EDT) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uxdD95pASStD for ; Wed, 8 May 2019 04:52:04 -0400 (EDT) Received: from smtpng2.m.smailru.net (smtpng2.m.smailru.net [94.100.179.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTPS id E522327804 for ; Wed, 8 May 2019 04:52:03 -0400 (EDT) Subject: [tarantool-patches] Re: [PATCH 2/2] swim: implement and expose transport-level encryption From: Vladislav Shpilevoy References: <5f06694d23bd5fc3e630a42244089193371ce7b3.1556561487.git.v.shpilevoy@tarantool.org> Message-ID: Date: Wed, 8 May 2019 11:52:01 +0300 MIME-Version: 1.0 In-Reply-To: <5f06694d23bd5fc3e630a42244089193371ce7b3.1556561487.git.v.shpilevoy@tarantool.org> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: tarantool-patches-bounce@freelists.org Errors-to: tarantool-patches-bounce@freelists.org Reply-To: tarantool-patches@freelists.org List-Help: List-Unsubscribe: List-software: Ecartis version 1.0.0 List-Id: tarantool-patches List-Subscribe: List-Owner: List-post: List-Archive: To: tarantool-patches@freelists.org Cc: kostja@tarantool.org I rethought the API and decided that it lacks flexibility - I can't change private key without passing crypto algorithm again, in swim_set_codec. There are some solutions: - Move algo and key to swim_cfg, and make both of them optional. But it pads out swim_cfg(), which at this moment is quite compact, atomic, and contains only really necessary parameters. - Make swim_set_codec arguments optional. Then a one could change private key like this: swim_set_codec(-1, new_key). These solutions are simple and not too intrusive. But probably we should do something more global - get rid of swim_cfg and split it into separate swim_set_