-
Notifications
You must be signed in to change notification settings - Fork 196
Send cache updates to remote peers on UDP (redo clean pullreq) #50
Conversation
from/to a remote host Note: Send call back provide encoded session into an aligned buffer large enougth to add a footer and send it directly to a peer using a sendto
Appears clean now Ex unicast sharing cache using 3 peers: Same example using multicast: IPv6 unicast/multicast is also supported |
You should disable tickets when a remote cache is used. Something like this:
Also, see my pull request 30: #30. I will update it when your patch is merged. |
If client support tls TICKETs ext, there is no session resumption issue on single host, but using multiple host. i am wrong?. Why disable SSL_OP_NO_TICKET? your pull request seems to fix the issue, and complete shared cache for client who supports tickets. Note: On my commit 2a22d3e, you'll see i modified Private key loading part to avoid multiple pass phrase prompt request. I currently use an ASN1 of rsa private key as share secret to sign update packets. Firstly i used a shared secret on command line as you do but i don't like a clear secret on command line cause it appears on ps. |
Yes, when a client supports TLS tickets, the problem only appears with multiple hosts. I was only suggesting to disable tickets to ensure that your pull request can work without any other pull request. I will rewrite my pull request on top of yours and use the RSA private key to build the shared secret as you did. |
Great! i will add the OP_NO_TICKET waiting your commit, don't forget to disable it :). |
I add commit 8a997c4, i am not familiar with github pull request. Is it possible to add a commit to the current pull request?. |
Redo the pull request, this will update this one. |
I get a segfault when testing your patch. On the node receiving a session:
The comment in the source code says |
Some more info. On one node:
On the other node:
And to test (on the first node):
|
47976cb fix, a regression after my tests, reviewing code to introduce macros. |
Works for me. I have updated my patch for sharing tickets. Can you have a look since I have modified some of your code to use SHA384. #30 |
ok, you are right to keep SHA1 for inter-node updates exchange (less than 1% cost during my tests). I don't know how to add my last 2 commits to current pull request. You say, redo the pool request, you mean keep the same name?. |
I am using feature branches so I am not sure if this works the same for Maybe this does not work this way with master. |
i will use a branch the next time. |
I'am waiting for jam feedback before redo a clean pull request and close this one. |
Recreate clean pull request in #60 |
On new session create, sessionid+ASN1 encoded session+creation timestamp+HMAC SHA1 signature of the message is sent to configured peers.
It supports mulitcast ipv4 and v6
Bench results seems good :)