swim: implement and expose transport-level encryption
SWIM is going to be used in and between datacenters, which means,
that its packets will go through public networks. Therefore raw
SWIM packets are vulnerable to attacks.
An attacker can do any and all of the following things:
1) Extract secret information from member payloads, like
credentials to Tarantool binary ports;
2) Change UUIDs and addresses in the packets and break a
topology;
3) Catch the packets and pretend being a Tarantool instance,
which could lead to undefined behaviour depending on an
application logic.
SWIM packets need a protection layer. This commit introduces it.
SWIM transport level allows to choose an encryption algorithm
with a private key to encrypt each packet with that key.
Besides, each packet is encrypted using a random public key
prepended to the packet.
SWIM now provides a public API to choose an encryption algorithm
and a private key.
Part of #3234
Showing
- src/lib/swim/CMakeLists.txt 1 addition, 1 deletionsrc/lib/swim/CMakeLists.txt
- src/lib/swim/swim.c 8 additions, 0 deletionssrc/lib/swim/swim.c
- src/lib/swim/swim.h 18 additions, 0 deletionssrc/lib/swim/swim.h
- src/lib/swim/swim_ev.h 2 additions, 0 deletionssrc/lib/swim/swim_ev.h
- src/lib/swim/swim_io.c 121 additions, 18 deletionssrc/lib/swim/swim_io.c
- src/lib/swim/swim_io.h 25 additions, 2 deletionssrc/lib/swim/swim_io.h
- src/lib/swim/swim_proto.h 5 additions, 0 deletionssrc/lib/swim/swim_proto.h
- test/unit/swim.c 49 additions, 1 deletiontest/unit/swim.c
- test/unit/swim.result 8 additions, 1 deletiontest/unit/swim.result
- test/unit/swim_test_utils.c 12 additions, 4 deletionstest/unit/swim_test_utils.c
- test/unit/swim_test_utils.h 8 additions, 0 deletionstest/unit/swim_test_utils.h
Loading
Please register or sign in to comment