[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [mosquitto-dev] Accepting connection based on client's certificate
|
:-D
Yes, UNIX socket is no problem, or maybe gRPC? That could be efficient
enough (not available in pure C, would have to be C++ submodule, could
have C interface though), although the fork is of no big overhead given
that there is synchronous TLS handshake (and thus many cycles between
user space and kernel space and even sending data multiple cycles over
wire). My measurements didn't show any significant impact of the forking
to the number of connections per second just from the fork. It might be
a little more secure to use a more defined protocol, though.
The plugin architecture is of course possible, but it seems a bit more
fragile - the application code might not be as well tested as mosquitto
server itself and a security or other vulnerability might compromise the
whole server. So were I implement this I would choose a different
process (fork, UNIX socket, gRPC). gRPC would be the preferred option
for me, personally.
Jan
On 10/29/19 3:48 PM, Greg Troxel wrote:
Looking at how to have external authentication or authorization
processes, forking shell scripts seems really suboptimal. You might
look at how dovecot makes its sasl database available to others via a
unix-domain socket. That allows a coprocess that isn't
starting/stopping and having to read the db all the time. This is also
sort of like the milter interface for spam/virus filtering.
More generally, it seems like a plugin architecture might eventually be needed.
(I am assuming that since you care about security so much you aren't
using Windows, and hence that unix-domain sockets are available.)
