I updated the PR with an additional commit that simplifies the confounder. It seems like we only need the confoudner at teh beginning of the session, not for every message, since the signature and encryption state is chained from the previous frame. Is that right? https://github.com/ceph/ceph/pull/9461/commits/45766fed1864733c5216a7b50f11cce256338170 Full PR: https://github.com/ceph/ceph/pull/9461 -- Also, I just realized that now might be a good time to address the ability to multiplex different endpoints (sessions) into the same connection. We could add it later with the msgr feature bits, but it'll probably be simpler not to have to support two variants of the protocol. On the other hand, it's a lot more complicated. :( Initial thoughts: - make a clearer distinction between connection (as in tcp) and a session (as in an exchange between two entities, one that may or may not have a lifecycle independent of the connection. - the auth exchange is no longer always at the beginning of the connection. new entities might appear in the same endpoint. sage -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
