On 01/12/2014 04:13 PM, David Woodhouse wrote: >> That would be tricky. Since ocserv is based on each client having a >> separate process. Being totally stateless would require adding logic >> for clients to "steal" the state of another process. I want to keep >> all clients isolated to keep a simple security model, so I'll try to >> avoid it if possible. > Well not quite allowing clients to arbitrarily steal state from each > other. A separate 'auth server' process could do it A bit like OpenSSH's > perhaps? This is the way ocserv works, there is the main process that handles authentication and the worker processes that do the unprivileged stuff. But keeping the protocol simple makes it easy to secure and avoid bugs that could lead to authentication compromise. regards, Nikos
