[
https://issues.jboss.org/browse/JGRP-2273?page=com.atlassian.jira.plugin....
]
Dennis Reed commented on JGRP-2273:
-----------------------------------
SERIALIZE doesn't work with ASYM_ENCRYPT.
Since it serializes the headers, they're no longer available to ASYM_ENCRYPT.
But it depends on the headers (specifically from GMS) to function correctly.
EncryptTest.testCapturingOfMessageByNonMemberAndResending() didn't detect this because
it doesn't add SERIALIZE until after the cluster is already running (and ASYM_ENCRYPT
has already intercepted those GMS messages). But if SERIALIZE is present before the
channels start, the cluster is never able to form.
That wasn't an issue with encrypt_entire_message because it checked those headers
before serializing. Moving it to the separate SERIALIZE protocol is going to require some
extra hacking to communicate that info between the two protocols.
ASYM_ENCRYPT: deprecate encrypt_entire_message
----------------------------------------------
Key: JGRP-2273
URL:
https://issues.jboss.org/browse/JGRP-2273
Project: JGroups
Issue Type: Enhancement
Reporter: Bela Ban
Assignee: Bela Ban
Priority: Major
Fix For: 4.0.12
In {{ASYM_ENCRYPT}}, {{encrypt_entire_message}} encrypts not only the payload, but also
metadata such as destination and sender's address, headers and flags.
The rationale was to prevent replay attacks. However, this is not an issue, as replayed
messages will simply get dropped by the retransmission layer (e.g. NAKACK2 or UNICAST3).
If people still want this feature, they can write a protocol _above_ {{ASYM_ENCRYPT}},
which serializes the entire message into the payload of a new message, and this would be
exactly the same as setting {{encrypt_entire_message}} to {{true}}.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)