barrel_p2p_dist_auth_stream (barrel_p2p v0.1.0)

View Source

Summary

Functions

authenticate_incoming(Conn, Timeout)

Run the auth protocol as the connection responder.

authenticate_outgoing(Conn, TargetNode, Timeout)

Run the auth protocol as the connection initiator. Returns the node atom claimed by the peer (verified by signature against the trusted key for that atom). The dist handshake that runs immediately after refuses the connection if that name does not match the target.

Functions

authenticate_incoming(Conn, Timeout)

-spec authenticate_incoming(Conn :: pid(), Timeout :: timeout()) ->
                               {ok, node() | undefined} | {error, term()}.

Run the auth protocol as the connection responder.

authenticate_outgoing(Conn, TargetNode, Timeout)

-spec authenticate_outgoing(Conn :: pid(), TargetNode :: node() | undefined, Timeout :: timeout()) ->
                               {ok, node() | undefined} | {error, term()}.

Run the auth protocol as the connection initiator. Returns the node atom claimed by the peer (verified by signature against the trusted key for that atom). The dist handshake that runs immediately after refuses the connection if that name does not match the target.

TargetNode is the node we dialed. It gates the AUTH_OK short-circuit: a server claiming the cookie-only path is only trusted if TargetNode matches the client's own cookie_only_nodes whitelist.