mirror of
https://gitlab.com/fabinfra/fabaccess/bffh.git
synced 2025-01-09 11:45:18 +01:00
40 lines
1.1 KiB
Plaintext
40 lines
1.1 KiB
Plaintext
strict digraph connection {
|
|
Establish [label="TCP/SCTP connection established"];
|
|
Closed [label="TCP/SCTP connection closed"];
|
|
Open;
|
|
SASL;
|
|
Authenticated;
|
|
STARTTLS;
|
|
Encrypted;
|
|
|
|
Establish -> Open [label=open];
|
|
|
|
Open -> Closed [label=close];
|
|
|
|
Open -> SASL [label=auth];
|
|
SASL -> SASL [label=step];
|
|
// Authentication fails
|
|
SASL -> Closed [label=fails];
|
|
// Authentication succeeds
|
|
SASL -> Authenticated [label=successful];
|
|
|
|
Open -> STARTTLS [label=starttls];
|
|
// TLS wrapping succeeds
|
|
STARTTLS -> Encrypted [label=successful];
|
|
// TLS wrapping fails
|
|
STARTTLS -> Closed [label=fails];
|
|
|
|
Authenticated -> SASL_TLS [label=starttls];
|
|
SASL_TLS -> Closed [label=fails];
|
|
SASL_TLS -> AuthEnc [label=successful];
|
|
|
|
Encrypted -> TLS_SASL [label=auth];
|
|
TLS_SASL -> TLS_SASL [label=step];
|
|
TLS_SASL -> Closed [label=fails];
|
|
TLS_SASL -> AuthEnc [label=successful];
|
|
|
|
// Only authenticated connections may open RPC. For "unauth", use the `Anonymous` SASL method.
|
|
AuthEnc -> RPC [label=bootstrap];
|
|
Authenticated -> RPC [label=bootstrap];
|
|
}
|