Re: GSK TLS/SSL

Thats fine, but I'm not even getting to the point where I can send data.
gsk_secure_soc_init() is failing with what I'm assuming is the handshake
negotiation.

All of this code runs after a successful connect():

/* open a secure session */
step = "gsk_secure_soc_open";
rc = errno = 0;
rc = gsk_secure_soc_open(my_env_handle, &my_session_handle);
if (rc != GSK_OK) {
cerr << "gsk_secure_soc_open() failed with rc = " << rc << " (" <<
gsk_strerror(rc) << "), errno=" << strerror(errno) << "\n";
exit(-1);
}
cerr << "step: " << step << '\n';
cerr << "my_session_handle=" << my_session_handle << '\n';

/* associate our socket with the secure session */
step = "gsk_attribute_set_numeric_value";
rc = errno = 0;
rc = gsk_attribute_set_numeric_value(my_session_handle, GSK_FD, sd);
if (rc != GSK_OK) {
cerr << "gsk_attribute_set_numeric_value() failed with rc = " << rc
<< " (" << gsk_strerror(rc) << "), errno=" << strerror(errno) << "\n";
exit(-1);
}
cerr << "step: " << step << '\n';

#if defined(NOT_DEFINED)
gsk_soc_data * gsk_secure_soc_init(gsk_soc_init_data *init_data);
#endif

/* initiate the secure handshake */
step = "gsk_secure_soc_init";
//rc = errno = 0;
rc = gsk_secure_soc_init(my_session_handle);
if (rc != GSK_OK) {
cerr << "gsk_secure_soc_init() failed with rc = " << rc << " (" <<
gsk_strerror(rc) << "), errno=" << strerror(errno) << "\n";
exit(-1);
}
cerr << "step: " << step << '\n';

and it ends here. Immediately after this, gsk_secure_soc_write() would be
called.

On Fri, Jan 12, 2024 at 1:33 PM Chris Hird <chrish@xxxxxxxxxxxxxxxxxx>
wrote:

If it is an ASCII target you will need to convert the data both out and
in. The API's are just about encrypting what data you present, nothing to
do with ASCII/EBCDIC conversion.

Chris..

-----Original Message-----
From: C400-L <c400-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Kelly Beard
Sent: Friday, January 12, 2024 2:31 PM
To: Bare Metal Programming IBM i (AS/400 and iSeries) <
c400-l@xxxxxxxxxxxxxxxxxx>
Subject: Re: [C400-L] GSK TLS/SSL

Is the remote ASCII-based? Factually I do not know but I will find out.
If the answer is yes, what do I do with that information?

As for HTTP/HTTPS, it will not be that at all. Streaming data.

Program is written in C.

Have not tried Postman. If I can use it

On Fri, Jan 12, 2024 at 1:08 PM Jon Paris <jon.paris@xxxxxxxxxxxxxx>
wrote:

Your program is written in C? If not what?

Have you tried using a tried-and-true package like Scott Klement's

HTTPAPI?

Can you connect using Postman or Insomnia or ... ?

Can you connect using the SQL HTTP routines?


Jon P.

On Jan 12, 2024, at 1:50 PM, Kelly Beard <kenverybigliar@xxxxxxxxx>

wrote:

What can I do with this? The guy I am trying to communicate with on
the other end says that he sees 'something' and I am trying to get
from him what it is, but as far as I can tell, my program is not
getting to a

point

where actual data is being sent, but probably security handshaking.
I gotta believe that the iSeries is not trying to communicate in
something like EBCDIC here, but it seems like the two sides cannot
'see' what each other is trying to do. I guess I need to know if
there is some advanced logging I can turn on for this. This project
is kinda stuck unless I can get some more information. My program
is a client connecting to a

server.

The connection end is working but the "Peer not recognized or badly
formatted message received." is making me wonder about text
exchange, if something like that is happening. I have a certificate
installed via

DCM.

I would think that if there was some problem like that, the error
message would state it. I can post code if anyone is interested.

step: gsk_environment_open
my_env_handle=SPP:0000 :1aefQP0ZSPWT BEAK 022211 :1200:0:14
step: gsk_attribute_set_buffer
step: gsk_attribute_set_enum
step: gsk_attribute_set_enum
step: gsk_environment_init
server_ip=xxx.xxx.xxx.xxx, server_port=6443
step: gsk_secure_soc_open
my_session_handle=SPP:0000 :1aefQP0ZSPWT BEAK 022211 :14000:1:14
step: gsk_attribute_set_numeric_value
gsk_secure_soc_init() failed with rc = 415 (Peer not recognized or
badly formatted message received.), errno=There is no error.


--
Kelly Beard
--
This is the Bare Metal Programming IBM i (AS/400 and iSeries)
(C400-L)

mailing list

To post a message email: C400-L@xxxxxxxxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/c400-l
or email: C400-L-request@xxxxxxxxxxxxxxxxxx Before posting, please
take a moment to review the archives at
https://archive.midrange.com/c400-l.

--
This is the Bare Metal Programming IBM i (AS/400 and iSeries) (C400-L)
mailing list To post a message email: C400-L@xxxxxxxxxxxxxxxxxx To
subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/c400-l
or email: C400-L-request@xxxxxxxxxxxxxxxxxx Before posting, please
take a moment to review the archives at
https://archive.midrange.com/c400-l.

--
Kelly Beard
--
This is the Bare Metal Programming IBM i (AS/400 and iSeries) (C400-L)
mailing list To post a message email: C400-L@xxxxxxxxxxxxxxxxxx To
subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/c400-l
or email: C400-L-request@xxxxxxxxxxxxxxxxxx Before posting, please take a
moment to review the archives at https://archive.midrange.com/c400-l.
--
This is the Bare Metal Programming IBM i (AS/400 and iSeries) (C400-L)
mailing list
To post a message email: C400-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/c400-l
or email: C400-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/c400-l.