× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. November 2014

Re: RPG SSL Sockets

Programs are already written and working well so would make no sense to
rewrite in INETD. Writing the Socket Server was the easy part. The worker
jobs were the hard part.

I would, also, worry about clashing with stuff already running for
something else. Having my own subsystem and doing my own spawn I don't have
to worry about getting in the middle of some other program running in INETD
already.

Programs are raw sockets. No SMTP, FTP, HTTP, etc. Just a raw socket
talking into a class in C#, Java, PHP, etc.

On Wed, Nov 5, 2014 at 3:21 PM, Scott Klement <midrange-l@xxxxxxxxxxxxxxxx>
wrote:

Alan,

Unfortunately, there isn't one single "good" answer to your question.
Different network protocols upgrade to SSL at different times.

For example, some protocols (SMTP, FTP, etc) have something like a
'STARTSSL' keyword. You connect in plain text, and then send the STARTSSL
keyword to tell the server you want to upgrade to SSL, and only when the
server responds with an "OK" message will you actually initiate SSL.

In HTTP, you can connect with SSL immediately -- but only if it's a direct
connect. If you're using a proxy, then you need to connect to the proxy,
tell the proxy to set up a tunnel, and once the tunnel is open, start SSL.
So in that case, you have to do some work in plaintext, and upgrade to SSL
later.

So, I typically have the "worker" job do the SSL upgrade, since it may
need to communicate in plaintext before the SSL upgrade.

To make things easier, I put all of the code for this stuff in a service
program (so I don't have to re-code all my SSL logic in every worker
application separately.)

Also, unless you're responding to a high-volume of requests, you might
consider using INETD so you don't have to write your own listener/spawner
jobs. (INETD does the listening for you, and spawns a worker job, so all
you have to do is write the worker job part.)

-SK

On 11/5/2014 4:02 PM, Alan Campin wrote:

Scott, I have written a socket server in RPG which as two components. A
Socket Server and a Worker Job that gets spawned. Works good but I am
thinking about adding SSL.

My question to you is where do you upgrade the socket to SSL. It would
seem
logical to upgrade the socket to SSL in the Socket Server program before
it
gets spawned to create the worker job but I was wondering.

When I spawn the new job, it passes the socket descriptor to the worker
program. If I upgrade the socket to be secure will that information be
passed to worker program or do I need to upgrade the socket after I arrive
at spawned worker job?

Hopefully this is clear. Thanks for any help.

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.



As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.