Be the first to post a text review of Secure Distributed Objects. Rate and review a project by clicking thumbs up or thumbs down in the right column.

• Status

  This project is still being developed, albeit very slowly. I've just upgrade to Tiger and intend to run through some basic regression testing soon. My long-planned clean rewrite hasn't happened; I've been focusing on my Keychain framework, since there's been relatively significant interest in that compared to SDO. I people are interested in SDO, please do drop me a line and vote for my attention. :)

  posted by wadetregaskis 1644 days ago

• Burst of activity

  Enjoying the new freedom I have, given that resolution of the worst two programming 'bugs' I've ever faced, I've done a great deal of work on the project over the past few days. Check the release notes for all the details. Most important for most people, I presume, is that the project no longer depends on the Keychain framework to build and use. It still supports it's use, however, if it happens to exist at runtime. The glue code for this is a bit unsightly, but it works wonderfully. As a highlight, new features include: control protocol, automatic ping/pong and latency measurements, delegate messages for controlling connections and authentication, usage statistics, and more. Bug fixes have been minimal, since I'm not aware of any show-stoppers at present, but a lot of the new stuff isn't thoroughly proven yet, so be wary.

  posted by wadetregaskis 2212 days ago

• Tracker comment added

  wadetregaskis commented on the Have closing port send a close message to it's remote port artifact

  posted by wadetregaskis 2212 days ago

• File released: /SecureThreads/20th October 2003/SecureThreads.tar.bz2

  posted 2212 days ago

• File released: /Secure Distributed Objects/20th October 2003/SecureDistributedObjects.tar.bz2

  posted 2212 days ago

• SecureThreads 20th October 2003 file released: SecureThreads.tar.bz2

  Note a whole lot in this version - a few minor bug fixes, turned off NSConnection/NSPortCoder debugging by default, etc etc.

  posted 2212 days ago

• Secure Distributed Objects 20th October 2003 file released: SecureDistributedObjects.tar.bz2

  <br>* No longer dependent on the Keychain framework, but the functionality has not changed (still accepts Certificate & Identity instances in the place of SecCertificateRef's and SecIdentityRef's). <br>* Debugging output off by default now, since things seem to work well enough. Please make sure you re-enable this if you find a problem, as it aids greatly in bug fixing. <br>* setExportLimitsDisabled: method removed, replaced with disableExportLimits. The old method had too many potential security problems with it. It will only be restored if they can be resolved. In the meantime, the replacement method works better anyway and should cover most [if not all] uses. <br>* Export limits are <b>enabled</b> by default now, due to the change noted above, so make sure to disable them manually if you can. <i>Leaving export limits enabled creates a very significant security risk.</i> <br>* Removed a lot of junk code, and old debugging code. This has made things a bit easier to read, if nothing else. <br>* Implemented a basic control protocol in parallel to the existing one. This makes the new version incompatible with previous versions, and will probably mean you can't communicate between the two. If a legacy mode is required, it can be added with minimal effort... I have declined to do so at present simply in the interests of cleanliness. <br>* Automatic connectivity verification, in the form of a fairly elaborate ping/pong system. This is disabled by default, in the interest of preserving bandwidth. <br>* Closing-notification, whereby graceful closes at one end of the connection trigger an immediate close at the other end. Still doesn't help in the situations where the connection is severed unexpectedly, but that's why the connectivity verification has been implemented. <br>* Delegate support for manual authentication and connection management. If you use turn automatic authentication off (it's on by default) you will now have to provide a delegate that responds to the appropriate method. This makes sure some authentication is performed at some point, closing some potential bugs in this area. In the connection management area, your delegate can now specify whether a connection should be allowed or killed when it is made, so that you can screen hosts by name/address, port, etc. <br>* Statistics recording, enabling you to see how many messages have gone through a particular port, how many pings, how many timeouts, etc. I may expand the scope of these measurements in future, although I don't want to overload the class with it. <br>* A few small bug fixes here and there, as required. <br>* Probably more things that I just can't remember about right now. Have a quick glance over the source for anything I might have missed.

  posted 2212 days ago

• Success!

  That's right, it works properly now. And the solution to the two major bugs turns out to be have been even more elegant than I anticipated - thus, I'm pretty sure I've squished a whole host of other potential bugs in the process. The 16th of October [2003] release is the working version. I consider it the first alpha. Please check it out, test it, submit bug reports/fixes, etc. But don't rely on it yet - there are a lot of bells &amp; whistles I'm going to add over the coming weeks, so things will change a fair bit.

  posted by wadetregaskis 2216 days ago

• Tracker comment added

  wadetregaskis commented on the Frequent delays in decode/dispatch cycle artifact

  posted by wadetregaskis 2216 days ago

• SecureThreads 16th October 2003 file released: SecureThreads.tar.bz2

  A few minor changes, most importantly a temporary workaround to the major NSHost bug. Make sure to edit the source where it specifies an IP to connect to - if you leave it as mine, you won't have a whole heap of luck using the app. :)

  posted 2216 days ago