Re: [Beepcore-java-users] TLS profile and session object
Status: Beta
Brought to you by:
huston
Menu
▾
▴
Re: [Beepcore-java-users] TLS profile and session object
|
From: Toby M. <tob...@cs...> - 2003-04-15 13:35:30
|
I have actually implemented what Huston has suggested here, by modifying the SessionListener class to include an extra event handler method, called sessionReset(). When the reset() method is called in TCPSession, it calls a fireSessionReset() method in the Session base class, which calls the sessionReset() method for all session event listeners. In order to indicate the "new" session which has been created after performing the reset (Session.reset() returns a Session object), I modified the SessionEvent class to have a private member, newSession of type Session, with a getNewSession() method, and a constructor which could take this new session and set the private member to it. All the TCPSession.reset() method does is, before returning its result, call fireSessionReset() on the old session, passing it the new session (which is the result its about to return). fireSessionReset() then creates a SessionEvent with newSession set to the new session and calls hte sessionReset() method for all registered SessionListeners. Its trivial to then implement a SessionListener which updates the application's copy of the Session object when its sessionReset() method is called, by using the getNewSession() method on the event. This isn't the most beautiful solution, but it has worked for me. Its also something I hope Huston et al will address in the next release as without it, TLS seems fairly unworkable to me. Toby Huston wrote: >Currently there isn't a way to do this. I've been thinking of firing an >event on tuning reset to take care of this problem. > >--Huston > >On Fri, 2003-04-11 at 01:51, Toby Murray wrote: > > >>Hi, >>I have two parties communicating over a BEEP session. There are 2 >>channels, in operation. One initiated by one party, the other initiated >>by the other. >>Once hte session is established I'd like to: >>negotiate TLS, >>Pary A opens one channel >>Party B opens the other >> >>Everything works fine without TLS, however when either party starts the >>TLS negotiation, the other party doesn't know its going on. >>Consequently, the send their start channel message with the OLD session >>object. This seems to result in the start channel message being sent in >>plaintext. The other party is expecting this message to be sent >>encrypted, and so of course cannot understand its contents. >> >>I'm starting TLS using: >>TLSProfile.getDefaultInstance().startTLS(session)). >> >>The other party is just doing a listen for a TCP session connection and >>then doing a sessoin.startChannel() call to start the session (which is >>occuring in plaintext). >> >>Is there a way I can get the guy who doesn't start TLS to update his >>session object to reflect the fact that TLS is now going and that >>requests should be sent encrypted? >> >>Thanks >>Toby >> >> >> >>------------------------------------------------------- >>This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger >>for complex code. Debugging C/C++ programs can leave you feeling lost and >>disoriented. TotalView can help you find your way. Available on major UNIX >>and Linux platforms. Try it free. www.etnus.com >>_______________________________________________ >>Beepcore-java-users mailing list >>Bee...@li... >>https://lists.sourceforge.net/lists/listinfo/beepcore-java-users >> >> >> > > > |
