Re: [Quickfixj-users] SSL tunnelling

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

OK, I've done some experimenting in the absence of a reply. I thought
I'd summarize here for the benefit of the archive, and also make a
suggestion.

Firstly stunnel works fine. With the help of the instructions at
http://faq.gotomyvnc.com/fom-serve/cache/33.html setting it up was very
easy, and the Executor/Banzai pair tunnelled fine and worked perfectly.

As far as using the abilities of Mina, it seems a shame not to, as this
would save setting up a port just for tunnelling, and also make it easy
to turn on and off via the config file. The process seems fairly
straightforward:

1) Adapt the settings config file so it had an SSL option. For example
SocketUseSSL=3DY. Maybe some options for choosing a key file would be
needed.
2) Add the Mina-Filter SSL to the optional/test jars.
3) Add acceptance tests that this was being used and did connect using
SSL
4) Modify AbstractSocketAcceptor.getIoAcceptor(...) to use the SSL
filter if specified in the settings.
5) Modify AbstractSocketInitiator.getIoAcceptor(...) to use the SSL
filter if specified in the settings.

Some questions:
1) Does this seem architecturally like the right thing to do and the
right way to do it?
2) If I did it would it be a useful thing to contribute?
3) Are there any conventions for things like config settings names,
coding style etc, that I ought to be aware of?

Nick

-----Original Message-----
From: qui...@li...
[mailto:qui...@li...] On Behalf Of Nick
Fortescue
Sent: 14 June 2006 14:44
To: qui...@li...
Subject: [Quickfixj-users] SSL tunnelling

Forgive me if this is an FAQ, I couldn't find it.

There seem to be two obvious ways to do SSL tunnelling with quickfixj.=20

- I could use stunnel (http://www.stunnel.org/)=20

- I could use SSL tunnelling from MINA, for example, like this example
code:
http://svn.apache.org/viewvc/directory/trunks/mina/examples/src/main/jav
a/org/apache/mina/examples/echoserver/Main.java?revision=3D400068&view=3D=
mar
kup

I wondered if anyone had any experience with either of these, and
whether one or the other was particularly recommended. Or whether there
was a third option I was missing.

Thanks,

Nick