JB> one annoyance with wrapping I ran into was the cleartext
JB> program loses immediate access to the particulars of the
JB> TCP/IP connection - i.e. what is the connecting IP address?
Your method of wrapping is deficient, then. With UCSPI, the
characteristics of the service client are available to the service
server without it itself having to delve around in socket manipulation.
This allows the use of UCSPI servers to provide service over non-socket
transports, of course, but it also allows non-socket transports to
masquerade as socket transports, which is exactly what is required with
SSL wrapping. A UCSPI service server merely needs to look at the
${PROTO} and ${${PROTO}REMOTEIP} environment variables to find the
connecting IP address, for example.
<URL:http://cr.yp.to/proto/ucspi.txt>
<URL:http://cr.yp.to/proto/ucspi-tcp.txt>
<URL:http://www.superscript.com./ucspi-ssl/intro.html>
<URL:http://www.superscript.com./ucspi-ssl/UCSPI-SSL>
<URL:http://www.superscript.com./ucspi-ssl/environment.html>
<URL:http://www.superscript.com./ucspi-ssl/sslserver.html>
|
Similar Threads
Linear Mode
