EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Receive failes

Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.
#2871
Posted: 05/07/2007 15:42:12
by Christian Schwarz (Standard support level)
Joined: 07/20/2006
Posts: 14

Hello,

I've problems getting the follwing code sample working. The Receive method always fails with an InvalidOperationException exception (Connection not opened). Why?

using System;
using System.Net;
using System.Net.Sockets;
using SBUtils;
using SecureBlackbox.SSLSocket.Server;

namespace SbbSocket
{
class MainClass
{
static void Main(string[] args)
{
Unit.SetLicenseKey(...);

Socket baseSocket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
ElServerSSLSocket secureSocket = new ElServerSSLSocket(baseSocket);

secureSocket.Bind(new IPEndPoint(IPAddress.Loopback, 8080));
secureSocket.Listen(10);

if (secureSocket.Poll(20 * 1000 * 1000, SelectMode.SelectRead))
{
ElServerSSLSocket acceptedSocket = secureSocket.Accept();

acceptedSocket.SSLEnabled = false;

byte[] buffer = new byte[0x10000];

while (acceptedSocket.Available != 0)
acceptedSocket.Receive(buffer);

acceptedSocket.Shutdown(SocketShutdown.Receive);
acceptedSocket.Close(true);
}

secureSocket.Shutdown(SocketShutdown.Both);
secureSocket.Close(true);
}
}
}
#2873
Posted: 05/08/2007 04:38:16
by Eugene Mayevski (EldoS Corp.)

Please use OnError event to be informed about possible errors. There's a couple of mistakes in your code:
1) you didn't specify a server-side certificate. Without a certificate the client is likely to close connection.
2) you need to call OpenSSLSession() method after calling Accept() and before exchanging the data. This method was added just recently.


Sincerely yours
Eugene Mayevski
#2874
Posted: 05/08/2007 04:46:14
by Christian Schwarz (Standard support level)
Joined: 07/20/2006
Posts: 14

Maybe I should have been more precise. The sample code is trying to accept a non-SSL connection. So I've omitted setting up the SSL specific stuff (certificate, ...)

1. Do I have to setup up the server's certificate if I'm listening for non-SSL connections?

2. I'm somewhat confused by SSLEnabled property and the mentioned OpenSSLSession method. Is setting SSLEnabled to "true" and calling OpenSSLSession method not the same (triggering SSL handshake)?

Greetings, Christian
#2875
Posted: 05/08/2007 04:53:52
by Eugene Mayevski (EldoS Corp.)

1. No, you don't need certificates.

2. You can set SSLEnabled to false for the listening socket. Accepted socket will inherit all properties and settings from the listening socket.


If you have a complete test case which we can run, you are welcome to post it.


Sincerely yours
Eugene Mayevski
#2876
Posted: 05/08/2007 05:16:45
by Christian Schwarz (Standard support level)
Joined: 07/20/2006
Posts: 14

So, listening for non-SSL connections should work like this:

1. Creating .NET Socket instance
2. Creating ElServerSSLSocket instance and setting Socket property
3. Setting SSLEnabled to "false"
4. Calling Bind method (ElServerSSLSocket instance)
5. Calling Listen method (ElServerSSLSocket instance)
6. Calling Accept method (ElServerSSLSocket instance)
7. Calling Receive method (ElServerSSLSocket instance)

Is this correct?

If I want to accept *only* SSL connections, I would change the flow in the following way:

1. Creating .NET Socket instance
2. Creating ElServerSSLSocket instance and setting Socket property
3. Setting SSLEnabled to "true"
4. Setting up SSL stuff (setting certificate storage with server certificate and it's root certificate, setting up supported SSL versions, ClientAuthentication property and ForceCertificateChain property, ...)
5. Calling Bind method (ElServerSSLSocket instance)
6. Calling Listen method (ElServerSSLSocket instance)
7. Calling Accept method (ElServerSSLSocket instance)
8. Calling OpenSSLSession method to initiate SSL handshake
9. Calling Receive method (ElServerSSLSocket instance)

Is this correct?

The problem with the provided sample code is that after calling Accept method the returned ElServerSSLSocket instance's Connected property returns "false". But the underlying .NET socket instance's Connected property returns "true".

You can test the provided code sample by pointing your HTTP browser to "http://localhost:8080". You should see that receiving the HTTP GET request causes the mentioned InvalidOperationException exception. The reason is still unclear to me...

Greetings, Christian
#2877
Posted: 05/08/2007 05:41:59
by Eugene Mayevski (EldoS Corp.)

Yes, you got everything right. However, there was an error made by us in the socket class and you've come across this mistake. You can try calling OpenSSLSession even when SSLEnabled is false. This should solve the problem. We will test the code according to your suggestion and make the necessary fixes.


Sincerely yours
Eugene Mayevski
#2878
Posted: 05/08/2007 06:28:47
by Christian Schwarz (Standard support level)
Joined: 07/20/2006
Posts: 14

Nice to hear that you've found the problem. The suggested work-around works here. Is there already a schedule for an offical bug fix release?

Greetings, Christian
#2879
Posted: 05/08/2007 07:16:15
by Eugene Mayevski (EldoS Corp.)

Actually this is not a bug -- OpenSSLSession should be called always. I've modified the code so that OpenSSLSession should be called internally in Accept() if SSL is disabled. If SSL is enabled, you need to call OpenSSLSession yourself. This seems to be more logical.


Sincerely yours
Eugene Mayevski
#2882
Posted: 05/08/2007 07:35:01
by Christian Schwarz (Standard support level)
Joined: 07/20/2006
Posts: 14

To be honest, it sounds pretty unreasonable to call OpenSSLSession if no SSL connection is desired. Anyway, if it's required I'll call it.

Greetings, Christian
#2953
Posted: 05/21/2007 05:22:11
by Christian Schwarz (Standard support level)
Joined: 07/20/2006
Posts: 14

I've played around with version 5.1.0.112 and ran into problems with non-SSL connections. Here's what I'm doing:

1. Creating .NET Socket instance
2. Creating ElServerSSLSocket instance and setting Socket property
3. Setting SSLEnabled to "false"
4. Calling Bind method (ElServerSSLSocket instance)
5. Calling Listen method (ElServerSSLSocket instance)
6. Calling Accept method (ElServerSSLSocket instance)
7. Calling Receive method (ElServerSSLSocket instance)

Up to step 6, all works as expected. The Accept method blocks forever.

Greetings, Christian
Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.

Reply

Statistics

Topic viewed 2744 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!