Re: [MINA 3] SSL

Thu, 24 Nov 2011 02:10:23 -0800 

On 11/24/11 10:40 AM, Julien Vermillard wrote:

On Thu, Nov 24, 2011 at 5:08 AM, Emmanuel Lecharny<[email protected]>  wrote:

Hi guys,

yesterday, I fought with the way MINA 2 is dealing with SSL. Down the line,
we use a filter for that, which handles the handhsake using the SslEngine
class.

The problem is that at the same time, the session is considered as opened,
even if we haven't done any handshake, as we can't add the SslFilter to the
session if it's not created yet. That leads to a situation where we could
perfectly have an opened session but with a failed HandShake.

For instance, as the handshake can be done when the first data is sent by
the client, we will generate an exceptionCaught event, process it, but leave
to the handler to close the session.

 From the user PoV, it makes no sense to continue to use a session which has
failed during the SSL handshake. IMO, the server should not even open the
session (the session should remain in the 'created' state, until the
handshake has been completed. Now, if we do that, the Connector won't be
able to send anything as the session is not connected. That leave us with a
dilemna : we need the connection to be opened, but the connection should not
be considered as valid until the handshake is done... How can we deal with
this problem ?

We decided that Ssl should be handled by the processor, not as a filter in
the chain. That means :
- we can keep the session in the 'created' mode until the handshake has been
done on the server side
- we can force the handshake to be done while creating the connection on the
client side when using the Connector
- in all other case (ie if the client uses a plain Socket), we have no
problem as the session is not seen by the user.

wdyt ?



This use case cover only the I want my whole session SSLed, but not
the use case when you start talking in plain unsecure TCP and a
command trigger the TLS handshake.
I wonder if there is use case where you try to TLS handshake and if it
fail you continue talking using plain unsecure TCP.
Sure, we need to include TLS in the whole picture. i' going to spend a few days on this matter. 

I'm not a big user of SSL/TLS, there is use case like that ?
Yes. In LDAP, you can communicate through LDAPS (now depracated but still largely used) and using a StartTLS operation (which is supposed to be the way to go). 


--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com

Reply via email to