SSL migration...

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

SSL migration...

Squeak - Dev mailing list

Hey everyone,

I am porting the SSL implementation onto the ThunkStack framework. Currently looking at SecurityOps>>#installOn...:::: and understanding a fundamental differeence between SSL and ParrotTalk.

To check it out doIt to:

Installer ss
    project: 'Cryptography';
    install: 'ProCrypto-1-1-1';
    install: 'ProCryptoTests-1-1-1';
    install: 'SSLLoader'.

This SSLLoader config loads the new ThunkStack, ParrotTalk and SSL.

In ParrotTalk, the immigration/cryptor/customs/encoding (ICCE) thunks are all installed after the handshake is complete. While in handshake mode, the SessionOperations is the top layer to see the handshakes and no layers above are yet needed. On #successfulConnection (or something) the securityOps installs the ICCE thunks on the stack, on top of the sessionOperations which passes data messages up the ICCE stack, now.In SSL, it installs Null ICCE on initialization. Not sure yet where the sessionOperations is I believe on top of the Null ICCE. The handshake msgs go through this null pipeline. On completion of handshaking, these ICCE are exchanged for the agreed configuration of negotiated non-null ICCE thunks. Now the session is encrypted.

I am unsure which is best. Perhaps having examples of both options is of benefit. The first is like capabilities, if you don't have it you don't use it, in the absence of ICCE. The second is more an example of the Null pattern, it is there but doesn't do anything. Having a placeholder. Mmm...placeholder.

Note that both sibling protocols are broken, SSL and ParrotTalk. The SessionProtocolSelector is a work in progress...

--

Kindly,
Robert