Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / General / March 2005

Tip: Looking for answers? Try searching our database.

Disable SSL-encryption on a SSLSocket

Thread view: 
Enable EMail AlertsStart New Thread
Elian Kool - 08 Mar 2005 15:59 GMT
Hello

I have to receive unencrypted data on a SSLSocket shortly after I
started the connection (SSL handling works).

It works the following way (little shortened...):

Socket sock = new Socket(Server,Port);
SSLSocket sslsock = SSLSocketFactory.createSocket(sock,Server,Port,
false);
sslsock.Send("bla");
sslsock.close();
sock.Send("bla2");

The only problem is that sslsock.close() sends some data (23 bytes) to
the server (I assume to terminate the SSL session).

Is there a way to
a) Stop SSLSocket from sending these bytes
b) Read raw data from the SSLSocket (before decryption...)

I know it sounds strange, but unfortunately I don't have another
choice (after the login procedure, encryption is done with a
proprietary mechanism).

elian
Reply to this Message
Esmond Pitt - 10 Mar 2005 00:36 GMT
> Hello
>
[quoted text clipped - 20 lines]
> choice (after the login procedure, encryption is done with a
> proprietary mechanism).

You don't need that, you just need to read the SSLSocket at the server
until you get EOF, then read the raw socket at the server and you should
get 'bla2', if you've set it up the same way as above (i.e. SSLSocket
wrapping an existing socket with autoClose=off). (If you haven't, there
is no point in what you're trying to do, just keep using SSL.)
Reply to this Message
Elian Kool - 10 Mar 2005 08:11 GMT
> You don't need that, you just need to read the SSLSocket at the server
> until you get EOF, then read the raw socket at the server and you should
> get 'bla2',

Well, the problem is
a) The server has different SSL implementation (ILE C on IBM iSeries)
and handles this a little different
b) Is has to be compatible with the existing Windows client which uses
OpenSSL.dll (and doen't send a close_notify...)

Any idea how to "fix" this on the client side?

> if you've set it up the same way as above (i.e. SSLSocket
> wrapping an existing socket with autoClose=off). (If you haven't, there
> is no point in what you're trying to do, just keep using SSL.)

Sure I did, otherwise it wouldn't work at all :)

elian
Reply to this Message
Esmond Pitt - 11 Mar 2005 05:44 GMT
The question seems to be whether or not to close the client SSLSocket.
This depends on what the mainframe does, which you haven't described.
Have you tried just flushing the SSLSocket instead of closing it?
Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.