21.03.2013 Views

Problem - Kevin Tafuro

Problem - Kevin Tafuro

Problem - Kevin Tafuro

SHOW MORE
SHOW LESS

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

new request object can be created and used with the same connection handle from<br />

the call to InternetConnect( ). When no more requests are to be made on the same<br />

connection, InternetCloseHandle( ) should be used to close the connection. Finally,<br />

when no more WinInet activity is to take place using the Internet session object created<br />

by InternetConnect( ), InternetCloseHandle( ) should be called to clean up that<br />

object as well.<br />

InternetCloseHandle(hRequest);<br />

InternetCloseHandle(hConnection);<br />

InternetCloseHandle(hInternetSession);<br />

See Also<br />

Recipes 10.4, 10.8<br />

9.5 Enabling SSL without Modifying<br />

Source Code<br />

<strong>Problem</strong><br />

You have an existing client or server that is not SSL-enabled, and you want to make<br />

it so without modifying its source code to add SSL support.<br />

Solution<br />

Stunnel is a program that uses OpenSSLto create SSLtunnels between clients and<br />

servers that do not natively support SSL. At the time of this writing, the latest release<br />

is 4.04, and it is available for Unix and Windows from http://www.stunnel.org. For<br />

servers, it listens on another socket for SSLconnections and forwards data bidirectionally<br />

to the real server over a non-SSLconnection. SSL-enabled clients can then<br />

connect to Stunnel’s listening port and communicate with the server that is not SSLenabled.<br />

For clients, it listens on a socket for non-SSLconnections and forwards data<br />

bidirectionally to the server over an SSL-enabled connection.<br />

Stunnel has existed for a number of years and has traditionally used command-line<br />

switches to control its behavior. Version 4.00 changed that. Stunnel now uses a configuration<br />

file to control its behavior, and all formerly supported command-line<br />

switches have been removed. We’ll cover the latest version, 4.04, in this recipe.<br />

Discussion<br />

While this recipe does not actually contain any code, we’ve included this section<br />

because we consider Stunnel a tool worth discussing, particularly if you are developing<br />

SSL-enabled clients and servers. It can be quite a frustrating experience to<br />

468 | Chapter 9: Networking<br />

This is the Title of the Book, eMatter Edition<br />

Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!