Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Eclipse Titan » Using TLS/DTLS with Titan test ports part 6(IPL4 control from the configuration file )
Using TLS/DTLS with Titan test ports part 6 [message #1759561] Thu, 13 April 2017 06:43
Elemer Lelik is currently offline Elemer LelikFriend
Messages: 760
Registered: January 2015
Senior Member
Dear all,

With the risk of boring you to death, I will again take on the issue of TLS.
This is a large area and, though I have no intention of trying to be exhaustive, several questions are raised as we go along.

I have shown in the previous examples that the port can be controlled by messages sent by the user: one or more TLS connections can be started/torn down/re-established etc.
But in the majority of cases this is overkill as we only need a simple one-connection setup; besides, if one wishes to port the code from one tool implementation to other,
it's counter-productive to have tool specific code parts in the ATS , the abstract test specification ; and test port control code is as specific as it gets.

To cut the long story short, we have received a request to have the connection controlled not through code, but by configuration.
the latest R25A revision of the IPL4 test port includes support for that.

To demonstrate this, I will re-use the code from the previous post https://www.eclipse.org/forums/index.php/t/1084862/
with appropriate modifications.

One thing that changed was that I used www.posttestserver.com instead of httpbin.org for reasons I will come back to.

Let's try first to connect with openssl:



 openssl s_client -connect www.posttestserver.com:443 --tls1_2 --servername www.posttestserver.com -CAfile /etc/ssl/certs/ca-certificates.crt
CONNECTED(00000003)
depth=2 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Domain Validation Secure Server CA
verify return:1
depth=0 OU = Domain Control Validated, OU = "Provided by New Dream Network, LLC", OU = DreamHost Basic SSL, CN = posttestserver.com
verify return:1
Server did acknowledge servername extension.
---
Certificate chain
 0 s:/OU=Domain Control Validated/OU=Provided by New Dream Network, LLC/OU=DreamHost Basic SSL/CN=posttestserver.com
   i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
 1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
   i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
 2 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
   i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIRAPlv5NKl2z8TfWMs83KqLTcwDQYJKoZIhvcNAQELBQAw
gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
Q0EwHhcNMTYwOTI2MDAwMDAwWhcNMTcxMDA5MjM1OTU5WjCBizEhMB8GA1UECxMY
RG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMSswKQYDVQQLEyJQcm92aWRlZCBieSBO
ZXcgRHJlYW0gTmV0d29yaywgTExDMRwwGgYDVQQLExNEcmVhbUhvc3QgQmFzaWMg
U1NMMRswGQYDVQQDExJwb3N0dGVzdHNlcnZlci5jb20wggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDKMCFI9IftsiYPeE5OKnNWBmZ0GfCvKl70EXLZ83Y4
i6JV+BGlGROl6MP6VVAvVqXtJw1PEfojWNGUizQqzTDpnXvxzsJ0/A92DNoe0TGN
339SBXgeDhOUpXwWj4wsIyUCj+klOExre9pFh5QCj56yuMRcxS+sdvu0GR6sGlic
BfeMv25ivyKXQrUQsAQB+KBDk+8Agx//Y06734VQwEz8yuFn1gD0JXMvk3SghbT/
sGCcClLrAfXd/78r51gl3nPqkkTGwBcieQjfE2lvTaDpAh1zTNFjg6sog5FLVqOq
4jnJAP77oUHnKfJ8Ecj+OcdJKd5SxzmaU6vlVGRAe7uHAgMBAAGjggHnMIIB4zAf
BgNVHSMEGDAWgBSQr2o6lFoL2JDqElZz30O0Oija5zAdBgNVHQ4EFgQUy3l8mKUx
izoX1tNpWflVGD7pAKwwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCME8GA1UdIARIMEYwOgYLKwYBBAGy
MQECAgcwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9D
UFMwCAYGZ4EMAQIBMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly9jcmwuY29tb2Rv
Y2EuY29tL0NPTU9ET1JTQURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5j
cmwwgYUGCCsGAQUFBwEBBHkwdzBPBggrBgEFBQcwAoZDaHR0cDovL2NydC5jb21v
ZG9jYS5jb20vQ09NT0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNB
LmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMDUGA1Ud
EQQuMCyCEnBvc3R0ZXN0c2VydmVyLmNvbYIWd3d3LnBvc3R0ZXN0c2VydmVyLmNv
bTANBgkqhkiG9w0BAQsFAAOCAQEAhxUgIGGkywMwpVhBp+N8gCK/0768HcDEWk40
EL4BsdjYg7Z980yGl8Btn/HlX9Hcx8pYdzM5uAU/n8diDeqrlUsiYi9kh8XAT4a1
svc138mABKULkVSxEZIoRcFrfTJFChRxfRRjmIEHav9592pSlcAumbqmix2lGcv3
X/ETy/HZvP4CF7uoelekPcs8vCsULya2oIxzOOs7bwON0nJQMYweqQnrmC1pmgMY
qQEChEFuoz7BWUN41KC6Xf2TBqCU5VIBnGS45ppbGq3L+2v6A/aHX2EMxd1Gw+xz
dsEfCsXSze7ni5UPzgPugxoZma2sDR1eSkN0nawnMk9VLSqhmg==
-----END CERTIFICATE-----
subject=/OU=Domain Control Validated/OU=Provided by New Dream Network, LLC/OU=DreamHost Basic SSL/CN=posttestserver.com
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 5089 bytes and written 333 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: DA2C1DA225C267FDA2935B9E0C98CA46EB578344B3F0DF43A7F44806D79559E7
    Session-ID-ctx: 
    Master-Key: 65B2FAF827D9DA934BBB2170AC94B089F3B4975067F2265CF1D5475E6EF71859029CBBC764A3854CEF57C72F81FD2872
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    0000 - e8 cf 00 32 ae 39 fe 2b-6a 3b b3 20 b4 c9 a6 87   ...2.9.+j;. ....
    0010 - 2e f3 d6 11 e5 ef cf 16-6c dd f9 34 bb fd 2f bd   ........l..4../.
    0020 - aa 32 eb dc 3b 25 6b 56-34 6e cc 80 d0 ab 47 f6   .2..;%kV4n....G.
    0030 - ef 9b c4 00 dc 6a 36 dc-fb 40 42 77 17 dd 39 4b   .....j6..@Bw..9K
    0040 - d8 d5 1b cf e5 0e 94 32-7c 36 92 f2 4a 02 cf 9d   .......2|6..J...
    0050 - eb ef 29 fb 0a 20 1b 0c-25 1d 7b 9b 87 04 50 6d   ..).. ..%.{...Pm
    0060 - 64 a0 1c e1 61 00 9a d0-4d 35 5d 2c 3a 34 5e 31   d...a...M5],:4^1
    0070 - dc 14 de a3 a2 24 a8 6e-8d 9b e8 95 58 35 64 d2   .....$.n....X5d.
    0080 - 3c 93 00 ff 49 63 58 8b-29 a8 14 0c 05 f8 4b ba   <...IcX.).....K.
    0090 - 3f b3 c3 64 5b b2 3d 84-3e 52 d2 31 6d 0d 77 52   ?..d[.=.>R.1m.wR
    00a0 - db a1 c7 20 67 e3 61 55-54 04 f6 78 dc 94 54 eb   ... g.aUT..x..T.
    00b0 - bb a5 46 a1 6d 40 53 25-f3 3f 09 1b f6 6c 68 08   ..F.m@S%.?...lh.
    00c0 - fc 94 3c 87 33 06 b6 78-b6 ea 23 74 15 eb 58 aa   ..<.3..x..#t..X.

    Start Time: 1491381307
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
---
^C


Let's try now to post using curl:

curl -X POST -d something -v  https://www.posttestserver.com/post.php
Note: Unnecessary use of -X or --request, POST is already inferred.
*   Trying 64.90.48.15...
* Connected to www.posttestserver.com (64.90.48.15) port 443 (#0)
* found 173 certificates in /etc/ssl/certs/ca-certificates.crt
* found 704 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
* 	 server certificate verification OK
* 	 server certificate status verification SKIPPED
* 	 common name: posttestserver.com (matched)
* 	 server certificate expiration date OK
* 	 server certificate activation date OK
* 	 certificate public key: RSA
* 	 certificate version: #3
* 	 subject: OU=Domain Control Validated,OU=Provided by New Dream Network\, LLC,OU=DreamHost Basic SSL,CN=posttestserver.com
* 	 start date: Mon, 26 Sep 2016 00:00:00 GMT
* 	 expire date: Mon, 09 Oct 2017 23:59:59 GMT
* 	 issuer: C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA Limited,CN=COMODO RSA Domain Validation Secure Server CA
* 	 compression: NULL
* ALPN, server did not agree to a protocol
> POST /post.php HTTP/1.1
> Host: www.posttestserver.com
> User-Agent: curl/7.47.0
> Accept: */*
> Content-Length: 9
> Content-Type: application/x-www-form-urlencoded
> 
* upload completely sent off: 9 out of 9 bytes
< HTTP/1.1 200 OK
< Date: Wed, 05 Apr 2017 08:35:52 GMT
< Server: Apache
< Access-Control-Allow-Origin: *
< Content-Length: 140
< Content-Type: text/html; charset=UTF-8
< 
Successfully dumped 1 post variables.
View it at http://www.posttestserver.com/data/2017/04/05/01.35.52777481617
* Connection #0 to host www.posttestserver.com left intact




Now here's the test case that we will use:




//******************************************************************
  testcase TC_TCPTest() runs on GeneralComp system SystemComp {
//******************************************************************
    map(self:p, system:p); //connect is done here!!!

 //*************************************************************************
 var f_IPL4_getMsgLen getMsg_Func := refers(f_HTTPMessage_len);
 f_IPL4_setGetMsgLen(p,-1, getMsg_Func, {});   //connId -1!!! 
//*************************************************************************

 p.send(t_data1(-1));  //connId -1!!! 
   t.start(5.0) 
        alt 
        { 
              [] p.receive {repeat};
              [] t.timeout{log("Bye")}

        } 

 unmap(self:p, system:p);//close is done here !!!!
 setverdict(pass);
}
	


with the connection/disconnection related code removed.
When map is executed, the connection parameters are read from the config file, and the connection/association is attempted. At unmap, disconnection takes place.
Note that we don't have a connectionId (when controlled through code , f_IPL4_connect returns a connectionId ); so we have to use -1 for its' value and the port will deal with the rest; of course this is possible only because we can have only one connection.


For comparison, here's the test case used previously :
//******************************************************************
  testcase TC_TCPTest() runs on GeneralComp system SystemComp {
//******************************************************************	
			
    var IPL4asp_Types.Result  vl_result; 
    var integer v_cid
    map(self:p, system:p); 

  vl_result := c_res;

  vl_result :=f_IPL4_connect(
    p,
    tsp_hostname,
    tsp_portnumber,
    "",//default 0.0.0.0 will be used
     0,//random port will be used
    -1,  
   {ssl := {} },
   {}
  )


  log("connect result",vl_result)

  if (not(ispresent(vl_result.connId)))
  {
    log("Could not connect");
   stop;
  } 

   v_cid:=vl_result.connId 

//*************************************************************************
 var f_IPL4_getMsgLen getMsg_Func := refers(f_HTTPMessage_len);
 f_IPL4_setGetMsgLen(p,v_cid, getMsg_Func, {});
//*************************************************************************

 p.send(t_data1(v_cid));
   t.start(5.0) 
        alt 
        { 
              [] p.receive {repeat};
              [] t.timeout{log("Bye")}

        } 

  vl_result := c_res;

  vl_result :=    f_IPL4_close(p, v_cid)
  log("close result",vl_result) 
              
     setverdict(pass);
}


more complicated in appearance.

And here's the relevant part of the config file (note the new parameters map_behavior,map_protocol, RemotePort,Remotheost, defaultListeningPort,defaultListeningHost,lazy_conn_id_handling):


:
[MODULE_PARAMETERS]

HTTPTest.tsp_hostname:="www.posttestserver.com"
HTTPTest.tsp_portnumber:=443
HTTPTest.tsp_url:="/post.php"

[TESTPORT_PARAMETERS]


*.p.map_behavior:="connect" //possible values:"none", "listen" , "connect"
*.p.map_protocol:="tls" //possible values: "udp", "tcp", "sctp", "tls"
*.p.RemotePort:="443"
*.p.Remotheost:="www.posttestserver.com"
*.p.defaultListeningPort:="0"
*.p.defaultListeningHost:="0.0.0.0"
*.p.lazy_conn_id_handling:="yes"
*.p.debug := "Yes"
*.p.ssl_reconnect_attempts := "100"
*.p.ssl_verify_certificate := "No"
*.p.ssl_trustedCAlist_file:= "/etc/ssl/certs/ca-certificates.crt"//Ubuntu 16.04
//*.p.ssl_allowed_ciphers_list:="ECDHE-RSA-AES256-SHA"
:


and the simplified and formatted log:

01:32:35.020996 - TTCN-3 Main Test Component started on ntaf. Version: CRL 113 200/6 R1A.
01:32:35.021090 - TTCN Logger v2.2 options: TimeStampFormat:=Time; LogEntityName:=No; LogEventTypes:=No; SourceInfoFormat:=Single; *.FileMask:=LOG_ALL; *.ConsoleMask:=ERROR | USER; LogFileSize:=0; LogFileNumber:=1; DiskFullAction:=Error
01:32:35.021297 - Connected to MC.
01:32:35.021901 - Executing control part of module HTTPTest.
01:32:35.021934 HTTPTest.ttcn:93 Execution of control part in module HTTPTest started.
01:32:35.021987 HTTPTest.ttcn:70 Test case TC_TCPTest started.
01:32:35.022009 HTTPTest.ttcn:70 Initializing variables, timers and ports of component type HTTPTest.GeneralComp inside testcase TC_TCPTest.
01:32:35.022072 HTTPTest.ttcn:70 Port p was started.
01:32:35.022094 HTTPTest.ttcn:70 Component type HTTPTest.GeneralComp was initialized.
01:32:35.022107 HTTPTest.ttcn:72 Mapping port mtc:p to system:p.
01:32:35.022187 HTTPTest.ttcn:72 entering f__IPL4__PROVIDER__connect: :0 -> www.posttestserver.com:443 / SSL
01:32:35.683685 HTTPTest.ttcn:72 Port p was mapped to system:p.
01:32:35.683963 HTTPTest.ttcn:72 Map operation of mtc:p to system:p finished.
01:32:35.684113 HTTPTest.ttcn:79 Sent on p to system @IPL4asp_Types.ASP_Send : {
    connId := -1,
    proto := omit,
    msg := '504F5354202F706F73742E70687020485454502F312E310D0A43616368652D436F6E74726F6C3A206E6F2D63616368650D0A436F6E74656E742D4C656E6774683A2032380D0A486F73743A207777772E706F7374746573747365727665722E636F6D0D0A0D0A426F7720746F20796F757220546974616E206F7665726C6F72647321'O ("POST /post.php HTTP/1.1\r
Cache-Control: no-cache\r
Content-Length: 28\r
Host: www.posttestserver.com\r
\r
Bow to your Titan overlords!")
}
01:32:35.684290 HTTPTest.ttcn:80 Start timer t: 5 s
01:32:35.869635 HTTPTest.ttcn:81 Message enqueued on p from system @IPL4asp_Types.ASP_RecvFrom : {
    connId := -1,
    remName := "www.posttestserver.com",
    remPort := 443,
    locName := "192.168.139.129",
    locPort := 36036,
    proto := {
        ssl := { }
    },
    userData := 0,
    msg := '485454502F312E3120323030204F4B0D0A446174653A205765642C2030352041707220323031372030383A33323A333620474D540D0A5365727665723A204170616368650D0A4163636573732D436F6E74726F6C2D416C6C6F772D4F726967696E3A202A0D0A436F6E74656E742D4C656E6774683A203134320D0A436F6E74656E742D547970653A20746578742F68746D6C3B20636861727365743D5554462D380D0A0D0A5375636365737366756C6C792064756D706564203020706F7374207661726961626C65732E0A5669657720697420617420687474703A2F2F7777772E706F7374746573747365727665722E636F6D2F646174612F323031372F30342F30352F30312E33322E3336313636313332343130320A506F737420626F647920776173203238206368617273206C6F6E672E'O ("HTTP/1.1 200 OK\r
Date: Wed, 05 Apr 2017 08:32:36 GMT\r
Server: Apache\r
Access-Control-Allow-Origin: *\r
Content-Length: 142\r
Content-Type: text/html; charset=UTF-8\r
\r
Successfully dumped 0 post variables.
View it at http://www.posttestserver.com/data/2017/04/05/01.32.361661324102
Post body was 28 chars long.")
} id 1
01:32:35.869741 HTTPTest.ttcn:83 Receive operation on port p succeeded, message from system(): @IPL4asp_Types.ASP_RecvFrom: {
    connId := -1,
    remName := "www.posttestserver.com",
    remPort := 443,
    locName := "192.168.139.129",
    locPort := 36036,
    proto := {
        ssl := { }
    },
    userData := 0,
    msg := '485454502F312E3120323030204F4B0D0A446174653A205765642C2030352041707220323031372030383A33323A333620474D540D0A5365727665723A204170616368650D0A4163636573732D436F6E74726F6C2D416C6C6F772D4F726967696E3A202A0D0A436F6E74656E742D4C656E6774683A203134320D0A436F6E74656E742D547970653A20746578742F68746D6C3B20636861727365743D5554462D380D0A0D0A5375636365737366756C6C792064756D706564203020706F7374207661726961626C65732E0A5669657720697420617420687474703A2F2F7777772E706F7374746573747365727665722E636F6D2F646174612F323031372F30342F30352F30312E33322E3336313636313332343130320A506F737420626F647920776173203238206368617273206C6F6E672E'O ("HTTP/1.1 200 OK\r
Date: Wed, 05 Apr 2017 08:32:36 GMT\r
Server: Apache\r
Access-Control-Allow-Origin: *\r
Content-Length: 142\r
Content-Type: text/html; charset=UTF-8\r
\r
Successfully dumped 0 post variables.
View it at http://www.posttestserver.com/data/2017/04/05/01.32.361661324102
Post body was 28 chars long.")
} id 1
01:32:35.869780 HTTPTest.ttcn:83 Message with id 1 was extracted from the queue of p.
01:32:37.870853 HTTPTest.ttcn:81 Message enqueued on p from system @Socket_API_Definitions.PortEvent : {
    connClosed := {
        connId := 1,
        remName := "www.posttestserver.com",
        remPort := 443,
        locName := "192.168.139.129",
        locPort := 36036,
        proto := {
            ssl := { }
        },
        userData := 0
    }
} id 2
01:32:37.871063 HTTPTest.ttcn:83 Receive operation on port p succeeded, message from system(): @Socket_API_Definitions.PortEvent: {
    connClosed := {
        connId := 1,
        remName := "www.posttestserver.com",
        remPort := 443,
        locName := "192.168.139.129",
        locPort := 36036,
        proto := {
            ssl := { }
        },
        userData := 0
    }
} id 2
01:32:37.871100 HTTPTest.ttcn:83 Message with id 2 was extracted from the queue of p.
01:32:40.685468 HTTPTest.ttcn:84 Timeout t: 5 s
01:32:40.685541 HTTPTest.ttcn:84 Bye
01:32:40.685598 HTTPTest.ttcn:88 Unmapping port mtc:p from system:p.
01:32:40.685855 HTTPTest.ttcn:88 Port p was unmapped from system:p.
01:32:40.685917 HTTPTest.ttcn:88 Unmap operation of mtc:p from system:p finished.
01:32:40.685941 HTTPTest.ttcn:90 setverdict(pass): none -> pass
01:32:40.685965 HTTPTest.ttcn:90 Terminating component type HTTPTest.GeneralComp.
01:32:40.685981 HTTPTest.ttcn:90 Port p was stopped.
01:32:40.685994 HTTPTest.ttcn:90 Component type HTTPTest.GeneralComp was shut down inside testcase TC_TCPTest.
01:32:40.686007 HTTPTest.ttcn:90 Waiting for PTCs to finish.
01:32:40.686053 HTTPTest.ttcn:90 Setting final verdict of the test case.
01:32:40.686072 HTTPTest.ttcn:90 Local verdict of MTC: pass
01:32:40.686085 HTTPTest.ttcn:90 No PTCs were created.
01:32:40.686096 HTTPTest.ttcn:90 Test case TC_TCPTest finished. Verdict: pass
01:32:40.686111 HTTPTest.ttcn:94 Execution of control part in module HTTPTest finished.
01:32:40.686513 - Verdict statistics: 0 none (0.00 %), 1 pass (100.00 %), 0 inconc (0.00 %), 0 fail (0.00 %), 0 error (0.00 %).
01:32:40.686546 - Test execution summary: 1 test case was executed. Overall verdict: pass
01:32:40.686556 - Exit was requested from MC. Terminating MTC.



Note1: For a server/listener behaviour the following parameters could be used for instance:


[TESTPORT_PARAMETERS]
serv.pt.map_protocol:="udp"
serv.pt.defaultListeningPort:="6633"
serv.pt.map_behavior:="listen"
serv.pt.defaultListeningHost:="127.0.0.1"
serv.pt.lazy_conn_id_handling:="yes"



Note2: Servers with Server Name Indication (SNI) can only be connected via code, by sending a connect ASP which includes tls_hostname as an option to the port :


  vl_result :=f_IPL4_connect(
    p,
    tsp_hostname, 
    tsp_portnumber, 
    "",//default 0.0.0.0 will be used
     0,//random port will be used
    -1,  
   {ssl := {} },
   {{tls_hostname := tsp_hostname}}
  )
  

(see previous post in the series https://www.eclipse.org/forums/index.php/t/1084862/); support for this is not available in the configuration file and this was the reason
I have abandoned httpbin.org for this demo.


See more about SNI in:
https://en.wikipedia.org/wiki/Server_Name_Indication
and
https://major.io/2012/02/07/using-openssls-s_client-command-with-web-servers-using-server-name-indication-sni/

Detailed log and code attached.



Best regards
Elemer



[Updated on: Thu, 13 April 2017 10:43]

Report message to a moderator

Previous Topic:Compilation of big files
Next Topic:Eclipse Titan on Windows10/WSL part 2
Goto Forum:
  


Current Time: Sat Jun 23 22:09:33 GMT 2018

Powered by FUDForum. Page generated in 0.01473 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top