| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jim Basney wrote: > Bryan Hoover <bhoover@xxxxxxxx> wrote: > > Jim Basney wrote: > > > > > Bryan Hoover <bhoover@xxxxxxxx> wrote: > > > > Jim Basney wrote: > > > > > Am I doing something wrong? > > > > > > > > Don't comment the reconnect call :). If possible, the existing connection will be reused, > > > > so "reconnect" is in a sense, a bit of a misnomer. > > > > > > Hmmm. SaslConnection.reconnect() calls disconnect() then connect(), > > > which creates a new Socket(). Watching the network with ngrep, I see a > > > new TCP socket connection after the SaslConnection.reconnect() call. > > > > Well, statelessness protocals, and all that you know. > > > > But the security session -- that's the time consuming thing you want to reuse if possible, and > > that what the lib does, unless, for instance, it's been to long, and session timed out. Then > > you have to renogotiate the security layer -- basically start all over like a first time > > connection. > > You're saying that I can only call SaslClient.wrap() once, after which I > have to go through the SaslClient.evaluateChallenge() loop again? I don't know. My experience with the routines, and the protocol really, is limited. I helped in making passwords immutible, and have used the routines for stateless authentication -- connect, and subsequent connection with a new socket, with the subsequent connection(s) resulting in security session reuse. BTW, if you go back through evaluateChallenge, the call should not result in renegotiation, but rather, reuse of the preexisting security context. Assuming you haven't already done it, you might want to google on 'sasl srp protocol', and read up on the ins, and outs of that. Bryan > -Jim > > _______________________________________________ > gnu-crypto-discuss mailing list > gnu-crypto-discuss@xxxxxxx > http://lists.gnu.org/mailman/listinfo/gnu-crypto-discuss -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (MingW32) - GPGrelay v0.955 iD8DBQFBuOGq38ZFbCo67y4RAtHFAJ4ltztnNJsVJMQJXlwQDjd3HyMhHACgzUkS YbRnMCv/CH3tkPSD6fE8yN4= =XAC/ -----END PGP SIGNATURE----- _______________________________________________ gnu-crypto-discuss mailing list gnu-crypto-discuss@xxxxxxx http://lists.gnu.org/mailman/listinfo/gnu-crypto-discuss
[Home] [Gnu Classpath] [Linux Kernel] [Linux Cryptography] [Fedora] [Fedora Directory] [Red Hat Development] [Red Hat 9 Bible] [Fedora Bible] [Red Hat 9] [Network Security Reading]
|