Article delegate-en/3527 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A3526@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: DeleGate with SSL encryption for a MSSQL
05 Oct 2006 08:14:27 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


Hi,

In message <_A3526@delegate-en.ML_> on 10/05/06(12:50:22)
you "Jae Hwang" <pyugqbdyi-7pkjwoaeerfr.ml@ml.delegate.org> wrote:
 |The suggested args (both STLS and FCL with -dv) have been tried, and the
 |related logs are shown below.
...
 |(1) delegated.exe -P11433 SERVER="tcprelay://localhost:1433" STLS=fcl
 |-vd
 |
 |10/04 23:21:14.30 [7456] 1+1: SSL_isrecord? 8 [12  1  0 29  0]
 |10/04 23:21:14.30 [7456] 1+1: # SSL record head[12  1  0 29  0] SSL2

Hmm... This packet seems not the one in SSL.

 |(3) Client Info:
 |
 |A client utilizes a JAVA JDBC driver (jTDS:
 |http://jtds.sourceforge.net/) with an option forcing SSL. When this
 |jTDS/SSL communicates directly to MSSQL/SSL, it actually works fine.  I
 |was trying to move this encryption works to DeleGate, and let MSSQL
 |operate in a normal mode.  The Java stacktrace also shows that it fails
 |a SSL-handshake when the client tries to communicate with DeleGate.
 |
 |Caused by: java.net.SocketException: Connection reset 	at 
 |....    
 |   net.sourceforge.jtds.jdbc.TdsCore.negotiateSSL(TdsCore.java:532)

Maybe the packet is the one in TDS for authentication in which the
usage of SSL is negotiated.
So it is necessary to interpret at least the authentication sub-protocol
of TDS to relay MSSQL over SSL.

Cheers,
Yutaka
--
  9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V