[Help-gnutls] Re: Modifying tls code

Simon Josefsson simon at josefsson.org
Wed Jan 3 11:29:12 CET 2007 

"Avasarala Ranjit-A20990" <ranjit at motorola.com> writes:

> Hi Simon
>
> How do I run these ex-client-srp.c and ex-serv-srp.c? 

Hi.  The examples should be compiled when you built GnuTLS, but you'll
have to read the code to understand have to use them.  For example,
ex-client-srp.c uses a CA certificate in the file "ca.pem" and the
server needs "ca.pem", and also key/cert in "key.pem" and "cert.pem",
and also the SRP password files "tpasswd" and "tpasswd.conf".

> My requirement is as follows:
>
> I need to establish an end to end SRP/TLS connection. 
> Client authenticates to server thru SRP and then data is exchanged over
> TLS.
>
> Initially client sends data over TLS to server
> Then server sends back data to client ..again over TLS'
>
> How do I do this using the ex-client-srp.c and ex-sever-srp.c

Create the appropriate files as above, then modify the part of the
code that sends/receives messages.

Looking at ex-client-srp.c, the client always begin by sending a HTTP
request, then reads the reply and disconnects.  The server reads data
and sends the same data back, indefinitely.

It thus appears as if the examples are quite close to what you need.
Just change the calls to send the data you want in the client, and to
do something useful with data on the server side.

/Simon

> Thanks 
>
>
> Regards
> Ranjit
>
> -----Original Message-----
> From: Simon Josefsson [mailto:simon at josefsson.org] 
> Sent: Thursday, December 28, 2006 2:11 AM
> To: Avasarala Ranjit-A20990
> Cc: help-gnutls at gnu.org
> Subject: Re: Modifying tls code
>
> "Avasarala Ranjit-A20990" <ranjit at motorola.com> writes:
>
>>  
>> Hi
>>
>> I have a requirement to have end to end SRP/TLS connection with a 
>> mechanism to send and receive data. Like the client version of SRP/TLS
>> (gnutls-cli) should be able to send some data to server (gnutls-serv) 
>> and the server should be able to send back some data to the 
>> client(gnutls-cli).
>>
>> How do I go about this? Is this possible with the current tls/srp
> code?
>> If yes which parts of the code I should look at?
>
> I'm not sure what you are asking for.  Implementing a client and server
> that use TLS+SRP to protect the channel, and then send data back and
> forward between the client and server is certainly possible, and quite
> easy.  There are example TLS+SRP code in doc/examples/, see
> ex-client-srp.c and ex-serv-srp.c.  Are you asking for something more
> specific?
>
> /Simon

More information about the Gnutls-help mailing list