Author Topic: SSL support  (Read 5361 times)

0 Members and 1 Guest are viewing this topic.

Robin

  • Guest
SSL support
« on: November 17, 2004, 03:38:52 PM »
Any plan for SSL(https) support ?

Thanks

Robin

Offline rejetto

  • Administrator
  • Insane programmer
  • *
  • Posts: 12800
  • Country: it
    • View Profile
SSL support
« Reply #1 on: November 17, 2004, 04:37:47 PM »
Quote from: "Robin"
Any plan for SSL(https) support ?
nope
i'm using a free lib, but i should pay to get SSL

Guest

  • Guest
Re: SSL support
« Reply #2 on: December 06, 2007, 04:25:58 PM »
Quote
OpenSSL is based on the excellent SSLeay library developed by Eric A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an Apache-style licence, which basically means that you are free to get and use it for commercial and non-commercial purposes subject to some simple license conditions.
http://www.openssl.org/

Offline MarkV

  • Insane poster
  • *****
  • Posts: 745
    • View Profile
Re: SSL support
« Reply #3 on: December 06, 2007, 11:10:22 PM »
Don't know how Apache-style license goes with the GPL, though... maybe as an optional component.
http://worldipv6launch.org - The world is different now.

andreone

  • Guest
Re: SSL support
« Reply #4 on: December 07, 2007, 04:02:14 AM »
Miranda IM is GPL and uses OpenSSL for Jaber networks. I really don't think they break any license.
At least one secure protocol would be valuable to HPS.

Offline rejetto

  • Administrator
  • Insane programmer
  • *
  • Posts: 12800
  • Country: it
    • View Profile
Re: SSL support
« Reply #5 on: December 07, 2007, 08:04:18 PM »
the license is not a problem, openssl is free software.
it's a matter of work.

cmatte

  • Guest
Re: SSL support
« Reply #6 on: December 08, 2007, 08:49:45 AM »
I've gotta say using stunnel isn't that bad, if not for the logs of HFS which show 127.0.0.1 instead of the external ip shown only on stunnel logs.
One suggestion, could you please add the ability to add https:// instead of http:// at the beginning of the URLs copied/made from HFS?

Offline maverick

  • Insane poster
  • *****
  • Posts: 1052
  • Computer Solutions
    • View Profile
Re: SSL support
« Reply #7 on: December 08, 2007, 09:04:58 AM »
I've gotta say using stunnel isn't that bad, if not for the logs of HFS which show 127.0.0.1 instead of the external ip shown only on stunnel logs.
One suggestion, could you please add the ability to add https:// instead of http:// at the beginning of the URLs copied/made from HFS?

When stunnel is active, use the stunnel logs not hfs logs.  Stunnel is a stand alone program.  When stunnel is active all urls shown in the browser automatically start with https://.
maverick

Offline rejetto

  • Administrator
  • Insane programmer
  • *
  • Posts: 12800
  • Country: it
    • View Profile
Re: SSL support
« Reply #8 on: December 08, 2007, 09:10:46 AM »
sadly the https:// is automatic only when it is just not specified elsewhere, and the browser does the job.

sometimes URLs generated by HFS include http:// like for urls that contains passwords.
i don't know how to autodetect this, but i may introduce an option so you can chose it manually. i put it in the to-do-list.

cmatte

  • Guest
Re: SSL support
« Reply #9 on: December 16, 2007, 09:47:27 AM »
i don't know how to autodetect this, but i may introduce an option so you can chose it manually. i put it in the to-do-list.
That's exactly what I meant, thanks ;)

cmatte

  • Guest
Re: SSL support
« Reply #10 on: December 16, 2007, 09:54:27 AM »
Sorry for the double post, I were just thinking at how you could autodetect it: a simple way could be to check if stunnel.exe running process exists (I know, not a good one but it's a beginning!).
You could implement this, and a user should be able to choose if enabling/disabling https manually, or use the autodetect stuff.
Anyway a manual choose is enough I think ;)

Offline Unknown8063

  • Experienced poster
  • ***
  • Posts: 96
    • View Profile
Re: SSL support
« Reply #11 on: December 17, 2007, 11:50:38 AM »
Unfortunately these solutions are not sufficient for my needs.  I use one instance of HFS which is meant to be accessed either from HTTPS or HTTP depending on if the user is from the Internet or private network.

Additionally, both connections use the same IP address from HFS's point-of-view as the machine forwarding Internet connections uses the same private network IP that private network users use directly.
« Last Edit: December 17, 2007, 12:03:37 PM by Unknown8063 »

Offline rejetto

  • Administrator
  • Insane programmer
  • *
  • Posts: 12800
  • Country: it
    • View Profile
Re: SSL support
« Reply #12 on: December 17, 2007, 12:22:57 PM »
let me know if you find a way to tell one from the other