hbIRCS : support des connexions sécurisées SSL/TLS
Boris HUISGEN June 29, 2009
Après 1 mois de travail, une javadoc bien trop légère sur le sujet, quasiment aucune aide Google (ce post fut tout de même déterminant), 3 implémentations différentes, des sessions de debug interminables… c’est fait : les connexions sécurisées SSL/TLS sont supportées par mon serveur IRC.
Évidemment, je n’utilise pas les sockets SSL de Java 1.4 - ce serait trop simple - mais le délicat SSLEngine de Java 5 qui apporte le support TLS/SSL aux sockets NIO, bref du TLS taillé pour des I/O non bloquantes en environnement multithreadé :
The
SSLEngine
can be used for a wide variety of I/O types, such as non-blocking I/O (polling), selectable non-blocking I/O,Socket
and the traditional Input/OutputStreams, localByteBuffers
or byte arrays, future asynchronous I/O models , and so on.
[00:25:21] * Looking up localhost
[00:25:21] * Connecting to localhost (::1) port 9999...
[00:25:21] * * Subject: /C=FR/ST=Ile-de-France/L=Paris/O=HBIRCS/OU=HBIRCS/CN=localhost
[00:25:21] * * Issuer: /C=FR/ST=Ile-de-France/L=Paris/O=HBIRCS/OU=HBIRCS/CN=localhost
[00:25:21] * * Subject: /C=FR/ST=Ile-de-France/L=Paris/O=HBIRCS/OU=HBIRCS/CN=localhost
[00:25:21] * * Issuer: /C=FR/ST=Ile-de-France/L=Paris/O=HBIRCS/OU=HBIRCS/CN=localhost
[00:25:22] * * Certification info:
[00:25:22] * Subject:
[00:25:22] * C=FR
[00:25:22] * ST=Ile-de-France
[00:25:22] * L=Paris
[00:25:22] * O=HBIRCS
[00:25:22] * OU=HBIRCS
[00:25:22] * CN=localhost
[00:25:22] * Issuer:
[00:25:22] * C=FR
[00:25:22] * ST=Ile-de-France
[00:25:22] * L=Paris
[00:25:22] * O=HBIRCS
[00:25:22] * OU=HBIRCS
[00:25:22] * CN=localhost
[00:25:22] * Public key algorithm: rsaEncryption (1024 bits)
[00:25:22] * Sign algorithm md5WithRSAEncryption
[00:25:22] * Valid since Jun 1 13:10:42 2009 GMT to Aug 30 13:10:42 2009 GMT
[00:25:22] * * Cipher info:
[00:25:22] * Version: TLSv1/SSLv3, cipher DHE-RSA-AES256-SHA (256 bits)
[00:25:22] * * Verify E: self signed certificate.? (18) -- Ignored
[00:25:22] * Connected. Now logging in...
[00:25:22] * Welcome to the hbIRCS IRC Network bhuisgen!bhuisgen@localhost
[00:25:22] * Your host is irc.bhuisgen.fr, running version 0.2.0-UNSTABLE
[00:25:22] * This server was created Tue Jun 30 00:24:22 CEST 2009
[00:25:22] * irc.bhuisgen.fr 0.2.0-UNSTABLE aiwroOs abeiIklmnoOpqrstv
[00:25:22] * NICKLEN=15 CHANNELLEN=50 TOPICLEN=4096 PREFIX=(ov)@+ CHANTYPES=#&+!
CHANMODES=abeiIklmnoOpqrstv CASEMAPPING=UTF-8 NETWORK=hbIRCS IRC Network :are supported by this server
[00:25:22] * There are 1 users and 0 invisible on 1 servers
[00:25:22] * 0 :operator(s) online
[00:25:22] * 0 :channels formed
[00:25:22] * I have 1 clients and 0 servers.
[00:25:22] * Current local users: 1 Max: 1
[00:25:22] * Current global users: 1 Max: 1
[00:25:22] * - irc.bhuisgen.fr Message of the Day -
[00:25:22] * -
[00:25:22] * - _/ _/ _/_/_/ _/_/_/ _/_/_/ _/_/_/
[00:25:22] * - _/_/_/ _/_/_/ _/ _/ _/ _/ _/
[00:25:22] * - _/ _/ _/ _/ _/ _/_/_/ _/ _/_/
[00:25:22] * - _/ _/ _/ _/ _/ _/ _/ _/ _/
[00:25:22] * - _/ _/ _/_/_/ _/_/_/ _/ _/ _/_/_/ _/_/_/
[00:25:22] * -
[00:25:22] * - Welcome on hbIRCS IRC server !
[00:25:22] * End of /MOTD command
[00:25:22] * Found your IP: [127.0.0.1]
[00:25:22] * irc.bhuisgen.fr sets mode +w bhuisgen
[00:25:22] * irc.bhuisgen.fr sets mode +i bhuisgen
[00:25:22] * irc.bhuisgen.fr sets mode +s bhuisgen
[00:25:37] * You are now an IRC operator