I have app that is both client and server in terms of TCPIP connection.
客户(1externl) ---A--->我的应用——B-->服务器(1个外部)
Connections A and B are mostly done with CAsyncSocket but with CSocket too (there are more than 1 A and more than 1 B).
我的任务是捍卫民主力量联盟对A s和Bs。 我们必须在满足安全要求的道路上走下去——行政可以操纵隧道或听取隧道与我的应用之间的联系。 不要问,这就是为什么在我的评估中,我们必须这样做,而不是用 st子去做。
Currently SSL is implemented with external SSL tunnel (stunnel).
客户(1externl) ---A-->STUNNEL1 -->My App --->STUNNEL2 --B->服务器(1个外部)
将SSL添加到A和B中,例如开放式APIC,是许多ir脏的工作。 太多。
So I thought.. is it somehow possible to create SSL tunnel (instead stunnel) inside my app. And make existing sockets connect to tunnel but so that windows admin could not listen traffic between App and tunnel?
NOW is:
My app now:
Listens 192.168.1.1:5000
Listens 192.168.1.1:5001
Connects to 192.168.1.2:9000
Connects to 192.168.1.2:9001
New schema:
Listens 127.0.0.1:15000
Listens 127.0.0.1:15001
ThreadTunnel listens 192.168.1.1:5000 (forwards to 127.0.0.1:15000)
ThreadTunnel listens 192.168.1.1:5001 (forwards to 127.0.0.1:15001)
Connects to 127.0.0.1:19000
Connects to 127.0.0.1:19001
ThreadTunnel listens 192.168.1.1:19000 (forwards to 192.168.1.2:9000 )
ThreadTunnel listens 192.168.1.1:19001 (forwards to 192.168.1.2:9001 )
This schema would be ideal but problem is that admin could listen traffic between
127.0.0.1:15000 <-> 192.168.1.1:5000
or 127.0.0.1:19000 <-> 192.168.1.1:19000
是否有办法将CSocket/CAsyncSocket and OpenSSL spead perinother in same 。 因此,行政无法控制交通?