On Mon, 24 Sep 2001, Jay 'Eraserhead' Felice wrote:
>
> I used tn5250 with SSH port forwarding for the longest time as my only
> access to an AS/400 from home. I also use CIPE (you can search freshmeat.net
> for it) to create a tunnel from my Linux laptop to the firewall, then you
> can use tn5250 to connect to the AS/400 as if you were on the AS/400's LAN. I
> can still use this method.
Thanks, I'll take a look at CIPE. It sounds like you're running a PPTP
through a tunnel -- that could be useful...
I also discovered that it was pretty easy to write a simple proxy that
I could run on my home PC that would encrypt the data and connect to the
telnet-ssl server on my AS/400.
>
> As for SSL, it should be very easy to add SSL support to tn5250 - it was
> modularized that way originally. A new stream "class" has to be implemented
> which uses the OpenSSL API instead of the plain socketing API. I wish I
> had the time to work on it, as I can probably hack it out in a day or two.
> Such is the life of the business owner *sigh*.
>
> -Jay 'Eraserhead' Felice
Actually, on Sunday I started hacking out an 'sslstream' module for
tn5250... starting with telnetstr.c as a base, and changing it to work
with the SSL API's.
The pain is going to be in curses_terminal_waitevent, since it tries
to do a select() on the socket descriptor as well as on fd 0. This
won't work with SSL, since select() will only see what's happening on
the TCP level. SSL reads data from TCP in blocks, and buffers the
decrypted data, so you can't simply use select() on the descriptor.
And since that's in the terminal object, rather than the stream object,
anything I do to fix it seems like a kludge :)
But... I'll figure something out.
_______________________________________________
This is the Linux 5250 Development Project (LINUX5250) mailing list
To post a message email: [EMAIL PROTECTED]
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/linux5250
or email: [EMAIL PROTECTED]
Before posting, please take a moment to review the archives
at http://archive.midrange.com/linux5250.
