Re: [mico-devel] encyption on the data between CORBA objects

GANGA KAMATH Wed, 11 Apr 2018 20:55:23 -0700

Hi,

I configured mico with ssl support with flag "with-ssl=<openssl path>.
Build and install mico.


I modified the code under demo/ssl to send a message from client to server .

in command prompt run the server :
ADDR=ssl:inet:`uname -n`:12124
./server -ORBIIOPAddr $ADDR -ORBSSLcert s_cert.pem -ORBSSLkey s_key.pem

on another command prompt , run the client using below command :
./client `cat sec_hello.ior` -ORBSSLcert c_cert.pem -ORBSSLkey c_key.pem

client is able to achieve a connection with server . But  i am getting core
dump .

./server -ORBIIOPAddr $ADDR -ORBSSLcert s_cert.pem -ORBSSLkey s_key.pem
authentication method: ssl
peer address: ssl:inet:10.79.1.91:58442
cipher: AES256-GCM-SHA384
issuer:
subject:
subject's name:
subject's email:
incoming msg from client: hello
ssl.cc:918: assertion failed
Aborted (core dumped)

Coredump:
Program terminated with signal 6, Aborted.
#0  0x00007f7863afa1d7 in raise () from /lib64/libc.so.6
Missing separate debuginfos, use: debuginfo-install
glibc-2.17-157.el7_3.1.x86_64 keyutils-libs-1.5.8-3.el7.x86_64
krb5-libs-1.13.2-10.el7.x86_64 libcom_err-1.42.9-7.el7.x86_64
libgcc-4.8.5-11.el7.x86_64 libselinux-2.2.2-6.el7.x86_64
libstdc++-4.8.5-11.el7.x86_64 openssl-libs-1.0.1e-42.el7.9.x86_64
pcre-8.32-15.el7.x86_64 xz-libs-5.1.2-12alpha.el7.x86_64
zlib-1.2.7-17.el7.x86_64
(gdb) bt
#0  0x00007f7863afa1d7 in raise () from /lib64/libc.so.6
#1  0x00007f7863afb8c8 in abort () from /lib64/libc.so.6
#2  0x00007f78651f5899 in mico_assert(char const*, int) () from
/sect/package/mico_2.3.12/lib/libmico2.3.12.so
#3  0x00007f78651fe4d2 in MICOSSL::SSLTransport::close() () from
/sect/package/mico_2.3.12/lib/libmico2.3.12.so
#4  0x00007f78651fefcd in MICOSSL::SSLTransport::~SSLTransport() () from
/sect/package/mico_2.3.12/lib/libmico2.3.12.so
#5  0x00007f78651ff0f9 in MICOSSL::SSLTransport::~SSLTransport() () from
/sect/package/mico_2.3.12/lib/libmico2.3.12.so
#6  0x00007f78651e8472 in MICO::GIOPConn::~GIOPConn() () from
/sect/package/mico_2.3.12/lib/libmico2.3.12.so
#7  0x00007f78651e8739 in MICO::GIOPConn::~GIOPConn() () from
/sect/package/mico_2.3.12/lib/libmico2.3.12.so
#8  0x00007f78651e6770 in MICO::IIOPServer::kill_conn(MICO::GIOPConn*,
unsigned char) ()
   from /sect/package/mico_2.3.12/lib/libmico2.3.12.so
#9  0x00007f78651e6a93 in MICO::IIOPServer::callback(MICO::GIOPConn*,
MICO::GIOPConnCallback::Event) ()
   from /sect/package/mico_2.3.12/lib/libmico2.3.12.so
#10 0x00007f78651ec2ff in MICO::GIOPConn::do_read(unsigned char) () from
/sect/package/mico_2.3.12/lib/libmico2.3.12.so
#11 0x00007f78651b879b in MICO::SelectDispatcher::handle_fevents(fd_set&,
fd_set&, fd_set&) ()
   from /sect/package/mico_2.3.12/lib/libmico2.3.12.so
#12 0x00007f78651b8865 in MICO::SelectDispatcher::run(unsigned char) ()
from /sect/package/mico_2.3.12/lib/libmico2.3.12.so
#13 0x00007f78651ca5ef in CORBA::ORB::run() () from
/sect/package/mico_2.3.12/lib/libmico2.3.12.so
#14 0x0000000000405c2d in main ()

Can you please help me to fix this assertion.

Thanks and regards,
Ganga.



On Tue, Apr 10, 2018 at 7:47 PM, GANGA KAMATH <kamath.ga...@gmail.com>
wrote:

> sorry for the typo .its not game. Its gmake
>
> I am compiling the code under demo/ssl using gmake and when i try to run
> ssl script and i get the below error.
>
> uncaught MICO exception: IDL:omg.org/CORBA/INITIALIZE:1.0 (0,
> not-completed)
> ./ssl: line 47:  6547 Aborted                 (core dumped) ./server
> -ORBIIOPAddr $ADDR -ORBSSLcert s_cert.pem -ORBSSLkey s_key.pem
> -ORBSSLverify 0
> client.cc:33: assertion failed
> ./ssl: line 52:  6551 Aborted                 (core dumped) ./client `cat
> sec_hello.ior` -ORBSSLcert c_cert.pem -ORBSSLkey c_key.pem -ORBSSLverify 0
>
> If i just run the server with ./server command and client with  ./client
> `cat sec_hello.ior` command , it works fine ,but i dont see any
> encryption.  Am i missing anything here ?
>
>
>
> Thanks and Regards,
> Ganga.
>
> On Tue, Apr 10, 2018 at 7:22 PM, Karel Gardas <kgar...@objectsecurity.com>
> wrote:
>
>>
>> Sorry, but I don't have any idea about what's "game" you are talking
>> about...
>>
>> Cheers,
>> Karel
>>
>> On 04/10/18 03:18 PM, GANGA KAMATH wrote:
>>
>>> Thank you for the response .
>>>
>>> Do I have to run the game command with any flag to enable SSL option ?
>>> I tried running this example , but I couldn't achieve the encryption .
>>>
>>> Thanks and Regards,
>>> Ganga.
>>>
>>> On Tue, Apr 10, 2018, 6:08 PM Karel Gardas <kgar...@objectsecurity.com
>>> <mailto:kgar...@objectsecurity.com>> wrote:
>>>
>>>
>>>     Please update to latest MICO HEAD from darcs repository and then see
>>>     demo/ssl and demo/sl3 or even test/sl3 subdirectories for various
>>>     examples of using TLS-protected communication.
>>>
>>>     Cheers,
>>>     Karel
>>>
>>>     On 04/10/18 02:31 PM, GANGA KAMATH wrote:
>>>      > In my project, all the subsytems talk to each other thro CORBA
>>>     objects .
>>>      > When I tried to capture the packet between these subsystems , I
>>>     see that
>>>      > it uses GIOP protocol and data is not encrypted . Is it possible
>>> to
>>>      > encrypt the data sent between CORBA objects.
>>>      >
>>>      > I am using mico 2.3.12 version on Cent OS 7.2. Kindly guide me
>>> how to
>>>      > achieve TLS for communication between these CORBA ports.
>>>      >
>>>      > I read about option of encryption thro SSLIOP, but how do we
>>>     integrate
>>>      > that feature?
>>>      >
>>>      > Thanks and Regards,
>>>      > Ganga
>>>      >
>>>      >
>>>      >
>>>     ------------------------------------------------------------
>>> ------------------
>>>      > Check out the vibrant tech community on one of the world's most
>>>      > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>      >
>>>      >
>>>      >
>>>      > _______________________________________________
>>>      > Mico-devel mailing list
>>>      > Mico-devel@lists.sourceforge.net
>>>     <mailto:Mico-devel@lists.sourceforge.net>
>>>      > https://lists.sourceforge.net/lists/listinfo/mico-devel
>>>      >
>>>
>>>
>>>     --
>>>     Karel Gardas kgar...@objectsecurity.com
>>>     <mailto:kgar...@objectsecurity.com>
>>>     ObjectSecurity Ltd. http://www.objectsecurity.com
>>>
>>>
>>
>> --
>> Karel Gardas                  kgar...@objectsecurity.com
>> ObjectSecurity Ltd.           http://www.objectsecurity.com
>>
>
>

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot

_______________________________________________
Mico-devel mailing list
Mico-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mico-devel

Re: [mico-devel] encyption on the data between CORBA objects

Reply via email to