>> I'm going to use stream protocol - TCP/IP. Here is the template source
>> code of the server without the encryption part
>
>We mean application protocol.
>
>> while (1) {
>> sock = accept(listensock, NULL, NULL);
>> printf("client connected to child thread %i with pid %i.\n",
>> pthread_self(), getpid());
>> nread = recv(sock, buffer, 25, 0);
>> buffer[nread] = '\0';
>> printf("%s\n", buffer);
>> send(sock, buffer, nread, 0);
>> close(sock);
>> printf("client disconnected from child thread %i with pid %i.\n",
>> pthread_self(), getpid());
>> }
>> }
>
>This code isn't very helpful. It just reads and writes the very same
>data. Nothing in this code tells us, for example, how to identify a
>complete message.
>
>You could interpose an encryption protocol that also imposed no such
>requirements. You would need to work out your own padding though.
>Blowfish is a block encryption algorithm and cannot encrypt just a
>single byte. So if you only read one byte, you'd need to pad it before
>encryption and then you'd need some way to remove the padding on the
>other end.
>
>I would strongly urge you to just use SSL. It is designed for *exactly*
>this purpose.
>
>DS
>
Thank you David. I will give you more information about the code I'm goind to
write.
What is the purpose of the project?
This is a open source project - I need a way to monitor a huge number of
servers - monitor CPU load, RAM load, HDD load, installed packets and etc. The
data which will gathered will be structured in JSON format and sended to one
main server - Centos x86_64. The load will very high - every for example 2
hours the main Centos server will make checks of the monitored servers - this
means that the monitored servers will establish connection with the main server
and exchange JSON data maybe 200+ lines.
Later on it will be added support for remote patching - this will include
trasportation of installable rpm file to the remote server - sometimes bigger
files will be transported.
So I need a high performance solution that can handle many connections with
little server load.
1. SSL is a good solution but is not high performance - it's more suitable for
encryption of a web page. When establishing connection more that 100
connections are used
to perform the SSL handshake and is not suitable for big bynary data.
2. Symethric encryption is more suitable because it is higth performance and
will scale very well.
I need a high performance optimizad solution.
What is your opinion?
What will be the best approach?
Regards
Peter
