Wednesday, January 12, 2000, 6:53:30 AM, you wrote:
>> we just started rewriting the opensrs.pl in PHP so that way we can do all
>> our coding in PHP. Since we are better at that. We are facing
> I recently finished doing that, everything except for the encryption,
> which I'm having problems getting to work.. I've replicated the perl
> method of doing it using MCRYPT, and have been waiting for quite a while
> to get a response back from tucows about what might be wrong.
Hmmm. Can you forward me the note with any details you have on the
MCRYPT problem? I must have misplaced that note or it did not
reach me. There really aren't any PHP gods over here but if it
is protocol related, perhaps we can assist.
> followiung
>> problems - if anyone can help us please do - if anyone has previously
>> already done this or wants to do it jointly please write to me
>>
>> 1) is there any chance of shifting to SSL or SSH in the near future since
>> the current MD5 encrpt is possible in PHP but i cant see anyway to do SSL or
>> SSH
> I also wish they would've just used a SSL or SSH connection, so I
> could've just setup a secure socket to tunnel to their machine. I had
> been told before that they would be using SSL, so I had finished coding
> to the point that my client was fully functional, and I created an SSL
> tunnel on our network to their server when they changed the SRS
> protocol, and implemented the encryption system they use now.
Yeah, we would have loved to stay with more "standards-based"
encryption... after all, SSL and SSH have been scrutinized for a
long time and have had most, if not all bugs worked out. But SSL
carries with it a lot of start-up time which is critical when
authenticating as often as we do. And both of those have licensing
issues which we have been able to avoid on the resellers' behalf.
Perhaps when the RSA license expires in September this year we'll
have had a revelation as to how to do most of these operations in a
more efficient manner using SSL. I wasn't aware that there was an
indication that SSL would be used out of the gate but it must be
there somewhere. I can only apologize to you folks who did
pre-development. We made a big shift with the best intentions but
I know it bit a few who invested time already. ;-(
>> 2) is there any documentation for emulting the functions of the opensrs.pl.
>> currently we are going through it line by line and duplicating each function
>> to ensure that whatever is output remains same in both the programs - but it
>> wouyld be better if there was some documentation
>>
> No docs that I've found. I just port sniffed the connections to figure
> out the protocol... didn't even reference the perl until I reached the
> point of doing encryption.
The docs are very limited. We should be including much more
detailed documentation with the Jan. 15th roll-out which is
designed to assist those writing their own client end or extending
the one we distribute.
>> 3) our development is taking place on a windows machine. i am not being able
>> to find the dll files for the MD5 encryption the manual for PHP gives only
>> the unix versions i need the windows dlls for the same.....
>>
> I'm not aware that such a thing exists. I would recommend doing
> EVERYTHING on a UNIX box for a project like this... it just makes more
> sense.
I concur.
-tom
>> please help if anyone is following the same route. if anyone has any counter
>> suggestions as to why we should not be doing this exercise please comment
>>
> Again, I recommend doing it all on a UNIX box... worst case senario, you
> could probably get a cheap UNIX hosting account and do the development
> from their... just check what libs, etc that the host supports.
> If ya have any major questions, let me know. I'm not at liberty to hand
> over code or anything (unless you had something big to offer in return),
> but I could probably help answer some questions if ya run into any major
> stumbling blocks.
> Brad Murray
> Graphic Technologies
This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:35:14 EDT