* A few other things you can already do in s_client and s_server :-)
- * Support (and control over) session resuming, particular when functioning as
- an SSL client.
+ * Support (and control over) session resuming, particularly when functioning
+ as an SSL client.
If you have a particular environment where this model might work to let you "do
SSL" without having OpenSSL be aware of the transport, then you should find you
First, it's assumed that OpenSSL has already built, and that you are building
inside the ./demos/tunala/ directory. If not - please correct the paths and
-flags inside the Makefile.
+flags inside the Makefile. Likewise, if you want to tweak the building, it's
+best to try and do so in the makefile (eg. removing the debug flags and adding
+optimisation flags).
-Secondly, this code so far has only ever been built and run on Linux - network
-specifics are more than likely to create little glitches on other unixen,
-particularly Solaris in my experience. If you're not on Linux, please read the
-code wherever compilation flares up and try to make the necessary changes -
-usually the man-page associated with the relevant function is enough (eg. all
-that AF_INET/PF_INET stuff, subtely different parameters to various IPv4-related
-functions like socket(), bind(), fcntl(), etc).
+Secondly, this code has mostly only been tested on Linux. However, some
+autoconf/etc support has been added and the code has been compiled on openbsd
+and solaris using that.
Thirdly, if you are Win32, you probably need to do some *major* rewriting of
ip.c to stand a hope in hell. Good luck, and please mail me the diff if you do
this, otherwise I will take a look at another time. It can certainly be done,
but it's very non-POSIXy.
-Type make.
+See the INSTALL document for details on building.
Now, if you don't have an executable "tunala" compiled, go back to "First,...".
Rinse and repeat.
Inside one console, try typing;
(i) ./tunala -listen localhost:8080 -proxy localhost:8081 -cacert CA.pem \
- -cert A-client.pem
+ -cert A-client.pem -out_totals -v_peer -v_strict
In another console, type;
(ii) ./tunala -listen localhost:8081 -proxy localhost:23 -cacert CA.pem \
- -cert A-server.pem -server 1
+ -cert A-server.pem -server 1 -out_totals -v_peer -v_strict
Now if you open another console and "telnet localhost 8080", you should be
-tunneled through to the telnet service on your local machine. Feel free to
-experiment :-)
+tunneled through to the telnet service on your local machine (if it's running -
+you could change it to port "22" and tunnel ssh instead if you so desired). When
+you logout of the telnet session, the tunnel should cleanly shutdown and show
+you some traffic stats in both consoles. Feel free to experiment. :-)
Notes: