Page 1 of 1

Accepting only secure connections with sockets

Posted: Wed Jan 06, 2016 7:46 pm
by MadManSoft
Some questions on securing sockets both “server" and “client" side.

On the server side (which is just an LC app, not a LC server deployment), you open a connection with “accept connections on port xxxx”. I am trying to make sure that only secured connections are made to the server. I’ve tried “accept secure connections on port xxxx” and while it didn’t throw an error, it allowed a client to connect without using the "open secure socket xxxxxxx”, just using the "open socket xxxxxxx” command. I don’t see that secure is listed in the dictionary for “accept” but again, it didn’t throw an error. I’ve also used:

accept connections on port xxxx
secure socket “xxxx”

again, no error, but is this actually secure now? I was also able to connect via the client using the “open socket” command with no error.

So, how do I force the connections to only be secured connections on the server?

On the client side, the "open secure socket xxxxxxx” command seems to work, at least it doesn’t throw an error. However, while I can see the open socket using “the openSockets”, it doesn’t tell me if it is secure or not.

So, is there a way to see if a connected socket is running in secure mode?

Any and all help greatly appreciated!

Re: Accepting only secure connections with sockets

Posted: Wed Jan 06, 2016 7:55 pm
by MadManSoft
After some more testing, I’ve noticed the following:

1) That while using the “accept secure connections on port xxxx” or “secure socket xxxx” after accepting connections doesn’t throw and error, if the client tries to send the server something, the server (I think) closes the connection. There is no error message.

2) When just using “accept connections” without the secure and attempting to open a secure socket on the client doesn’t throw an error, having the client send some data results in a socket error of: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol back on the client connection. So it looks like the socket isn’t getting secured on both sides, but don’t know which one is causing the error.

Hopefully someone from the mothership can comment on this as I’m at a loss at the moment.

Re: Accepting only secure connections with sockets

Posted: Wed Jan 06, 2016 7:58 pm
by MadManSoft
Attached are the client and server files.

Open both in LC and run.