Socket Help

[Phil Davis]

Hi Bob,

I created a client-server business system for a client some years ago. 
It too uses data encryption. What I did on the server side was prep the 
data for net transfer (base64Encode it as the final prep step, I think), 
then transfer length(data) & CR & data.

On the client side, the app reads from the socket for 1 line (which goes 
into a variable, say "X"), then read from socket for X bytes. This keeps 
it simple - no need for special terminators etc - and seems to always work.

Phil Davis


On 4/5/20 12:51 PM, Bob Sneidar via use-livecode wrote:
> Hi Kee. Thanks for the response.
>
> I decided to go ahead and bypass the issue of the client and server being on the same device. I got my laptop out and created the server app there. I got it working as advertised.
>
> [Technical stuff]
> One thing I am doing is encrypting the data before sending it. The thing is, I needed a delimiter of some kind when reading the data back, because the data will be variable in length, and the end char will also be variable.
>
> So what I did is I appended a termination character after the encrypted data before sending it, then stripped the termination on the server side before decrypting it. I do the same thing when sending data back. This has the effect of making any intercepted data in transit impossible to decrypt without knowing that there IS a terminator, what the terminator is, the encryption key and the seed! Even a brute force method would fail to decrypt the data.
>
> I could get even fancier by sending two transmissions each way, the first being the randomized position and "poison pill" character that will be inserted into the encrypted data (itself encrypted), and a second the actual encrypted data. Even if the client and server stacks aren't password protected, there would be no way to anticipate what the poison pill character and position was.
>
> I suppose I could use a web server with SSL certs, but first, I don’t know how, and second I would be adding the lag time for the web server to respond. Right now it's taking a little over 300 milliseconds for a simple string to return on a local area network
>
> My goal is to create a client/server agent that I can securely send database queries to and get results back from.
>
> Bob S
>
>
> On Apr 5, 2020, at 11:55 AM, Kee Nethery via use-livecode <use-livecode at lists.runrev.com<mailto:use-livecode at lists.runrev.com>> wrote:
>
> Here’s how this should work.
>
> Server has an IP and port number that it listens on. Client sends a packet from the same IP and some random port.
>
> Computer routes the packet and it doesn’t have to send the packet out on the net. It goes out the client port and back in to the server port.
>
> Server replies from its port to the client port (client is waiting for a reply).
>
> Try talking to your server with a browser on your computer and see what the server response looks like.
>
> Kee Nethery
>
> On Apr 5, 2020, at 11:22 AM, Bob Sneidar via use-livecode <use-livecode at lists.runrev.com<mailto:use-livecode at lists.runrev.com>> wrote:
>
> Hi all.
>
> I am creating a client/server socket based app and I am trying to develop both the client and server on the same workstation, and I am having difficulty. I *think* the issue is that the client and server cannot both be on the same system, but I’m not entirely sure. I’m asking the system to listen and also talk on the same port.
>
> Anyone have any insight into this?
>
> Bob S
>
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com<mailto:use-livecode at lists.runrev.com>
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>
>
>
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode