Secure connection to server
neville.smythe at optusnet.com.au
Tue Dec 15 19:32:33 EST 2020
A little while ago in this forum we were alerted to the fact that LC direct connection to a remote database not using SSL was a security hole. This also applies to managing Mailman lists on a remote server.
After a steep (re-)learning curve with the various technologies, I now have a working method in place for both mysql and Mailman connections, using php as middleware and posting via curl in a shell script. But it is sooo slooow.
Direct connection downloaded an sql query in a fraction of a second. It now takes over a second. This is acceptable (barely) for an isolated call, but I sometimes need to make a sequence of posts. As I understand it, the slowness is due to the time required to establish the secure connection, not an LC problem. For example establishing an ssh connection in Terminal is even slower; but once established an ssh session is super fast. Similarly curl will reuse authentication credentials within a shell session, so I aggregate as many calls as I can with a single shell script before using shell(myscript), and this definitely helps.
What I would like to do however is use LC server as the middleware: I could then process the required data on the server side; I could not contemplate using php to do this. I suspect the LC post command uses curl under the hood, but I also suspect each post call would create its own session. I don’t think it is possible to establish a single session to talk sequentially to lcserver; if so this would be too slow. Am I correct?
Actually I guess I could just use my present method using curl and shell() instead of post, but addressed to an .lc script instead of .php?
Or is there a whole better way to do what I want?
More information about the use-livecode