I am using Camel in a multi-homed environment. Therefore I need to specify which local address should be used as the source address when building outbound SFTP connections. I did not find any configuration to do so, the only way I currently see is to write a proxy which simple opens the TCP connection using the correct local address and provide that to Camel.
Are there any obvious ways besides that which I probably simply missed?
Thanks for your help,
Heri
I don't think there is an out-of-the-box solution in Camel.
Camel uses Jsch component to make SFTP connections.
This question/answer implies that it is also not possible out-of-the-box when you use Jsch directly.
Perhaps you can adapt the solution from the question/answer link above.
Related
I want to write a client and server in C preferably, simple C++ if necessary.
The server will run on some flavor of Linux, the client is for testing the server.
I want to ensure messages are received and error free; therefore I will use TCP.
I want them to communicate securely; thus I will use the latest version of TLS (v1.3).
I intend to use the GnuTLS library for reasons:
Actively updated by reputable open source project
License permits selling product
Given the above, if implemented and tested, I could claim that the client/server communication is secure, reliable (a.k.a. assured), and error-checked. Yes?
Am I missing something? Is anything patently false?
Edit: certificates... i think i'm missing something about certificates to protect against man in the middle attacks...
TLS is a complex topic. Depending on your specific code the TLS connection might succeed even if you fail to properly validate the certificate. Thus, just based on what you state so far in your question it cannot be assured that the data are transferred with proper end-to-end protection and that no man in the middle can manipulate the data.
I'm interested in the ip address of remote hosts. Is there an easy way to resolve a host name into its ip address?
After searching in the codename one source code and reading through the documentation, the only way to achieve this seems by implement android/ios native features (e.g. using the InetAddress class).
Yes you would need to implement this using native code or thru the Socket API by implementing the DNS protocol calls.
The InetAddress class can be used in the Android/Desktop ports but other platforms (e.g. iOS) would need the Objective-C/C equivalent of that.
Is it possible to craft a torrent file in such a way that it will bypass a tracker via assigning an IP address of the server hosting the file instead?
I am interested in bittorrents file transfer protocol via libtorrent and they way it downloads files as pieces in such a way that you get an exact corruption free duplicate on the other side, but I would like to bypass the tracker since the files will always be located at one location.
If this is not possible is there any other protocols/libraries I can look into that can be implemented in C, C++ or Ruby?
If you want to do this using the bittorrent protocol, you can do it by creating a .torrent file with a webseed in it. WebSeed - HTTP/FTP Seeding (GetRight style) - BEP19
Then you use a ordinary HTTP or FTP server to host the file(s).
(Use the IP direct in the URL if you want.)
The downloading can be done with any bittorrent client.
It is not possible to put the address to a peer (bittorrent client) in the .torrent file. See: Is it possible to include peers in trackerless torrent file?
but I would like to bypass the tracker since the files will always be located at one location.
If you're implementing your own client using libtorrent for the purpose of 1:1 transfers you probably can inject the remote host's IP and port explicitly.
I don't think it makes all that much sense to try to twiddle with the torrent file if you are building your own client anyway.
Can I generate torrent file that already has peers inside without using trackers, open trackers, dht and peer exchange?
If yes, how can I do that?
The reason I want to do that, is that I want to get peers by DHT and pass that peers to another torrent client that do not supports DHT or peer exchange, and cannot get peers without trackers.
I found this, but I don't understand what is nodes, and if it's what I am searching for.
http://www.bittorrent.org/beps/bep_0005.html#torrent-file-extensions
And please do not advice me to use uTorrent trackerless torrent functionality where it utorrent becomes a tracker. I am not mistaken in what I need and my question is correct.
Sorry, no, that is not possible.
What client is it? Does it not have support to manualy add peers?
Another metod would be to do it the other way round and manualy add your peer to a PEX capable client and then it would be passed around to other PEX capable clients.
Nodes in torrent files is used as one of many ways to bootstrap the DHT. Explained here.
The only thing comming close to what you want to do is webseeds - BEP19, but it's not applicable in this case.
I'm looking to add SSL support to a client application written in C/C++ that I'm developing (it is multi-platform, designed to work on Linux and Windows). OpenSSL documentation is pretty poor, but I found a good working tutorial here. To my knowledge, however, there is no way to bind the socket to a local IP address using the BIO handle. There is a rather old ticket on the OpenSSL bug tracker that addresses this, but I think that no solution has been found (one comment suggests using BIO_get_accept_socket, but that will obviously not work for my client application). Any suggestions, solutions, or alternative libraries that offer this kind of functionality?
You can just create, bind and connect the socket yourself, then use SSL_set_fd to pass the socket to OpenSSL, followed by SSL_connect to set up the session.