Implementing TLS in pike

My next task was an enhancement. The command line client for sTeam was not using any kind of encryption and all the data sent over a network was in clear text. Now this was a little different from normal tasks because,

1. TLS had to be implemented in Pike.

2. TLS was to be implemented over COAL.

COAL is a home grown protocol specially for sTeam. My mentor Martin helped me to go about this task. He taught me how to break a task into small ones. I began with writing an SSL client in pike that can interact with an https server. It turned out pike has an SSL module that just made the task very simple. I had to understand how SSL works however pike made the task quite easy. I also received constant help from the pike mailing list where people actively guided me in the right direction.

Once I was done with the SSL client I approached the actual problem. I had to understand the functioning of COAL and narrow down the particular files involved. I had to wrap the COAL protocol in TLS so that it becomes COALS. Pike allows users to import programs at objects. This was used to import client_base.pike. This file involved the code for the connection. I had to throughly go through this and the files that it imported that is kernel/socket. After several experiment with these files I was able to use the SSL module and successfully make the connection use the TLS protocol. I checked this using wireshark, which captured all the packets over the network and all the data could be seen as encrypted.

wireshark clear text
clear text data over network
wireshark ssl
encrypted data after implementing TLS protocol
Close Menu