2

I would like to use Cap'n Proto RPC to communicate with a server in the cloud from a desktop box in an office. Cap'n Proto doesn't provide secure network connections through a firewall. I would prefer c++ since I have other components which require this.

I see some people have been looking at nanomsg and other transports which link directly into the application, but I was wondering whether stunnel or something similar might be satisfactory.

The stunnel application, as most know, can provide HTTPS encapsulation of TCP/IP traffic under certain conditions, as per the FAQ:

  1. The protocol is TCP, not UDP.
  2. The protocol doesn't use multiple connections, like ftp.
  3. The protocol doesn't depend on Out Of Band (OOB) data,
  4. Remote site can't use an application-specific protocol, like ssltelnet, where SSL is a negotiated option, save for those protocols already supported by the protocol argument to stunnel.

It seems like Cap'n Proto RPC might satisfy these conditions. I don't think the customer will object to installing stunnel in this case. Has anyone tried this or something similar? If so, your experiences would be appreciated. If someone knows of a faster/lighter alternative it would also be helpful.

thanks!

James Fremen
  • 2,170
  • 2
  • 20
  • 29
  • So, essentially the question is "how the secure my network connection if the program won't do it"? Other than that, your usage of words like firewall is strange. Are you sure you know what it is? – deviantfan Oct 13 '15 at 21:49
  • And if both endpoints are under your / the customers control, don't even start to make some half-assed solutions for specific programs, but make a proper VPN for everything. – deviantfan Oct 13 '15 at 21:51
  • ah.. it was only a matter of time before Trolls appeared :). – James Fremen Oct 13 '15 at 21:58
  • So I'm a troll now? Well... your opinion. You explicitly asked for alternatives, and there are some without all listed restrictions. – deviantfan Oct 13 '15 at 22:01
  • i know the implementor of Cap'n Proto monitors the topic.. if you haven't looked at it yet, it's RPC is actually elegant IMHO. He did the original protocol buffers. And yes.. i'm lazy.. i don't know if that takes the sting out of being called a Troll, but perhaps it helps :) – James Fremen Oct 13 '15 at 22:03
  • @deviantfan Your comments insult the questioner's intelligence yet it seems to me that you are a lot more confused than he is. I'd agree that's pretty troll-ish. – Kenton Varda Oct 14 '15 at 00:37
  • @KentonVarda If you only encounter people on SO who understand everything they wrote, including that they know what they want in the first place, you're really lucky. I gave up to believe in this illusion. Apparently, this is one of the rare cases, sorry for the insult of your intelligence. – deviantfan Oct 14 '15 at 03:16
  • it's all good.. i think the outcome is constructive and that benefits everyone. – James Fremen Oct 14 '15 at 16:34

1 Answers1

2

Yes, Cap'n Proto's two-party protocol (the only one provided currently) should work great with stunnel, since it's a simple TCP-based transport. You will need to run both a stunnel client and a server, of course, but otherwise this should be straightforward to set up. You could also use SSH port forwarding or a VPN to achieve a similar result.

(Note that stunnel itself has nothing to do with HTTPS per se, but is often used to implement HTTPS because HTTP is also a simple TCP protocol and HTTPS is the same protocol except on TLS. In the Cap'n Proto case, Cap'n Proto replaces HTTP. So you're creating Cap'nProto-S, I guess.)

Another option is to implement the kj::AsyncIoStream abstract interface directly based on a TLS library like OpenSSL, GnuTLS, etc. Cap'n Proto's RPC layer will allow you to provide an arbitrary implementation of kj::AsyncIoStream as its transport (via interfaces in capnp/rpc-twoparty.h). Unfortunately, many TLS libraries have pretty ugly interfaces and so this may be hard to get right. But if you do write something, please contribute it back to the project as this is something I'd like to have in the base library.

Eventually we plan to add an official crypto transport to Cap'n Proto designed to directly support multi-party introductions (something Cap'n Proto actually doesn't do yet, but which I expect will be a killer feature when it's ready). I expect this support will appear some time in 2016, but can't make any promises.

Kenton Varda
  • 41,353
  • 8
  • 121
  • 105
  • 1
    thanks! Glad i asked - hopefully it helps other devs. Of all the TLS libraries, BoringSSL seems to be one of the more prominent projects that might get past a security review. Some of the benchmarks show it is significantly faster than OpenSSL for some common use cases. Unfortunately OpenSSL, warts and all, is something companies are familiar with. I don't imagine this is anything new and it will probably all change by the time your team gets to it, but perhaps it helps. I will probably have to be content with stunnel for now but will keep an eye out. – James Fremen Oct 14 '15 at 01:16
  • I am considering doing it sftp way: the client starts ssh connection as a sub-process and simultaneously it starts server on remote end as ssh subsystem. Is all that required is still to provide implementation of one abstract interace + initialization? – uuu777 Nov 13 '19 at 13:35
  • 1
    FWIW, the Cap'n Proto library now includes bindings for TLS on top of OpenSSL or BoringSSL -- see `src/kj/compat/tls.h`. – Kenton Varda Nov 14 '19 at 14:45