Sunday 19 December 2010

Perforce Software Build Engineer - Bracknell

Perforce Software Build Engineer - Bracknell

Huxley Associates are recruiting for a Software Build Engineer to work for a key client based in Bracknell.

You will join at a fantastic time as they continue in a period of signifant growth due to the demand for their market leading sofware products. The company previously used Subversion as their source-control system but having moved to Perforce they require someone who can bring expertise in that area they currently do not have.

You will be part of a techncially strong software team who currently look after the build process but they want someone to take the burden from them and allow them to focus on the software development process.

To be considered your CV should demonstrate your experience in a Build Engineer role using Perforce, Hudson and Shell Scripting. If you have any knowledge of Java that would be highly beneficial to help understand the software product.

Salary £40,000 - £45,000 + benefits

Apply NOW!!


View the original article here

Perforce Replication

This section of the Knowledge Base augments the Perforce Replication chapter of the Perforce System Administrator's Guide.

SUMMARY: Replication is the duplication of server metadata from one Perforce Server (the master server) to another Perforce Server (the replica server). The basics of replication are covered in ...

View the original article here

Using Stunnel with Perforce

I need to set up bi-directional communications between a Perforce client and a Perforce server across an untrusted network. How do I secure the Perforce network transport?

In order to secure communication between a Perforce client and Server (p4d), you must use a third-party tool to encrypt network traffic between the two. Network encryption tools include ssh, proprietary VPNs, and Stunnel. This article describes the latter.

Note that the following applies to using stunnel to secure a Perforce connection.  For securing P4Web (i.e., setting it up to use https, see: Creating and Optimizing a Secure P4Web Connection With "stunnel".

Stunnel is an open-source encryption package that allows users to set up SSL tunnels between client(s) and server(s). Using stunnel allows you to set up a port that accepts SSL connections from an SSL-enabled client or another stunnel server. Because both the Perforce server (p4d) and its clients (p4, p4v, p4win) do not support SSL, this article demonstrates how to set up two stunnel servers to talk to each other:

One on the client machine, to accept client requests, encrypt them, and forward them on.One on the server machine, which accepts the encrypted connection, decrypts it and passes it on to the Perforce server.The following information is used to demonstrate how to set up Stunnel: The server machine in named foo. It runs Perforce on localhost:1666, and wants to accept incoming SSL connections for Perforce on foo:2666.The client machine is named bar. Stunnel will be set up so that client requests to localhost:1666 are forwarded, encrypted, to foo:2666 (the server machine).
Why set up Perforce on localhost:1666? This prevents anyone from contacting the server without first going through the stunnel. However, this is not a requirement - stunnel can forward the connection to any host and port.

Before you can set up stunnel, you need to create a self-signed SSL certificate for the stunnel server to provide to stunnel clients contacting it. While any SSL software should be able to do this, the quickest way to do it is via the OpenSSL package. When you have OpenSSL installed, run the following command to generate your certificate:

openssl req -new -x509 -days 365 -nodes -out stunnel.pem -keyout stunnel.pem

When you have the certificate, you are ready to set up Stunnel.

The most recent version of Stunnel, as of this writing, is 4.34. The following information applies to version 4.x of Stunnel. Version 3.x uses a substantially different format, please see the Version 3 section below for information on how to set up version 3 of stunnel.

Stunnel is available as part of the base distribution for a lot of Linuxes and some Unixes.  Check the documentation for your particular OS, or go and grab the source.

Windows users should use this package: http://www.stunnel.org/download/binaries.html

Place the following in a file named "stunnel_client.cnf". Place that file somewhere that stunnel can access it.

; stunnel_client.cnfpid=/var/run/stunnel.pid[p4]accept=localhost:1666connect=foo:2666client=yesStart the client-side stunnel on Linux/Unix with: stunnel /stunnel_client.cnf

Client Configuration (Windows)

cert = stunnel.pemsocket = l:TCP_NODELAY=1socket = r:TCP_NODELAY=1debug = 7output = stunnel.logclient = yes[p4s]accept = 1666connect = :2666

Now start the stunnel program.

Any client requests to port 1666 on the local machine are encrypted and forwarded to foo:2666.

Place the following in a file named "stunnel_server.cnf", and place that file somewhere that stunnel can access it.

; stunnel_server.cnfpid=/var/run/stunnel.pid[p4d]cert=/etc/ssl/certs/stunnel.pemaccept=2666connect=localhost:1666

Start the server the same way as the client:

stunnel /stunnel_server.cnf

Now the server is set up to listen for incoming SSL requests to port 2666 and forward them on to port 1666 on the localhost.

Edit the service's "stunnel.conf" and place the following within it: cert = stunnel.pemkey = stunnel.pemsocket = l:TCP_NODELAY=1socket = r:TCP_NODELAY=1debug = 7output = stunnel.logclient = no[p4s]accept = 2666 connect = 1666 

Now start the stunnel program.  Incoming requests to port 2666 will now be decrypted and sent to port 1666.

If you are using version 3 of Stunnel, then you do not need to set up configuration files - you can specify everything on the command line.

stunnel -p /stunnel.pem -d 2666 -r localhost:1666

The above command sets up stunnel to listen to port 2666 and pass connections on to localhost:1666.

stunnel -c -d localhost:1666 -r foo:2666

The above command sets up stunnel to forward requests to port 1666 on to foo:2666.


View the original article here