[gnutls-dev] Re: Intent to implement DTLS
Simon Josefsson
jas at extundo.com
Mon May 9 12:43:03 CEST 2005
Guus Sliepen <guus at sliepen.eu.org> writes:
> Implementing it will be a bit harder than I thought at first sight. The
> problem is that internally, GNUTLS has no clear seperation between the
> layers involved in TLS, and it is heavily biased towards TCP. This
> combination is a disaster for me :). I see two ways to proceed.
Ouch.
> 1) Create copies of all handshake, record and transport layer functions
> and modify them to do DTLS instead of TLS. This means lots of code
> duplication, but at least it won't mess with the existing code.
>
> 2) "Fix" the current code by (re)introducing a clean separation between
> the handshake, record and transport layer, and remove the bias towards
> TCP. This means adding DTLS on top of it will be painless and there
> won't be lots of code duplication. However it will touch a lot of
> existing code.
>
> I strongly favour the second way, but if that means the chances of
> having it merged are nihil, I'll go with the first way.
I would not want to have the 1) situation. Duplicated code is painful
to maintain. I don't know how deep the modifications 2) would be, but
I'd vote for going that route too, even if it mean more work
initially. Perhaps Nikos has more input.
/Simon
More information about the Gnutls-dev
mailing list