[gnutls-dev] Re: Request for goals for GnuTLS 1.7.x

Simon Josefsson simon at josefsson.org
Fri Dec 1 11:40:42 CET 2006


Guus Sliepen <guus at sliepen.eu.org> writes:

> On Wed, Nov 29, 2006 at 03:14:03PM -0800, Adam Langley wrote:
>
>> On 11/29/06, Simon Josefsson <simon at josefsson.org> wrote:
>> >Of course, if you just want to suggest something, that
>> >is appreciated too, but no promises. :)
>> 
>> DTLS (TLS over datagrams, e.g. UDP) has been discussed here a couple
>> of times, but I don't actually know if it ever happened. (I just think
>> it would be cool).
>
> I said I'd try to implement that in GNUTLS, however I haven't created
> anything useful yet. It's not trivial at all.

Right, it is a rather different protocol.

> There is one thing that may be helpful for DTLS support, and also for
> some regular TLS uses, is to have a different way to pass data to
> GNUTLS. Currently, you either do gnutls_handshake(), gnutls_read() or
> gnutls_write(), and those functions call read() and write() on the
> filedescriptors themselves. I can specify custom push and pull
> functions of course, but that doesn't change much. I'd like to see a
> function to push data from a (D)TLS stream, received by the application
> itself, to GNUTLS, and have GNUTLS invoke a callback if it contained
> application data. 

Isn't that possible to do with the existing interfaces?  See the
following for inspiration.  Of course, you'd use
gnutls_transport_set_ptr2 or similar instead of global variables, and
the buffer handling and error handling must be improved, but the
general solution seems to be here.  Perhaps I misunderstood what you
wanted.  If you can dedicate time to work on this, I can create a
branch for DTLS when you start to send patches.

ssize_t my_pull_func (gnutls_transport_ptr_t, const void *data, size_t len)
{
        size_t chunksize = MIN(len, global_len);
        memcpy (data, global_data, chunksize);
        memmove (global_data, global_data + chunk_size, global_len - chunk_size);
        global_len -= chunk_size;
}

int
push_data_from_net_to_gnutls (gnutls_session session, char *data, size_t len)
{
        char buf[MAXBUF];
        size_t len;
        ssize_t l;
        global_data = data;
        global_len = len;
          // Calls my_pull_func internally
        l = gnutls_record_recv (session, buf, &len);
        if (l > 0)
          {
                my_callback (buf, len);
          }
}

/Simon



More information about the Gnutls-dev mailing list