[Help-gnutls] TLS and SCTP

Nikos Mavrogiannopoulos nmav at gnutls.org
Sat Aug 2 10:20:35 CEST 2008

Sebastien Decugis wrote:
> Hello,
> I am trying to implement TLS over a SCTP association with multiple
> streams (the final goal is to make an open-source implementation of
> Diameter).

I'm not familiar with SCTP but I'll try to reply.

> I understand how to specify my own transport-layer handlers in GNU TLS
> with the set_push_function and set_pull_function, but I think it is not
> sufficient support to handle the TLS over the multiple streams as
> expected. We can create a wrapper function to send data on a specific
> stream, but not to receive only from a given stream. The logic must be:
> we receive a message, we can retrieve its stream number, and then we
> know the TLS context (session) this message belongs to. I cannot see a
> way to achieve this with the API of gnutls.

As far as I understand SCTP is that it is a reliable connection with
multiple streams. For that I'd treat each stream a separate connection
and provide different push/pull functions for each stream.

If the number of streams are undefined a thought of mine would be to
have a multiplexer that will receive messages and tag them appropriately
so the the proper recv function will receive them. Of course this would
require to use custom transport ptr and custom recv/send functions.


More information about the Gnutls-help mailing list