[gnutls-devel] [gnutls-help] the problem about "stream usage" in dtls/sctp
Nikos Mavrogiannopoulos
nmav at gnutls.org
Sun May 14 09:43:21 CEST 2017
On Thu, 2017-05-11 at 23:26 +0800, Wei Cheng wrote:
> hi,guys!
>
> i have read the rfc6083 which describes the usage of the Datagram
> Transport Layer Security (DTLS) protocol over the Stream Control
> Transmission Protocol (SCTP).
>
> "stream usage " is as follows:
> 4.4. Stream Usage
> All DTLS messages of the ChangeCipherSpec, Alert, or Handshake
> protocol MUST be transported on stream 0 with unlimited
> reliability
> and with the ordered delivery feature.
> DTLS messages of the ApplicationData protocol SHOULD use multiple
> streams other than stream 0; they MAY use stream 0 for everything
> if
> they do not care about minimizing head of line blocking.
>
>
> i write a push_function .like that:
> static ssize_t push_func(gnutls_transport_ptr_t p, const void *data,
> size_t size)
> {
> priv_data_st *priv = p;
> int ret;
> // i sent msg on stream #0
> ret = sctp_sendmsg(priv->fd, data,size ,NULL, 0,0, 0,0, 0,0);
> if (ret < 0)
> printf("fail to sent msg \n");
> else
> printf("success to sent msg in push\n");
> return ret;
> }
>
> i use gnutls_transpoet_set_push_fnuction to register my push
> function,
> so that all message would be sent by my push_function.
> i want to sent alert,handshake,changesuite on stream #0, while
> appilcaiton data is sent on others streams.
> in push_function,all data is already encryped,
> how i can distinguish which kind of msg it is ?
> how should i write my push_function?
> i doubt that i am wrong in this part.
Given that you are in DTLS, the data you receive in the push function
are a complete record message. Thus you can check the ContentType field
of the record message (first byte) to determine the type.
The API however was designed for TCP/UDP and although there are few
instructions at [1], I'm not happy with that. We need simpler functions
to handle SCTP. If you or anyone else has a good proposal for extending
gnutls (new push/pull functions and/or a wrapper for
gnutls_transport_set_fastopen) for it I'd say go for it and open a
merge request. There was an example for TLS over SCTP several years
ago, but we most likely need a much simpler version of it for DTLS.
[0]. https://lists.gnu.org/archive/html/gnutls-devel/2008-08/msg00009.html
[1]. https://www.gnutls.org/manual/html_node/DTLS-and-SCTP.html
regards,
Nikos
More information about the Gnutls-devel
mailing list