[erlang-patches] DTLS patch

Andreas Schultz aschultz@REDACTED
Mon Jul 13 11:52:15 CEST 2015


Hi,

----- Original Message -----
> From: "Max Lapshin" <max.lapshin@REDACTED>
> To: "Andreas Schultz" <aschultz@REDACTED>
> Cc: "Roland Karlsson" <roland.karlsson@REDACTED>, "erlang-patches" <erlang-patches@REDACTED>, "Haiyang Yin"
> <haiyang.yin@REDACTED>
> Sent: Monday, July 13, 2015 11:18:42 AM
> Subject: Re: [erlang-patches] DTLS patch

> Well, implementing DTLS is a very nice thing =)

> I'm trying to look if it is possible to reuse existing SSL implementation for
> it, but it seems that it is rather hard, because erlang SSL is a very
> self-contained thing, designed for isolated usage, not like a library on top of
> existing socket.

Well, the TLS code has a concept of a transport call back module for abstracting
the underlying socket. There is no documentation for that and it's (IMO) not very
consistent either.

For my version, I used that and implemented a UDP socket wrapper call back module.
For your case, you could use that socket wrapper as a starting point and modify it.
That's what I do for CAPWAP DTLS support.

I believe Haiyang Yin patch has a very similar mechanism. The cb module is called
dtls_transport and utilizes dtls_socket_manager and dtls_socket_server. Just
extract them, rename and alter to your needs, then pass your version as cb_info
argument into the ssl socket setup.

Andreas



More information about the erlang-patches mailing list