[erlang-questions] DTLS example

pablo platt pablo.platt@REDACTED
Wed Mar 5 17:22:25 CET 2014


Hi,

I'm using R16B01.

I'm getting an error even when adding the Ciphers:
{{badmatch,{error,{options,{ciphers,[{ecdhe_rsa,aes_128_cbc,sha},{dhe_rsa,aes_128_cbc,sha},{rsa,aes_128_cbc,sha},{ecdhe_rsa,aes_256_cbc,sha},{dhe_rsa,aes_256_cbc,sha},{rsa,aes_256_cbc,sha},{ecdhe_psk,aes_128_cbc,sha},{dhe_psk,aes_128_cbc,sha},{ecdhe_psk,aes_256_cbc,sha},{dhe_psk,aes_256_cbc,sha}]}}}}

Port = 5070,
Ciphers = [{ecdhe_rsa, aes_128_cbc, sha},
                {dhe_rsa, aes_128_cbc, sha},
                {rsa, aes_128_cbc, sha},
                {ecdhe_rsa, aes_256_cbc, sha},
                {dhe_rsa, aes_256_cbc, sha},
                {rsa, aes_256_cbc, sha},
                {ecdhe_psk, aes_128_cbc, sha},
                {dhe_psk, aes_128_cbc,sha},
                {ecdhe_psk, aes_256_cbc, sha},
                {dhe_psk, aes_256_cbc,sha}],
Options = [{versions, ['dtlsv1.2', dtlsv1]},
                {cb_info, ssl_udp},
                {reuseaddr, true},
                {active, false},
                {ciphers, Ciphers},
                {certfile,Cert},
                {keyfile, Key}],
{ok, LSocket} = ssl:listen(Port, Options)

Pablo


On Wed, Mar 5, 2014 at 6:02 PM, Andreas Schultz <aschultz@REDACTED> wrote:

> Hi Pablo,
>
>
> ----- Original Message -----
> > Now I'm getting an error:
> > {error,{options,{ciphers,[]}}}
> >
> > When calling:
> >
> > Options = [{versions, ['dtlsv1.2', dtlsv1]},
> > {cb_info, ssl_udp},
> > {reuseaddr, true},
> > {active, false},
> > {certfile,Cert},
> > {keyfile, Key}],
> > {ok, LSocket} = ssl:listen(Port, Options).
> >
> > Do I need to pass ciphers to the ssl options?
>
>
> I seems that DTLS was never tested without the ciphers.
> option. In my project I use this list:
>
>      {ciphers,[{ecdhe_rsa, aes_128_cbc, sha},
>                {dhe_rsa, aes_128_cbc, sha},
>                {rsa, aes_128_cbc, sha},
>                {ecdhe_rsa, aes_256_cbc, sha},
>                {dhe_rsa, aes_256_cbc, sha},
>                {rsa, aes_256_cbc, sha},
>                {ecdhe_psk, aes_128_cbc, sha},
>                {dhe_psk, aes_128_cbc,sha},
>                {ecdhe_psk, aes_256_cbc, sha},
>                {dhe_psk, aes_256_cbc,sha}]}
>
> > On Wed, Mar 5, 2014 at 12:46 AM, pablo platt < pablo.platt@REDACTED >
> wrote:
> >
> > Hi,
> >
> > I'm trying to use the dtls prototype from:
> > https://github.com/RoadRunnr/otp/tree/new_crypto_dtls
> >
> > I'm getting an exception when trying to use a simple example.
> > What am I doing wrong?
> >
> > Is there an example how to use this modified ssl app with R16 or R17?
> > I see that the branch adds crypto:algorithms/0
> > Is it the only modification needed except for the ssl app?
>
> No, Ingela started refactoring the SSL application and incorporating bits
> of my
> DTLS stuff after R16B01. So, you can not apply my modifications to
> anything after
> R16B01.
>
> Andreas
>
> >
> > Thanks
> >
> > test
> > ---------------
> >
> > init() ->
> > Port = 5070,
> > Cert = filename:join([dtls:priv_dir(webrtc), "cert.pem"]),
> > Key = filename:join([dtls:priv_dir(webrtc), "key.pem"]),
> > Options = [{versions, ['dtlsv1.2', dtlsv1]},
> > {cb_info, ssl_udp},
> > {reuseaddr, true},
> > {active, false},
> > {certfile,Cert},
> > {keyfile, Key}],
> > {ok, LSocket} = ssl:listen(Port,Options),
> > spawn(?MODULE, accept, [LSocket]),
> > {ok, #state{}}.
> >
> > accept(LSocket) ->
> > {ok, Socket} = ssl_udp:accept(LSocket, 5000),
> > Pid = spawn(?MODULE, loop, [Socket]),
> > ssl:controlling_process(Socket, Pid),
> > accept(LSocket).
> >
> > loop(Socket) ->
> > inet:setopts(Socket, [{active, once}]),
> > receive
> > R ->
> > error_logger:info_msg("~p~n", [R]),
> > loop(Socket)
> > end.
> >
> >
> > exception
> > ---------------------------
> > {'EXIT',
> > {function_clause,
> > [{ssl_udp,call,
> > [{sslsocket,nil,
> > {<0.103.0>,
> > {config,
> > {ssl_options,
> > [{254,253},{254,255}],
> > verify_none,
> > {#Fun<ssl.1.555667>,[]},
> > false,false,false,undefined,1,
> > <<"cert.pem">>,
> > undefined,
> > <<"key.pem">>,
> > undefined,[],undefined,<<>>,undefined,undefined,
> > undefined,undefined,undefined,
> > [<<"À$">>,<<"À(">>,<<"À&">>,<<"À*">>,
> > <<0,107>>,
> > <<0,106>>,
> > <<0,61>>,
> > <<"À#">>,<<"À'">>,<<"À%">>,<<"À)">>,
> > <<0,103>>,
> > <<0,64>>,
> > <<0,60>>,
> > <<"À\n">>,
> > <<192,20>>,
> > <<0,57>>,
> > <<0,56>>,
> > <<192,5>>,
> > <<192,15>>,
> > <<0,53>>,
> > <<"À\b">>,
> > <<192,18>>,
> > <<0,22>>,
> > <<0,19>>,
> > <<192,3>>,
> > <<"À\r">>,
> > <<0,10>>,
> > <<"À\t">>,
> > <<192,19>>,
> > <<0,51>>,
> > <<0,50>>,
> > <<192,4>>,
> > <<192,14>>,
> > <<0,47>>,
> > <<192,7>>,
> > <<192,17>>,
> > <<0,5>>,
> > <<0,4>>,
> > <<0,21>>,
> > <<192,2>>,
> > <<"À\f">>,
> > <<0,9>>],
> > #Fun<ssl.0.555667>,true,268435456,false,undefined,
> > undefined,false,undefined,undefined},
> > [{reuseaddr,true},{active,false}],
> > {socket_options,list,0,0,0,false},
> > [{reuseaddr,true},
> > {packet_size,0},
> > {packet,0},
> > {header,0},
> > {active,false},
> > {mode,binary}],
> > {ssl_udp,ssl_udp,udp_closed,udp_error}}}},
> > accept,10000,infinity],
> > [{file,"ssl_udp.erl"},{line,149}]},
> > {dtls_test,accept,1,
> > [{file,"src/dtls_test.erl"},{line,70}]}]}}
> >
> >
> > _______________________________________________
> > erlang-questions mailing list
> > erlang-questions@REDACTED
> > http://erlang.org/mailman/listinfo/erlang-questions
> >
>
> --
> --
> Dipl. Inform.
> Andreas Schultz
>
> email: as@REDACTED
> phone: +49-391-819099-224
> mobil: +49-170-2226073
>
> ------------------- enabling your networks -------------------
>
> Travelping GmbH               phone:         +49-391-819099229
> Roentgenstr. 13               fax:           +49-391-819099299
> D-39108 Magdeburg             email:       info@REDACTED
> GERMANY                       web:   http://www.travelping.com
>
> Company Registration: Amtsgericht Stendal Reg No.:   HRB 10578
> Geschaeftsfuehrer: Holger Winkelmann | VAT ID No.: DE236673780
> --------------------------------------------------------------
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20140305/684f1223/attachment.htm>


More information about the erlang-questions mailing list