<div dir="ltr"><div>I'm trying to do something similar to what suggested in this thread [1].</div><div>The suggested API from Andreas was:</div><div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div>%% Create a new passive SSL connection of given type, return a opaque identifier.<br></div><div>ssl:create_connection(Protocol :: 'stream' | 'datagram', Opts) -> ssl_connection_id().</div><div><br></div><div>%% Pass received SSL traffic into the connection,</div><div>%% Return error, ok or Data to return on the connection.<br></div><div>ssl:recv(Connection :: ssl_connection_id(), EncData :: binary()) -></div><div> {error, Error} | ok | {ok, {send, Data :: binary()}}.<br></div><div><br></div><div>%% Pass unencrypted traffic into the SSL app<br></div><div>ssl: send(Connection :: ssl_connection_id(), PlainText :: binary()) -></div><div> {error, Error} | ok | {ok, {send, EncData :: binary()}}.</div><div><br></div><div>%% The owner of the connection is then getting messages like:</div><div>%% - send encrypted data:<br></div><div>%% {ssl, Connection :: connection_id(), {send, EncData :: binary()}}</div><div>%% - got plaintext data:<br></div></blockquote><div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div><div>%% {ssl, Connection :: connection_id(), {recv, PlainText :: binary()}}</div>%% - connection event:</div><div>%% {ssl, Connection :: connection_id(), Event :: ssl_connection_event()}</div></blockquote><div><br></div><div>Is there a plan to support a this API?</div><div>If not, how can I use
cb_info option with a custom transport module to be able to handle DTLS with other protocols on the same socket?<br></div></div>
</div><div><br></div><div dir="ltr">[1] <a href="https://groups.google.com/d/msg/erlang-programming/AQk5qGHahyw/toK8UD9PAgAJ">https://groups.google.com/d/msg/erlang-programming/AQk5qGHahyw/toK8UD9PAgAJ</a><br></div></div><br><div class="gmail_quote"><div dir="ltr">On Mon, Oct 8, 2018 at 7:04 PM Ingela Andin <<a href="mailto:ingela.andin@gmail.com">ingela.andin@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi!<br><div><br><div class="gmail_quote"><div dir="ltr">Den mån 8 okt. 2018 kl 12:48 skrev Andreas Schultz <<a href="mailto:andreas.schultz@travelping.com" target="_blank">andreas.schultz@travelping.com</a>>:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi Ingela,<br><br><div class="gmail_quote"><div dir="ltr">Ingela Andin <<a href="mailto:ingela.andin@gmail.com" target="_blank">ingela.andin@gmail.com</a>> schrieb am Mo., 8. Okt. 2018 um 12:27 Uhr:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi!<div><br></div><div>Sorry for late answer. Yes there are plans to include it. It extension is also part of TLS-1.3 that has priority over DTLS at the moment. We have already done</div></div></blockquote><div><br></div><div>Can't speak for others, but I would prefer if DTLS-1.3 where give the same priority as TLS-1.3.</div><div><br></div></div></div></blockquote><div><br></div><div>Well as DTLS is described as a diff against TLS we kind of need the original first. <br></div><div><br></div><div>Regards Ingela Erlang/OTP team - Ericsson AB<br></div><div><br></div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_quote"><div></div><div>Regards</div><div>Andreas</div><div><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>some internal changes to extension handling to facilitate the implementation of TLS-1.3 and its co-existing with previous versions. This is in first hand planned for OTP-22. </div><div><br></div><div>Regards Ingela Erlang/OTP Team - Ericsson AB</div></div><div dir="ltr"><div><br><br><div class="gmail_quote"><div dir="ltr">Den mån 8 okt. 2018 kl 06:58 skrev Ben Browitt <<a href="mailto:ben.browitt@gmail.com" target="_blank">ben.browitt@gmail.com</a>>:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div dir="ltr">
<span class="m_6085877347886110122m_889852023045018884m_-5768191212249471370m_-7182235573655204351gmail-pl-en">USE_SRTP</span> is defined in dtls_handshake.hrl [1] but it says it's not supported.<br></div><div>Are there plans to support it?<br></div><div dir="ltr"><br></div><div dir="ltr">[1] <a href="https://github.com/erlang/otp/blob/master/lib/ssl/src/dtls_handshake.hrl#L64" target="_blank">https://github.com/erlang/otp/blob/master/lib/ssl/src/dtls_handshake.hrl#L64</a><br></div></div><br><div class="gmail_quote"><div dir="ltr">On Mon, Oct 1, 2018 at 11:27 AM Ben Browitt <<a href="mailto:ben.browitt@gmail.com" target="_blank">ben.browitt@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div>DTLS is missing the use_srtp extension required for DTLS-SRTP [1].</div>What's the best way to add it?<br><div dir="ltr"><br></div><div>We need to encode the extension in ssl_handshake.erl<br></div><div dir="ltr">encode_hello_extensions([use_srtp | Rest], Acc) -><br> ExtData = <<0,2,0,1,0>>,<br> Len = byte_size(ExtData),<br> encode_hello_extensions(Rest, <<?UINT16(?USE_SRTP_EXT), ?UINT16(Len), ExtData/binary, Acc/binary>>).</div><div dir="ltr"><a href="https://github.com/erlang/otp/blob/master/lib/ssl/src/ssl_handshake.erl#L657" target="_blank">https://github.com/erlang/otp/blob/master/lib/ssl/src/ssl_handshake.erl#L657</a><br></div><div dir="ltr"><br></div><div dir="ltr">
<div dir="ltr">Define
USE_SRTP_EXT
in ssl_handshake.hrl<br></div><div dir="ltr">-define(USE_SRTP_EXT, 14).</div>
</div><div dir="ltr"><br></div><div dir="ltr">Add use_srtp to the hello_extensions record:<br></div><div dir="ltr"><a href="https://github.com/erlang/otp/blob/master/lib/ssl/src/ssl_handshake.hrl#L100" target="_blank">https://github.com/erlang/otp/blob/master/lib/ssl/src/ssl_handshake.hrl#L100</a></div><div dir="ltr"><br></div><div dir="ltr">Add <span class="m_6085877347886110122m_889852023045018884m_-5768191212249471370m_-7182235573655204351m_859870691748305197gmail-pl-en">use_srtp to hello_extensions_list</span> <br></div><div dir="ltr"><a href="https://github.com/erlang/otp/blob/master/lib/ssl/src/ssl_handshake.erl#L1826" target="_blank">https://github.com/erlang/otp/blob/master/lib/ssl/src/ssl_handshake.erl#L1826</a></div><div dir="ltr"><br></div><div>Add use_srtp to
<span class="m_6085877347886110122m_889852023045018884m_-5768191212249471370m_-7182235573655204351m_859870691748305197gmail-pl-en">client_hello_extensions</span></div><div dir="ltr"><a href="https://github.com/erlang/otp/blob/master/lib/ssl/src/ssl_handshake.erl#L968" target="_blank">https://github.com/erlang/otp/blob/master/lib/ssl/src/ssl_handshake.erl#L968</a></div><div dir="ltr"><br></div><div dir="ltr">Add use_srtp to the <span class="m_6085877347886110122m_889852023045018884m_-5768191212249471370m_-7182235573655204351m_859870691748305197gmail-pl-k">#</span><span class="m_6085877347886110122m_889852023045018884m_-5768191212249471370m_-7182235573655204351m_859870691748305197gmail-pl-en">ssl_options</span> record</div><div dir="ltr"><a href="https://github.com/erlang/otp/blob/master/lib/ssl/src/ssl_internal.hrl#L111" target="_blank">https://github.com/erlang/otp/blob/master/lib/ssl/src/ssl_internal.hrl#L111</a><br></div><div dir="ltr"><br></div><div dir="ltr">[1] <a href="https://tools.ietf.org/html/rfc5764#section-4.1" target="_blank">https://tools.ietf.org/html/rfc5764#section-4.1</a></div><div dir="ltr"><br></div><div>Thanks<br></div></div></div></div></div></div></div></div></div></div></div></div>
</blockquote></div>
_______________________________________________<br>
erlang-questions mailing list<br>
<a href="mailto:erlang-questions@erlang.org" target="_blank">erlang-questions@erlang.org</a><br>
<a href="http://erlang.org/mailman/listinfo/erlang-questions" rel="noreferrer" target="_blank">http://erlang.org/mailman/listinfo/erlang-questions</a><br>
</blockquote></div></div></div>
_______________________________________________<br>
erlang-questions mailing list<br>
<a href="mailto:erlang-questions@erlang.org" target="_blank">erlang-questions@erlang.org</a><br>
<a href="http://erlang.org/mailman/listinfo/erlang-questions" rel="noreferrer" target="_blank">http://erlang.org/mailman/listinfo/erlang-questions</a><br>
</blockquote></div></div>-- <br><div dir="ltr" class="m_6085877347886110122m_889852023045018884gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><span style="font-family:monospace,monospace">-- <br>Dipl.-Inform. Andreas Schultz<br><br>----------------------- enabling your networks ----------------------<br>Travelping GmbH Phone: +49-391-81 90 99 0<br>Roentgenstr. 13 Fax: +49-391-81 90 99 299<br>39108 Magdeburg Email: <a href="mailto:info@travelping.com" target="_blank">info@travelping.com</a><br>GERMANY Web: <a href="http://www.travelping.com" target="_blank">http://www.travelping.com</a><br><br></span><div><span style="font-family:monospace,monospace">Company Registration: Amtsgericht Stendal Reg No.: HRB 10578</span></div><span style="font-family:monospace,monospace">Geschaeftsfuehrer: Holger Winkelmann VAT ID No.: DE236673780<br>---------------------------------------------------------------------</span></div></div>
</blockquote></div></div></div>
</blockquote></div>