From vladdu55@REDACTED Tue May 12 08:30:19 2015 From: vladdu55@REDACTED (Vlad Dumitrescu) Date: Tue, 12 May 2015 08:30:19 +0200 Subject: [erlang-patches] Extra @param in javadoc gives error Message-ID: The javadoc compiler chokes on @param tags that don't correspond to real arguments. > git fetch git://github.com/vladdu/otp.git jinterface_javadoc_fix > > https://github.com/vladdu/otp/compare/erlang > :master...jinterface_javadoc_fix > https://github.com/vladdu/otp/compare/erlang > :master...jinterface_javadoc_fix.patch regards, Vlad -------------- next part -------------- An HTML attachment was scrubbed... URL: From haiyang.yin@REDACTED Sat May 30 19:19:53 2015 From: haiyang.yin@REDACTED (Haiyang Yin) Date: Sat, 30 May 2015 13:19:53 -0400 Subject: [erlang-patches] DTLS patch Message-ID: Hello, We have a server application needs DTLS protocol support. But the current OTP release still has an incomplete DTLS implementation. So we create this patch to include DTLS implementation based on current well-designed ssl architecture (which we don't consider this as a new feature, just a patch). What we have added are: 1. DTLS transport layer on top of gen_udp 2. DTLS flight retransmission and timeout mechanism 3. DTLS record fragmentation/defragmentation handling It looks good that the patch can work with OpenSSL 1.0.2a release. If no one is working on dtls now, we would like to have this patch to be reviewed. Following is the repository contains the patch: https://github.com/haiyang-yin/otp To fetch the patch, refer to following git commands: git clone https://github.com/haiyang-yin/otp.git git checkout dtls_patch Here is code review location: https://github.com/haiyang-yin/otp/compare/maint...haiyang-yin:dtls_patch There are two demo programs to show how dtls client/server works in the attachments. Feel free to let me know if further information is needed. Thank you, /Haiyang -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: dumpd_dtls_c.erl Type: application/octet-stream Size: 3327 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: dumpd_dtls.erl Type: application/octet-stream Size: 3292 bytes Desc: not available URL: From aschultz@REDACTED Sun May 31 17:22:48 2015 From: aschultz@REDACTED (Andreas Schultz) Date: Sun, 31 May 2015 15:22:48 +0000 (UTC) Subject: [erlang-patches] DTLS patch In-Reply-To: References: Message-ID: <1093525126.101068.1433085768186.JavaMail.zimbra@tpip.net> Hi Haiyang, I'm sure Ingela will have plenty to say, starting with "Unit Tests". A few comments from me: 1.) Have you tested your changes with packet loss and reordering, especially reordering around the the Change Cipher Spec message? Keeping the correct cipher context for re-sending old flights and decoding incoming re-sends across CCS messages is not trivial and from reading the code I can't convince myself that it would work. 2.) I'm not happy with the way new clients are handled. You seem to insert them into an ETS tables without waiting for the answer to an HelloVerifyRequest. This opens a way for resource exhaustion and denial of service attacks. The DTLS RFC is quite explicit that the verify cookie should be generated stateless and that the server should expend any memory resource until the Hello was verified successfully. 3.) TLS is almost exclusively used in a pure form over TCP, the situation is different with DTLS where some interesting deviations exist. The TCP like socket handling is not help full with those. For example CAPWAP (RFC 5415) multiplexes DTLS and non DTLS data over the same UDP socket. Some mechanism to hook between the raw socket and the DTLS logic is required for that. 4.) You have certainly added lots of code, but you have still reused some ideas and code from my earlier versions. A small attribution wouldn't hurt. Andreas ----- On 30 May, 2015, at 19:19, Haiyang Yin haiyang.yin@REDACTED wrote: > Hello, > > We have a server application needs DTLS protocol support. But the current OTP > release still has an incomplete DTLS implementation. So we create this patch to > include DTLS implementation based on current well-designed ssl architecture > (which we don't consider this as a new feature, just a patch). What we have > added are: > > 1. DTLS transport layer on top of gen_udp > 2. DTLS flight retransmission and timeout mechanism > 3. DTLS record fragmentation/defragmentation handling > > It looks good that the patch can work with OpenSSL 1.0.2a release. If no one is > working on dtls now, we would like to have this patch to be reviewed. > > Following is the repository contains the patch: > > https://github.com/haiyang-yin/otp > > To fetch the patch, refer to following git commands: > > git clone https://github.com/haiyang-yin/otp.git > git checkout dtls_patch > > Here is code review location: > > https://github.com/haiyang-yin/otp/compare/maint...haiyang-yin:dtls_patch > > There are two demo programs to show how dtls client/server works in the > attachments. > > Feel free to let me know if further information is needed. > > Thank you, > > /Haiyang > > > _______________________________________________ > erlang-patches mailing list > erlang-patches@REDACTED > http://erlang.org/mailman/listinfo/erlang-patches -- -- Dipl. Inform. Andreas Schultz