30 Jul 11:23
TLS and SCTP
From: Sebastien Decugis <sdecugis <at> nict.go.jp>
Subject: TLS and SCTP
Newsgroups: gmane.network.gnutls.general
Date: 2008-07-30 09:24:19 GMT
Subject: TLS and SCTP
Newsgroups: gmane.network.gnutls.general
Date: 2008-07-30 09:24:19 GMT
Hello, I am trying to implement TLS over a SCTP association with multiple streams (the final goal is to make an open-source implementation of Diameter). From RFC 3436, it is told that each pair of (bi-directional) stream is an independent TLS session (separate handshake, and so on). The remaining streams have no TLS protection, and will therefore not be used in my implementation. I understand how to specify my own transport-layer handlers in GNU TLS with the set_push_function and set_pull_function, but I think it is not sufficient support to handle the TLS over the multiple streams as expected. We can create a wrapper function to send data on a specific stream, but not to receive only from a given stream. The logic must be: we receive a message, we can retrieve its stream number, and then we know the TLS context (session) this message belongs to. I cannot see a way to achieve this with the API of gnutls. Has someone ran into this issue already and could give me some hints / pointers? The only workaround I can see yet is to use only 1 stream in my SCTP association, but this is not very satisfactory... Thank you in advance! Best regards, Sebastien. <http://www.gnu.org/software/gnutls/manual/html_node/gnutls_005ftransport_005fset_005fpush_005ffunction.html#gnutls_005ftransport_005fset_005fpush_005ffunction> -- -- Sebastien Decugis Research fellow Network Architecture Group NICT (nict.go.jp)
RSS Feed