(no subject)

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

(no subject)

Naveen Shivanna
Hi, 

After adding 'enable-sctp' compile option, OpenSSL (DTLS) can work with SCTP as transport.

OpenSSL bss_dgram.c file includes the kernel /netinet/sctp.h.

We have our own custom SCTP implementation (also implements  custom BIO METHODS, do not use the default methods), so we need to remove the dependency of kernel sctp.h from bss_gram.c file. Our build environment do not have the sctp.h and we are not supposed to install lksctp-tools.

Can we tailor the bss_gram.c with new compile macro or is there any other better solution ?

Rgds,
Navi



Reply | Threaded
Open this post in threaded view
|

Re:

Matt Caswell-2


On 15/10/2019 07:51, Naveen Shivanna wrote:

> Hi, 
>
> After adding 'enable-sctp' compile option, OpenSSL (DTLS) can work with
> SCTP as transport.
>
> OpenSSL bss_dgram.c file includes the kernel /netinet/sctp.h.
>
> We have our own custom SCTP implementation (also implements  custom BIO
> METHODS, do not use the default methods), so we need to remove the
> dependency of kernel sctp.h from bss_gram.c file. Our build environment
> do not have the sctp.h and we are not supposed to install lksctp-tools.
>
> Can we tailor the bss_gram.c with new compile macro or is there any
> other better solution ?

Hmm. There isn't really a "good" way to do this. I can think of two options:

1) Modify the OpenSSL source (perhaps in the way that you suggest with a
compile time macro)

or

2) Provide a "dummy" implementation of netinet/sctp.h. This would have
to provide "stub" implementations of any SCTP related functions/macros
used by bss_dgram.c. That would enable you to build unmodified OpenSSL
source.


Matt
Reply | Threaded
Open this post in threaded view
|

Re: Regarding netinet/sctp.h inclusion in bss_dgram.c

Matt Caswell-2


On 15/10/2019 10:32, Matt Caswell wrote:

>
>
> On 15/10/2019 07:51, Naveen Shivanna wrote:
>> Hi, 
>>
>> After adding 'enable-sctp' compile option, OpenSSL (DTLS) can work with
>> SCTP as transport.
>>
>> OpenSSL bss_dgram.c file includes the kernel /netinet/sctp.h.
>>
>> We have our own custom SCTP implementation (also implements  custom BIO
>> METHODS, do not use the default methods), so we need to remove the
>> dependency of kernel sctp.h from bss_gram.c file. Our build environment
>> do not have the sctp.h and we are not supposed to install lksctp-tools.
>>
>> Can we tailor the bss_gram.c with new compile macro or is there any
>> other better solution ?
>
> Hmm. There isn't really a "good" way to do this. I can think of two options:
>
> 1) Modify the OpenSSL source (perhaps in the way that you suggest with a
> compile time macro)
>
> or
>
> 2) Provide a "dummy" implementation of netinet/sctp.h. This would have
> to provide "stub" implementations of any SCTP related functions/macros
> used by bss_dgram.c. That would enable you to build unmodified OpenSSL
> source.

Thinking about this a little more, I think you may encounter other
problems with replacing the standard SCTP BIO with your own one. The
functions BIO_dgram_sctp_wait_for_dry() and BIO_dgram_sctp_msg_waiting()
spring to mind. They get called by libssl in certain scenarios, are
specific to the standard SCTP BIO, and are not replaceable via BIO_METHOD.

I think you would have to implement your own versions of those
functions, which implies that modifying the OpenSSL source is the only
possibility.

Matt
Reply | Threaded
Open this post in threaded view
|

Re: Regarding netinet/sctp.h inclusion in bss_dgram.c

Naveen Shivanna
Thanks.
Regarding BIO_dgram_sctp_wait_for_dry() and BIO_dgram_sctp_msg_waiting(), we can use the new control options which are already merged in master :
BIO_CTRL_DGRAM_SCTP_WAIT_FOR_DRY
BIO_CTRL_DGRAM_SCTP_MSG_WAITING.



On Tue, 15 Oct, 2019, 3:19 PM Matt Caswell, <[hidden email]> wrote:


On 15/10/2019 10:32, Matt Caswell wrote:
>
>
> On 15/10/2019 07:51, Naveen Shivanna wrote:
>> Hi, 
>>
>> After adding 'enable-sctp' compile option, OpenSSL (DTLS) can work with
>> SCTP as transport.
>>
>> OpenSSL bss_dgram.c file includes the kernel /netinet/sctp.h.
>>
>> We have our own custom SCTP implementation (also implements  custom BIO
>> METHODS, do not use the default methods), so we need to remove the
>> dependency of kernel sctp.h from bss_gram.c file. Our build environment
>> do not have the sctp.h and we are not supposed to install lksctp-tools.
>>
>> Can we tailor the bss_gram.c with new compile macro or is there any
>> other better solution ?
>
> Hmm. There isn't really a "good" way to do this. I can think of two options:
>
> 1) Modify the OpenSSL source (perhaps in the way that you suggest with a
> compile time macro)
>
> or
>
> 2) Provide a "dummy" implementation of netinet/sctp.h. This would have
> to provide "stub" implementations of any SCTP related functions/macros
> used by bss_dgram.c. That would enable you to build unmodified OpenSSL
> source.

Thinking about this a little more, I think you may encounter other
problems with replacing the standard SCTP BIO with your own one. The
functions BIO_dgram_sctp_wait_for_dry() and BIO_dgram_sctp_msg_waiting()
spring to mind. They get called by libssl in certain scenarios, are
specific to the standard SCTP BIO, and are not replaceable via BIO_METHOD.

I think you would have to implement your own versions of those
functions, which implies that modifying the OpenSSL source is the only
possibility.

Matt