On 2014-05-24 03:40, Nikos Mavrogiannopoulos wrote:
On Fri, 2014-05-23 at 19:20 -0400, Vittorio Giovara wrote:
Hello everyone,
I am in the process of implementing a GnuTLS backend to PJSIP, a popular
voip/sip library, and I started off by editing the OpenSSL backend.
Normally the library uses a complex callback mechanism that informs the
underlying secure socket layer that data has been read from the (normal)
socket and then it waits for the callback return value containing the
decrypted data. With openssl this is implemented by heavy use of
BIO_read/BIO_write functions, however it is where I am stuck during my
porting.
As far as I understand the gnutls logic, everything must go through
gnutls_record_send and gnutls_record_recv, but there is no way to use
the session information to decrypt a raw memory buffer isn't there?
Hello,
You could replace the pull function to read from memory, and then
gnutls_record_recv() would decrypt from memory (and I see that's what
you actually do).
Hello again,
This method works fine for normal data transmission, but since I've
tried to remove the do {} while loop when doing handshake (and rely on
the application loop to retry the connection) I can't seem to find a way
to complete the handshake.
In fact when data from the callback is available and I hook it up the my
record_recv callbacks they will fail instead of asking for more data
(invalidating the session in the meantime).
Is it possible to do a partial handshake, wait for some more data and
then resume it again?
Thanks,
Vittorio
_______________________________________________
Gnutls-help mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnutls-help
