DTLS server example?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

DTLS server example?

Vans S
I am trying to implement a DTLS server but having trouble.

The DTLS client works great, used RoadRunners patches and example.

For the server side I had success to what I think was accepting a peer using the undocumented 'dtls' module directly, but I cannot send to the socket.

Does anyone have a clue how to create a DTLS server in erlang?

_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: DTLS server example?

Andreas Schultz
Hi Vans,

I haven't played with it yet, but with the DTLS stack in R20 creating a DTLS server should be mostly identical to a TLS server.

For an example on how this works with my old, patched version, you could check out the CAPWAP [1] project.

Regards
Andreas

[1]: https://github.com/travelping/capwap

----- On Jun 12, 2017, at 9:34 AM, Vans S <[hidden email]> wrote:
I am trying to implement a DTLS server but having trouble.

The DTLS client works great, used RoadRunners patches and example.

For the server side I had success to what I think was accepting a peer using the undocumented 'dtls' module directly, but I cannot send to the socket.

Does anyone have a clue how to create a DTLS server in erlang?

_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions

_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: DTLS server example?

Vans S
Thank you for the encouragement, I got it working, the key was to call transport_accept then ssl_accept, I was calling one or the other.


On Monday, June 12, 2017 8:34 AM, Ingela Andin <[hidden email]> wrote:


Hi!

Only difference to TLS is that you need to provide the option {protocol, dtls}.

Regards Ingela 

On Mon, Jun 12, 2017 at 9:45 AM, Andreas Schultz <[hidden email]> wrote:
Hi Vans,

I haven't played with it yet, but with the DTLS stack in R20 creating a DTLS server should be mostly identical to a TLS server.

For an example on how this works with my old, patched version, you could check out the CAPWAP [1] project.

Regards
Andreas


----- On Jun 12, 2017, at 9:34 AM, Vans S <[hidden email]> wrote:
I am trying to implement a DTLS server but having trouble.

The DTLS client works great, used RoadRunners patches and example.

For the server side I had success to what I think was accepting a peer using the undocumented 'dtls' module directly, but I cannot send to the socket.

Does anyone have a clue how to create a DTLS server in erlang?

______________________________ _________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/ listinfo/erlang-questions

______________________________ _________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/ listinfo/erlang-questions





_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: DTLS server example?

Vans S
Slight problem now.

Testing on localhost everything works fine.  Now I am testing on a remote server with large latency and I keep getting this error on the client,
SSL: {connection, flight_retransmission_timeout} Fatal error: unexpected message.

I tested using pydtls as the client and this error does not happen. 

Also the server shows a "unexpected message" tls_alert. Does not happen with pydtls as the client.


On Tuesday, June 13, 2017 3:51 AM, Vans S <[hidden email]> wrote:


Thank you for the encouragement, I got it working, the key was to call transport_accept then ssl_accept, I was calling one or the other.


On Monday, June 12, 2017 8:34 AM, Ingela Andin <[hidden email]> wrote:


Hi!

Only difference to TLS is that you need to provide the option {protocol, dtls}.

Regards Ingela 

On Mon, Jun 12, 2017 at 9:45 AM, Andreas Schultz <[hidden email]> wrote:
Hi Vans,

I haven't played with it yet, but with the DTLS stack in R20 creating a DTLS server should be mostly identical to a TLS server.

For an example on how this works with my old, patched version, you could check out the CAPWAP [1] project.

Regards
Andreas


----- On Jun 12, 2017, at 9:34 AM, Vans S <[hidden email]> wrote:
I am trying to implement a DTLS server but having trouble.

The DTLS client works great, used RoadRunners patches and example.

For the server side I had success to what I think was accepting a peer using the undocumented 'dtls' module directly, but I cannot send to the socket.

Does anyone have a clue how to create a DTLS server in erlang?

______________________________ _________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/ listinfo/erlang-questions

______________________________ _________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/ listinfo/erlang-questions







_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: DTLS server example?

Ingela Andin
In reply to this post by Andreas Schultz
Hi!

This particular problem described below is fixed on latest master.  And there are some mor fixes in testing that probably will make OTP 20.
 DTLS support will however be experimental in 20 as we have not had time to battle tested it as much as we want to to be able to ensure the same quality as for TLS.

Regards Ingela Erlang/OTP team - Ericsson AB


Slight problem now.

Testing on localhost everything works fine.  Now I am testing on a remote server with large latency and I keep getting this error on the client,
SSL: {connection, flight_retransmission_timeout} Fatal error: unexpected message.

I tested using pydtls as the client and this error does not happen. 

Also the server shows a "unexpected message" tls_alert. Does not happen with pydtls as the client.


On Tuesday, June 13, 2017 3:51 AM, Vans S <[hidden email]> wrote:


Thank you for the encouragement, I got it working, the key was to call transport_accept then ssl_accept, I was calling one or the other.


On Monday, June 12, 2017 8:34 AM, Ingela Andin <[hidden email]> wrote:


Hi!

Only difference to TLS is that you need to provide the option {protocol, dtls}. 

Regards Ingela  
2017-06-12 9:45 GMT+02:00 Andreas Schultz <[hidden email]>:
Hi Vans,

I haven't played with it yet, but with the DTLS stack in R20 creating a DTLS server should be mostly identical to a TLS server.

For an example on how this works with my old, patched version, you could check out the CAPWAP [1] project.

Regards
Andreas


----- On Jun 12, 2017, at 9:34 AM, Vans S <[hidden email]> wrote:
I am trying to implement a DTLS server but having trouble.

The DTLS client works great, used RoadRunners patches and example.

For the server side I had success to what I think was accepting a peer using the undocumented 'dtls' module directly, but I cannot send to the socket.

Does anyone have a clue how to create a DTLS server in erlang?

_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions

_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions



_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: DTLS server example?

Vans S
I was on OTP 20 rc2, master fixes that issue.  Another issue I found is this.

I have a send_after procing every 100 ms sending binary:copy(<<"a">>, N*1024) bytes. Client to server.

If N is 1-7 the server receives the bytes, as soon as N becomes 8 or higher, even N=8*1024-32, the server gets an error:

SSL: {connection, {alert,2,20,{"dtls_record.erl,538},undefined}: ssl_connection.erl:845: Fatal error: unexpected message

** Reason for termination ==
** {{key_exists,{{10,66,50,37},58874}},
    [{gb_trees,insert_1,4,[{file,"gb_trees.erl"},{line,319}]},
     {gb_trees,insert,3,[{file,"gb_trees.erl"},{line,278}]},
     {dtls_udp_listener,setup_new_connection,5,
                        [{file,"dtls_udp_listener.erl"},{line,238}]},
     {dtls_udp_listener,handle_info,2,
                        [{file,"dtls_udp_listener.erl"},{line,138}]},
     {gen_server,try_dispatch,4,[{file,"gen_server.erl"},{line,616}]},
     {gen_server,handle_msg,6,[{file,"gen_server.erl"},{line,686}]},
     {proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,247}]}]}


On Tuesday, June 13, 2017 4:22 PM, Ingela Andin <[hidden email]> wrote:


Hi!

This particular problem described below is fixed on latest master.  And there are some mor fixes in testing that probably will make OTP 20.
 DTLS support will however be experimental in 20 as we have not had time to battle tested it as much as we want to to be able to ensure the same quality as for TLS.

Regards Ingela Erlang/OTP team - Ericsson AB


Slight problem now.

Testing on localhost everything works fine.  Now I am testing on a remote server with large latency and I keep getting this error on the client,
SSL: {connection, flight_retransmission_timeout} Fatal error: unexpected message.

I tested using pydtls as the client and this error does not happen. 

Also the server shows a "unexpected message" tls_alert. Does not happen with pydtls as the client.


On Tuesday, June 13, 2017 3:51 AM, Vans S <[hidden email]> wrote:


Thank you for the encouragement, I got it working, the key was to call transport_accept then ssl_accept, I was calling one or the other.


On Monday, June 12, 2017 8:34 AM, Ingela Andin <[hidden email]> wrote:


Hi!

Only difference to TLS is that you need to provide the option {protocol, dtls}. 

Regards Ingela  
2017-06-12 9:45 GMT+02:00 Andreas Schultz <[hidden email]>:
Hi Vans,

I haven't played with it yet, but with the DTLS stack in R20 creating a DTLS server should be mostly identical to a TLS server.

For an example on how this works with my old, patched version, you could check out the CAPWAP [1] project.

Regards
Andreas


----- On Jun 12, 2017, at 9:34 AM, Vans S <[hidden email]> wrote:
I am trying to implement a DTLS server but having trouble.

The DTLS client works great, used RoadRunners patches and example.

For the server side I had success to what I think was accepting a peer using the undocumented 'dtls' module directly, but I cannot send to the socket.

Does anyone have a clue how to create a DTLS server in erlang?

______________________________ _________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/ listinfo/erlang-questions

______________________________ _________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/ listinfo/erlang-questions





_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: DTLS server example?

Vans S
Increasing buffer sizes rec|snd|buffer on both client and serer to 1024*1024 seems to solve this BUT sending large binaries like 75*1024 makes the other party not receive the send with no erors.


On Tuesday, June 13, 2017 11:36 PM, Vans S <[hidden email]> wrote:


I was on OTP 20 rc2, master fixes that issue.  Another issue I found is this.

I have a send_after procing every 100 ms sending binary:copy(<<"a">>, N*1024) bytes. Client to server.

If N is 1-7 the server receives the bytes, as soon as N becomes 8 or higher, even N=8*1024-32, the server gets an error:

SSL: {connection, {alert,2,20,{"dtls_record.erl,538},undefined}: ssl_connection.erl:845: Fatal error: unexpected message

** Reason for termination ==
** {{key_exists,{{10,66,50,37},58874}},
    [{gb_trees,insert_1,4,[{file,"gb_trees.erl"},{line,319}]},
     {gb_trees,insert,3,[{file,"gb_trees.erl"},{line,278}]},
     {dtls_udp_listener,setup_new_connection,5,
                        [{file,"dtls_udp_listener.erl"},{line,238}]},
     {dtls_udp_listener,handle_info,2,
                        [{file,"dtls_udp_listener.erl"},{line,138}]},
     {gen_server,try_dispatch,4,[{file,"gen_server.erl"},{line,616}]},
     {gen_server,handle_msg,6,[{file,"gen_server.erl"},{line,686}]},
     {proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,247}]}]}


On Tuesday, June 13, 2017 4:22 PM, Ingela Andin <[hidden email]> wrote:


Hi!

This particular problem described below is fixed on latest master.  And there are some mor fixes in testing that probably will make OTP 20.
 DTLS support will however be experimental in 20 as we have not had time to battle tested it as much as we want to to be able to ensure the same quality as for TLS.

Regards Ingela Erlang/OTP team - Ericsson AB


Slight problem now.

Testing on localhost everything works fine.  Now I am testing on a remote server with large latency and I keep getting this error on the client,
SSL: {connection, flight_retransmission_timeout} Fatal error: unexpected message.

I tested using pydtls as the client and this error does not happen. 

Also the server shows a "unexpected message" tls_alert. Does not happen with pydtls as the client.


On Tuesday, June 13, 2017 3:51 AM, Vans S <[hidden email]> wrote:


Thank you for the encouragement, I got it working, the key was to call transport_accept then ssl_accept, I was calling one or the other.


On Monday, June 12, 2017 8:34 AM, Ingela Andin <[hidden email]> wrote:


Hi!

Only difference to TLS is that you need to provide the option {protocol, dtls}. 

Regards Ingela  
2017-06-12 9:45 GMT+02:00 Andreas Schultz <[hidden email]>:
Hi Vans,

I haven't played with it yet, but with the DTLS stack in R20 creating a DTLS server should be mostly identical to a TLS server.

For an example on how this works with my old, patched version, you could check out the CAPWAP [1] project.

Regards
Andreas


----- On Jun 12, 2017, at 9:34 AM, Vans S <[hidden email]> wrote:
I am trying to implement a DTLS server but having trouble.

The DTLS client works great, used RoadRunners patches and example.

For the server side I had success to what I think was accepting a peer using the undocumented 'dtls' module directly, but I cannot send to the socket.

Does anyone have a clue how to create a DTLS server in erlang?

______________________________ _________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/ listinfo/erlang-questions

______________________________ _________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/ listinfo/erlang-questions




_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions



_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: DTLS server example?

Ingela Andin
Hi thank you for testing,  we will look into this problem. I am afraid that the solution will not be able to make it for 20.0 as last bugfix merges  will be today. But as soon as we have a tested solution it will be merged to the new maint and part of there after upcoming release.


Regards Ingela  Erlang/OTP team - Ericsson AB

2017-06-14 6:24 GMT+02:00 Vans S <[hidden email]>:
Increasing buffer sizes rec|snd|buffer on both client and serer to 1024*1024 seems to solve this BUT sending large binaries like 75*1024 makes the other party not receive the send with no erors.


On Tuesday, June 13, 2017 11:36 PM, Vans S <[hidden email]> wrote:


I was on OTP 20 rc2, master fixes that issue.  Another issue I found is this.

I have a send_after procing every 100 ms sending binary:copy(<<"a">>, N*1024) bytes. Client to server.

If N is 1-7 the server receives the bytes, as soon as N becomes 8 or higher, even N=8*1024-32, the server gets an error:

SSL: {connection, {alert,2,20,{"dtls_record.erl,538},undefined}: ssl_connection.erl:845: Fatal error: unexpected message

** Reason for termination ==
** {{key_exists,{{10,66,50,37},58874}},
    [{gb_trees,insert_1,4,[{file,"gb_trees.erl"},{line,319}]},
     {gb_trees,insert,3,[{file,"gb_trees.erl"},{line,278}]},
     {dtls_udp_listener,setup_new_connection,5,
                        [{file,"dtls_udp_listener.erl"},{line,238}]},
     {dtls_udp_listener,handle_info,2,
                        [{file,"dtls_udp_listener.erl"},{line,138}]},
     {gen_server,try_dispatch,4,[{file,"gen_server.erl"},{line,616}]},
     {gen_server,handle_msg,6,[{file,"gen_server.erl"},{line,686}]},
     {proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,247}]}]}


On Tuesday, June 13, 2017 4:22 PM, Ingela Andin <[hidden email]> wrote:


Hi!

This particular problem described below is fixed on latest master.  And there are some mor fixes in testing that probably will make OTP 20.
 DTLS support will however be experimental in 20 as we have not had time to battle tested it as much as we want to to be able to ensure the same quality as for TLS.

Regards Ingela Erlang/OTP team - Ericsson AB


Slight problem now.

Testing on localhost everything works fine.  Now I am testing on a remote server with large latency and I keep getting this error on the client,
SSL: {connection, flight_retransmission_timeout} Fatal error: unexpected message.

I tested using pydtls as the client and this error does not happen. 

Also the server shows a "unexpected message" tls_alert. Does not happen with pydtls as the client.


On Tuesday, June 13, 2017 3:51 AM, Vans S <[hidden email]> wrote:


Thank you for the encouragement, I got it working, the key was to call transport_accept then ssl_accept, I was calling one or the other.


On Monday, June 12, 2017 8:34 AM, Ingela Andin <[hidden email]> wrote:


Hi!

Only difference to TLS is that you need to provide the option {protocol, dtls}. 

Regards Ingela  
2017-06-12 9:45 GMT+02:00 Andreas Schultz <[hidden email]>:
Hi Vans,

I haven't played with it yet, but with the DTLS stack in R20 creating a DTLS server should be mostly identical to a TLS server.

For an example on how this works with my old, patched version, you could check out the CAPWAP [1] project.

Regards
Andreas


----- On Jun 12, 2017, at 9:34 AM, Vans S <[hidden email]> wrote:
I am trying to implement a DTLS server but having trouble.

The DTLS client works great, used RoadRunners patches and example.

For the server side I had success to what I think was accepting a peer using the undocumented 'dtls' module directly, but I cannot send to the socket.

Does anyone have a clue how to create a DTLS server in erlang?

______________________________ _________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/ listinfo/erlang-questions

______________________________ _________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/ listinfo/erlang-questions




_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions




_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Loading...