From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00
	autolearn=unavailable autolearn_force=no version=3.4.4
Path: 
 eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!mx02.eternal-september.org!feeder.eternal-september.org!news.albasani.net!news.gnuher.de!news.enyo.de!.POSTED!not-for-mail
From: Florian Weimer <fw@deneb.enyo.de>
Newsgroups: comp.lang.ada
Subject: Re: Ada for the TLS/SSL problem?
Date: Wed, 16 Mar 2016 23:18:15 +0100
Message-ID: <87pouunk2g.fsf@mid.deneb.enyo.de>
References: <5011d79c-aaad-464e-a68e-c31a2738a820@googlegroups.com>
	<8737rrsc2l.fsf@mid.deneb.enyo.de> <ncb4lj$1o09$1@gioia.aioe.org>
	<87k2l2pbf0.fsf@mid.deneb.enyo.de> <ncc8e8$1pdm$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: news.enyo.de 1458166695 14990 192.168.18.20 (16 Mar 2016 22:18:15
 GMT)
X-Complaints-To: news@enyo.de
Cancel-Lock: sha1:GhVgWEqUUcaCZ3JNFCny41jIGiE=
Xref: news.eternal-september.org comp.lang.ada:29813
Date: 2016-03-16T23:18:15+01:00
List-Id: <comp.lang.ada>

* Dmitry A. Kazakov:

> On 2016-03-16 18:42, Florian Weimer wrote:
>> * Dmitry A. Kazakov:
>>
>>> On 15/03/2016 21:47, Florian Weimer wrote:
>>>> * Peter Brooks:
>>>>
>>>>> There are still many problems turning up with TSL authentication. It's
>>>>> no particular surprise as even OpenSSL has been using C for this code.
>>>>>
>>>>> Isn't this an opportunity for Ada to really shine?
>>>>
>>>> It's really hard to write a good TLS implementation.  Ditching C gets
>>>> rid of just one class of issues (related memory safety).
>>>
>>> At least we could have a better API. GNUTLS design is quite
>>> uncomfortable to use in a "socket-select" environment.
>>
>> That's a consequence of the protocol because any write or read at the
>> application layer can result in arbitrary sequences of reads *and*
>> writes on the socket layer.  There is just no nice way to express this
>> in an API.
>
> It could have a state machine design, driven by write-ready read-ready
> events.

It's still very complicated, particularly if you want to leave buffer
management to the caller.  See Java's SSLEngine.