From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 Path: eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!mx02.eternal-september.org!feeder.eternal-september.org!aioe.org!.POSTED!not-for-mail From: "Dmitry A. Kazakov" Newsgroups: comp.lang.ada Subject: Re: Ada for the TLS/SSL problem? Date: Thu, 17 Mar 2016 09:14:17 +0100 Organization: Aioe.org NNTP Server Message-ID: References: <5011d79c-aaad-464e-a68e-c31a2738a820@googlegroups.com> <8737rrsc2l.fsf@mid.deneb.enyo.de> <87k2l2pbf0.fsf@mid.deneb.enyo.de> <87pouunk2g.fsf@mid.deneb.enyo.de> NNTP-Posting-Host: bqgfK7NL3xTHnr0WRaLl4g.user.gioia.aioe.org Mime-Version: 1.0 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-Complaints-To: abuse@aioe.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0 X-Notice: Filtered by postfilter v. 0.8.2 Xref: news.eternal-september.org comp.lang.ada:29817 Date: 2016-03-17T09:14:17+01:00 List-Id: On 16/03/2016 23:18, Florian Weimer wrote: > * Dmitry A. Kazakov: > >> On 2016-03-16 18:42, Florian Weimer wrote: >>> * Dmitry A. Kazakov: >>> >>>> On 15/03/2016 21:47, Florian Weimer wrote: >>>>> * Peter Brooks: >>>>> >>>>>> There are still many problems turning up with TSL authentication. It's >>>>>> no particular surprise as even OpenSSL has been using C for this code. >>>>>> >>>>>> Isn't this an opportunity for Ada to really shine? >>>>> >>>>> It's really hard to write a good TLS implementation. Ditching C gets >>>>> rid of just one class of issues (related memory safety). >>>> >>>> At least we could have a better API. GNUTLS design is quite >>>> uncomfortable to use in a "socket-select" environment. >>> >>> That's a consequence of the protocol because any write or read at the >>> application layer can result in arbitrary sequences of reads *and* >>> writes on the socket layer. There is just no nice way to express this >>> in an API. >> >> It could have a state machine design, driven by write-ready read-ready >> events. > > It's still very complicated, particularly if you want to leave buffer > management to the caller. See Java's SSLEngine. Yes it is more complicated, but not for the user, who within this framework should already provide and consume data on demand. [It would be nice to have co-routine "tasks" in Ada to inverse that, but this is another story.] Regarding buffer management, firstly you should need none, provided the design were indeed event-driven. Secondly, for security reasons you probably would not want to have any external buffers anyway. -- Regards, Dmitry A. Kazakov http://www.dmitry-kazakov.de