ppolv’s blog

February 15, 2008

erlang, ssl and asn1

Filed under: erlang — Tags: , , — ppolv @ 3:44 pm

I’ve been playing with erlang and asn1, implementing a ldap plugin for the tsung load testing tool. Erlang comes with nice support for work with ber-encoded asn1 data; particularly handy is its aviility to recognize packets borders and deliver network data, one asn1 packet at a time rather than as a raw byte stream.

One of the extended operations defined in the ldap protocol, the startTLS command, allows the use of unencrypted,plain tcp socket to connect to the server and later “upgrade” the same connection to use ssl. To implement this in erlang, the way to go is to use the new ssl module, since it is capable of establish a ssl session over an already connected tcp_gen socket, something than previous OTP versions can’t. Sadly for me, this new ssl module seems to not be able to recognize asn1 packets yet. Luckily, the buffering code required is very simple to implement in erlang.

Here is the the code i’m using:

%%The buffer consist of the data received and the length of the current packet,
%%undefined if the length is still unknown.
-record(asn1_packet_state,    {
    length = undefined,
    buffer = <<>>

%%The push function simply appends the data to the end of the buffer.
push(<<>>,S) ->
push(Data,S =#asn1_packet_state{buffer = B}) ->
    S#asn1_packet_state{buffer = <<B/binary,Data/binary>>}.

%% Try to extract a packet from the buffer, if the length is unknown, calculate it first.
get_packet(S = #asn1_packet_state{length=undefined,buffer= <<>>}) ->
get_packet(S = #asn1_packet_state{length=undefined,buffer=Buffer}) ->
    case packet_length(Buffer) of
        {ok,Length} -> extract_packet(S#asn1_packet_state{length=Length});
         not_enough_data -> {none,S}
get_packet(S) -> extract_packet(S).

%% Extract the packet if there is enough data available.
extract_packet(#asn1_packet_state{length=N,buffer=Buffer}) when (size(Buffer) >= N) ->
    <<Packet:N/binary,Rest/binary>> = Buffer,

extract_packet(S) when is_record(S,asn1_packet_state) -> {none,S}.

%%Extract the packet size from the packet header.
packet_length(Buffer) ->
    try asn1rt_ber_bin:decode_tag_and_length(Buffer) of
       {Tag, Len,_Rest,RemovedBytes} ->  {ok,Len+RemovedBytes}
        _Type:_Error ->
                (size(Buffer) > ?MAX_HEADER) -> throw({invalid_packet,Buffer});
                true -> not_enough_data  %%incomplete header

So whenever you get data from the network, you push/2 then into the buffer. Then you can get_packet/1 from the buffer , keeping in mind that there could by no complete packet yet, or more than one packet could be present in the buffer; get_packet/1 will return either {none,Buffer} or {packet,Packet,Buffer}.



  1. “erlang, ssl and asn1 | ppolv’s blog” Wooden Blinds was a excellent blog. However, if it owned alot more photos it might be perhaps even more effective. Thanks ,Wilbur

    Comment by Yahoo.Com — February 28, 2013 @ 7:34 pm

  2. I really was browsing for points for my very own site and found
    your own posting, “erlang, ssl and asn1 | ppolv’s blog”, will you care in cases where I personally employ a number of of ur tips? Thanks a lot ,Geraldine

    Comment by Alissa — June 7, 2013 @ 5:03 pm

  3. “erlang, ssl and asn1 | ppolv’s blog” was indeed seriously compelling and enlightening! Within modern world that’s hard to execute. Many thanks, Torsten

    Comment by Elva — July 3, 2013 @ 1:35 am

  4. “erlang, ssl and asn1 | ppolv’s blog” was indeed a wonderful read and also I actually was in fact truly glad to read it. Thanks a lot,Martina

    Comment by Tammy — August 5, 2013 @ 2:16 pm

  5. “erlang, ssl and asn1 | ppolv’s blog” was indeed a excellent blog post. If it had more pix this should be perhaps even a lot better. Cya -Tomas

    Comment by Autumn — August 17, 2013 @ 7:58 am

  6. I really think about why you titled this blog, “erlang, ssl and asn1 | ppolv’s blog”. In any case I actually enjoyed the blog!I appreciate it-Gwendolyn

    Comment by Keesha — August 18, 2013 @ 3:56 pm

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

Blog at WordPress.com.

%d bloggers like this: