From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pierre.weis@inria.fr>
Delivered-To: caml-list@yquem.inria.fr
Received: from nez-perce.inria.fr (nez-perce.inria.fr [192.93.2.78])
	by yquem.inria.fr (Postfix) with ESMTP id 64070BC75
	for <caml-list@yquem.inria.fr>; Fri, 18 Feb 2005 10:41:15 +0100 (CET)
Received: from pauillac.inria.fr (pauillac.inria.fr [128.93.11.35])
	by nez-perce.inria.fr (8.13.0/8.13.0) with ESMTP id j1I9fEEt018893
	for <caml-list@yquem.inria.fr>; Fri, 18 Feb 2005 10:41:15 +0100
Received: from concorde.inria.fr (concorde.inria.fr [192.93.2.39]) by pauillac.inria.fr (8.7.6/8.7.3) with ESMTP id KAA30185 for <caml-list@pauillac.inria.fr>; Fri, 18 Feb 2005 10:41:14 +0100 (MET)
Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.187])
	by concorde.inria.fr (8.13.0/8.13.0) with ESMTP id j1I9fEs8002971
	for <caml-list@inria.fr>; Fri, 18 Feb 2005 10:41:14 +0100
Received: from [212.227.126.160] (helo=mrelayng.kundenserver.de)
	by moutng.kundenserver.de with esmtp (Exim 3.35 #1)
	id 1D24dL-0004T0-00; Fri, 18 Feb 2005 10:41:11 +0100
Received: from [80.129.111.239] (helo=gate.lan.gerd-stolpmann.de)
	by mrelayng.kundenserver.de with asmtp (Exim 3.35 #1)
	id 1D24dL-0002iR-00; Fri, 18 Feb 2005 10:41:11 +0100
Received: from mydomain.com (localhost [127.0.0.1])
	by gate.lan.gerd-stolpmann.de (Postfix) with SMTP id 21B33C04E;
	Fri, 18 Feb 2005 10:41:11 +0100 (CET)
Received: from 192.168.0.1 (proxying for 193.194.7.77)
        (SquirrelMail authenticated user gerd)
        by gps.dynxs.de with HTTP;
        Fri, 18 Feb 2005 10:41:11 +0100 (CET)
Message-ID: <24793.192.168.0.1.1108719671.squirrel@gps.dynxs.de>
Date: Fri, 18 Feb 2005 10:41:11 +0100 (CET)
Subject: Re: [Caml-list] Safe marshall?
From: "Gerd Stolpmann" <info@gerd-stolpmann.de>
To: <oliver@first.in-berlin.de>
In-Reply-To: <20050218052911.GC425@first.in-berlin.de>
References: <059442cb47f5e19bca230316a6ae6261@fas.harvard.edu>
        <21947.192.168.0.1.1108633144.squirrel@gps.dynxs.de>
        <9c3c426c52d70a19ad1dc3e3047a5138@csun.edu>
        <20050218052911.GC425@first.in-berlin.de>
Cc: <caml-list@inria.fr>
X-Mailer: SquirrelMail (version 1.2.6)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: kundenserver.de abuse@kundenserver.de auth:a6865a839c0178d9aa0ce41878507ea2
X-Miltered: at nez-perce with ID 4215B83A.001 by Joe's j-chkmail (http://j-chkmail.ensmp.fr)!
X-Miltered: at concorde with ID 4215B83A.000 by Joe's j-chkmail (http://j-chkmail.ensmp.fr)!
X-Spam: no; 0.00; caml-list:01 gerd:01 stolpmann:01 oliver:01 bandel:01 wrote:01 gerd:01 compiler:01 asn:01 ocaml:01 o'caml:01 struct:01 val:01 struct:01 val:01 
X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on yquem.inria.fr
X-Spam-Status: No, score=0.1 required=5.0 tests=FORGED_RCVD_HELO,
	RCVD_FAKE_HELO_DOTCOM autolearn=disabled version=3.0.2
X-Spam-Level: 


Oliver Bandel said:
> On Thu, Feb 17, 2005 at 03:14:30PM -0800, Eric Stokes wrote:
>> I have to agree with Gerd, if at all possible use a protocol compiler
>> such as XDR, or ASN.1, even signing might not be secure if your
>
> Yes, XDR seems to be a good idea.
>
>
>> attacker can get ahold of the keys you are using. I can attest to the
>> robustness of Gerd's XDR implementation, I have used it in several
>> projects.
>
> Well.. is there already an XDR-binding for OCaml?

Yes, as already pointed out, it is part of my SunRPC implementation:
http://ocaml-programming.de/programming/rpc.html. It is not a binding,
however, but a pure O'Caml implementation.

It is quite easy and obvious how to use the XDR part alone without
the rest of RPC. For example, to define a record with an integer
and a string of maximum 20 characters:

open Xdr
open Rtypes
let my_type_term =3D
  X_struct [ "my_int", X_int;
             "my_string", (X_string (uint4_of_int 20)) ]
let my_type =3D validate_xdt_type_term my_type_term

Now, to encode a value:

let my_val =3D
  XV_struct [ "my_int", (XV_int (int4_of_int 42));
              "my_string", (XV_string "Sample") ]
let my_val_as_wire_string =3D
  pack_xdr_value_as_string my_val my_type []

my_val_as_wire_string can now be sent over the network. For
decoding, use:

let my_val_again =3D
  unpack_xdr_value my_val_as_wire_string my_type []

If the string is illegal (e.g. my_string is longer than
20 characters), exceptions will be thrown.

One can also use ocamlrpcgen to generate parts of the above
code, including automatic conversion between XDR and the
corresponding O'Caml types (e.g. an XDR struct is converted
to an O'Caml record type). For complex protocols, the overhead
of learning ocamlrpcgen is worth the effort.

One should also consider using RPC directly rather than to invent
a new networking layer.

Gerd

> Where to find it?!
>
> Ciao,
>   Oliver
>
> _______________________________________________
> Caml-list mailing list. Subscription management:
> http://yquem.inria.fr/cgi-bin/mailman/listinfo/caml-list
> Archives: http://caml.inria.fr
> Beginner's list: http://groups.yahoo.com/group/ocaml_beginners
> Bug reports: http://caml.inria.fr/bin/caml-bugs


------------------------------------------------------------
Gerd Stolpmann * Viktoriastr. 45 * 64293 Darmstadt * Germany
gerd@gerd-stolpmann.de          http://www.gerd-stolpmann.de
------------------------------------------------------------