From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Delivered-To: caml-list@yquem.inria.fr Received: from concorde.inria.fr (concorde.inria.fr [192.93.2.39]) by yquem.inria.fr (Postfix) with ESMTP id 7A247BC75 for ; Fri, 18 Feb 2005 11:10:49 +0100 (CET) Received: from pauillac.inria.fr (pauillac.inria.fr [128.93.11.35]) by concorde.inria.fr (8.13.0/8.13.0) with ESMTP id j1IAAnCg008774 for ; Fri, 18 Feb 2005 11:10:49 +0100 Received: from nez-perce.inria.fr (nez-perce.inria.fr [192.93.2.78]) by pauillac.inria.fr (8.7.6/8.7.3) with ESMTP id LAA31933 for ; Fri, 18 Feb 2005 11:10:48 +0100 (MET) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.187]) by nez-perce.inria.fr (8.13.0/8.13.0) with ESMTP id j1IAAml7024037 for ; Fri, 18 Feb 2005 11:10:48 +0100 Received: from [212.227.126.160] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1D255w-0005ID-00; Fri, 18 Feb 2005 11:10:44 +0100 Received: from [80.129.111.239] (helo=gate.lan.gerd-stolpmann.de) by mrelayng.kundenserver.de with asmtp (Exim 3.35 #1) id 1D255w-0008KX-00; Fri, 18 Feb 2005 11:10:44 +0100 Received: from mydomain.com (localhost [127.0.0.1]) by gate.lan.gerd-stolpmann.de (Postfix) with SMTP id 4C860C04E; Fri, 18 Feb 2005 11:10:43 +0100 (CET) Received: from 192.168.0.1 (proxying for 193.194.7.77) (SquirrelMail authenticated user gerd) by gps.dynxs.de with HTTP; Fri, 18 Feb 2005 11:10:43 +0100 (CET) Message-ID: <24893.192.168.0.1.1108721443.squirrel@gps.dynxs.de> Date: Fri, 18 Feb 2005 11:10:43 +0100 (CET) Subject: Re: [Caml-list] Safe marshall? From: "Gerd Stolpmann" To: In-Reply-To: <24793.192.168.0.1.1108719671.squirrel@gps.dynxs.de> References: <059442cb47f5e19bca230316a6ae6261@fas.harvard.edu> <21947.192.168.0.1.1108633144.squirrel@gps.dynxs.de> <9c3c426c52d70a19ad1dc3e3047a5138@csun.edu> <20050218052911.GC425@first.in-berlin.de> <24793.192.168.0.1.1108719671.squirrel@gps.dynxs.de> Cc: , X-Mailer: SquirrelMail (version 1.2.6) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Provags-ID: kundenserver.de abuse@kundenserver.de auth:a6865a839c0178d9aa0ce41878507ea2 X-Miltered: at concorde with ID 4215BF29.000 by Joe's j-chkmail (http://j-chkmail.ensmp.fr)! X-Miltered: at nez-perce with ID 4215BF28.002 by Joe's j-chkmail (http://j-chkmail.ensmp.fr)! X-Spam: no; 0.00; caml-list:01 gerd:01 stolpmann:01 gerd:01 stolpmann:01 oliver:01 bandel:01 wrote:01 compiler:01 asn:01 ocaml:01 o'caml:01 struct:01 oops:01 struct:01 X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on yquem.inria.fr X-Spam-Status: No, score=0.1 required=5.0 tests=FORGED_RCVD_HELO, RCVD_FAKE_HELO_DOTCOM autolearn=disabled version=3.0.2 X-Spam-Level: Gerd Stolpmann said: > > Oliver Bandel said: >> On Thu, Feb 17, 2005 at 03:14:30PM -0800, Eric Stokes wrote: >>> I have to agree with Gerd, if at all possible use a protocol compiler >>> such as XDR, or ASN.1, even signing might not be secure if your >> >> Yes, XDR seems to be a good idea. >> >> >>> attacker can get ahold of the keys you are using. I can attest to the >>> robustness of Gerd's XDR implementation, I have used it in several >>> projects. >> >> Well.. is there already an XDR-binding for OCaml? > > Yes, as already pointed out, it is part of my SunRPC implementation: > http://ocaml-programming.de/programming/rpc.html. It is not a binding, > however, but a pure O'Caml implementation. > > It is quite easy and obvious how to use the XDR part alone without the > rest of RPC. For example, to define a record with an integer > and a string of maximum 20 characters: > > open Xdr > open Rtypes > let my_type_term X_struct [ "my_int", X_int; Oops, obviously somebody has stolen my "=3D". It is of course let my_type_term =3D X_struct (etc.). > "my_string", (X_string (uint4_of_int 20)) ] > let my_type =3D validate_xdt_type_term my_type_term > > Now, to encode a value: > > let my_val XV_struct [ "my_int", (XV_int (int4_of_int 42)); > "my_string", (XV_string "Sample") ] > let my_val_as_wire_string pack_xdr_value_as_string my_val my_type [] > > my_val_as_wire_string can now be sent over the network. For > decoding, use: > > let my_val_again unpack_xdr_value my_val_as_wire_string my_type [] > > If the string is illegal (e.g. my_string is longer than > 20 characters), exceptions will be thrown. > > One can also use ocamlrpcgen to generate parts of the above > code, including automatic conversion between XDR and the > corresponding O'Caml types (e.g. an XDR struct is converted > to an O'Caml record type). For complex protocols, the overhead > of learning ocamlrpcgen is worth the effort. > > One should also consider using RPC directly rather than to invent > a new networking layer. > > Gerd > >> Where to find it?! >> >> Ciao, >> Oliver >> >> _______________________________________________ >> Caml-list mailing list. Subscription management: >> http://yquem.inria.fr/cgi-bin/mailman/listinfo/caml-list >> Archives: http://caml.inria.fr >> Beginner's list: http://groups.yahoo.com/group/ocaml_beginners >> Bug reports: http://caml.inria.fr/bin/caml-bugs > > > ------------------------------------------------------------ > Gerd Stolpmann * Viktoriastr. 45 * 64293 Darmstadt * Germany > gerd@gerd-stolpmann.de http://www.gerd-stolpmann.de > ------------------------------------------------------------ > > > > _______________________________________________ > Caml-list mailing list. Subscription management: > http://yquem.inria.fr/cgi-bin/mailman/listinfo/caml-list > Archives: http://caml.inria.fr > Beginner's list: http://groups.yahoo.com/group/ocaml_beginners > Bug reports: http://caml.inria.fr/bin/caml-bugs ------------------------------------------------------------ Gerd Stolpmann * Viktoriastr. 45 * 64293 Darmstadt * Germany gerd@gerd-stolpmann.de http://www.gerd-stolpmann.de ------------------------------------------------------------