Changes between Initial Version and Version 1 of Ticket #887, comment 7


Ignore:
Timestamp:
05/18/17 09:03:04 (5 years ago)
Author:
Gert Döring
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #887, comment 7

    initial v1  
    55OTOH, I find it somewhat complicated - without understanding the code around this well enough (syzzer is the one) - can we ever end up in a situation where encryption and decryption ciphers are different?  Internally, we do keep different values, but config-wise, everything is "cipher <foo>", so I can't see a way to reach a difference (today).
    66
    7 Given that, the way you use to find the cipher names (translation and all that) might also be more elaborate than needed - on the initial reply, we stuff the NCP cipher in {{{o->ciphername}}}.  If that value is kept across TLS reconnects (which I cannot answer) we could reduce the patch to "log a comment, and just send the already-set value once again".  Loke this - fully untested, just to explain the idea:
     7Given that, the way you use to find the cipher names (translation and all that) might also be more elaborate than needed - on the initial reply, we stuff the NCP cipher in {{{o->ciphername}}}.  If that value is kept across TLS reconnects (which I cannot answer) we could reduce the patch to "log a comment, and just send the already-set value once again". 
     8
     9Like this - fully untested, just to explain the idea:
    810
    911{{{