Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto: expose negotiated_cipher_suite in the hadshake data #2001

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

crypto: expose negotiated_cipher_suite in the hadshake data #2001

wants to merge 1 commit into from
+8 −0

Conversation

BiagioFesta
Copy link
Contributor

@BiagioFesta BiagioFesta commented Oct 4, 2024
edited
Loading

As title.

I am not totally convinced by that .expect("cipher is negotiated").

It makes sense to me: as AFAIK reaching that point always implies the cipher is negotiated, but I might have missed a edge scenario

djc
djc approved these changes Oct 4, 2024
View reviewed changes
quinn-proto/src/crypto/rustls.rs
@@ -256,6 +261,9 @@ pub struct HandshakeData {
///
/// Always `None` for outgoing connections
pub server_name: Option<String>,

/// The ciphersuite negotiated with the peer.
pub negotiated_cipher_suite: CipherSuite,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it might be better to avoid using a rustls-specific type here.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, but on the other hand why not? :D

This is rustls.rs module, which already depends on rustls specific (and quinn re-export rustls as well)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But if we're going to have a rustls-specific type, why not SupportedCipherSuite instead of CipherSuite?

@Ralith have opinions on this?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SupportedCipherSuite also contains the implementation.

I thought the scope of this crypto::rustls::HandshakeData for quinn is just give the information about the negotiated cipher and implementation is not needed (reducing overhead of the struct); that's why I went for CipherSuite instead.

Anyway lemme know what do you prefer

@djc
Copy link
Member

djc commented Oct 4, 2024
edited
Loading

I am not totally convinced by that .expect("cipher is negotiated").

It makes to me, as AFIK reaching that point always implies the cipher is negotiated, but I might have missed a edge scenario

Once got_handshake_data is set to true, the inner TLS session is !is_handshaking() so this should be fine.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@djc djc djc approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@BiagioFesta @djc