Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

client: use DEFAULT_CIPHER_SUITES if none are specified #165

Closed
wants to merge 1 commit into from
Closed

client: use DEFAULT_CIPHER_SUITES if none are specified #165

wants to merge 1 commit into from

Conversation

kevinburke
Copy link
Contributor

I'm having trouble figuring out how to pass in a set of cipher suites
using C, and since all I want is the default set, just make it easier
by providing a reasonable default for the NULL case.

Fixes #163.

@jsha jsha mentioned this pull request Nov 9, 2021
Open
@kevinburke kevinburke force-pushed the default-builder-suites branch 5 times, most recently from 15acee5 to 766ff42 Compare November 15, 2021 23:37
@jsha
Copy link
Collaborator

jsha commented Nov 18, 2021

As I mentioned in #203 (comment), I'd like a more explicit way to do this:

rustls_client_config_builder_new_custom(
  RUSTLS_DEFAULT_CIPHER_SUITES,
  RUSTLS_DEFAULT_CIPHER_SUITES_LEN,
  tls_versions, // provided by your program
  tls_versions_len,
  &builder);

DEFAULT_CIPHER_SUITES should be defined like so:

const struct *rustls_supported_cipher_suite[] DEFAULT_CIPHER_SUITES;
const size_t DEFAULT_CIPHER_SUITES;

To make this happen we'll need to declare our own copy of DEFAULT_CIPHER_SUITES from rustls, since ours will need to contain pointers to the entries of rustls::DEFAULT_CIPHER_SUITES.

To ensure our copy remains up-to-date, we can have a test that checks the length is the same, and the set of items is the same.

We should document that the order of DEFAULT_CIPHER_SUITES will change between releases.

@kevinburke
client: use DEFAULT_CIPHER_SUITES if none are specified
d828934 
I'm having trouble figuring out how to pass in a set of cipher suites
using C, and since all I want is the default set, just make it easier
by providing a reasonable default for the NULL case.

Fixes rustls#163.
@kevinburke kevinburke mentioned this pull request Nov 18, 2021
Open
@divergentdave divergentdave mentioned this pull request Nov 19, 2021
Merged
jsha pushed a commit that referenced this pull request Nov 19, 2021
@divergentdave
client: add ciphersuite and version arrays (#242)
b30b051 
This adds arrays of ciphersuites and versions as suggested in #165 and #203.
@jsha
Copy link
Collaborator

jsha commented Dec 3, 2021

I think this is resolved by #242

@jsha jsha closed this Dec 3, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

rustls_client_config_builder_new: use the default set if cipher_suites is NULL
2 participants
@kevinburke @jsha