-
Notifications
You must be signed in to change notification settings - Fork 33
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rustls_{server/client}_config_builder_new_custom() parameters #203
Comments
@kevinburke provided a PR to support default cipher suites by passing NULL in the appropriate position: #165. Right now that's blocked on a redesign. Instead of NULL (which isn't clear to the reader of the code what it does), I'd like to have a global constant array RUSTLS_DEFAULT_CIPHER_SUITES and RUSTLS_DEFAULT_CIPHER_SUITES_LEN, so it's clear at the call site. Though perhaps our new rustls_default_cipher_suites_get() could do the same, if we can guarantee that its returned pointers are contiguous in memory (I'd have to check). We'll also need the same treatment for protocol versions.
I think for this we need to add a list of supported_tls_versions or similar, and guarantee it is in sorted order.
There will be an error returned from rustls_{client,server}_config_builder_new_custom. We should document that. According to https://docs.rs/rustls/0.20.0/src/rustls/builder.rs.html#211-239, the error kind will be "General." We should file an upstream ticket to get a more specific error for that case. |
Thanks for clarifying. I think passing NULL for default is quite common in a C API, but I have no qualms with passing any other constant you prefer. |
As I see it, the new
rustls_client_config_builder_new_custom
andrustls_server_config_builder_new_custom
require specification of protocols and ciphersuites and panic if one is NULL.Questions:
Thanks for your help.
The text was updated successfully, but these errors were encountered: