Re: [exim-dev] [Bug 1455] tls_out_cipher or tls_cipher is em…

Góra strony
Delete this message
Reply to this message
Autor: Andreas Metzler
Data:  
Dla: 1455
Temat: Re: [exim-dev] [Bug 1455] tls_out_cipher or tls_cipher is empty
On 2014-04-05 Jeremy Harris <jgh146exb@???> wrote:
[...]
> --- Comment #5 from Jeremy Harris <jgh146exb@???> 2014-04-05 14:14:48 ---
> I'm sorry I've not yet had time to look into this. Do you have a suggested
> patch? Enhanced tests for the regression suite would also be of benefit.


Hello,

sadly I have not got a patch. The initial idea of simply adding a
'tls_support *tls' and having it point to tls_in or tls_out as the
situation requires does not work, since it is not possible to use the
pointer in expand.c ("initializer element is not constant").

Which means it is not trivial to do and therefore shouldn't be done by
me. ;-)

OTOH, looking at the initial comment in git history
(817d9f576cdfbc27cf0536be348645baf27d7836) I am wondering whether it
is even possible to do:
----------
Dual-tls - split management of TLS into in- and out-bound
connection-handling.

Enables concurrent use from a single process, and thereby use for
cutthrough delivery. As a side-effect EHLO and TLS use for verify
callouts introduced.
----------

With the concurrent use exim can hold open two TLS connections (message
receiption incoming and outgoing callout/cutthrough). - Which of these
should show up in $tls_cipher?

cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'