[exim-dev] [Bug 1455] tls_out_cipher or tls_cipher is empty

Top Page
Delete this message
Reply to this message
Author: Andreas Metzler
Date:  
To: exim-dev
Old-Topics: [exim-dev] [Bug 1455] New: tls_out_cipher is empty
Subject: [exim-dev] [Bug 1455] tls_out_cipher or tls_cipher is empty
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1455




--- Comment #6 from Andreas Metzler <eximusers@???> 2014-04-05 17:20:33 ---
On 2014-04-05 Jeremy Harris <jgh146exb@???> wrote:
[...]
> --- Comment #5 from Jeremy Harris <jgh146exb@???> 2014-04-05 14:14:48 ---
> I'm sorry I've not yet had time to look into this. Do you have a suggested
> patch? Enhanced tests for the regression suite would also be of benefit.


Hello,

sadly I have not got a patch. The initial idea of simply adding a
'tls_support *tls' and having it point to tls_in or tls_out as the
situation requires does not work, since it is not possible to use the
pointer in expand.c ("initializer element is not constant").

Which means it is not trivial to do and therefore shouldn't be done by
me. ;-)

OTOH, looking at the initial comment in git history
(817d9f576cdfbc27cf0536be348645baf27d7836) I am wondering whether it
is even possible to do:
----------
Dual-tls - split management of TLS into in- and out-bound
connection-handling.

Enables concurrent use from a single process, and thereby use for
cutthrough delivery. As a side-effect EHLO and TLS use for verify
callouts introduced.
----------

With the concurrent use exim can hold open two TLS connections (message
receiption incoming and outgoing callout/cutthrough). - Which of these
should show up in $tls_cipher?

cu Andreas


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email