<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<p style="color: #777777;">

<a href="https://gitlab.com/dueno">Daiki Ueno</a>

commented on a

discussion on <a href="https://gitlab.com/gnutls/gnutls/merge_requests/1112#note_267665474">lib/constate.c</a>:

</p>

<table>

<tr class="line_holder" id="">

<td class="diff-line-num old_line" data-linenumber="274" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

274

</td>

<td class="diff-line-num new_line" data-linenumber="275" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

275

</td>

<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;">

<pre style="margin: 0;"> <span id="LC275" class="line" lang="c">            <span class="n" style="color: #333;">ret</span> <span class="o" style="font-weight: 600;">=</span> <span class="n" style="color: #333;">_tls13_expand_secret</span><span class="p">(</span><span class="n" style="color: #333;">session</span><span class="p">,</span> <span class="s" style="color: #d14;">"iv"</span><span class="p">,</span> <span class="mi" style="color: #099;">2</span><span class="p">,</span> <span class="nb" style="color: #0086b3;">NULL</span><span class="p">,</span> <span class="mi" style="color: #099;">0</span><span class="p">,</span> <span class="n" style="color: #333;">session</span><span class="o" style="font-weight: 600;">-></span><span class="n" style="color: #333;">key</span><span class="p">.</span><span class="n" style="color: #333;">proto</span><span class="p">.</span><span class="n" style="color: #333;">tls13</span><span class="p">.</span><span class="n" style="color: #333;">ap_ckey</span><span class="p">,</span> <span class="n" style="color: #333;">iv_size</span><span class="p">,</span> <span class="n" style="color: #333;">iv_block</span><span class="p">);</span></span>

</pre>

</td>

</tr>

<tr class="line_holder" id="">

<td class="diff-line-num old_line" data-linenumber="275" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

275

</td>

<td class="diff-line-num new_line" data-linenumber="276" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

276

</td>

<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;">

<pre style="margin: 0;"> <span id="LC276" class="line" lang="c">            <span class="k" style="font-weight: 600;">if</span> <span class="p">(</span><span class="n" style="color: #333;">ret</span> <span class="o" style="font-weight: 600;"><</span> <span class="mi" style="color: #099;">0</span><span class="p">)</span></span>

</pre>

</td>

</tr>

<tr class="line_holder" id="">

<td class="diff-line-num old_line" data-linenumber="276" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

276

</td>

<td class="diff-line-num new_line" data-linenumber="277" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #f0f0f0; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#fafafa">

277

</td>

<td class="line_content" style="padding-left: 0.5em; padding-right: 0.5em;">

<pre style="margin: 0;"> <span id="LC277" class="line" lang="c">                    <span class="k" style="font-weight: 600;">return</span> <span class="n" style="color: #333;">gnutls_assert_val</span><span class="p">(</span><span class="n" style="color: #333;">ret</span><span class="p">);</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="diff-line-num new old_line" data-linenumber="277" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="diff-line-num new new_line" data-linenumber="278" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

278

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC278" class="line" lang="c"></span>

</pre>

</td>

</tr>

</table>

<div style="">

<p dir="auto">I guess there will be a trade-off if we go that route, between:</p>

<ul dir="auto">

<li>how much we can make the API generic</li>

<li>how much we can make the QUIC implementation simpler, based on the API</li>

</ul>

<p dir="auto">The current approach is aligned to the latter, so the QUIC implementation wouldn't need to track the encryption level changes, but rely on the states managed by GnuTLS (which can also be used by <a href="https://gitlab.com/gnutls/gnutls/issues/849" data-original="#849" data-link="false" data-link-reference="false" data-project="179611" data-issue="26321909" data-reference-type="issue" data-container="body" data-placement="bottom" title="provide a callback to intercept TLS messages being sent" class="gfm gfm-issue has-tooltip">#849</a>). On the other hand, if we align to the former, all we need is to just generalize the existing keylog stuff with a callback like OpenSSL (I started thinking that it might be actually a better approach).</p>

</div>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777;">

—

<br>

Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/merge_requests/1112#note_267665474">view it on GitLab</a>.

<br>

You're receiving this email because of your account on gitlab.com.

If you'd like to receive fewer emails, you can

<a href="https://gitlab.com/sent_notifications/85d3ff48279d489a2f7d3a1c89a42959/unsubscribe">unsubscribe</a>

from this thread or

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Merge request","url":"https://gitlab.com/gnutls/gnutls/merge_requests/1112#note_267665474"}}</script>

</p>

</div>

</body>

</html>