>
> nice idea! :)
Thanks!
>> +
>> +void
>> +p2p_mode_ncp(struct tls_multi *multi, struct tls_session *session)
>> +{
>> + /* Set the common options */
>> + p2p_ncp_set_options(multi, session);
>> +
>> + struct gc_arena gc = gc_new();
>> +
>> + /* Query the common cipher here to log it as part of our message.
>> + * We postpone switching the cipher to do_up */
>> + const char* common_cipher = get_p2p_ncp_cipher(session,
>> multi->peer_info, &gc);
>
> why re-extracting the cipher again instead of reading it (somehow) from
> c->options.ciphername ?
>
> Maybe reading it from that field is not correct, but isn't there a way
> to avoid doing the string parsing twice? (it was performed in
> do_deferred_p2p_ncp() already)
It will be performed in do_deferred_p2p_ncp as part of do_up much later.
The call here to get_p2p_ncp_cipher is basically "only" for creating the
P2P mode NCP negotiation result message. The problem here is that
setting cipher from the context that p2p_mode_NCP has (multi and
session) not possible, so we would need to move options->cipher into
multi or session struct and that would be quite disruptive. So I opted
here to do get_p2p_ncp_cipher just to be able to print a nice message.
Arne
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
