I think that by the time you have an existing connection, whatever the cipher is that was negotiated, that cipher must be present in the list of supported ciphers of the corresponding OpenSSL context.
This encodes that in an assert, rather than having an else condition that will never be reached.
I think that by the time you have an existing connection, whatever the cipher is that was negotiated, that cipher must be present in the list of supported ciphers of the corresponding OpenSSL context. This encodes that in an
assert, rather than having anelsecondition that will never be reached.