randall commented on a change in pull request #8014:
URL: https://github.com/apache/trafficserver/pull/8014#discussion_r670775253
##########
File path: iocore/net/SSLUtils.cc
##########
@@ -412,12 +424,48 @@ ssl_client_hello_callback(SSL *s, int *al, void *arg)
}
#endif
+#ifdef OPENSSL_IS_BORINGSSL
+static ssl_select_cert_result_t
+ssl_client_hello_callback(const SSL_CLIENT_HELLO *client_hello)
Review comment:
Doing the #elif here makes sense.
The callback return values are different types (and different values for
equivalent states):
```
enum ssl_select_cert_result_t BORINGSSL_ENUM_INT {
// ssl_select_cert_success indicates that the certificate selection was
// successful.
ssl_select_cert_success = 1,
// ssl_select_cert_retry indicates that the operation could not be
// immediately completed and must be reattempted at a later point.
ssl_select_cert_retry = 0,
// ssl_select_cert_error indicates that a fatal error occured and the
// handshake should be terminated.
ssl_select_cert_error = -1,
};
```
vs openssl:
```
# define SSL_CLIENT_HELLO_SUCCESS 1
# define SSL_CLIENT_HELLO_ERROR 0
# define SSL_CLIENT_HELLO_RETRY (-1)
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
