maskit commented on code in PR #11844:
URL: https://github.com/apache/trafficserver/pull/11844#discussion_r1831418645
##########
src/iocore/net/SSLUtils.cc:
##########
@@ -1086,6 +1086,20 @@ ssl_callback_info(const SSL *ssl, int where, int ret)
}
Metrics::Counter::increment(it->second);
}
+
+#if defined(OPENSSL_IS_BORINGSSL) || defined(SSL_get_negotiated_group)
+ // TLS Group
+#ifdef OPENSSL_IS_BORINGSSL
+ int nid = SSL_get_negotiated_group(ssl);
+#elif defined(SSL_get_negotiated_group)
+ int nid = SSL_get_negotiated_group(const_cast<SSL *>(ssl));
+#endif
+ if (nid != NID_undef) {
+ if (auto it = tls_group_map.find(nid); it != tls_group_map.end()) {
Review Comment:
No, it doesn't. Look at `cipher_map`. Its key is a string, not NID. It may
not be great in terms of calculating the hash, but if we really care about it,
I suppose we could use the pointer for the const char.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
