Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TS_SSL_CLIENT_HELLO_HOOK is unavailable with BoringSSL #7510

Closed
maskit opened this issue Feb 10, 2021 · 1 comment
Closed

TS_SSL_CLIENT_HELLO_HOOK is unavailable with BoringSSL #7510

maskit opened this issue Feb 10, 2021 · 1 comment
Assignees
@randall
Labels
TLS

Comments

@maskit
Copy link
Member

maskit commented Feb 10, 2021

TS_SSL_CLIENT_HELLO_HOOK is not called if you use ATS with BoringSSL. This is because SSL_CTX_set_client_hello_cb is not available on BoringSSL. We might be able to use SSL_CTX_set_select_certificate_cb instead.

Autest tls_hooks16, 17 and 18 fail because of this.
@maskit maskit added the TLS label Feb 10, 2021
@maskit maskit changed the title TS_SSL_CLIENT_HELLO_HOOK is no available with BoringSSL TS_SSL_CLIENT_HELLO_HOOK is unavailable with BoringSSL Jun 30, 2021
@randall randall self-assigned this Nov 11, 2021
@randall
Copy link
Contributor

randall commented Feb 17, 2022

I believe this can be closed now. ATS now uses SSL_CTX_set_select_certificate_cb with BoringSSL (added in #8014)

@randall randall closed this as completed Feb 17, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@randall randall

Labels
TLS
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@maskit @randall