forked from envoyproxy/envoy
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
tls: future-proof Utility::getErrorDescription (envoyproxy#16553)
As with any other dependency, BoringSSL is not a fixed thing. envoyproxy#14600 added an enumeration over all BoringSSL errors. This incorrectly assumes we'd never add more errors, and unnecessarily adds an dependency on errors (e.g. SSL_ERROR_WANT_CHANNEL_ID_LOOKUP) that Envoy will never encounter and may be removed in the future. Instead, the correct function is SSL_error_description. The original code enumerated errors because Envoy tries to support an old version of BoringSSL, but in that case the future-proof scheme would be to use a BORINGSSL_API_VERSION ifdef. Next, this rewrites the test. The tests assume SSL_ERROR_* constants are stable, which is invalid, and they assume that 19 will never be allocated when it has been and, in fact, we allocate them consecutively. Instead, use the constants, test a few error codes that Envoy already depends on, and use -1 as the sample unknown error. This ensures Envoy's logging reflect future values BoringSSL may add and avoids this code breaking Envoy in a future version of BoringSSL. Signed-off-by: David Benjamin <[email protected]>
- Loading branch information
Showing
3 changed files
with
43 additions
and
45 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters