folly Does folly support boringssl?

Does folly support boringssl?

Open yiguolei opened this issue 3 years ago • 4 comments

FOLLY_OPENSSL_PREREQ is not defined if ssl is boringssl.

But it is used in SSLContext.h.

So that I think FOLLY could not work with boringssl, Am I right?

Dec 14 '21 09:12 yiguolei

support, but you need to adapt the code yourself.

Dec 15 '21 02:12 stevezhou6

diff --git a/folly/io/async/AsyncSSLSocket.cpp b/folly/io/async/AsyncSSLSocket.cpp index ec76ffee4..506e771d6 100644 --- a/folly/io/async/AsyncSSLSocket.cpp +++ b/folly/io/async/AsyncSSLSocket.cpp @@ -628,11 +628,17 @@ bool AsyncSSLSocket::isServerNameMatch() const { return false; }

+#ifndef BOR_SSL SSL_SESSION* ss = SSL_get_session(ssl_.get()); if (!ss) { return false; }

+#else

const SSL* ss = ssl_.get();
if (!ss) {
return false;
} +#endif auto tlsextHostname = SSL_SESSION_get0_hostname(ss); return (tlsextHostname && !tlsextHostname_.compare(tlsextHostname)); }

Dec 15 '21 02:12 stevezhou6

Why not add a settings in CMakeList.txt to indicate using openssl or boringssl?

Dec 15 '21 11:12 yiguolei

Different bosringssl versions are different, and the adaptive code is different. I guess he only adapted a certain version.

Dec 15 '21 12:12 stevezhou6

folly folly copied to clipboard

Does folly support boringssl?

+#ifndef BOR_SSL SSL_SESSION* ss = SSL_get_session(ssl_.get()); if (!ss) { return false; }

folly
folly copied to clipboard