Google Git
Sign in
quiche/quiche/4a5e9e692040ff0786563c30488a7d29fd58f40d^!/.
commit
4a5e9e692040ff0786563c30488a7d29fd58f40d
[log]
author
dschinazi <dschinazi@google.com>
Thu May 18 10:06:15 2023 -0700
committer
Copybara-Service <copybara-worker@google.com>
Thu May 18 10:07:38 2023 -0700
tree
38a1f41fb7fb5ba597f087ffd649087ad6e46e06
parent
fc04b8a21a5982235f92f6b98629bdf02141a50f [diff]
Protect QUIC ECH code with a BORINGSSL_API_VERSION check

This fixes the Envoy Mobile build and is a no-op for any QUICHE embedder using a recent version of BoringSSL.

PiperOrigin-RevId: 533165362

diff --git a/quiche/quic/core/tls_handshaker.cc b/quiche/quic/core/tls_handshaker.cc
index 03ec0c9..62ec169 100644
--- a/quiche/quic/core/tls_handshaker.cc
+++ b/quiche/quic/core/tls_handshaker.cc

@@ -389,6 +389,7 @@
 
 void TlsHandshaker::MessageCallback(bool is_write, int /*version*/,
                                     int content_type, absl::string_view data) {
+#if BORINGSSL_API_VERSION >= 17
   if (content_type == SSL3_RT_CLIENT_HELLO_INNER) {
     // Notify QuicConnectionDebugVisitor. Most TLS messages can be seen in
     // CRYPTO frames, but, with ECH enabled, the ClientHelloInner is encrypted
@@ -399,6 +400,11 @@
       handshaker_delegate_->OnEncryptedClientHelloReceived(data);
     }
   }
+#else   // BORINGSSL_API_VERSION
+  (void)is_write;
+  (void)content_type;
+  (void)data;
+#endif  // BORINGSSL_API_VERSION
 }
 
 }  // namespace quic