could we expose INVALID_ALPN_PROTOCOL?

[weissi]

when connecting to https://cpanel.com with ALPN set to h2 we get

Channel caught error: handshakeFailed(NIOSSL.BoringSSLError.sslError([Error: 268435715 error:10000103:SSL routines:OPENSSL_internal:INVALID_ALPN_PROTOCOL, Error: 268435605 error:10000095:SSL routines:OPENSSL_internal:ERROR_PARSING_EXTENSION, Error: 268435646 error:100000be:SSL routines:OPENSSL_internal:PARSE_TLSEXT])) in handler5

could we expose that as a proper NIO error? Seems useful :)

[Lukasa]

The biggest problem here is that there's actually a stack of errors there. The associated data on BoringSSLError.sslError is [BoringSSLInternalError], which in this case is of length 3:

Error: 268435715 error:10000103:SSL routines:OPENSSL_internal:INVALID_ALPN_PROTOCOL
Error: 268435605 error:10000095:SSL routines:OPENSSL_internal:ERROR_PARSING_EXTENSION
Error: 268435646 error:100000be:SSL routines:OPENSSL_internal:PARSE_TLSEXT

What we can try to do is give some of these values static let constants on the BoringSSLInternalError structures, though doing so relies on some internal-ish functions in BoringSSL. This is because the error codes that back BoringSSLInternalError are in a packed form that needs to be generated in order to be matched upon.

If you're interested in that, let me know and I can put some of that together.

[weissi]

let's sit on it :)