Mercurial > hg > nginx-quic
comparison src/event/ngx_event_quic.c @ 7917:90b02ff6b003 quic
Compatibility with BoringSSL master branch.
Recently BoringSSL introduced SSL_set_quic_early_data_context()
that serves as an additional constrain to enable 0-RTT in QUIC.
Relevant changes:
* https://boringssl.googlesource.com/boringssl/+/7c52299%5E!/
* https://boringssl.googlesource.com/boringssl/+/8519432%5E!/
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Mon, 01 Jun 2020 19:53:13 +0300 |
parents | c206233d9c29 |
children | c70446e3d771 |
comparison
equal
deleted
inserted
replaced
7916:c206233d9c29 | 7917:90b02ff6b003 |
---|---|
1038 | 1038 |
1039 static ngx_int_t | 1039 static ngx_int_t |
1040 ngx_quic_init_connection(ngx_connection_t *c) | 1040 ngx_quic_init_connection(ngx_connection_t *c) |
1041 { | 1041 { |
1042 u_char *p; | 1042 u_char *p; |
1043 size_t clen; | |
1043 ssize_t len; | 1044 ssize_t len; |
1044 ngx_ssl_conn_t *ssl_conn; | 1045 ngx_ssl_conn_t *ssl_conn; |
1045 ngx_quic_connection_t *qc; | 1046 ngx_quic_connection_t *qc; |
1046 | 1047 |
1047 qc = c->quic; | 1048 qc = c->quic; |
1062 if (SSL_CTX_get_max_early_data(qc->ssl->ctx)) { | 1063 if (SSL_CTX_get_max_early_data(qc->ssl->ctx)) { |
1063 SSL_set_quic_early_data_enabled(ssl_conn, 1); | 1064 SSL_set_quic_early_data_enabled(ssl_conn, 1); |
1064 } | 1065 } |
1065 #endif | 1066 #endif |
1066 | 1067 |
1067 len = ngx_quic_create_transport_params(NULL, NULL, &qc->tp); | 1068 len = ngx_quic_create_transport_params(NULL, NULL, &qc->tp, &clen); |
1068 /* always succeeds */ | 1069 /* always succeeds */ |
1069 | 1070 |
1070 p = ngx_pnalloc(c->pool, len); | 1071 p = ngx_pnalloc(c->pool, len); |
1071 if (p == NULL) { | 1072 if (p == NULL) { |
1072 return NGX_ERROR; | 1073 return NGX_ERROR; |
1073 } | 1074 } |
1074 | 1075 |
1075 len = ngx_quic_create_transport_params(p, p + len, &qc->tp); | 1076 len = ngx_quic_create_transport_params(p, p + len, &qc->tp, NULL); |
1076 if (len < 0) { | 1077 if (len < 0) { |
1077 return NGX_ERROR; | 1078 return NGX_ERROR; |
1078 } | 1079 } |
1079 | 1080 |
1080 #ifdef NGX_QUIC_DEBUG_PACKETS | 1081 #ifdef NGX_QUIC_DEBUG_PACKETS |
1084 if (SSL_set_quic_transport_params(ssl_conn, p, len) == 0) { | 1085 if (SSL_set_quic_transport_params(ssl_conn, p, len) == 0) { |
1085 ngx_log_error(NGX_LOG_INFO, c->log, 0, | 1086 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
1086 "quic SSL_set_quic_transport_params() failed"); | 1087 "quic SSL_set_quic_transport_params() failed"); |
1087 return NGX_ERROR; | 1088 return NGX_ERROR; |
1088 } | 1089 } |
1090 | |
1091 #if NGX_OPENSSL_QUIC_ZRTT_CTX | |
1092 if (SSL_set_quic_early_data_context(ssl_conn, p, clen) == 0) { | |
1093 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
1094 "quic SSL_set_quic_early_data_context() failed"); | |
1095 return NGX_ERROR; | |
1096 } | |
1097 #endif | |
1089 | 1098 |
1090 qc->max_streams = qc->tp.initial_max_streams_bidi; | 1099 qc->max_streams = qc->tp.initial_max_streams_bidi; |
1091 qc->state = ssl_encryption_handshake; | 1100 qc->state = ssl_encryption_handshake; |
1092 | 1101 |
1093 return NGX_OK; | 1102 return NGX_OK; |