nginx-quic: src/event/ngx_event

comparison src/event/ngx_event_quic.h @ 7933:a2c34e77cfc1 quic

QUIC: added ALPN checks. quic-transport draft 29: section 7: * authenticated negotiation of an application protocol (TLS uses ALPN [RFC7301] for this purpose) ... Endpoints MUST explicitly negotiate an application protocol. This avoids situations where there is a disagreement about the protocol that is in use. section 8.1: When using ALPN, endpoints MUST immediately close a connection (see Section 10.3 of [QUIC-TRANSPORT]) with a no_application_protocol TLS alert (QUIC error code 0x178; see Section 4.10) if an application protocol is not negotiated. Changes in ngx_quic_close_quic() function are required to avoid attempts to generated and send packets without proper keys, what happens in case of failed ALPN check.

author	Vladimir Homutov <vl@nginx.com>
date	Thu, 18 Jun 2020 13:58:46 +0300
parents	9fe7875ce4bb
children	e0f92f68e018

comparison

equal deleted inserted replaced

-:4e75267865de
+:a2c34e77cfc1
 /* Supported drafts: 27, 28 */
 #ifndef NGX_QUIC_DRAFT_VERSION
 #define NGX_QUIC_DRAFT_VERSION               27
 #endif
 #define NGX_QUIC_VERSION  (0xff000000 + NGX_QUIC_DRAFT_VERSION)
+#define NGX_QUIC_ALPN(s)         NGX_QUIC_ALPN_DRAFT(s)
+#define NGX_QUIC_ALPN_DRAFT(s)   "h3-" #s
+#define NGX_QUIC_ALPN_STR        NGX_QUIC_ALPN(NGX_QUIC_DRAFT_VERSION)
+#define NGX_QUIC_ALPN_LEN        (sizeof(NGX_QUIC_ALPN_STR) - 1)
 #define NGX_QUIC_MAX_SHORT_HEADER            25 /* 1 flags + 20 dcid + 4 pn */
 #define NGX_QUIC_MAX_LONG_HEADER             56
 /* 1 flags + 4 version + 2 x (1 + 20) s/dcid + 4 pn + 4 len + token len */

Mercurial > hg > nginx-quic

comparison src/event/ngx_event_quic.h @ 7933:a2c34e77cfc1 quic