Mercurial > hg > nginx-quic

view auto/lib/openssl/conf @ 7810:167d32476737 quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Crypto buffer frames reordering. If offset in CRYPTO frame doesn't match expected, following actions are taken: a) Duplicate frames or frames within [0...current offset] are ignored b) New data from intersecting ranges (starts before current_offset, ends after) is consumed c) "Future" frames are stored in a sorted queue (min offset .. max offset) Once a frame is consumed, current offset is updated and the queue is inspected: we iterate the queue until the gap is found and act as described above for each frame. The amount of data in buffered frames is limited by corresponding macro. The CRYPTO and STREAM frame structures are now compatible: they share the same set of initial fields. This allows to have code that deals with both of this frames. The ordering layer now processes the frame with offset and invokes the handler when it can organise an ordered stream of data.
author Vladimir Homutov <vl@nginx.com>
date Tue, 14 Apr 2020 12:16:25 +0300
parents 7999d3fbb765
children 0e6528551f26
line wrap: on
line source


# Copyright (C) Igor Sysoev
# Copyright (C) Nginx, Inc.


if [ $OPENSSL != NONE ]; then

    case "$CC" in

        cl | bcc32)
            have=NGX_OPENSSL . auto/have
            have=NGX_SSL . auto/have

            CFLAGS="$CFLAGS -DNO_SYS_TYPES_H"

            CORE_INCS="$CORE_INCS $OPENSSL/openssl/include"
            CORE_DEPS="$CORE_DEPS $OPENSSL/openssl/include/openssl/ssl.h"

            if [ -f $OPENSSL/ms/do_ms.bat ]; then
                # before OpenSSL 1.1.0
                CORE_LIBS="$CORE_LIBS $OPENSSL/openssl/lib/ssleay32.lib"
                CORE_LIBS="$CORE_LIBS $OPENSSL/openssl/lib/libeay32.lib"
            else
                # OpenSSL 1.1.0+
                CORE_LIBS="$CORE_LIBS $OPENSSL/openssl/lib/libssl.lib"
                CORE_LIBS="$CORE_LIBS $OPENSSL/openssl/lib/libcrypto.lib"
            fi

            # libeay32.lib requires gdi32.lib
            CORE_LIBS="$CORE_LIBS gdi32.lib"
            # OpenSSL 1.0.0 requires crypt32.lib
            CORE_LIBS="$CORE_LIBS crypt32.lib"
        ;;

        *)
            have=NGX_OPENSSL . auto/have
            have=NGX_SSL . auto/have

            CORE_INCS="$CORE_INCS $OPENSSL/.openssl/include"
            CORE_DEPS="$CORE_DEPS $OPENSSL/.openssl/include/openssl/ssl.h"
            CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libssl.a"
            CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libcrypto.a"
            CORE_LIBS="$CORE_LIBS $NGX_LIBDL"
            CORE_LIBS="$CORE_LIBS $NGX_LIBPTHREAD"

            if [ "$NGX_PLATFORM" = win32 ]; then
                CORE_LIBS="$CORE_LIBS -lgdi32 -lcrypt32 -lws2_32"
            fi
        ;;
    esac

else

    if [ "$NGX_PLATFORM" != win32 ]; then

        OPENSSL=NO

        ngx_feature="OpenSSL library"
        ngx_feature_name="NGX_OPENSSL"
        ngx_feature_run=no
        ngx_feature_incs="#include <openssl/ssl.h>"
        ngx_feature_path=
        ngx_feature_libs="-lssl -lcrypto $NGX_LIBDL $NGX_LIBPTHREAD"
        ngx_feature_test="SSL_CTX_set_options(NULL, 0)"
        . auto/feature

        if [ $ngx_found = no ]; then

            # FreeBSD port

            ngx_feature="OpenSSL library in /usr/local/"
            ngx_feature_path="/usr/local/include"

            if [ $NGX_RPATH = YES ]; then
                ngx_feature_libs="-R/usr/local/lib -L/usr/local/lib -lssl -lcrypto"
            else
                ngx_feature_libs="-L/usr/local/lib -lssl -lcrypto"
            fi

            ngx_feature_libs="$ngx_feature_libs $NGX_LIBDL $NGX_LIBPTHREAD"

            . auto/feature
        fi

        if [ $ngx_found = no ]; then

            # NetBSD port

            ngx_feature="OpenSSL library in /usr/pkg/"
            ngx_feature_path="/usr/pkg/include"

            if [ $NGX_RPATH = YES ]; then
                ngx_feature_libs="-R/usr/pkg/lib -L/usr/pkg/lib -lssl -lcrypto"
            else
                ngx_feature_libs="-L/usr/pkg/lib -lssl -lcrypto"
            fi

            ngx_feature_libs="$ngx_feature_libs $NGX_LIBDL $NGX_LIBPTHREAD"

            . auto/feature
        fi

        if [ $ngx_found = no ]; then

            # MacPorts

            ngx_feature="OpenSSL library in /opt/local/"
            ngx_feature_path="/opt/local/include"

            if [ $NGX_RPATH = YES ]; then
                ngx_feature_libs="-R/opt/local/lib -L/opt/local/lib -lssl -lcrypto"
            else
                ngx_feature_libs="-L/opt/local/lib -lssl -lcrypto"
            fi

            ngx_feature_libs="$ngx_feature_libs $NGX_LIBDL $NGX_LIBPTHREAD"

            . auto/feature
        fi

        if [ $ngx_found = yes ]; then
            have=NGX_SSL . auto/have
            CORE_INCS="$CORE_INCS $ngx_feature_path"
            CORE_LIBS="$CORE_LIBS $ngx_feature_libs"
            OPENSSL=YES
        fi
    fi

    if [ $OPENSSL != YES ]; then

cat << END

$0: error: SSL modules require the OpenSSL library.
You can either do not enable the modules, or install the OpenSSL library
into the system, or build the OpenSSL library statically from the source
with nginx by using --with-openssl=<path> option.

END
        exit 1
    fi

fi

ngx_feature="OpenSSL QUIC support"
ngx_feature_name="NGX_OPENSSL_QUIC"
ngx_feature_run=no
ngx_feature_incs="#include <openssl/ssl.h>"
ngx_feature_path=
ngx_feature_libs="-lssl -lcrypto $NGX_LIBDL"
ngx_feature_test="SSL_CTX_set_quic_method(NULL, NULL)"
. auto/feature