Mercurial > hg > nginx-quic
changeset 8967:8c0bccdf2743 quic
QUIC: avoid using C99 designated initializers.
They are not supported by MSVC till 2012.
SSL_QUIC_METHOD initialization is moved to run-time to preserve portability
among SSL library implementations, which allows to reduce its visibility.
Note using of a static storage to keep SSL_set_quic_method() reference valid.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 22 Nov 2022 18:05:35 +0400 |
parents | a6cc246654f8 |
children | e23fd55e1cc6 |
files | src/event/quic/ngx_event_quic_protection.c src/event/quic/ngx_event_quic_ssl.c |
diffstat | 2 files changed, 23 insertions(+), 24 deletions(-) [+] |
line wrap: on
line diff
--- a/src/event/quic/ngx_event_quic_protection.c +++ b/src/event/quic/ngx_event_quic_protection.c @@ -147,6 +147,7 @@ ngx_quic_keys_set_initial_secret(ngx_qui { size_t is_len; uint8_t is[SHA256_DIGEST_LENGTH]; + ngx_str_t iss; ngx_uint_t i; const EVP_MD *digest; ngx_quic_hkdf_t seq[8]; @@ -176,10 +177,8 @@ ngx_quic_keys_set_initial_secret(ngx_qui return NGX_ERROR; } - ngx_str_t iss = { - .data = is, - .len = is_len - }; + iss.len = is_len; + iss.data = is; ngx_log_debug0(NGX_LOG_DEBUG_EVENT, log, 0, "quic ngx_quic_set_initial_secret");
--- a/src/event/quic/ngx_event_quic_ssl.c +++ b/src/event/quic/ngx_event_quic_ssl.c @@ -39,19 +39,6 @@ static int ngx_quic_send_alert(ngx_ssl_c static ngx_int_t ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data); -static SSL_QUIC_METHOD quic_method = { -#if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER - .set_read_secret = ngx_quic_set_read_secret, - .set_write_secret = ngx_quic_set_write_secret, -#else - .set_encryption_secrets = ngx_quic_set_encryption_secrets, -#endif - .add_handshake_data = ngx_quic_add_handshake_data, - .flush_flight = ngx_quic_flush_flight, - .send_alert = ngx_quic_send_alert, -}; - - #if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER static int @@ -533,13 +520,14 @@ ngx_quic_crypto_input(ngx_connection_t * ngx_int_t ngx_quic_init_connection(ngx_connection_t *c) { - u_char *p; - size_t clen; - ssize_t len; - ngx_str_t dcid; - ngx_ssl_conn_t *ssl_conn; - ngx_quic_socket_t *qsock; - ngx_quic_connection_t *qc; + u_char *p; + size_t clen; + ssize_t len; + ngx_str_t dcid; + ngx_ssl_conn_t *ssl_conn; + ngx_quic_socket_t *qsock; + ngx_quic_connection_t *qc; + static SSL_QUIC_METHOD quic_method; qc = ngx_quic_get_connection(c); @@ -551,6 +539,18 @@ ngx_quic_init_connection(ngx_connection_ ssl_conn = c->ssl->connection; + if (!quic_method.send_alert) { +#if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER + quic_method.set_read_secret = ngx_quic_set_read_secret; + quic_method.set_write_secret = ngx_quic_set_write_secret; +#else + quic_method.set_encryption_secrets = ngx_quic_set_encryption_secrets; +#endif + quic_method.add_handshake_data = ngx_quic_add_handshake_data; + quic_method.flush_flight = ngx_quic_flush_flight; + quic_method.send_alert = ngx_quic_send_alert; + } + if (SSL_set_quic_method(ssl_conn, &quic_method) == 0) { ngx_log_error(NGX_LOG_INFO, c->log, 0, "quic SSL_set_quic_method() failed");