Mercurial > hg > nginx
comparison src/http/modules/ngx_http_ssl_module.c @ 8232:253cf267f95a quic
Moved setting QUIC methods to runtime.
This allows listening to both https and http3 in the same server.
Also, the change eliminates the ssl_quic directive.
| author | Roman Arutyunyan <arut@nginx.com> |
|---|---|
| date | Wed, 18 Mar 2020 16:37:16 +0300 |
| parents | 01dc595de244 |
| children | c9c3a73df6e8 |
comparison
equal
deleted
inserted
replaced
| 8231:78540e2160d0 | 8232:253cf267f95a |
|---|---|
| 245 { ngx_string("ssl_early_data"), | 245 { ngx_string("ssl_early_data"), |
| 246 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG, | 246 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG, |
| 247 ngx_conf_set_flag_slot, | 247 ngx_conf_set_flag_slot, |
| 248 NGX_HTTP_SRV_CONF_OFFSET, | 248 NGX_HTTP_SRV_CONF_OFFSET, |
| 249 offsetof(ngx_http_ssl_srv_conf_t, early_data), | 249 offsetof(ngx_http_ssl_srv_conf_t, early_data), |
| 250 NULL }, | |
| 251 | |
| 252 { ngx_string("ssl_quic"), | |
| 253 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG, | |
| 254 ngx_conf_set_flag_slot, | |
| 255 NGX_HTTP_SRV_CONF_OFFSET, | |
| 256 offsetof(ngx_http_ssl_srv_conf_t, quic), | |
| 257 NULL }, | 250 NULL }, |
| 258 | 251 |
| 259 ngx_null_command | 252 ngx_null_command |
| 260 }; | 253 }; |
| 261 | 254 |
| 573 */ | 566 */ |
| 574 | 567 |
| 575 sscf->enable = NGX_CONF_UNSET; | 568 sscf->enable = NGX_CONF_UNSET; |
| 576 sscf->prefer_server_ciphers = NGX_CONF_UNSET; | 569 sscf->prefer_server_ciphers = NGX_CONF_UNSET; |
| 577 sscf->early_data = NGX_CONF_UNSET; | 570 sscf->early_data = NGX_CONF_UNSET; |
| 578 sscf->quic = NGX_CONF_UNSET; | |
| 579 sscf->buffer_size = NGX_CONF_UNSET_SIZE; | 571 sscf->buffer_size = NGX_CONF_UNSET_SIZE; |
| 580 sscf->verify = NGX_CONF_UNSET_UINT; | 572 sscf->verify = NGX_CONF_UNSET_UINT; |
| 581 sscf->verify_depth = NGX_CONF_UNSET_UINT; | 573 sscf->verify_depth = NGX_CONF_UNSET_UINT; |
| 582 sscf->certificates = NGX_CONF_UNSET_PTR; | 574 sscf->certificates = NGX_CONF_UNSET_PTR; |
| 583 sscf->certificate_keys = NGX_CONF_UNSET_PTR; | 575 sscf->certificate_keys = NGX_CONF_UNSET_PTR; |
| 618 ngx_conf_merge_value(conf->prefer_server_ciphers, | 610 ngx_conf_merge_value(conf->prefer_server_ciphers, |
| 619 prev->prefer_server_ciphers, 0); | 611 prev->prefer_server_ciphers, 0); |
| 620 | 612 |
| 621 ngx_conf_merge_value(conf->early_data, prev->early_data, 0); | 613 ngx_conf_merge_value(conf->early_data, prev->early_data, 0); |
| 622 | 614 |
| 623 ngx_conf_merge_value(conf->quic, prev->quic, 0); | |
| 624 | |
| 625 ngx_conf_merge_bitmask_value(conf->protocols, prev->protocols, | 615 ngx_conf_merge_bitmask_value(conf->protocols, prev->protocols, |
| 626 (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1 | 616 (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1 |
| 627 |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2)); | 617 |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2)); |
| 628 | 618 |
| 629 ngx_conf_merge_size_value(conf->buffer_size, prev->buffer_size, | 619 ngx_conf_merge_size_value(conf->buffer_size, prev->buffer_size, |
| 862 } | 852 } |
| 863 | 853 |
| 864 } | 854 } |
| 865 | 855 |
| 866 if (ngx_ssl_early_data(cf, &conf->ssl, conf->early_data) != NGX_OK) { | 856 if (ngx_ssl_early_data(cf, &conf->ssl, conf->early_data) != NGX_OK) { |
| 867 return NGX_CONF_ERROR; | |
| 868 } | |
| 869 | |
| 870 if (ngx_ssl_quic(cf, &conf->ssl, conf->quic) != NGX_OK) { | |
| 871 return NGX_CONF_ERROR; | 857 return NGX_CONF_ERROR; |
| 872 } | 858 } |
| 873 | 859 |
| 874 return NGX_CONF_OK; | 860 return NGX_CONF_OK; |
| 875 } | 861 } |