Mercurial > hg > nginx
comparison src/http/modules/ngx_http_ssl_module.c @ 9080:7da4791e0264 quic
QUIC: OpenSSL compatibility layer.
The change allows to compile QUIC with OpenSSL which lacks BoringSSL QUIC API.
This implementation does not support 0-RTT.
author | Roman Arutyunyan <arut@nginx.com> |
---|---|
date | Wed, 22 Feb 2023 19:16:53 +0400 |
parents | 3be953161026 |
children | c851a2ed5ce8 |
comparison
equal
deleted
inserted
replaced
9079:639fa6723700 | 9080:7da4791e0264 |
---|---|
6 | 6 |
7 | 7 |
8 #include <ngx_config.h> | 8 #include <ngx_config.h> |
9 #include <ngx_core.h> | 9 #include <ngx_core.h> |
10 #include <ngx_http.h> | 10 #include <ngx_http.h> |
11 | |
12 #if (NGX_QUIC_OPENSSL_COMPAT) | |
13 #include <ngx_event_quic_openssl_compat.h> | |
14 #endif | |
11 | 15 |
12 | 16 |
13 typedef ngx_int_t (*ngx_ssl_variable_handler_pt)(ngx_connection_t *c, | 17 typedef ngx_int_t (*ngx_ssl_variable_handler_pt)(ngx_connection_t *c, |
14 ngx_pool_t *pool, ngx_str_t *s); | 18 ngx_pool_t *pool, ngx_str_t *s); |
15 | 19 |
1315 | 1319 |
1316 if (!addr[a].opt.ssl && !addr[a].opt.http3) { | 1320 if (!addr[a].opt.ssl && !addr[a].opt.http3) { |
1317 continue; | 1321 continue; |
1318 } | 1322 } |
1319 | 1323 |
1324 cscf = addr[a].default_server; | |
1325 sscf = cscf->ctx->srv_conf[ngx_http_ssl_module.ctx_index]; | |
1326 | |
1320 if (addr[a].opt.http3) { | 1327 if (addr[a].opt.http3) { |
1321 name = "http3"; | 1328 name = "http3"; |
1322 | 1329 |
1330 #if (NGX_QUIC_OPENSSL_COMPAT) | |
1331 if (ngx_quic_compat_init(cf, sscf->ssl.ctx) != NGX_OK) { | |
1332 return NGX_ERROR; | |
1333 } | |
1334 #endif | |
1335 | |
1323 } else { | 1336 } else { |
1324 name = "ssl"; | 1337 name = "ssl"; |
1325 } | 1338 } |
1326 | |
1327 cscf = addr[a].default_server; | |
1328 sscf = cscf->ctx->srv_conf[ngx_http_ssl_module.ctx_index]; | |
1329 | 1339 |
1330 if (sscf->certificates) { | 1340 if (sscf->certificates) { |
1331 | 1341 |
1332 if (addr[a].opt.http3 && !(sscf->protocols & NGX_SSL_TLSv1_3)) { | 1342 if (addr[a].opt.http3 && !(sscf->protocols & NGX_SSL_TLSv1_3)) { |
1333 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, | 1343 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, |