Mercurial > hg > nginx

comparison src/event/quic/ngx_event_quic_ssl.c @ 9040:8c0bccdf2743 quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
QUIC: avoid using C99 designated initializers. They are not supported by MSVC till 2012. SSL_QUIC_METHOD initialization is moved to run-time to preserve portability among SSL library implementations, which allows to reduce its visibility. Note using of a static storage to keep SSL_set_quic_method() reference valid.
author Sergey Kandaurov <pluknet@nginx.com>
date Tue, 22 Nov 2022 18:05:35 +0400
parents 9076a74f1221
children bf2267887014
comparison
equal deleted inserted replaced
9039:a6cc246654f8 9040:8c0bccdf2743
35 enum ssl_encryption_level_t level, const uint8_t *data, size_t len); 35 enum ssl_encryption_level_t level, const uint8_t *data, size_t len);
36 static int ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn); 36 static int ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn);
37 static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, 37 static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn,
38 enum ssl_encryption_level_t level, uint8_t alert); 38 enum ssl_encryption_level_t level, uint8_t alert);
39 static ngx_int_t ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data); 39 static ngx_int_t ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data);
40
41
42 static SSL_QUIC_METHOD quic_method = {
43 #if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER
44 .set_read_secret = ngx_quic_set_read_secret,
45 .set_write_secret = ngx_quic_set_write_secret,
46 #else
47 .set_encryption_secrets = ngx_quic_set_encryption_secrets,
48 #endif
49 .add_handshake_data = ngx_quic_add_handshake_data,
50 .flush_flight = ngx_quic_flush_flight,
51 .send_alert = ngx_quic_send_alert,
52 };
53 40
54 41
55 #if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER 42 #if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER
56 43
57 static int 44 static int
531 518
532 519
533 ngx_int_t 520 ngx_int_t
534 ngx_quic_init_connection(ngx_connection_t *c) 521 ngx_quic_init_connection(ngx_connection_t *c)
535 { 522 {
536 u_char *p; 523 u_char *p;
537 size_t clen; 524 size_t clen;
538 ssize_t len; 525 ssize_t len;
539 ngx_str_t dcid; 526 ngx_str_t dcid;
540 ngx_ssl_conn_t *ssl_conn; 527 ngx_ssl_conn_t *ssl_conn;
541 ngx_quic_socket_t *qsock; 528 ngx_quic_socket_t *qsock;
542 ngx_quic_connection_t *qc; 529 ngx_quic_connection_t *qc;
530 static SSL_QUIC_METHOD quic_method;
543 531
544 qc = ngx_quic_get_connection(c); 532 qc = ngx_quic_get_connection(c);
545 533
546 if (ngx_ssl_create_connection(qc->conf->ssl, c, 0) != NGX_OK) { 534 if (ngx_ssl_create_connection(qc->conf->ssl, c, 0) != NGX_OK) {
547 return NGX_ERROR; 535 return NGX_ERROR;
548 } 536 }
549 537
550 c->ssl->no_wait_shutdown = 1; 538 c->ssl->no_wait_shutdown = 1;
551 539
552 ssl_conn = c->ssl->connection; 540 ssl_conn = c->ssl->connection;
541
542 if (!quic_method.send_alert) {
543 #if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER
544 quic_method.set_read_secret = ngx_quic_set_read_secret;
545 quic_method.set_write_secret = ngx_quic_set_write_secret;
546 #else
547 quic_method.set_encryption_secrets = ngx_quic_set_encryption_secrets;
548 #endif
549 quic_method.add_handshake_data = ngx_quic_add_handshake_data;
550 quic_method.flush_flight = ngx_quic_flush_flight;
551 quic_method.send_alert = ngx_quic_send_alert;
552 }
553 553
554 if (SSL_set_quic_method(ssl_conn, &quic_method) == 0) { 554 if (SSL_set_quic_method(ssl_conn, &quic_method) == 0) {
555 ngx_log_error(NGX_LOG_INFO, c->log, 0, 555 ngx_log_error(NGX_LOG_INFO, c->log, 0,
556 "quic SSL_set_quic_method() failed"); 556 "quic SSL_set_quic_method() failed");
557 return NGX_ERROR; 557 return NGX_ERROR;