Mercurial > hg > nginx
comparison src/event/quic/ngx_event_quic_ssl.c @ 9040:8c0bccdf2743 quic
QUIC: avoid using C99 designated initializers.
They are not supported by MSVC till 2012.
SSL_QUIC_METHOD initialization is moved to run-time to preserve portability
among SSL library implementations, which allows to reduce its visibility.
Note using of a static storage to keep SSL_set_quic_method() reference valid.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 22 Nov 2022 18:05:35 +0400 |
parents | 9076a74f1221 |
children | bf2267887014 |
comparison
equal
deleted
inserted
replaced
9039:a6cc246654f8 | 9040:8c0bccdf2743 |
---|---|
35 enum ssl_encryption_level_t level, const uint8_t *data, size_t len); | 35 enum ssl_encryption_level_t level, const uint8_t *data, size_t len); |
36 static int ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn); | 36 static int ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn); |
37 static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, | 37 static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, |
38 enum ssl_encryption_level_t level, uint8_t alert); | 38 enum ssl_encryption_level_t level, uint8_t alert); |
39 static ngx_int_t ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data); | 39 static ngx_int_t ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data); |
40 | |
41 | |
42 static SSL_QUIC_METHOD quic_method = { | |
43 #if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER | |
44 .set_read_secret = ngx_quic_set_read_secret, | |
45 .set_write_secret = ngx_quic_set_write_secret, | |
46 #else | |
47 .set_encryption_secrets = ngx_quic_set_encryption_secrets, | |
48 #endif | |
49 .add_handshake_data = ngx_quic_add_handshake_data, | |
50 .flush_flight = ngx_quic_flush_flight, | |
51 .send_alert = ngx_quic_send_alert, | |
52 }; | |
53 | 40 |
54 | 41 |
55 #if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER | 42 #if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER |
56 | 43 |
57 static int | 44 static int |
531 | 518 |
532 | 519 |
533 ngx_int_t | 520 ngx_int_t |
534 ngx_quic_init_connection(ngx_connection_t *c) | 521 ngx_quic_init_connection(ngx_connection_t *c) |
535 { | 522 { |
536 u_char *p; | 523 u_char *p; |
537 size_t clen; | 524 size_t clen; |
538 ssize_t len; | 525 ssize_t len; |
539 ngx_str_t dcid; | 526 ngx_str_t dcid; |
540 ngx_ssl_conn_t *ssl_conn; | 527 ngx_ssl_conn_t *ssl_conn; |
541 ngx_quic_socket_t *qsock; | 528 ngx_quic_socket_t *qsock; |
542 ngx_quic_connection_t *qc; | 529 ngx_quic_connection_t *qc; |
530 static SSL_QUIC_METHOD quic_method; | |
543 | 531 |
544 qc = ngx_quic_get_connection(c); | 532 qc = ngx_quic_get_connection(c); |
545 | 533 |
546 if (ngx_ssl_create_connection(qc->conf->ssl, c, 0) != NGX_OK) { | 534 if (ngx_ssl_create_connection(qc->conf->ssl, c, 0) != NGX_OK) { |
547 return NGX_ERROR; | 535 return NGX_ERROR; |
548 } | 536 } |
549 | 537 |
550 c->ssl->no_wait_shutdown = 1; | 538 c->ssl->no_wait_shutdown = 1; |
551 | 539 |
552 ssl_conn = c->ssl->connection; | 540 ssl_conn = c->ssl->connection; |
541 | |
542 if (!quic_method.send_alert) { | |
543 #if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER | |
544 quic_method.set_read_secret = ngx_quic_set_read_secret; | |
545 quic_method.set_write_secret = ngx_quic_set_write_secret; | |
546 #else | |
547 quic_method.set_encryption_secrets = ngx_quic_set_encryption_secrets; | |
548 #endif | |
549 quic_method.add_handshake_data = ngx_quic_add_handshake_data; | |
550 quic_method.flush_flight = ngx_quic_flush_flight; | |
551 quic_method.send_alert = ngx_quic_send_alert; | |
552 } | |
553 | 553 |
554 if (SSL_set_quic_method(ssl_conn, &quic_method) == 0) { | 554 if (SSL_set_quic_method(ssl_conn, &quic_method) == 0) { |
555 ngx_log_error(NGX_LOG_INFO, c->log, 0, | 555 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
556 "quic SSL_set_quic_method() failed"); | 556 "quic SSL_set_quic_method() failed"); |
557 return NGX_ERROR; | 557 return NGX_ERROR; |