diff src/event/quic/ngx_event_quic_ssl.c @ 8827:fe919fd63b0b quic

QUIC: client certificate validation with OCSP.
author Sergey Kandaurov <pluknet@nginx.com>
date Wed, 04 Aug 2021 15:49:18 +0300
parents 4715f3e669f1
children 01bd1c0de1f4
line wrap: on
line diff
--- a/src/event/quic/ngx_event_quic_ssl.c
+++ b/src/event/quic/ngx_event_quic_ssl.c
@@ -361,6 +361,7 @@ static ngx_int_t
 ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data)
 {
     int                     n, sslerr;
+    ngx_int_t               rc;
     ngx_buf_t              *b;
     ngx_chain_t            *cl;
     ngx_ssl_conn_t         *ssl_conn;
@@ -462,6 +463,19 @@ ngx_quic_crypto_input(ngx_connection_t *
         return NGX_ERROR;
     }
 
+    rc = ngx_ssl_ocsp_validate(c);
+
+    if (rc == NGX_ERROR) {
+        return NGX_ERROR;
+    }
+
+    if (rc == NGX_AGAIN) {
+        c->ssl->handler = ngx_quic_init_streams;
+        return NGX_OK;
+    }
+
+    ngx_quic_init_streams(c);
+
     return NGX_OK;
 }