Mercurial > hg > nginx
view auto/lib/openssl/conf @ 8406:66feab03d9b7 quic
HTTP/3: restricted symbols in header names.
As per HTTP/3 draft 27, a request or response containing uppercase header
field names MUST be treated as malformed. Also, existing rules applied
when parsing HTTP/1 header names are also applied to HTTP/3 header names:
- null character is not allowed
- underscore character may or may not be treated as invalid depending on the
value of "underscores_in_headers"
- all non-alphanumeric characters with the exception of '-' are treated as
invalid
Also, the r->locase_header field is now filled while parsing an HTTP/3
header.
Error logging for invalid headers is fixed as well.
author | Roman Arutyunyan <arut@nginx.com> |
---|---|
date | Tue, 19 May 2020 15:34:00 +0300 |
parents | 8712f4583783 |
children | 90b02ff6b003 |
line wrap: on
line source
# Copyright (C) Igor Sysoev # Copyright (C) Nginx, Inc. if [ $OPENSSL != NONE ]; then case "$CC" in cl | bcc32) have=NGX_OPENSSL . auto/have have=NGX_SSL . auto/have CFLAGS="$CFLAGS -DNO_SYS_TYPES_H" CORE_INCS="$CORE_INCS $OPENSSL/openssl/include" CORE_DEPS="$CORE_DEPS $OPENSSL/openssl/include/openssl/ssl.h" if [ -f $OPENSSL/ms/do_ms.bat ]; then # before OpenSSL 1.1.0 CORE_LIBS="$CORE_LIBS $OPENSSL/openssl/lib/ssleay32.lib" CORE_LIBS="$CORE_LIBS $OPENSSL/openssl/lib/libeay32.lib" else # OpenSSL 1.1.0+ CORE_LIBS="$CORE_LIBS $OPENSSL/openssl/lib/libssl.lib" CORE_LIBS="$CORE_LIBS $OPENSSL/openssl/lib/libcrypto.lib" fi # libeay32.lib requires gdi32.lib CORE_LIBS="$CORE_LIBS gdi32.lib" # OpenSSL 1.0.0 requires crypt32.lib CORE_LIBS="$CORE_LIBS crypt32.lib" ;; *) have=NGX_OPENSSL . auto/have have=NGX_SSL . auto/have CORE_INCS="$CORE_INCS $OPENSSL/.openssl/include" CORE_DEPS="$CORE_DEPS $OPENSSL/.openssl/include/openssl/ssl.h" CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libssl.a" CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libcrypto.a" CORE_LIBS="$CORE_LIBS $NGX_LIBDL" CORE_LIBS="$CORE_LIBS $NGX_LIBPTHREAD" if [ "$NGX_PLATFORM" = win32 ]; then CORE_LIBS="$CORE_LIBS -lgdi32 -lcrypt32 -lws2_32" fi ;; esac else if [ "$NGX_PLATFORM" != win32 ]; then OPENSSL=NO ngx_feature="OpenSSL library" ngx_feature_name="NGX_OPENSSL" ngx_feature_run=no ngx_feature_incs="#include <openssl/ssl.h>" ngx_feature_path= ngx_feature_libs="-lssl -lcrypto $NGX_LIBDL $NGX_LIBPTHREAD" ngx_feature_test="SSL_CTX_set_options(NULL, 0)" . auto/feature if [ $ngx_found = no ]; then # FreeBSD port ngx_feature="OpenSSL library in /usr/local/" ngx_feature_path="/usr/local/include" if [ $NGX_RPATH = YES ]; then ngx_feature_libs="-R/usr/local/lib -L/usr/local/lib -lssl -lcrypto" else ngx_feature_libs="-L/usr/local/lib -lssl -lcrypto" fi ngx_feature_libs="$ngx_feature_libs $NGX_LIBDL $NGX_LIBPTHREAD" . auto/feature fi if [ $ngx_found = no ]; then # NetBSD port ngx_feature="OpenSSL library in /usr/pkg/" ngx_feature_path="/usr/pkg/include" if [ $NGX_RPATH = YES ]; then ngx_feature_libs="-R/usr/pkg/lib -L/usr/pkg/lib -lssl -lcrypto" else ngx_feature_libs="-L/usr/pkg/lib -lssl -lcrypto" fi ngx_feature_libs="$ngx_feature_libs $NGX_LIBDL $NGX_LIBPTHREAD" . auto/feature fi if [ $ngx_found = no ]; then # MacPorts ngx_feature="OpenSSL library in /opt/local/" ngx_feature_path="/opt/local/include" if [ $NGX_RPATH = YES ]; then ngx_feature_libs="-R/opt/local/lib -L/opt/local/lib -lssl -lcrypto" else ngx_feature_libs="-L/opt/local/lib -lssl -lcrypto" fi ngx_feature_libs="$ngx_feature_libs $NGX_LIBDL $NGX_LIBPTHREAD" . auto/feature fi if [ $ngx_found = yes ]; then have=NGX_SSL . auto/have CORE_INCS="$CORE_INCS $ngx_feature_path" CORE_LIBS="$CORE_LIBS $ngx_feature_libs" OPENSSL=YES fi fi if [ $OPENSSL != YES ]; then cat << END $0: error: SSL modules require the OpenSSL library. You can either do not enable the modules, or install the OpenSSL library into the system, or build the OpenSSL library statically from the source with nginx by using --with-openssl=<path> option. END exit 1 fi fi if [ $USE_OPENSSL_QUIC = YES ]; then ngx_feature="OpenSSL QUIC support" ngx_feature_name="NGX_OPENSSL_QUIC" ngx_feature_run=no ngx_feature_incs="#include <openssl/ssl.h>" ngx_feature_path= ngx_feature_libs="-lssl -lcrypto $NGX_LIBDL $NGX_LIBPTHREAD" ngx_feature_test="SSL_CTX_set_quic_method(NULL, NULL)" . auto/feature if [ $ngx_found = no ]; then cat << END $0: error: certain modules require OpenSSL QUIC support. You can either do not enable the modules, or install the OpenSSL library into the system, or build the OpenSSL library statically from the source with nginx by using --with-openssl=<path> option. END exit 1 fi fi