Mercurial > hg > nginx-quic
annotate conf/scgi_params @ 7933:a2c34e77cfc1 quic
QUIC: added ALPN checks.
quic-transport draft 29:
section 7:
* authenticated negotiation of an application protocol (TLS uses
ALPN [RFC7301] for this purpose)
...
Endpoints MUST explicitly negotiate an application protocol. This
avoids situations where there is a disagreement about the protocol
that is in use.
section 8.1:
When using ALPN, endpoints MUST immediately close a connection (see
Section 10.3 of [QUIC-TRANSPORT]) with a no_application_protocol TLS
alert (QUIC error code 0x178; see Section 4.10) if an application
protocol is not negotiated.
Changes in ngx_quic_close_quic() function are required to avoid attempts
to generated and send packets without proper keys, what happens in case
of failed ALPN check.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Thu, 18 Jun 2020 13:58:46 +0300 |
parents | 62869a9b2e7d |
children |
rev | line source |
---|---|
3637 | 1 |
2 scgi_param REQUEST_METHOD $request_method; | |
3 scgi_param REQUEST_URI $request_uri; | |
4 scgi_param QUERY_STRING $query_string; | |
5 scgi_param CONTENT_TYPE $content_type; | |
6 | |
7 scgi_param DOCUMENT_URI $document_uri; | |
8 scgi_param DOCUMENT_ROOT $document_root; | |
9 scgi_param SCGI 1; | |
10 scgi_param SERVER_PROTOCOL $server_protocol; | |
6168
62869a9b2e7d
Added the REQUEST_SCHEME parameter.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4333
diff
changeset
|
11 scgi_param REQUEST_SCHEME $scheme; |
4333
352a7b025f2e
Added HTTPS param with Apache-like behaviour to fastcgi/scgi/uwsgi_params (fixes #38).
Valentin Bartenev <vbart@nginx.com>
parents:
3637
diff
changeset
|
12 scgi_param HTTPS $https if_not_empty; |
3637 | 13 |
14 scgi_param REMOTE_ADDR $remote_addr; | |
15 scgi_param REMOTE_PORT $remote_port; | |
16 scgi_param SERVER_PORT $server_port; | |
17 scgi_param SERVER_NAME $server_name; |