Mercurial > hg > nginx-quic
comparison src/event/ngx_event_quic.c @ 7917:90b02ff6b003 quic
Compatibility with BoringSSL master branch.
Recently BoringSSL introduced SSL_set_quic_early_data_context()
that serves as an additional constrain to enable 0-RTT in QUIC.
Relevant changes:
* https://boringssl.googlesource.com/boringssl/+/7c52299%5E!/
* https://boringssl.googlesource.com/boringssl/+/8519432%5E!/
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Mon, 01 Jun 2020 19:53:13 +0300 |
| parents | c206233d9c29 |
| children | c70446e3d771 |
comparison
equal
deleted
inserted
replaced
| 7916:c206233d9c29 | 7917:90b02ff6b003 |
|---|---|
| 1038 | 1038 |
| 1039 static ngx_int_t | 1039 static ngx_int_t |
| 1040 ngx_quic_init_connection(ngx_connection_t *c) | 1040 ngx_quic_init_connection(ngx_connection_t *c) |
| 1041 { | 1041 { |
| 1042 u_char *p; | 1042 u_char *p; |
| 1043 size_t clen; | |
| 1043 ssize_t len; | 1044 ssize_t len; |
| 1044 ngx_ssl_conn_t *ssl_conn; | 1045 ngx_ssl_conn_t *ssl_conn; |
| 1045 ngx_quic_connection_t *qc; | 1046 ngx_quic_connection_t *qc; |
| 1046 | 1047 |
| 1047 qc = c->quic; | 1048 qc = c->quic; |
| 1062 if (SSL_CTX_get_max_early_data(qc->ssl->ctx)) { | 1063 if (SSL_CTX_get_max_early_data(qc->ssl->ctx)) { |
| 1063 SSL_set_quic_early_data_enabled(ssl_conn, 1); | 1064 SSL_set_quic_early_data_enabled(ssl_conn, 1); |
| 1064 } | 1065 } |
| 1065 #endif | 1066 #endif |
| 1066 | 1067 |
| 1067 len = ngx_quic_create_transport_params(NULL, NULL, &qc->tp); | 1068 len = ngx_quic_create_transport_params(NULL, NULL, &qc->tp, &clen); |
| 1068 /* always succeeds */ | 1069 /* always succeeds */ |
| 1069 | 1070 |
| 1070 p = ngx_pnalloc(c->pool, len); | 1071 p = ngx_pnalloc(c->pool, len); |
| 1071 if (p == NULL) { | 1072 if (p == NULL) { |
| 1072 return NGX_ERROR; | 1073 return NGX_ERROR; |
| 1073 } | 1074 } |
| 1074 | 1075 |
| 1075 len = ngx_quic_create_transport_params(p, p + len, &qc->tp); | 1076 len = ngx_quic_create_transport_params(p, p + len, &qc->tp, NULL); |
| 1076 if (len < 0) { | 1077 if (len < 0) { |
| 1077 return NGX_ERROR; | 1078 return NGX_ERROR; |
| 1078 } | 1079 } |
| 1079 | 1080 |
| 1080 #ifdef NGX_QUIC_DEBUG_PACKETS | 1081 #ifdef NGX_QUIC_DEBUG_PACKETS |
| 1084 if (SSL_set_quic_transport_params(ssl_conn, p, len) == 0) { | 1085 if (SSL_set_quic_transport_params(ssl_conn, p, len) == 0) { |
| 1085 ngx_log_error(NGX_LOG_INFO, c->log, 0, | 1086 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
| 1086 "quic SSL_set_quic_transport_params() failed"); | 1087 "quic SSL_set_quic_transport_params() failed"); |
| 1087 return NGX_ERROR; | 1088 return NGX_ERROR; |
| 1088 } | 1089 } |
| 1090 | |
| 1091 #if NGX_OPENSSL_QUIC_ZRTT_CTX | |
| 1092 if (SSL_set_quic_early_data_context(ssl_conn, p, clen) == 0) { | |
| 1093 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
| 1094 "quic SSL_set_quic_early_data_context() failed"); | |
| 1095 return NGX_ERROR; | |
| 1096 } | |
| 1097 #endif | |
| 1089 | 1098 |
| 1090 qc->max_streams = qc->tp.initial_max_streams_bidi; | 1099 qc->max_streams = qc->tp.initial_max_streams_bidi; |
| 1091 qc->state = ssl_encryption_handshake; | 1100 qc->state = ssl_encryption_handshake; |
| 1092 | 1101 |
| 1093 return NGX_OK; | 1102 return NGX_OK; |