Mercurial > hg > nginx-quic
comparison src/http/modules/ngx_http_ssl_module.c @ 8711:be08b858086a quic
HTTP/3: http3_hq directive and NGX_HTTP_V3_HQ macro.
Listen quic parameter is no longer supported.
author | Roman Arutyunyan <arut@nginx.com> |
---|---|
date | Sat, 04 Dec 2021 10:52:55 +0300 |
parents | 33226ac61076 |
children | 5c86189a1c1b |
comparison
equal
deleted
inserted
replaced
8710:33226ac61076 | 8711:be08b858086a |
---|---|
415 ngx_http_ssl_alpn_select(ngx_ssl_conn_t *ssl_conn, const unsigned char **out, | 415 ngx_http_ssl_alpn_select(ngx_ssl_conn_t *ssl_conn, const unsigned char **out, |
416 unsigned char *outlen, const unsigned char *in, unsigned int inlen, | 416 unsigned char *outlen, const unsigned char *in, unsigned int inlen, |
417 void *arg) | 417 void *arg) |
418 { | 418 { |
419 #if (NGX_HTTP_V3) | 419 #if (NGX_HTTP_V3) |
420 const char *fmt; | 420 const char *fmt; |
421 #endif | 421 #endif |
422 unsigned int srvlen; | 422 unsigned int srvlen; |
423 unsigned char *srv; | 423 unsigned char *srv; |
424 #if (NGX_DEBUG) | 424 #if (NGX_DEBUG) |
425 unsigned int i; | 425 unsigned int i; |
426 #endif | 426 #endif |
427 #if (NGX_HTTP_V2 || NGX_HTTP_V3) | 427 #if (NGX_HTTP_V2 || NGX_HTTP_V3) |
428 ngx_http_connection_t *hc; | 428 ngx_http_connection_t *hc; |
429 #endif | |
430 #if (NGX_HTTP_V3 && NGX_HTTP_V3_HQ) | |
431 ngx_http_v3_srv_conf_t *h3scf; | |
429 #endif | 432 #endif |
430 #if (NGX_HTTP_V2 || NGX_HTTP_V3 || NGX_DEBUG) | 433 #if (NGX_HTTP_V2 || NGX_HTTP_V3 || NGX_DEBUG) |
431 ngx_connection_t *c; | 434 ngx_connection_t *c; |
432 | 435 |
433 c = ngx_ssl_get_connection(ssl_conn); | 436 c = ngx_ssl_get_connection(ssl_conn); |
434 #endif | 437 #endif |
435 | 438 |
436 #if (NGX_DEBUG) | 439 #if (NGX_DEBUG) |
450 srv = (unsigned char *) NGX_HTTP_V2_ALPN_PROTO NGX_HTTP_ALPN_PROTOS; | 453 srv = (unsigned char *) NGX_HTTP_V2_ALPN_PROTO NGX_HTTP_ALPN_PROTOS; |
451 srvlen = sizeof(NGX_HTTP_V2_ALPN_PROTO NGX_HTTP_ALPN_PROTOS) - 1; | 454 srvlen = sizeof(NGX_HTTP_V2_ALPN_PROTO NGX_HTTP_ALPN_PROTOS) - 1; |
452 } else | 455 } else |
453 #endif | 456 #endif |
454 #if (NGX_HTTP_V3) | 457 #if (NGX_HTTP_V3) |
455 if (hc->addr_conf->quic) { | 458 if (hc->addr_conf->http3) { |
456 if (hc->addr_conf->http3) { | 459 |
460 #if (NGX_HTTP_V3_HQ) | |
461 h3scf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_v3_module); | |
462 | |
463 if (h3scf->hq) { | |
464 srv = (unsigned char *) NGX_HTTP_V3_HQ_ALPN_PROTO; | |
465 srvlen = sizeof(NGX_HTTP_V3_HQ_ALPN_PROTO) - 1; | |
466 fmt = NGX_HTTP_V3_HQ_ALPN_DRAFT_FMT; | |
467 } else | |
468 #endif | |
469 { | |
457 srv = (unsigned char *) NGX_HTTP_V3_ALPN_PROTO; | 470 srv = (unsigned char *) NGX_HTTP_V3_ALPN_PROTO; |
458 srvlen = sizeof(NGX_HTTP_V3_ALPN_PROTO) - 1; | 471 srvlen = sizeof(NGX_HTTP_V3_ALPN_PROTO) - 1; |
459 fmt = NGX_HTTP_V3_ALPN_DRAFT_FMT; | 472 fmt = NGX_HTTP_V3_ALPN_DRAFT_FMT; |
460 | |
461 } else { | |
462 srv = (unsigned char *) NGX_HTTP_QUIC_ALPN_PROTO; | |
463 srvlen = sizeof(NGX_HTTP_QUIC_ALPN_PROTO) - 1; | |
464 fmt = NGX_HTTP_QUIC_ALPN_DRAFT_FMT; | |
465 } | 473 } |
466 | 474 |
467 /* QUIC draft */ | 475 /* QUIC draft */ |
468 | 476 |
469 if (ngx_quic_version(c) > 1) { | 477 if (ngx_quic_version(c) > 1) { |
1315 for (p = 0; p < cmcf->ports->nelts; p++) { | 1323 for (p = 0; p < cmcf->ports->nelts; p++) { |
1316 | 1324 |
1317 addr = port[p].addrs.elts; | 1325 addr = port[p].addrs.elts; |
1318 for (a = 0; a < port[p].addrs.nelts; a++) { | 1326 for (a = 0; a < port[p].addrs.nelts; a++) { |
1319 | 1327 |
1320 if (!addr[a].opt.ssl && !addr[a].opt.quic) { | 1328 if (!addr[a].opt.ssl && !addr[a].opt.http3) { |
1321 continue; | 1329 continue; |
1322 } | 1330 } |
1323 | 1331 |
1324 if (addr[a].opt.http3) { | 1332 if (addr[a].opt.http3) { |
1325 name = "http3"; | 1333 name = "http3"; |
1326 | 1334 |
1327 } else if (addr[a].opt.quic) { | |
1328 name = "quic"; | |
1329 | |
1330 } else { | 1335 } else { |
1331 name = "ssl"; | 1336 name = "ssl"; |
1332 } | 1337 } |
1333 | 1338 |
1334 cscf = addr[a].default_server; | 1339 cscf = addr[a].default_server; |
1335 sscf = cscf->ctx->srv_conf[ngx_http_ssl_module.ctx_index]; | 1340 sscf = cscf->ctx->srv_conf[ngx_http_ssl_module.ctx_index]; |
1336 | 1341 |
1337 if (sscf->certificates) { | 1342 if (sscf->certificates) { |
1338 | 1343 |
1339 if (addr[a].opt.quic && !(sscf->protocols & NGX_SSL_TLSv1_3)) { | 1344 if (addr[a].opt.http3 && !(sscf->protocols & NGX_SSL_TLSv1_3)) { |
1340 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, | 1345 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, |
1341 "\"ssl_protocols\" must enable TLSv1.3 for " | 1346 "\"ssl_protocols\" must enable TLSv1.3 for " |
1342 "the \"listen ... %s\" directive in %s:%ui", | 1347 "the \"listen ... %s\" directive in %s:%ui", |
1343 name, cscf->file_name, cscf->line); | 1348 name, cscf->file_name, cscf->line); |
1344 return NGX_ERROR; | 1349 return NGX_ERROR; |