Mercurial > hg > nginx-quic

comparison src/event/ngx_event_quic.c @ 7654:bf555b94e387 quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Using cached ssl_conn in ngx_quic_handshake_input(), NFC.
author Sergey Kandaurov <pluknet@nginx.com>
date Thu, 05 Mar 2020 12:51:49 +0300
parents de5917df2c30
children 80a07843c711
comparison
equal deleted inserted replaced
7653:de5917df2c30 7654:bf555b94e387
1189 1189
1190 static ngx_int_t 1190 static ngx_int_t
1191 ngx_quic_handshake_input(ngx_connection_t *c, ngx_buf_t *bb) 1191 ngx_quic_handshake_input(ngx_connection_t *c, ngx_buf_t *bb)
1192 { 1192 {
1193 int sslerr; 1193 int sslerr;
1194 u_char *p, *b;
1194 ssize_t n; 1195 ssize_t n;
1195 ngx_str_t out; 1196 ngx_str_t out;
1197 ngx_ssl_conn_t *ssl_conn;
1196 const EVP_CIPHER *cipher; 1198 const EVP_CIPHER *cipher;
1197 ngx_quic_connection_t *qc; 1199 ngx_quic_connection_t *qc;
1198 u_char *p, *b;
1199 1200
1200 qc = c->quic; 1201 qc = c->quic;
1202 ssl_conn = c->ssl->connection;
1201 1203
1202 n = bb->last - bb->pos; 1204 n = bb->last - bb->pos;
1203 p = bb->pos; 1205 p = bb->pos;
1204 b = bb->start; 1206 b = bb->start;
1205 1207
1300 nonce[11] ^= pn; 1302 nonce[11] ^= pn;
1301 1303
1302 ngx_quic_hexdump0(c->log, "nonce", nonce, 12); 1304 ngx_quic_hexdump0(c->log, "nonce", nonce, 12);
1303 ngx_quic_hexdump0(c->log, "ad", ad.data, ad.len); 1305 ngx_quic_hexdump0(c->log, "ad", ad.data, ad.len);
1304 1306
1305 u_char *name = (u_char *) SSL_get_cipher(c->ssl->connection); 1307 u_char *name = (u_char *) SSL_get_cipher(ssl_conn);
1306 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, 1308 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
1307 "quic ssl cipher: %s", name); 1309 "quic ssl cipher: %s", name);
1308 1310
1309 if (ngx_strcasecmp(name, (u_char *) "TLS_AES_128_GCM_SHA256") == 0 1311 if (ngx_strcasecmp(name, (u_char *) "TLS_AES_128_GCM_SHA256") == 0
1310 || ngx_strcasecmp(name, (u_char *) "(NONE)") == 0) 1312 || ngx_strcasecmp(name, (u_char *) "(NONE)") == 0)
1346 "quic Handshake packet CRYPTO length: %uL pp:%p:%p", 1348 "quic Handshake packet CRYPTO length: %uL pp:%p:%p",
1347 crypto_len, out.data, crypto); 1349 crypto_len, out.data, crypto);
1348 1350
1349 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, 1351 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
1350 "SSL_quic_read_level: %d, SSL_quic_write_level: %d", 1352 "SSL_quic_read_level: %d, SSL_quic_write_level: %d",
1351 (int) SSL_quic_read_level(c->ssl->connection), 1353 (int) SSL_quic_read_level(ssl_conn),
1352 (int) SSL_quic_write_level(c->ssl->connection)); 1354 (int) SSL_quic_write_level(ssl_conn));
1353 1355
1354 if (!SSL_provide_quic_data(c->ssl->connection, 1356 if (!SSL_provide_quic_data(ssl_conn, SSL_quic_read_level(ssl_conn),
1355 SSL_quic_read_level(c->ssl->connection),
1356 crypto, crypto_len)) 1357 crypto, crypto_len))
1357 { 1358 {
1358 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, 1359 ngx_ssl_error(NGX_LOG_INFO, c->log, 0,
1359 "SSL_provide_quic_data() failed"); 1360 "SSL_provide_quic_data() failed");
1360 return NGX_ERROR; 1361 return NGX_ERROR;
1361 } 1362 }
1362 1363
1363 n = SSL_do_handshake(c->ssl->connection); 1364 n = SSL_do_handshake(ssl_conn);
1364 1365
1365 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n); 1366 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n);
1366 1367
1367 if (n == -1) { 1368 if (n == -1) {
1368 sslerr = SSL_get_error(c->ssl->connection, n); 1369 sslerr = SSL_get_error(ssl_conn, n);
1369 1370
1370 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d", 1371 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_get_error: %d",
1371 sslerr); 1372 sslerr);
1372 1373
1373 if (sslerr == SSL_ERROR_SSL) { 1374 if (sslerr == SSL_ERROR_SSL) {
1375 } 1376 }
1376 } 1377 }
1377 1378
1378 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, 1379 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
1379 "SSL_quic_read_level: %d, SSL_quic_write_level: %d", 1380 "SSL_quic_read_level: %d, SSL_quic_write_level: %d",
1380 (int) SSL_quic_read_level(c->ssl->connection), 1381 (int) SSL_quic_read_level(ssl_conn),
1381 (int) SSL_quic_write_level(c->ssl->connection)); 1382 (int) SSL_quic_write_level(ssl_conn));
1382 1383
1383 // ACK Client Finished 1384 // ACK Client Finished
1384 1385
1385 ngx_quic_frame_t *frame; 1386 ngx_quic_frame_t *frame;
1386 1387