Mercurial > hg > nginx-quic
view src/mail/ngx_mail_pop3_module.h @ 8717:e06283038ec8 quic
QUIC: clear SSL_OP_ENABLE_MIDDLEBOX_COMPAT on SSL context switch.
The SSL_OP_ENABLE_MIDDLEBOX_COMPAT option is provided by QuicTLS and enabled
by default in the newly created SSL contexts. SSL_set_quic_method() is used
to clear it, which is required for SSL handshake to work on QUIC connections.
Switching context in the ngx_http_ssl_servername() SNI callback overrides SSL
options from the new SSL context. This results in the option set again.
Fix is to explicitly clear it when switching to another SSL context.
Initially reported here (in Russian):
http://mailman.nginx.org/pipermail/nginx-ru/2021-November/063989.html
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 07 Dec 2021 15:49:51 +0300 |
parents | d620f497c50f |
children |
line wrap: on
line source
/* * Copyright (C) Igor Sysoev * Copyright (C) Nginx, Inc. */ #ifndef _NGX_MAIL_POP3_MODULE_H_INCLUDED_ #define _NGX_MAIL_POP3_MODULE_H_INCLUDED_ #include <ngx_config.h> #include <ngx_core.h> #include <ngx_mail.h> typedef struct { ngx_str_t capability; ngx_str_t starttls_capability; ngx_str_t starttls_only_capability; ngx_str_t auth_capability; ngx_uint_t auth_methods; ngx_array_t capabilities; } ngx_mail_pop3_srv_conf_t; void ngx_mail_pop3_init_session(ngx_mail_session_t *s, ngx_connection_t *c); void ngx_mail_pop3_init_protocol(ngx_event_t *rev); void ngx_mail_pop3_auth_state(ngx_event_t *rev); ngx_int_t ngx_mail_pop3_parse_command(ngx_mail_session_t *s); extern ngx_module_t ngx_mail_pop3_module; #endif /* _NGX_MAIL_POP3_MODULE_H_INCLUDED_ */