Mercurial > hg > nginx-quic
view src/os/unix/ngx_errno.h @ 8717:e06283038ec8 quic
QUIC: clear SSL_OP_ENABLE_MIDDLEBOX_COMPAT on SSL context switch.
The SSL_OP_ENABLE_MIDDLEBOX_COMPAT option is provided by QuicTLS and enabled
by default in the newly created SSL contexts. SSL_set_quic_method() is used
to clear it, which is required for SSL handshake to work on QUIC connections.
Switching context in the ngx_http_ssl_servername() SNI callback overrides SSL
options from the new SSL context. This results in the option set again.
Fix is to explicitly clear it when switching to another SSL context.
Initially reported here (in Russian):
http://mailman.nginx.org/pipermail/nginx-ru/2021-November/063989.html
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 07 Dec 2021 15:49:51 +0300 |
parents | a5897d360977 |
children |
line wrap: on
line source
/* * Copyright (C) Igor Sysoev * Copyright (C) Nginx, Inc. */ #ifndef _NGX_ERRNO_H_INCLUDED_ #define _NGX_ERRNO_H_INCLUDED_ #include <ngx_config.h> #include <ngx_core.h> typedef int ngx_err_t; #define NGX_EPERM EPERM #define NGX_ENOENT ENOENT #define NGX_ENOPATH ENOENT #define NGX_ESRCH ESRCH #define NGX_EINTR EINTR #define NGX_ECHILD ECHILD #define NGX_ENOMEM ENOMEM #define NGX_EACCES EACCES #define NGX_EBUSY EBUSY #define NGX_EEXIST EEXIST #define NGX_EEXIST_FILE EEXIST #define NGX_EXDEV EXDEV #define NGX_ENOTDIR ENOTDIR #define NGX_EISDIR EISDIR #define NGX_EINVAL EINVAL #define NGX_ENFILE ENFILE #define NGX_EMFILE EMFILE #define NGX_ENOSPC ENOSPC #define NGX_EPIPE EPIPE #define NGX_EINPROGRESS EINPROGRESS #define NGX_ENOPROTOOPT ENOPROTOOPT #define NGX_EOPNOTSUPP EOPNOTSUPP #define NGX_EADDRINUSE EADDRINUSE #define NGX_ECONNABORTED ECONNABORTED #define NGX_ECONNRESET ECONNRESET #define NGX_ENOTCONN ENOTCONN #define NGX_ETIMEDOUT ETIMEDOUT #define NGX_ECONNREFUSED ECONNREFUSED #define NGX_ENAMETOOLONG ENAMETOOLONG #define NGX_ENETDOWN ENETDOWN #define NGX_ENETUNREACH ENETUNREACH #define NGX_EHOSTDOWN EHOSTDOWN #define NGX_EHOSTUNREACH EHOSTUNREACH #define NGX_ENOSYS ENOSYS #define NGX_ECANCELED ECANCELED #define NGX_EILSEQ EILSEQ #define NGX_ENOMOREFILES 0 #define NGX_ELOOP ELOOP #define NGX_EBADF EBADF #if (NGX_HAVE_OPENAT) #define NGX_EMLINK EMLINK #endif #if (__hpux__) #define NGX_EAGAIN EWOULDBLOCK #else #define NGX_EAGAIN EAGAIN #endif #define ngx_errno errno #define ngx_socket_errno errno #define ngx_set_errno(err) errno = err #define ngx_set_socket_errno(err) errno = err u_char *ngx_strerror(ngx_err_t err, u_char *errstr, size_t size); ngx_int_t ngx_strerror_init(void); #endif /* _NGX_ERRNO_H_INCLUDED_ */