Mercurial > hg > nginx
comparison src/stream/ngx_stream_ssl_module.c @ 9080:7da4791e0264 quic
QUIC: OpenSSL compatibility layer.
The change allows to compile QUIC with OpenSSL which lacks BoringSSL QUIC API.
This implementation does not support 0-RTT.
author | Roman Arutyunyan <arut@nginx.com> |
---|---|
date | Wed, 22 Feb 2023 19:16:53 +0400 |
parents | 3be953161026 |
children | 0af598651e33 |
comparison
equal
deleted
inserted
replaced
9079:639fa6723700 | 9080:7da4791e0264 |
---|---|
6 | 6 |
7 | 7 |
8 #include <ngx_config.h> | 8 #include <ngx_config.h> |
9 #include <ngx_core.h> | 9 #include <ngx_core.h> |
10 #include <ngx_stream.h> | 10 #include <ngx_stream.h> |
11 | |
12 #if (NGX_QUIC_OPENSSL_COMPAT) | |
13 #include <ngx_event_quic_openssl_compat.h> | |
14 #endif | |
11 | 15 |
12 | 16 |
13 typedef ngx_int_t (*ngx_ssl_variable_handler_pt)(ngx_connection_t *c, | 17 typedef ngx_int_t (*ngx_ssl_variable_handler_pt)(ngx_connection_t *c, |
14 ngx_pool_t *pool, ngx_str_t *s); | 18 ngx_pool_t *pool, ngx_str_t *s); |
15 | 19 |
1216 continue; | 1220 continue; |
1217 } | 1221 } |
1218 | 1222 |
1219 scf = listen[i].ctx->srv_conf[ngx_stream_ssl_module.ctx_index]; | 1223 scf = listen[i].ctx->srv_conf[ngx_stream_ssl_module.ctx_index]; |
1220 | 1224 |
1225 #if (NGX_QUIC_OPENSSL_COMPAT) | |
1226 if (ngx_quic_compat_init(cf, scf->ssl.ctx) != NGX_OK) { | |
1227 return NGX_ERROR; | |
1228 } | |
1229 #endif | |
1230 | |
1221 if (scf->certificates && !(scf->protocols & NGX_SSL_TLSv1_3)) { | 1231 if (scf->certificates && !(scf->protocols & NGX_SSL_TLSv1_3)) { |
1222 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, | 1232 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, |
1223 "\"ssl_protocols\" must enable TLSv1.3 for " | 1233 "\"ssl_protocols\" must enable TLSv1.3 for " |
1224 "the \"listen ... quic\" directive in %s:%ui", | 1234 "the \"listen ... quic\" directive in %s:%ui", |
1225 scf->file, scf->line); | 1235 scf->file, scf->line); |