Mercurial > hg > nginx
comparison src/stream/ngx_stream_ssl_module.c @ 9080:7da4791e0264 quic
QUIC: OpenSSL compatibility layer.
The change allows to compile QUIC with OpenSSL which lacks BoringSSL QUIC API.
This implementation does not support 0-RTT.
| author | Roman Arutyunyan <arut@nginx.com> |
|---|---|
| date | Wed, 22 Feb 2023 19:16:53 +0400 |
| parents | 3be953161026 |
| children | 0af598651e33 |
comparison
equal
deleted
inserted
replaced
| 9079:639fa6723700 | 9080:7da4791e0264 |
|---|---|
| 6 | 6 |
| 7 | 7 |
| 8 #include <ngx_config.h> | 8 #include <ngx_config.h> |
| 9 #include <ngx_core.h> | 9 #include <ngx_core.h> |
| 10 #include <ngx_stream.h> | 10 #include <ngx_stream.h> |
| 11 | |
| 12 #if (NGX_QUIC_OPENSSL_COMPAT) | |
| 13 #include <ngx_event_quic_openssl_compat.h> | |
| 14 #endif | |
| 11 | 15 |
| 12 | 16 |
| 13 typedef ngx_int_t (*ngx_ssl_variable_handler_pt)(ngx_connection_t *c, | 17 typedef ngx_int_t (*ngx_ssl_variable_handler_pt)(ngx_connection_t *c, |
| 14 ngx_pool_t *pool, ngx_str_t *s); | 18 ngx_pool_t *pool, ngx_str_t *s); |
| 15 | 19 |
| 1216 continue; | 1220 continue; |
| 1217 } | 1221 } |
| 1218 | 1222 |
| 1219 scf = listen[i].ctx->srv_conf[ngx_stream_ssl_module.ctx_index]; | 1223 scf = listen[i].ctx->srv_conf[ngx_stream_ssl_module.ctx_index]; |
| 1220 | 1224 |
| 1225 #if (NGX_QUIC_OPENSSL_COMPAT) | |
| 1226 if (ngx_quic_compat_init(cf, scf->ssl.ctx) != NGX_OK) { | |
| 1227 return NGX_ERROR; | |
| 1228 } | |
| 1229 #endif | |
| 1230 | |
| 1221 if (scf->certificates && !(scf->protocols & NGX_SSL_TLSv1_3)) { | 1231 if (scf->certificates && !(scf->protocols & NGX_SSL_TLSv1_3)) { |
| 1222 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, | 1232 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, |
| 1223 "\"ssl_protocols\" must enable TLSv1.3 for " | 1233 "\"ssl_protocols\" must enable TLSv1.3 for " |
| 1224 "the \"listen ... quic\" directive in %s:%ui", | 1234 "the \"listen ... quic\" directive in %s:%ui", |
| 1225 scf->file, scf->line); | 1235 scf->file, scf->line); |