Mercurial > hg > nginx

diff src/http/modules/ngx_http_ssl_module.c @ 9080:7da4791e0264 quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
QUIC: OpenSSL compatibility layer. The change allows to compile QUIC with OpenSSL which lacks BoringSSL QUIC API. This implementation does not support 0-RTT.
author Roman Arutyunyan <arut@nginx.com>
date Wed, 22 Feb 2023 19:16:53 +0400
parents 3be953161026
children c851a2ed5ce8
line wrap: on
line diff
--- a/src/http/modules/ngx_http_ssl_module.c
+++ b/src/http/modules/ngx_http_ssl_module.c
@@ -9,6 +9,10 @@
 #include <ngx_core.h>
 #include <ngx_http.h>
 
+#if (NGX_QUIC_OPENSSL_COMPAT)
+#include <ngx_event_quic_openssl_compat.h>
+#endif
+
 
 typedef ngx_int_t (*ngx_ssl_variable_handler_pt)(ngx_connection_t *c,
     ngx_pool_t *pool, ngx_str_t *s);
@@ -1317,16 +1321,22 @@ ngx_http_ssl_init(ngx_conf_t *cf)
                 continue;
             }
 
+            cscf = addr[a].default_server;
+            sscf = cscf->ctx->srv_conf[ngx_http_ssl_module.ctx_index];
+
             if (addr[a].opt.http3) {
                 name = "http3";
 
+#if (NGX_QUIC_OPENSSL_COMPAT)
+                if (ngx_quic_compat_init(cf, sscf->ssl.ctx) != NGX_OK) {
+                    return NGX_ERROR;
+                }
+#endif
+
             } else {
                 name = "ssl";
             }
 
-            cscf = addr[a].default_server;
-            sscf = cscf->ctx->srv_conf[ngx_http_ssl_module.ctx_index];
-
             if (sscf->certificates) {
 
                 if (addr[a].opt.http3 && !(sscf->protocols & NGX_SSL_TLSv1_3)) {