# HG changeset patch # User Roman Arutyunyan # Date 1595020084 -10800 # Node ID f537f99b86ee5155b9bc55dc8806275e7694f614 # Parent b250b515e5b6dfc68172fdb3ad52d341cd225517 QUIC: do not verify the selected ALPN protocol. The right protocol is selected by the HTTP code. In the QUIC code only verify that some protocol was selected and trigger an error otherwise. diff --git a/src/event/ngx_event_quic.c b/src/event/ngx_event_quic.c --- a/src/event/ngx_event_quic.c +++ b/src/event/ngx_event_quic.c @@ -417,9 +417,7 @@ ngx_quic_add_handshake_data(ngx_ssl_conn SSL_get0_alpn_selected(c->ssl->connection, &data, &len); - if (len != NGX_QUIC_ALPN_LEN - || ngx_strncmp(data, NGX_QUIC_ALPN_STR, NGX_QUIC_ALPN_LEN) != 0) - { + if (len == 0) { qc->error = 0x100 + SSL_AD_NO_APPLICATION_PROTOCOL; qc->error_reason = "unsupported protocol in ALPN extension"; diff --git a/src/event/ngx_event_quic.h b/src/event/ngx_event_quic.h --- a/src/event/ngx_event_quic.h +++ b/src/event/ngx_event_quic.h @@ -18,11 +18,6 @@ #endif #define NGX_QUIC_VERSION (0xff000000 + NGX_QUIC_DRAFT_VERSION) -#define NGX_QUIC_ALPN(s) NGX_QUIC_ALPN_DRAFT(s) -#define NGX_QUIC_ALPN_DRAFT(s) "h3-" #s -#define NGX_QUIC_ALPN_STR NGX_QUIC_ALPN(NGX_QUIC_DRAFT_VERSION) -#define NGX_QUIC_ALPN_LEN (sizeof(NGX_QUIC_ALPN_STR) - 1) - #define NGX_QUIC_MAX_SHORT_HEADER 25 /* 1 flags + 20 dcid + 4 pn */ #define NGX_QUIC_MAX_LONG_HEADER 56 /* 1 flags + 4 version + 2 x (1 + 20) s/dcid + 4 pn + 4 len + token len */