From 6a0bea5361d0edfa69fce916739b8b1b96c7fb4f Mon Sep 17 00:00:00 2001
From: Sergey Kandaurov <pluknet@nginx.com>
Date: Tue, 16 Mar 2021 13:48:28 +0300
Subject: [PATCH] QUIC: fixed expected TLS codepoint with final draft and
 BoringSSL.

A reasonable codepoint is always set[1] explicitly so that it doesn't
depend on the default library value that may change[2] in the future.

[1] https://boringssl.googlesource.com/boringssl/+/3d8b8c3d
[2] https://boringssl.googlesource.com/boringssl/+/c47bfce0
---
 src/event/quic/ngx_event_quic.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/event/quic/ngx_event_quic.c b/src/event/quic/ngx_event_quic.c
index 1cb9e276c..cb6aff3fb 100644
--- a/src/event/quic/ngx_event_quic.c
+++ b/src/event/quic/ngx_event_quic.c
@@ -1803,6 +1803,10 @@ ngx_quic_init_connection(ngx_connection_t *c)
     }
 #endif
 
+#if BORINGSSL_API_VERSION >= 13
+    SSL_set_quic_use_legacy_codepoint(ssl_conn, qc->version != 1);
+#endif
+
     if (ngx_quic_new_sr_token(c, &qc->dcid, qc->conf->sr_token_key,
                               qc->tp.sr_token)
         != NGX_OK)