mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2024-12-11 17:59:00 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

QUIC: do not verify the selected ALPN protocol.

Browse Source 
The right protocol is selected by the HTTP code.  In the QUIC code only verify
that some protocol was selected and trigger an error otherwise.
This commit is contained in:
Roman Arutyunyan 2020-07-18 00:08:04 +03:00
parent 0f1478706d
commit a305de07e9
2 changed files with 1 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/event/ngx_event_quic.c
View File

@ -417,9 +417,7 @@ ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn,
SSL_get0_alpn_selected(c->ssl->connection, &data, &len); SSL_get0_alpn_selected(c->ssl->connection, &data, &len);
if (len != NGX_QUIC_ALPN_LEN if (len == 0) {
|| ngx_strncmp(data, NGX_QUIC_ALPN_STR, NGX_QUIC_ALPN_LEN) != 0)
{
qc->error = 0x100 + SSL_AD_NO_APPLICATION_PROTOCOL; qc->error = 0x100 + SSL_AD_NO_APPLICATION_PROTOCOL;
qc->error_reason = "unsupported protocol in ALPN extension"; qc->error_reason = "unsupported protocol in ALPN extension";

5
src/event/ngx_event_quic.h
View File

@ -18,11 +18,6 @@
#endif #endif
#define NGX_QUIC_VERSION (0xff000000 + NGX_QUIC_DRAFT_VERSION) #define NGX_QUIC_VERSION (0xff000000 + NGX_QUIC_DRAFT_VERSION)
#define NGX_QUIC_ALPN(s) NGX_QUIC_ALPN_DRAFT(s)
#define NGX_QUIC_ALPN_DRAFT(s) "h3-" #s
#define NGX_QUIC_ALPN_STR NGX_QUIC_ALPN(NGX_QUIC_DRAFT_VERSION)
#define NGX_QUIC_ALPN_LEN (sizeof(NGX_QUIC_ALPN_STR) - 1)
#define NGX_QUIC_MAX_SHORT_HEADER 25 /* 1 flags + 20 dcid + 4 pn */ #define NGX_QUIC_MAX_SHORT_HEADER 25 /* 1 flags + 20 dcid + 4 pn */
#define NGX_QUIC_MAX_LONG_HEADER 56 #define NGX_QUIC_MAX_LONG_HEADER 56
/* 1 flags + 4 version + 2 x (1 + 20) s/dcid + 4 pn + 4 len + token len */ /* 1 flags + 4 version + 2 x (1 + 20) s/dcid + 4 pn + 4 len + token len */