aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorRoman Arutyunyan <arut@nginx.com>2021-12-04 10:52:55 +0300
committerRoman Arutyunyan <arut@nginx.com>2021-12-04 10:52:55 +0300
commitd84c1f7885cc898f626057c314cdae4047c5d513 (patch)
treec351baac8bf82ebabbc2fae3a3da4320f657446e /src
parent731915a0c5e90b79d3cca1a4b0a3c33e1f77631c (diff)
downloadnginx-d84c1f7885cc898f626057c314cdae4047c5d513.tar.gz
nginx-d84c1f7885cc898f626057c314cdae4047c5d513.zip
HTTP/3: http3_hq directive and NGX_HTTP_V3_HQ macro.
Listen quic parameter is no longer supported.
Diffstat (limited to 'src')
-rw-r--r--src/http/modules/ngx_http_ssl_module.c41
-rw-r--r--src/http/ngx_http.c11
-rw-r--r--src/http/ngx_http_core_module.c26
-rw-r--r--src/http/ngx_http_core_module.h1
-rw-r--r--src/http/ngx_http_request.c2
-rw-r--r--src/http/v3/ngx_http_v3.h7
-rw-r--r--src/http/v3/ngx_http_v3_module.c16
-rw-r--r--src/http/v3/ngx_http_v3_request.c24
8 files changed, 64 insertions, 64 deletions
diff --git a/src/http/modules/ngx_http_ssl_module.c b/src/http/modules/ngx_http_ssl_module.c
index 3af21178b..f43e51eac 100644
--- a/src/http/modules/ngx_http_ssl_module.c
+++ b/src/http/modules/ngx_http_ssl_module.c
@@ -417,18 +417,21 @@ ngx_http_ssl_alpn_select(ngx_ssl_conn_t *ssl_conn, const unsigned char **out,
void *arg)
{
#if (NGX_HTTP_V3)
- const char *fmt;
+ const char *fmt;
#endif
- unsigned int srvlen;
- unsigned char *srv;
+ unsigned int srvlen;
+ unsigned char *srv;
#if (NGX_DEBUG)
- unsigned int i;
+ unsigned int i;
#endif
#if (NGX_HTTP_V2 || NGX_HTTP_V3)
- ngx_http_connection_t *hc;
+ ngx_http_connection_t *hc;
+#endif
+#if (NGX_HTTP_V3 && NGX_HTTP_V3_HQ)
+ ngx_http_v3_srv_conf_t *h3scf;
#endif
#if (NGX_HTTP_V2 || NGX_HTTP_V3 || NGX_DEBUG)
- ngx_connection_t *c;
+ ngx_connection_t *c;
c = ngx_ssl_get_connection(ssl_conn);
#endif
@@ -452,16 +455,21 @@ ngx_http_ssl_alpn_select(ngx_ssl_conn_t *ssl_conn, const unsigned char **out,
} else
#endif
#if (NGX_HTTP_V3)
- if (hc->addr_conf->quic) {
- if (hc->addr_conf->http3) {
+ if (hc->addr_conf->http3) {
+
+#if (NGX_HTTP_V3_HQ)
+ h3scf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_v3_module);
+
+ if (h3scf->hq) {
+ srv = (unsigned char *) NGX_HTTP_V3_HQ_ALPN_PROTO;
+ srvlen = sizeof(NGX_HTTP_V3_HQ_ALPN_PROTO) - 1;
+ fmt = NGX_HTTP_V3_HQ_ALPN_DRAFT_FMT;
+ } else
+#endif
+ {
srv = (unsigned char *) NGX_HTTP_V3_ALPN_PROTO;
srvlen = sizeof(NGX_HTTP_V3_ALPN_PROTO) - 1;
fmt = NGX_HTTP_V3_ALPN_DRAFT_FMT;
-
- } else {
- srv = (unsigned char *) NGX_HTTP_QUIC_ALPN_PROTO;
- srvlen = sizeof(NGX_HTTP_QUIC_ALPN_PROTO) - 1;
- fmt = NGX_HTTP_QUIC_ALPN_DRAFT_FMT;
}
/* QUIC draft */
@@ -1317,16 +1325,13 @@ ngx_http_ssl_init(ngx_conf_t *cf)
addr = port[p].addrs.elts;
for (a = 0; a < port[p].addrs.nelts; a++) {
- if (!addr[a].opt.ssl && !addr[a].opt.quic) {
+ if (!addr[a].opt.ssl && !addr[a].opt.http3) {
continue;
}
if (addr[a].opt.http3) {
name = "http3";
- } else if (addr[a].opt.quic) {
- name = "quic";
-
} else {
name = "ssl";
}
@@ -1336,7 +1341,7 @@ ngx_http_ssl_init(ngx_conf_t *cf)
if (sscf->certificates) {
- if (addr[a].opt.quic && !(sscf->protocols & NGX_SSL_TLSv1_3)) {
+ if (addr[a].opt.http3 && !(sscf->protocols & NGX_SSL_TLSv1_3)) {
ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
"\"ssl_protocols\" must enable TLSv1.3 for "
"the \"listen ... %s\" directive in %s:%ui",
diff --git a/src/http/ngx_http.c b/src/http/ngx_http.c
index 187d867bb..4886a88bf 100644
--- a/src/http/ngx_http.c
+++ b/src/http/ngx_http.c
@@ -1241,7 +1241,6 @@ ngx_http_add_addresses(ngx_conf_t *cf, ngx_http_core_srv_conf_t *cscf,
ngx_uint_t http2;
#endif
#if (NGX_HTTP_V3)
- ngx_uint_t quic;
ngx_uint_t http3;
#endif
@@ -1280,7 +1279,6 @@ ngx_http_add_addresses(ngx_conf_t *cf, ngx_http_core_srv_conf_t *cscf,
http2 = lsopt->http2 || addr[i].opt.http2;
#endif
#if (NGX_HTTP_V3)
- quic = lsopt->quic || addr[i].opt.quic;
http3 = lsopt->http3 || addr[i].opt.http3;
#endif
@@ -1320,7 +1318,6 @@ ngx_http_add_addresses(ngx_conf_t *cf, ngx_http_core_srv_conf_t *cscf,
addr[i].opt.http2 = http2;
#endif
#if (NGX_HTTP_V3)
- addr[i].opt.quic = quic;
addr[i].opt.http3 = http3;
#endif
@@ -1367,10 +1364,10 @@ ngx_http_add_address(ngx_conf_t *cf, ngx_http_core_srv_conf_t *cscf,
#if (NGX_HTTP_V3 && !defined NGX_QUIC)
- if (lsopt->quic) {
+ if (lsopt->http3) {
ngx_conf_log_error(NGX_LOG_WARN, cf, 0,
"nginx was built with OpenSSL that lacks QUIC "
- "support, QUIC is not enabled for %V",
+ "support, HTTP/3 is not enabled for %V",
&lsopt->addr_text);
}
@@ -1836,7 +1833,7 @@ ngx_http_add_listening(ngx_conf_t *cf, ngx_http_conf_addr_t *addr)
ls->wildcard = addr->opt.wildcard;
#if (NGX_HTTP_V3)
- ls->quic = addr->opt.quic;
+ ls->quic = addr->opt.http3;
#endif
return ls;
@@ -1872,7 +1869,6 @@ ngx_http_add_addrs(ngx_conf_t *cf, ngx_http_port_t *hport,
addrs[i].conf.http2 = addr[i].opt.http2;
#endif
#if (NGX_HTTP_V3)
- addrs[i].conf.quic = addr[i].opt.quic;
addrs[i].conf.http3 = addr[i].opt.http3;
#endif
addrs[i].conf.proxy_protocol = addr[i].opt.proxy_protocol;
@@ -1941,7 +1937,6 @@ ngx_http_add_addrs6(ngx_conf_t *cf, ngx_http_port_t *hport,
addrs6[i].conf.http2 = addr[i].opt.http2;
#endif
#if (NGX_HTTP_V3)
- addrs6[i].conf.quic = addr[i].opt.quic;
addrs6[i].conf.http3 = addr[i].opt.http3;
#endif
addrs6[i].conf.proxy_protocol = addr[i].opt.proxy_protocol;
diff --git a/src/http/ngx_http_core_module.c b/src/http/ngx_http_core_module.c
index 1e8e27802..12f7bfb27 100644
--- a/src/http/ngx_http_core_module.c
+++ b/src/http/ngx_http_core_module.c
@@ -4096,22 +4096,8 @@ ngx_http_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
#endif
}
- if (ngx_strcmp(value[n].data, "quic") == 0) {
-#if (NGX_HTTP_V3)
- lsopt.quic = 1;
- lsopt.type = SOCK_DGRAM;
- continue;
-#else
- ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
- "the \"quic\" parameter requires "
- "ngx_http_v3_module");
- return NGX_CONF_ERROR;
-#endif
- }
-
if (ngx_strcmp(value[n].data, "http3") == 0) {
#if (NGX_HTTP_V3)
- lsopt.quic = 1;
lsopt.http3 = 1;
lsopt.type = SOCK_DGRAM;
continue;
@@ -4224,22 +4210,12 @@ ngx_http_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
return NGX_CONF_ERROR;
}
-#if (NGX_HTTP_SSL)
-
-#if (NGX_HTTP_V3)
+#if (NGX_HTTP_SSL && NGX_HTTP_V3)
if (lsopt.ssl && lsopt.http3) {
return "\"ssl\" parameter is incompatible with \"http3\"";
}
#endif
-#if (NGX_HTTP_V3)
- if (lsopt.ssl && lsopt.quic) {
- return "\"ssl\" parameter is incompatible with \"quic\"";
- }
-#endif
-
-#endif
-
for (n = 0; n < u.naddrs; n++) {
lsopt.sockaddr = u.addrs[n].sockaddr;
lsopt.socklen = u.addrs[n].socklen;
diff --git a/src/http/ngx_http_core_module.h b/src/http/ngx_http_core_module.h
index 148696641..822c7d264 100644
--- a/src/http/ngx_http_core_module.h
+++ b/src/http/ngx_http_core_module.h
@@ -74,7 +74,6 @@ typedef struct {
unsigned bind:1;
unsigned wildcard:1;
unsigned ssl:1;
- unsigned quic:1;
unsigned http2:1;
unsigned http3:1;
#if (NGX_HAVE_INET6)
diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c
index 0acedb6e9..e8907c100 100644
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -327,7 +327,7 @@ ngx_http_init_connection(ngx_connection_t *c)
#endif
#if (NGX_HTTP_V3)
- if (hc->addr_conf->quic) {
+ if (hc->addr_conf->http3) {
ngx_http_v3_init(c);
return;
}
diff --git a/src/http/v3/ngx_http_v3.h b/src/http/v3/ngx_http_v3.h
index bee073e1d..f470b327d 100644
--- a/src/http/v3/ngx_http_v3.h
+++ b/src/http/v3/ngx_http_v3.h
@@ -22,8 +22,8 @@
#define NGX_HTTP_V3_ALPN_PROTO "\x02h3"
#define NGX_HTTP_V3_ALPN_DRAFT_FMT "\x05h3-%02uD"
-#define NGX_HTTP_QUIC_ALPN_PROTO "\x0Ahq-interop"
-#define NGX_HTTP_QUIC_ALPN_DRAFT_FMT "\x05hq-%02uD"
+#define NGX_HTTP_V3_HQ_ALPN_PROTO "\x0Ahq-interop"
+#define NGX_HTTP_V3_HQ_ALPN_DRAFT_FMT "\x05hq-%02uD"
#define NGX_HTTP_V3_VARLEN_INT_LEN 4
#define NGX_HTTP_V3_PREFIX_INT_LEN 11
@@ -102,6 +102,9 @@ typedef struct {
ngx_uint_t max_blocked_streams;
ngx_uint_t max_concurrent_pushes;
ngx_uint_t max_uni_streams;
+#if (NGX_HTTP_V3_HQ)
+ ngx_flag_t hq;
+#endif
ngx_quic_conf_t quic;
} ngx_http_v3_srv_conf_t;
diff --git a/src/http/v3/ngx_http_v3_module.c b/src/http/v3/ngx_http_v3_module.c
index 14e24d29a..0b2e59b9a 100644
--- a/src/http/v3/ngx_http_v3_module.c
+++ b/src/http/v3/ngx_http_v3_module.c
@@ -68,6 +68,15 @@ static ngx_command_t ngx_http_v3_commands[] = {
offsetof(ngx_http_v3_srv_conf_t, max_uni_streams),
NULL },
+#if (NGX_HTTP_V3_HQ)
+ { ngx_string("http3_hq"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
+ ngx_conf_set_flag_slot,
+ NGX_HTTP_SRV_CONF_OFFSET,
+ offsetof(ngx_http_v3_srv_conf_t, hq),
+ NULL },
+#endif
+
{ ngx_string("http3_push"),
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
ngx_http_v3_push,
@@ -300,6 +309,9 @@ ngx_http_v3_create_srv_conf(ngx_conf_t *cf)
h3scf->max_blocked_streams = NGX_CONF_UNSET_UINT;
h3scf->max_concurrent_pushes = NGX_CONF_UNSET_UINT;
h3scf->max_uni_streams = NGX_CONF_UNSET_UINT;
+#if (NGX_HTTP_V3_HQ)
+ h3scf->hq = NGX_CONF_UNSET;
+#endif
h3scf->quic.tp.max_idle_timeout = NGX_CONF_UNSET_MSEC;
h3scf->quic.tp.max_ack_delay = NGX_CONF_UNSET_MSEC;
@@ -343,6 +355,10 @@ ngx_http_v3_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
ngx_conf_merge_uint_value(conf->max_uni_streams,
prev->max_uni_streams, 3);
+#if (NGX_HTTP_V3_HQ)
+ ngx_conf_merge_value(conf->hq, prev->hq, 0);
+#endif
+
ngx_conf_merge_msec_value(conf->quic.tp.max_idle_timeout,
prev->quic.tp.max_idle_timeout, 60000);
diff --git a/src/http/v3/ngx_http_v3_request.c b/src/http/v3/ngx_http_v3_request.c
index a4b570370..7fce688aa 100644
--- a/src/http/v3/ngx_http_v3_request.c
+++ b/src/http/v3/ngx_http_v3_request.c
@@ -10,7 +10,9 @@
#include <ngx_http.h>
+#if (NGX_HTTP_V3_HQ)
static void ngx_http_v3_init_hq_stream(ngx_connection_t *c);
+#endif
static void ngx_http_v3_init_request_stream(ngx_connection_t *c);
static void ngx_http_v3_wait_request_handler(ngx_event_t *rev);
static void ngx_http_v3_cleanup_request(void *data);
@@ -64,11 +66,10 @@ ngx_http_v3_init(ngx_connection_t *c)
hc->ssl = 1;
- if (c->quic == NULL) {
- h3scf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_v3_module);
+ h3scf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_v3_module);
+ if (c->quic == NULL) {
ngx_quic_run(c, &h3scf->quic);
-
return;
}
@@ -82,10 +83,12 @@ ngx_http_v3_init(ngx_connection_t *c)
ngx_set_connection_log(c, clcf->error_log);
}
- if (!hc->addr_conf->http3) {
+#if (NGX_HTTP_V3_HQ)
+ if (h3scf->hq) {
ngx_http_v3_init_hq_stream(c);
return;
}
+#endif
if (ngx_http_v3_init_session(c) != NGX_OK) {
ngx_http_close_connection(c);
@@ -101,6 +104,8 @@ ngx_http_v3_init(ngx_connection_t *c)
}
+#if (NGX_HTTP_V3_HQ)
+
static void
ngx_http_v3_init_hq_stream(ngx_connection_t *c)
{
@@ -168,6 +173,8 @@ ngx_http_v3_init_hq_stream(ngx_connection_t *c)
}
}
+#endif
+
static void
ngx_http_v3_init_request_stream(ngx_connection_t *c)
@@ -387,16 +394,15 @@ ngx_http_v3_wait_request_handler(ngx_event_t *rev)
void
ngx_http_v3_reset_connection(ngx_connection_t *c)
{
- ngx_http_connection_t *hc;
ngx_http_v3_srv_conf_t *h3scf;
- hc = ngx_http_quic_get_connection(c);
+ h3scf = ngx_http_v3_get_module_srv_conf(c, ngx_http_v3_module);
- if (!hc->addr_conf->http3) {
+#if (NGX_HTTP_V3_HQ)
+ if (h3scf->hq) {
return;
}
-
- h3scf = ngx_http_v3_get_module_srv_conf(c, ngx_http_v3_module);
+#endif
if (h3scf->max_table_capacity > 0 && !c->read->eof) {
(void) ngx_http_v3_send_cancel_stream(c, c->quic->id);