diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/event/quic/ngx_event_quic.h | 1 | ||||
| -rw-r--r-- | src/event/quic/ngx_event_quic_ssl.c | 25 | ||||
| -rw-r--r-- | src/http/modules/ngx_http_quic_module.c | 1 | ||||
| -rw-r--r-- | src/stream/ngx_stream_quic_module.c | 1 |
4 files changed, 13 insertions, 15 deletions
diff --git a/src/event/quic/ngx_event_quic.h b/src/event/quic/ngx_event_quic.h index 47359fe85..839570af0 100644 --- a/src/event/quic/ngx_event_quic.h +++ b/src/event/quic/ngx_event_quic.h @@ -60,7 +60,6 @@ typedef struct { ngx_quic_tp_t tp; ngx_flag_t retry; ngx_flag_t gso_enabled; - ngx_flag_t require_alpn; ngx_str_t host_key; u_char av_token_key[NGX_QUIC_AV_KEY_LEN]; u_char sr_token_key[NGX_QUIC_SR_KEY_LEN]; diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c index 8899bc626..839bb3161 100644 --- a/src/event/quic/ngx_event_quic_ssl.c +++ b/src/event/quic/ngx_event_quic_ssl.c @@ -175,6 +175,10 @@ ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn, ngx_connection_t *c; ngx_quic_send_ctx_t *ctx; ngx_quic_connection_t *qc; +#if defined(TLSEXT_TYPE_application_layer_protocol_negotiation) + unsigned int alpn_len; + const unsigned char *alpn_data; +#endif c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); qc = ngx_quic_get_connection(c); @@ -190,21 +194,18 @@ ngx_quic_add_handshake_data(ngx_ssl_conn_t *ssl_conn, */ #if defined(TLSEXT_TYPE_application_layer_protocol_negotiation) - if (qc->conf->require_alpn) { - unsigned int len; - const unsigned char *data; - SSL_get0_alpn_selected(ssl_conn, &data, &len); + SSL_get0_alpn_selected(ssl_conn, &alpn_data, &alpn_len); - if (len == 0) { - qc->error = 0x100 + SSL_AD_NO_APPLICATION_PROTOCOL; - qc->error_reason = "unsupported protocol in ALPN extension"; + if (alpn_len == 0) { + qc->error = 0x100 + SSL_AD_NO_APPLICATION_PROTOCOL; + qc->error_reason = "unsupported protocol in ALPN extension"; + + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic unsupported protocol in ALPN extension"); + return 0; + } - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic unsupported protocol in ALPN extension"); - return 0; - } - } #endif SSL_get_peer_quic_transport_params(ssl_conn, &client_params, diff --git a/src/http/modules/ngx_http_quic_module.c b/src/http/modules/ngx_http_quic_module.c index ce13a223f..9e6d17ead 100644 --- a/src/http/modules/ngx_http_quic_module.c +++ b/src/http/modules/ngx_http_quic_module.c @@ -331,7 +331,6 @@ ngx_http_quic_create_srv_conf(ngx_conf_t *cf) conf->retry = NGX_CONF_UNSET; conf->gso_enabled = NGX_CONF_UNSET; - conf->require_alpn = 1; return conf; } diff --git a/src/stream/ngx_stream_quic_module.c b/src/stream/ngx_stream_quic_module.c index 2cd811ad4..b40b17c93 100644 --- a/src/stream/ngx_stream_quic_module.c +++ b/src/stream/ngx_stream_quic_module.c @@ -241,7 +241,6 @@ ngx_stream_quic_create_srv_conf(ngx_conf_t *cf) * conf->tp.retry_scid = { 0, NULL }; * conf->tp.preferred_address = NULL * conf->host_key = { 0, NULL } - * conf->require_alpn = 0; */ conf->tp.max_idle_timeout = NGX_CONF_UNSET_MSEC; |