QUIC: moved "handshake failed" reason to send_alert.

A QUIC handshake failure breaks down into several cases:
- a handshake error which leads to a send_alert call
- an error triggered by the add_handshake_data callback
- internal errors (allocation etc)

Previously, in the first case, only error code was set in the send_alert
callback.  Now the "handshake failed" reason phrase is set there as well.
In the second case, both code and reason are set by add_handshake_data.
In the last case, setting reason phrase is removed: returning NGX_ERROR
now leads to closing the connection with just INTERNAL_ERROR.

Reported by Jiuzhou Cui.

diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c
index 58b03cb3ac96ecf8b53c4170ccab42c045587317..595abed89989ba51097e615aae4aa224b4c69767 100644 (file)
--- a/src/event/quic/ngx_event_quic_ssl.c
+++ b/src/event/quic/ngx_event_quic_ssl.c
@@ -301,6 +301,7 @@ ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, enum ssl_encryption_level_t level,
     }
 
     qc->error = NGX_QUIC_ERR_CRYPTO(alert);
+    qc->error_reason = "handshake failed";
 
     return 1;
 }
@@ -423,7 +424,6 @@ ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data)
 
         if (sslerr != SSL_ERROR_WANT_READ) {
             ngx_ssl_error(NGX_LOG_ERR, c->log, 0, "SSL_do_handshake() failed");
-            qc->error_reason = "handshake failed";
             return NGX_ERROR;
         }
     }