QUIC: avoid using C99 designated initializers.

They are not supported by MSVC till 2012. SSL_QUIC_METHOD initialization is moved to run-time to preserve portability among SSL library implementations, which allows to reduce its visibility. Note using of a static storage to keep SSL_set_quic_method() reference valid.
2022-11-22 18:05:35 +04:00 · 2022-11-22 18:05:35 +04:00 · 41a5fad87b
parent 8e422fd5e8
commit 41a5fad87b
2 changed files with 23 additions and 24 deletions
--- a/src/event/quic/ngx_event_quic_protection.c
+++ b/src/event/quic/ngx_event_quic_protection.c
@ -147,6 +147,7 @@ ngx_quic_keys_set_initial_secret(ngx_quic_keys_t *keys, ngx_str_t *secret,
 {
    size_t              is_len;
    uint8_t             is[SHA256_DIGEST_LENGTH];
+    ngx_str_t           iss;
    ngx_uint_t          i;
    const EVP_MD       *digest;
    ngx_quic_hkdf_t     seq[8];
@ -176,10 +177,8 @@ ngx_quic_keys_set_initial_secret(ngx_quic_keys_t *keys, ngx_str_t *secret,
        return NGX_ERROR;
    }

-    ngx_str_t iss = {
-        .data = is,
-        .len = is_len
-    };
+    iss.len = is_len;
+    iss.data = is;

    ngx_log_debug0(NGX_LOG_DEBUG_EVENT, log, 0,
                   "quic ngx_quic_set_initial_secret");
--- a/src/event/quic/ngx_event_quic_ssl.c
+++ b/src/event/quic/ngx_event_quic_ssl.c
@ -39,19 +39,6 @@ static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn,
 static ngx_int_t ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data);


-static SSL_QUIC_METHOD quic_method = {
-#if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER
-    .set_read_secret = ngx_quic_set_read_secret,
-    .set_write_secret = ngx_quic_set_write_secret,
-#else
-    .set_encryption_secrets = ngx_quic_set_encryption_secrets,
-#endif
-    .add_handshake_data = ngx_quic_add_handshake_data,
-    .flush_flight = ngx_quic_flush_flight,
-    .send_alert = ngx_quic_send_alert,
-};
-
-
 #if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER

 static int
@ -533,13 +520,14 @@ ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data)
 ngx_int_t
 ngx_quic_init_connection(ngx_connection_t *c)
 {
-    u_char                 *p;
-    size_t                  clen;
-    ssize_t                 len;
-    ngx_str_t               dcid;
-    ngx_ssl_conn_t         *ssl_conn;
-    ngx_quic_socket_t      *qsock;
-    ngx_quic_connection_t  *qc;
+    u_char                  *p;
+    size_t                   clen;
+    ssize_t                  len;
+    ngx_str_t                dcid;
+    ngx_ssl_conn_t          *ssl_conn;
+    ngx_quic_socket_t       *qsock;
+    ngx_quic_connection_t   *qc;
+    static SSL_QUIC_METHOD   quic_method;

    qc = ngx_quic_get_connection(c);

@ -551,6 +539,18 @@ ngx_quic_init_connection(ngx_connection_t *c)

    ssl_conn = c->ssl->connection;

+    if (!quic_method.send_alert) {
+#if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER
+        quic_method.set_read_secret = ngx_quic_set_read_secret;
+        quic_method.set_write_secret = ngx_quic_set_write_secret;
+#else
+        quic_method.set_encryption_secrets = ngx_quic_set_encryption_secrets;
+#endif
+        quic_method.add_handshake_data = ngx_quic_add_handshake_data;
+        quic_method.flush_flight = ngx_quic_flush_flight;
+        quic_method.send_alert = ngx_quic_send_alert;
+    }
+
    if (SSL_set_quic_method(ssl_conn, &quic_method) == 0) {
        ngx_log_error(NGX_LOG_INFO, c->log, 0,
                      "quic SSL_set_quic_method() failed");