QUIC: avoid using C99 designated initializers.
They are not supported by MSVC till 2012. SSL_QUIC_METHOD initialization is moved to run-time to preserve portability among SSL library implementations, which allows to reduce its visibility. Note using of a static storage to keep SSL_set_quic_method() reference valid.
This commit is contained in:
parent
8e422fd5e8
commit
41a5fad87b
|
@ -147,6 +147,7 @@ ngx_quic_keys_set_initial_secret(ngx_quic_keys_t *keys, ngx_str_t *secret,
|
||||||
{
|
{
|
||||||
size_t is_len;
|
size_t is_len;
|
||||||
uint8_t is[SHA256_DIGEST_LENGTH];
|
uint8_t is[SHA256_DIGEST_LENGTH];
|
||||||
|
ngx_str_t iss;
|
||||||
ngx_uint_t i;
|
ngx_uint_t i;
|
||||||
const EVP_MD *digest;
|
const EVP_MD *digest;
|
||||||
ngx_quic_hkdf_t seq[8];
|
ngx_quic_hkdf_t seq[8];
|
||||||
|
@ -176,10 +177,8 @@ ngx_quic_keys_set_initial_secret(ngx_quic_keys_t *keys, ngx_str_t *secret,
|
||||||
return NGX_ERROR;
|
return NGX_ERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
ngx_str_t iss = {
|
iss.len = is_len;
|
||||||
.data = is,
|
iss.data = is;
|
||||||
.len = is_len
|
|
||||||
};
|
|
||||||
|
|
||||||
ngx_log_debug0(NGX_LOG_DEBUG_EVENT, log, 0,
|
ngx_log_debug0(NGX_LOG_DEBUG_EVENT, log, 0,
|
||||||
"quic ngx_quic_set_initial_secret");
|
"quic ngx_quic_set_initial_secret");
|
||||||
|
|
|
@ -39,19 +39,6 @@ static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn,
|
||||||
static ngx_int_t ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data);
|
static ngx_int_t ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data);
|
||||||
|
|
||||||
|
|
||||||
static SSL_QUIC_METHOD quic_method = {
|
|
||||||
#if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER
|
|
||||||
.set_read_secret = ngx_quic_set_read_secret,
|
|
||||||
.set_write_secret = ngx_quic_set_write_secret,
|
|
||||||
#else
|
|
||||||
.set_encryption_secrets = ngx_quic_set_encryption_secrets,
|
|
||||||
#endif
|
|
||||||
.add_handshake_data = ngx_quic_add_handshake_data,
|
|
||||||
.flush_flight = ngx_quic_flush_flight,
|
|
||||||
.send_alert = ngx_quic_send_alert,
|
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
#if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER
|
#if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER
|
||||||
|
|
||||||
static int
|
static int
|
||||||
|
@ -533,13 +520,14 @@ ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data)
|
||||||
ngx_int_t
|
ngx_int_t
|
||||||
ngx_quic_init_connection(ngx_connection_t *c)
|
ngx_quic_init_connection(ngx_connection_t *c)
|
||||||
{
|
{
|
||||||
u_char *p;
|
u_char *p;
|
||||||
size_t clen;
|
size_t clen;
|
||||||
ssize_t len;
|
ssize_t len;
|
||||||
ngx_str_t dcid;
|
ngx_str_t dcid;
|
||||||
ngx_ssl_conn_t *ssl_conn;
|
ngx_ssl_conn_t *ssl_conn;
|
||||||
ngx_quic_socket_t *qsock;
|
ngx_quic_socket_t *qsock;
|
||||||
ngx_quic_connection_t *qc;
|
ngx_quic_connection_t *qc;
|
||||||
|
static SSL_QUIC_METHOD quic_method;
|
||||||
|
|
||||||
qc = ngx_quic_get_connection(c);
|
qc = ngx_quic_get_connection(c);
|
||||||
|
|
||||||
|
@ -551,6 +539,18 @@ ngx_quic_init_connection(ngx_connection_t *c)
|
||||||
|
|
||||||
ssl_conn = c->ssl->connection;
|
ssl_conn = c->ssl->connection;
|
||||||
|
|
||||||
|
if (!quic_method.send_alert) {
|
||||||
|
#if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER
|
||||||
|
quic_method.set_read_secret = ngx_quic_set_read_secret;
|
||||||
|
quic_method.set_write_secret = ngx_quic_set_write_secret;
|
||||||
|
#else
|
||||||
|
quic_method.set_encryption_secrets = ngx_quic_set_encryption_secrets;
|
||||||
|
#endif
|
||||||
|
quic_method.add_handshake_data = ngx_quic_add_handshake_data;
|
||||||
|
quic_method.flush_flight = ngx_quic_flush_flight;
|
||||||
|
quic_method.send_alert = ngx_quic_send_alert;
|
||||||
|
}
|
||||||
|
|
||||||
if (SSL_set_quic_method(ssl_conn, &quic_method) == 0) {
|
if (SSL_set_quic_method(ssl_conn, &quic_method) == 0) {
|
||||||
ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
||||||
"quic SSL_set_quic_method() failed");
|
"quic SSL_set_quic_method() failed");
|
||||||
|
|
Loading…
Reference in New Issue