[nginx-quic]
Vladimir Homutov
vl at nginx.com
Mon Jun 14 17:00:25 UTC 2021
14.06.2021 19:43, Lucas Cuminato пишет:
> Hi, Vladimir, thanks for replying.
>
> I'm not using any protocol over QUIC, just using QUIC to send/receive
> raw data to/from my application and the server, and having nginx proxy
> it to a TCP server.
> I do have a proxy_pass configured in my setup. I just omitted for
> simplicity.
>
> R,
> Lucas.
Ok, so you have custom backend that knows what to do with QUIC streams?
And you backend is TCP-based? Sounds quite interesting. Or does it deal
with single stream only?
Anyway, right now it fails at ALPN stage. Probably, in future, we may
introduce some configuration directive to control it. It is not yet
absolutely clear how the stream module should deal with quic.
Yoy may want to try to copy the code wich sets ALPN callback from
http_quic module and provides some meaningful value for protocol.
>
>
> On Mon, Jun 14, 2021 at 11:35 AM Vladimir Homutov <vl at nginx.com
> <mailto:vl at nginx.com>> wrote:
>
> 14.06.2021 18:08, Lucas Cuminato пишет:
> > Hello,
> >
> > Not sure If this is a bug in nginx-quic or if I'm not configuring
> > it correctly but when trying to use nginx-quic with the following
> settings.
> >
> > stream {
> > server {
> > listen 5555 quic reuseport;
> > ssl_session_cache off;
> > ssl_client_certificate ca.pem
> > ssl_verify_client on;
> > ssl_session_tickets off;
> > ssl_certificate cert.pem
> > ssl_certificate_key key.pem;
> > ssl_protocols TLSv1.3;
> > }
> > }
> >
> > and using a standalone application that uses ngtcp2 to try to
> connect to
> > nginx-quic, I get a TLS alert saying that "No application protocol".
> > I've tracked this down and it seems like nginx-quic is not
> setting any
> > ALPN for the SSL context when using QUIC as a stream (in
> > ngx_stream_ssl_module.c).
> > It does it set it when using QUIC as HTTP
> (in ngx_http_ssl_module.c).
> > Now, I believe ALPN is mandatory for QUIC according to the
> > QUIC-TRANSPORT draft, so this might be a bug.
> > By copying the code done in ngx_http_ssl_module.c for setting the
> ALPN
> > and using it in ngx_stream_ssl_module.c, I was able to make my
> > standalone app connect and transfer data, but not sure
> > if this is the right fix.
> >
> > R,
> > Lucas.
> >
> Hello,
> this is expected with stream module.
> ALPN is required, but is not clear what protocol (http3? other protocol
> over quic?) is going to be used.
> Can you please elaborate your use case? What are you going to achieve?
> Also, the suggested configuration is not going to work, since you don't
> have any content handling module (i.e. proxy_pass or return).
>
>
More information about the nginx-devel
mailing list