[PATCH] QUIC: fixed OpenSSL compat layer with OpenSSL master branch
Roman Arutyunyan
arut at nginx.com
Wed May 10 11:49:06 UTC 2023
On Tue, Apr 11, 2023 at 01:39:23AM +0400, Sergey Kandaurov wrote:
> # HG changeset patch
> # User Sergey Kandaurov <pluknet at nginx.com>
> # Date 1681162552 -14400
> # Tue Apr 11 01:35:52 2023 +0400
> # Branch quic
> # Node ID e058f1f9d40f185e19098d65a47e3be128d4cb46
> # Parent 9ea62b6250f225578f703da5e230853a7a84df7d
> QUIC: fixed OpenSSL compat layer with OpenSSL master branch.
>
> The layer is enabled as a fallback if the QUIC support is configured and the
> BoringSSL API wasn't detected, or when using the --with-openssl option, also
> compatible with QuicTLS and LibreSSL. For the latter, the layer is assumed
> to be present if QUIC was requested, so it needs to be undefined to prevent
> QUIC API redefinition as appropriate.
>
> A previously used approach to test the TLSEXT_TYPE_quic_transport_parameters
> macro doesn't work with OpenSSL 3.2 master branch where this macro appeared
> with incompatible QUIC API. To fix the build there, the test is revised to
> pass only for QuicTLS and LibreSSL.
>
> diff --git a/src/event/quic/ngx_event_quic_openssl_compat.h b/src/event/quic/ngx_event_quic_openssl_compat.h
> --- a/src/event/quic/ngx_event_quic_openssl_compat.h
> +++ b/src/event/quic/ngx_event_quic_openssl_compat.h
> @@ -7,7 +7,8 @@
> #ifndef _NGX_EVENT_QUIC_OPENSSL_COMPAT_H_INCLUDED_
> #define _NGX_EVENT_QUIC_OPENSSL_COMPAT_H_INCLUDED_
>
> -#ifdef TLSEXT_TYPE_quic_transport_parameters
> +#if defined SSL_R_MISSING_QUIC_TRANSPORT_PARAMETERS_EXTENSION \
> + || defined LIBRESSL_VERSION_NUMBER
> #undef NGX_QUIC_OPENSSL_COMPAT
> #else
>
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx-devel
Looks ok
More information about the nginx-devel
mailing list