Welcome! Log In Create A New Profile

Advanced

[nginx-quic]

Lucas Cuminato
June 14, 2021 11:10AM
Hello,

Not sure If this is a bug in nginx-quic or if I'm not configuring
it correctly but when trying to use nginx-quic with the following settings.

stream {
server {
listen 5555 quic reuseport;
ssl_session_cache off;
ssl_client_certificate ca.pem
ssl_verify_client on;
ssl_session_tickets off;
ssl_certificate cert.pem
ssl_certificate_key key.pem;
ssl_protocols TLSv1.3;
}
}

and using a standalone application that uses ngtcp2 to try to connect to
nginx-quic, I get a TLS alert saying that "No application protocol".
I've tracked this down and it seems like nginx-quic is not setting any ALPN
for the SSL context when using QUIC as a stream (in
ngx_stream_ssl_module.c).
It does it set it when using QUIC as HTTP (in ngx_http_ssl_module.c). Now,
I believe ALPN is mandatory for QUIC according to the QUIC-TRANSPORT draft,
so this might be a bug.
By copying the code done in ngx_http_ssl_module.c for setting the ALPN and
using it in ngx_stream_ssl_module.c, I was able to make my standalone app
connect and transfer data, but not sure
if this is the right fix.

R,
Lucas.
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

[nginx-quic]

Lucas Cuminato 145 June 14, 2021 11:10AM

Re: [nginx-quic]

Vladimir Homutov 56 June 14, 2021 12:36PM

Re: [nginx-quic]

Lucas Cuminato 65 June 14, 2021 12:46PM

Re: [nginx-quic]

Vladimir Homutov 79 June 14, 2021 01:02PM

Re: [nginx-quic]

Lucas Cuminato 68 June 14, 2021 01:20PM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 76
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready