Welcome! Log In Create A New Profile

Advanced

Re: [nginx-quic]

Vladimir Homutov
June 14, 2021 12:36PM
14.06.2021 18:08, Lucas Cuminato пишет:
> Hello,
>
> Not sure If this is a bug in nginx-quic or if I'm not configuring
> it correctly but when trying to use nginx-quic with the following settings.
>
> stream {
>     server {
>         listen 5555 quic reuseport;
>         ssl_session_cache off;
>         ssl_client_certificate ca.pem
>         ssl_verify_client on;
>         ssl_session_tickets off;
>         ssl_certificate         cert.pem
>         ssl_certificate_key    key.pem;
>         ssl_protocols       TLSv1.3;
>     }
> }
>
> and using a standalone application that uses ngtcp2 to try to connect to
> nginx-quic, I get a TLS alert saying that "No application protocol".
> I've tracked this down and it seems like nginx-quic is not setting any
> ALPN for the SSL context when using QUIC as a stream (in
> ngx_stream_ssl_module.c).
> It does it set it when using QUIC as HTTP (in ngx_http_ssl_module.c).
> Now, I believe ALPN is mandatory for QUIC according to the
> QUIC-TRANSPORT draft, so this might be a bug.
> By copying the code done in ngx_http_ssl_module.c for setting the ALPN
> and using it in ngx_stream_ssl_module.c, I was able to make my
> standalone app connect and transfer data, but not sure
> if this is the right fix.
>
> R,
> Lucas.
>
Hello,
this is expected with stream module.
ALPN is required, but is not clear what protocol (http3? other protocol
over quic?) is going to be used.
Can you please elaborate your use case? What are you going to achieve?
Also, the suggested configuration is not going to work, since you don't
have any content handling module (i.e. proxy_pass or return).


_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

[nginx-quic]

Lucas Cuminato 204 June 14, 2021 11:10AM

Re: [nginx-quic]

Vladimir Homutov 87 June 14, 2021 12:36PM

Re: [nginx-quic]

Lucas Cuminato 114 June 14, 2021 12:46PM

Re: [nginx-quic]

Vladimir Homutov 133 June 14, 2021 01:02PM

Re: [nginx-quic]

Lucas Cuminato 99 June 14, 2021 01:20PM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 79
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready