Welcome! Log In Create A New Profile

[PATCH 4 of 4] QUIC: removed compatibility with older BoringSSL API

Forum List Message List New Topic Print View

Sergey Kandaurov

October 06, 2022 06:54PM

# HG changeset patch
# User Sergey Kandaurov <pluknet@nginx.com>
# Date 1665096357 -14400
# Fri Oct 07 02:45:57 2022 +0400
# Branch quic
# Node ID 4c1e6c90445c1d65a92ef797eb60e49c01c21441
# Parent 69df425adfc0cddb97629c78d771be285cd36b56
QUIC: removed compatibility with older BoringSSL API.

SSL_CIPHER_get_protocol_id() appeared in BoringSSL somewhere between
BORINGSSL_API_VERSION 12 and 13, and started to be used in nginx QUIC
methods in a4c05aff8ec0 without macro test, which remained unnoticed.
This justifies older BoringSSL API isn't used now and can be dropped.

diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c
--- a/src/event/quic/ngx_event_quic_ssl.c
+++ b/src/event/quic/ngx_event_quic_ssl.c
@@ -18,7 +18,7 @@
#define NGX_QUIC_MAX_BUFFERED 65535

-#if BORINGSSL_API_VERSION >= 10 || defined LIBRESSL_VERSION_NUMBER
+#if defined BORINGSSL_API_VERSION || defined LIBRESSL_VERSION_NUMBER
static int ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn,
enum ssl_encryption_level_t level, const SSL_CIPHER *cipher,
const uint8_t *secret, size_t secret_len);
@@ -40,7 +40,7 @@ static ngx_int_t ngx_quic_crypto_input(n

static SSL_QUIC_METHOD quic_method = {
-#if BORINGSSL_API_VERSION >= 10 || defined LIBRESSL_VERSION_NUMBER
+#if defined BORINGSSL_API_VERSION || defined LIBRESSL_VERSION_NUMBER
.set_read_secret = ngx_quic_set_read_secret,
.set_write_secret = ngx_quic_set_write_secret,
#else
@@ -52,7 +52,7 @@ static SSL_QUIC_METHOD quic_method = {
};

-#if BORINGSSL_API_VERSION >= 10 || defined LIBRESSL_VERSION_NUMBER
+#if defined BORINGSSL_API_VERSION || defined LIBRESSL_VERSION_NUMBER

static int
ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn,
@@ -602,7 +602,7 @@ ngx_quic_init_connection(ngx_connection_
return NGX_ERROR;
}

-#if BORINGSSL_API_VERSION >= 11
+#ifdef BORINGSSL_API_VERSION
if (SSL_set_quic_early_data_context(ssl_conn, p, clen) == 0) {
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"quic SSL_set_quic_early_data_context() failed");

_______________________________________________
nginx-devel mailing list -- nginx-devel@nginx.org
To unsubscribe send an email to nginx-devel-leave@nginx.org

Reply Quote

RSS

Subject	Author	Views	Posted
[PATCH 0 of 4] quic libressl support	Sergey Kandaurov	740	October 06, 2022 06:54PM
[PATCH 4 of 4] QUIC: removed compatibility with older BoringSSL API	Sergey Kandaurov	159	October 06, 2022 06:54PM
[PATCH 3 of 4] QUIC: support for setting QUIC methods with LibreSSL	Sergey Kandaurov	135	October 06, 2022 06:54PM
[PATCH 1 of 4] QUIC: using native TLSv1.3 cipher suite constants	Sergey Kandaurov	163	October 06, 2022 06:54PM
[PATCH 2 of 4] QUIC: do not use SSL_set_quic_early_data_enabled() with LibreSSL	Sergey Kandaurov	176	October 06, 2022 06:54PM
[PATCH 0 of 4] quic libressl support #2	Sergey Kandaurov	147	October 11, 2022 06:44AM
[PATCH 2 of 4] QUIC: do not use SSL_set_quic_early_data_enabled() with LibreSSL	Sergey Kandaurov	123	October 11, 2022 06:44AM
Re: [PATCH 2 of 4] QUIC: do not use SSL_set_quic_early_data_enabled() with LibreSSL	Roman Arutyunyan	109	October 17, 2022 07:10AM
Re: [PATCH 2 of 4] QUIC: do not use SSL_set_quic_early_data_enabled() with LibreSSL	Sergey Kandaurov	107	October 17, 2022 10:06AM
Re: [PATCH 2 of 4] QUIC: do not use SSL_set_quic_early_data_enabled() with LibreSSL	Roman Arutyunyan	139	October 18, 2022 07:48AM
[PATCH 1 of 4] QUIC: using native TLSv1.3 cipher suite constants	Sergey Kandaurov	125	October 11, 2022 06:44AM
[PATCH 3 of 4] QUIC: support for setting QUIC methods with LibreSSL	Sergey Kandaurov	134	October 11, 2022 06:44AM
Re: [PATCH 3 of 4] QUIC: support for setting QUIC methods with LibreSSL	Roman Arutyunyan	143	October 17, 2022 09:32AM
Re: [PATCH 3 of 4] QUIC: support for setting QUIC methods with LibreSSL	Sergey Kandaurov	146	October 17, 2022 10:28AM
Re: [PATCH 3 of 4] QUIC: support for setting QUIC methods with LibreSSL	Maxim Dounin	121	October 20, 2022 08:12PM
Re: [PATCH 3 of 4] QUIC: support for setting QUIC methods with LibreSSL	Sergey Kandaurov	111	November 15, 2022 07:30AM
Re: [PATCH 3 of 4] QUIC: support for setting QUIC methods with LibreSSL	Maxim Dounin	106	November 17, 2022 11:00PM
Re: [PATCH 3 of 4] QUIC: support for setting QUIC methods with LibreSSL	Sergey Kandaurov	118	November 21, 2022 06:28AM
[PATCH 4 of 4] QUIC: removed compatibility with older BoringSSL API	Sergey Kandaurov	202	October 11, 2022 06:44AM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 285

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018