Mercurial > hg > nginx
view auto/headers @ 8438:a2c34e77cfc1 quic
QUIC: added ALPN checks.
quic-transport draft 29:
section 7:
* authenticated negotiation of an application protocol (TLS uses
ALPN [RFC7301] for this purpose)
...
Endpoints MUST explicitly negotiate an application protocol. This
avoids situations where there is a disagreement about the protocol
that is in use.
section 8.1:
When using ALPN, endpoints MUST immediately close a connection (see
Section 10.3 of [QUIC-TRANSPORT]) with a no_application_protocol TLS
alert (QUIC error code 0x178; see Section 4.10) if an application
protocol is not negotiated.
Changes in ngx_quic_close_quic() function are required to avoid attempts
to generated and send packets without proper keys, what happens in case
of failed ALPN check.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Thu, 18 Jun 2020 13:58:46 +0300 |
parents | d620f497c50f |
children |
line wrap: on
line source
# Copyright (C) Igor Sysoev # Copyright (C) Nginx, Inc. ngx_include="unistd.h"; . auto/include ngx_include="inttypes.h"; . auto/include ngx_include="limits.h"; . auto/include ngx_include="sys/filio.h"; . auto/include ngx_include="sys/param.h"; . auto/include ngx_include="sys/mount.h"; . auto/include ngx_include="sys/statvfs.h"; . auto/include ngx_include="crypt.h"; . auto/include