diff options
| author | Sergey Kandaurov <pluknet@nginx.com> | 2025-02-13 17:00:56 +0400 |
|---|---|---|
| committer | Roman Arutyunyan <arutyunyan.roman@gmail.com> | 2025-05-23 15:00:47 +0400 |
| commit | 6a134dfd4888fc3850d22294687cfb3940994c69 (patch) | |
| tree | 8f23f64df49b8325d87cc82ee9b0ef246d97972d /src/event/quic/ngx_event_quic.h | |
| parent | 1d4d2f2c962c33aafdd8f79d9fc50b7cacf05e24 (diff) | |
| download | nginx-6a134dfd4888fc3850d22294687cfb3940994c69.tar.gz nginx-6a134dfd4888fc3850d22294687cfb3940994c69.tar.bz2 | |
QUIC: using QUIC API introduced in OpenSSL 3.5.
Similarly to the QUIC API originated in BoringSSL, this API allows
to register custom TLS callbacks for an external QUIC implementation.
See the SSL_set_quic_tls_cbs manual page for details.
Due to a different approach used in OpenSSL 3.5, handling of CRYPTO
frames was streamlined to always write an incoming CRYPTO buffer to
the crypto context. Using SSL_provide_quic_data(), this results in
transient allocation of chain links and buffers for CRYPTO frames
received in order. Testing didn't reveal performance degradation of
QUIC handshakes, https://github.com/nginx/nginx/pull/646 provides
specific results.
Diffstat (limited to 'src/event/quic/ngx_event_quic.h')
| -rw-r--r-- | src/event/quic/ngx_event_quic.h | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/event/quic/ngx_event_quic.h b/src/event/quic/ngx_event_quic.h index 50a5c214e..d95d3d85b 100644 --- a/src/event/quic/ngx_event_quic.h +++ b/src/event/quic/ngx_event_quic.h @@ -12,7 +12,10 @@ #include <ngx_core.h> -#ifdef SSL_R_MISSING_QUIC_TRANSPORT_PARAMETERS_EXTENSION +#ifdef OSSL_RECORD_PROTECTION_LEVEL_NONE +#define NGX_QUIC_OPENSSL_API 1 + +#elif (defined SSL_R_MISSING_QUIC_TRANSPORT_PARAMETERS_EXTENSION) #define NGX_QUIC_QUICTLS_API 1 #elif (defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER) |