From a36ebf7e95baebf445b0973bd270bc009b0b0e9a Mon Sep 17 00:00:00 2001
From: Roman Arutyunyan <arut@nginx.com>
Date: Wed, 22 Feb 2023 19:16:53 +0400
Subject: QUIC: OpenSSL compatibility layer.

The change allows to compile QUIC with OpenSSL which lacks BoringSSL QUIC API.

This implementation does not support 0-RTT.
---
 src/stream/ngx_stream_ssl_module.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'src/stream/ngx_stream_ssl_module.c')

diff --git a/src/stream/ngx_stream_ssl_module.c b/src/stream/ngx_stream_ssl_module.c
index 4b98f2586..4a4e75514 100644
--- a/src/stream/ngx_stream_ssl_module.c
+++ b/src/stream/ngx_stream_ssl_module.c
@@ -9,6 +9,10 @@
 #include <ngx_core.h>
 #include <ngx_stream.h>
 
+#if (NGX_QUIC_OPENSSL_COMPAT)
+#include <ngx_event_quic_openssl_compat.h>
+#endif
+
 
 typedef ngx_int_t (*ngx_ssl_variable_handler_pt)(ngx_connection_t *c,
     ngx_pool_t *pool, ngx_str_t *s);
@@ -1218,6 +1222,12 @@ ngx_stream_ssl_init(ngx_conf_t *cf)
 
         scf = listen[i].ctx->srv_conf[ngx_stream_ssl_module.ctx_index];
 
+#if (NGX_QUIC_OPENSSL_COMPAT)
+        if (ngx_quic_compat_init(cf, scf->ssl.ctx) != NGX_OK) {
+            return NGX_ERROR;
+        }
+#endif
+
         if (scf->certificates && !(scf->protocols & NGX_SSL_TLSv1_3)) {
             ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
                           "\"ssl_protocols\" must enable TLSv1.3 for "
-- 
cgit