Mercurial > nginx

changeset 9410:36c5b3420f13

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
QUIC: factored out SSL_provide_quic_data() to the helper function. It is now called from ngx_quic_handle_crypto_frame(), prior to proceeding with the handshake. With this logic removed, the handshake function is renamed to ngx_quic_handshake() to better match ngx_ssl_handshake().
author Sergey Kandaurov <pluknet@nginx.com>
date Wed, 21 May 2025 20:32:48 +0400
parents cf6f8ac919ba
children 7e424b06825b
files src/event/quic/ngx_event_quic_ssl.c
diffstat 1 files changed, 36 insertions(+), 17 deletions(-) [+]
line wrap: on
line diff
--- a/src/event/quic/ngx_event_quic_ssl.c	Wed May 21 03:54:45 2025 +0400
+++ b/src/event/quic/ngx_event_quic_ssl.c	Wed May 21 20:32:48 2025 +0400
@@ -36,7 +36,8 @@
 static int ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn);
 static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn,
     enum ssl_encryption_level_t level, uint8_t alert);
-static ngx_int_t ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data,
+static ngx_int_t ngx_quic_handshake(ngx_connection_t *c);
+static ngx_int_t ngx_quic_crypto_provide(ngx_connection_t *c, ngx_chain_t *out,
     enum ssl_encryption_level_t level);
 
 
@@ -357,7 +358,11 @@
     }
 
     if (f->offset == ctx->crypto.offset) {
-        if (ngx_quic_crypto_input(c, frame->data, pkt->level) != NGX_OK) {
+        if (ngx_quic_crypto_provide(c, frame->data, pkt->level) != NGX_OK) {
+            return NGX_ERROR;
+        }
+
+        if (ngx_quic_handshake(c) != NGX_OK) {
             return NGX_ERROR;
         }
 
@@ -375,7 +380,11 @@
     cl = ngx_quic_read_buffer(c, &ctx->crypto, (uint64_t) -1);
 
     if (cl) {
-        if (ngx_quic_crypto_input(c, cl, pkt->level) != NGX_OK) {
+        if (ngx_quic_crypto_provide(c, cl, pkt->level) != NGX_OK) {
+            return NGX_ERROR;
+        }
+
+        if (ngx_quic_handshake(c) != NGX_OK) {
             return NGX_ERROR;
         }
 
@@ -387,12 +396,9 @@
 
 
 static ngx_int_t
-ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data,
-    enum ssl_encryption_level_t level)
+ngx_quic_handshake(ngx_connection_t *c)
 {
     int                     n, sslerr;
-    ngx_buf_t              *b;
-    ngx_chain_t            *cl;
     ngx_ssl_conn_t         *ssl_conn;
     ngx_quic_frame_t       *frame;
     ngx_quic_connection_t  *qc;
@@ -401,16 +407,6 @@
 
     ssl_conn = c->ssl->connection;
 
-    for (cl = data; cl; cl = cl->next) {
-        b = cl->buf;
-
-        if (!SSL_provide_quic_data(ssl_conn, level, b->pos, b->last - b->pos)) {
-            ngx_ssl_error(NGX_LOG_ALERT, c->log, 0,
-                          "SSL_provide_quic_data() failed");
-            return NGX_ERROR;
-        }
-    }
-
     n = SSL_do_handshake(ssl_conn);
 
     ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n);
@@ -503,6 +499,29 @@
 }
 
 
+static ngx_int_t
+ngx_quic_crypto_provide(ngx_connection_t *c, ngx_chain_t *out,
+    enum ssl_encryption_level_t level)
+{
+    ngx_buf_t    *b;
+    ngx_chain_t  *cl;
+
+    for (cl = out; cl; cl = cl->next) {
+        b = cl->buf;
+
+        if (!SSL_provide_quic_data(c->ssl->connection, level, b->pos,
+                                   b->last - b->pos))
+        {
+            ngx_ssl_error(NGX_LOG_ALERT, c->log, 0,
+                          "SSL_provide_quic_data() failed");
+            return NGX_ERROR;
+        }
+    }
+
+    return NGX_OK;
+}
+
+
 ngx_int_t
 ngx_quic_init_connection(ngx_connection_t *c)
 {