Mercurial > nginx
changeset 9408:eb8af216d0a2
QUIC: logging missing mandatory TLS extensions only once.
Previously, they might be logged on every add_handshake_data
callback invocation when using OpenSSL compat layer and processing
coalesced handshake messages.
Further, the ALPN error message is adjusted to signal the missing
extension. Possible reasons were previously narrowed down with
ebb6f7d65 changes in the ALPN callback that is invoked earlier in
the handshake.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Tue, 06 May 2025 18:57:01 +0400 |
| parents | 3e0912eeeeb7 |
| children | cf6f8ac919ba |
| files | src/event/quic/ngx_event_quic_ssl.c |
| diffstat | 1 files changed, 15 insertions(+), 8 deletions(-) [+] |
line wrap: on
line diff
--- a/src/event/quic/ngx_event_quic_ssl.c Wed May 14 23:33:00 2025 +0400 +++ b/src/event/quic/ngx_event_quic_ssl.c Tue May 06 18:57:01 2025 +0400 @@ -195,11 +195,14 @@ SSL_get0_alpn_selected(ssl_conn, &alpn_data, &alpn_len); if (alpn_len == 0) { - qc->error = NGX_QUIC_ERR_CRYPTO(SSL_AD_NO_APPLICATION_PROTOCOL); - qc->error_reason = "unsupported protocol in ALPN extension"; + if (qc->error == 0) { + qc->error = NGX_QUIC_ERR_CRYPTO(SSL_AD_NO_APPLICATION_PROTOCOL); + qc->error_reason = "missing ALPN extension"; - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "quic unsupported protocol in ALPN extension"); + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "quic missing ALPN extension"); + } + return 1; } @@ -212,11 +215,15 @@ if (client_params_len == 0) { /* RFC 9001, 8.2. QUIC Transport Parameters Extension */ - qc->error = NGX_QUIC_ERR_CRYPTO(SSL_AD_MISSING_EXTENSION); - qc->error_reason = "missing transport parameters"; + + if (qc->error == 0) { + qc->error = NGX_QUIC_ERR_CRYPTO(SSL_AD_MISSING_EXTENSION); + qc->error_reason = "missing transport parameters"; - ngx_log_error(NGX_LOG_INFO, c->log, 0, - "missing transport parameters"); + ngx_log_error(NGX_LOG_INFO, c->log, 0, + "missing transport parameters"); + } + return 1; }