14.06.2021 18:08, Lucas Cuminato пишет:
Hello,
Not sure If this is a bug in nginx-quic or if I'm not configuring
it correctly but when trying to use nginx-quic with the following settings.
stream {
server {
listen 5555 quic reuseport;
ssl_session_cache off;
ssl_client_certificate ca.pem
ssl_verify_client on;
ssl_session_tickets off;
ssl_certificate cert.pem
ssl_certificate_key key.pem;
ssl_protocols TLSv1.3;
}
}
and using a standalone application that uses ngtcp2 to try to connect to
nginx-quic, I get a TLS alert saying that "No application protocol".
I've tracked this down and it seems like nginx-quic is not setting any
ALPN for the SSL context when using QUIC as a stream (in
ngx_stream_ssl_module.c).
It does it set it when using QUIC as HTTP (in ngx_http_ssl_module.c).
Now, I believe ALPN is mandatory for QUIC according to the
QUIC-TRANSPORT draft, so this might be a bug.
By copying the code done in ngx_http_ssl_module.c for setting the ALPN
and using it in ngx_stream_ssl_module.c, I was able to make my
standalone app connect and transfer data, but not sure
if this is the right fix.
R,
Lucas.
Hello,
this is expected with stream module.
ALPN is required, but is not clear what protocol (http3? other protocol
over quic?) is going to be used.
Can you please elaborate your use case? What are you going to achieve?
Also, the suggested configuration is not going to work, since you don't
have any content handling module (i.e. proxy_pass or return).
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
