I'm using a single bidirectional stream, so my backend is just a simple TCP server that understands the data that is sent to it. I already tried setting the ALPN in the stream module and it actually worked. I was just not sure if that was the right thing to do. But what you proposed is best, I might try adding a custom directive that can control what to set the ALPN to. Thanks for the help.
R, Lucas. On Mon, Jun 14, 2021 at 12:00 PM Vladimir Homutov <v...@nginx.com> wrote: > 14.06.2021 19:43, Lucas Cuminato пишет: > > Hi, Vladimir, thanks for replying. > > > > I'm not using any protocol over QUIC, just using QUIC to send/receive > > raw data to/from my application and the server, and having nginx proxy > > it to a TCP server. > > I do have a proxy_pass configured in my setup. I just omitted for > > simplicity. > > > > R, > > Lucas. > > Ok, so you have custom backend that knows what to do with QUIC streams? > And you backend is TCP-based? Sounds quite interesting. Or does it deal > with single stream only? > > Anyway, right now it fails at ALPN stage. Probably, in future, we may > introduce some configuration directive to control it. It is not yet > absolutely clear how the stream module should deal with quic. > > Yoy may want to try to copy the code wich sets ALPN callback from > http_quic module and provides some meaningful value for protocol. > > > > > > > On Mon, Jun 14, 2021 at 11:35 AM Vladimir Homutov <v...@nginx.com > > <mailto:v...@nginx.com>> wrote: > > > > 14.06.2021 18:08, Lucas Cuminato пишет: > > > Hello, > > > > > > Not sure If this is a bug in nginx-quic or if I'm not configuring > > > it correctly but when trying to use nginx-quic with the following > > settings. > > > > > > stream { > > > server { > > > listen 5555 quic reuseport; > > > ssl_session_cache off; > > > ssl_client_certificate ca.pem > > > ssl_verify_client on; > > > ssl_session_tickets off; > > > ssl_certificate cert.pem > > > ssl_certificate_key key.pem; > > > ssl_protocols TLSv1.3; > > > } > > > } > > > > > > and using a standalone application that uses ngtcp2 to try to > > connect to > > > nginx-quic, I get a TLS alert saying that "No application > protocol". > > > I've tracked this down and it seems like nginx-quic is not > > setting any > > > ALPN for the SSL context when using QUIC as a stream (in > > > ngx_stream_ssl_module.c). > > > It does it set it when using QUIC as HTTP > > (in ngx_http_ssl_module.c). > > > Now, I believe ALPN is mandatory for QUIC according to the > > > QUIC-TRANSPORT draft, so this might be a bug. > > > By copying the code done in ngx_http_ssl_module.c for setting the > > ALPN > > > and using it in ngx_stream_ssl_module.c, I was able to make my > > > standalone app connect and transfer data, but not sure > > > if this is the right fix. > > > > > > R, > > > Lucas. > > > > > Hello, > > this is expected with stream module. > > ALPN is required, but is not clear what protocol (http3? other > protocol > > over quic?) is going to be used. > > Can you please elaborate your use case? What are you going to > achieve? > > Also, the suggested configuration is not going to work, since you > don't > > have any content handling module (i.e. proxy_pass or return). > > > > > > > _______________________________________________ > nginx-devel mailing list > nginx-devel@nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx-devel
_______________________________________________ nginx-devel mailing list nginx-devel@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-devel