]> git.kaiwu.me - nginx.git/commitdiff
HTTP/3: http3_hq directive and NGX_HTTP_V3_HQ macro.
authorRoman Arutyunyan <arut@nginx.com>
Sat, 4 Dec 2021 07:52:55 +0000 (10:52 +0300)
committerRoman Arutyunyan <arut@nginx.com>
Sat, 4 Dec 2021 07:52:55 +0000 (10:52 +0300)
Listen quic parameter is no longer supported.

README
src/http/modules/ngx_http_ssl_module.c
src/http/ngx_http.c
src/http/ngx_http_core_module.c
src/http/ngx_http_core_module.h
src/http/ngx_http_request.c
src/http/v3/ngx_http_v3.h
src/http/v3/ngx_http_v3_module.c
src/http/v3/ngx_http_v3_request.c

diff --git a/README b/README
index cdbfde7af977c47f680d14406fb3d57f7adc3f5f..1ecf46e07210703aac064670601919dee52c061f 100644 (file)
--- a/README
+++ b/README
@@ -89,9 +89,8 @@ Experimental QUIC support for nginx
 
 3. Configuration
 
-    The HTTP "listen" directive got two new options: "http3" and "quic".
-    The "http3" option enables HTTP/3 over QUIC on the specified port.
-    The "quic" option enables QUIC for older HTTP versions on this port.
+    The HTTP "listen" directive got a new option "http3" which enables
+    HTTP/3 over QUIC on the specified port.
 
     The Stream "listen" directive got a new option "quic" which enables
     QUIC as client transport protocol instead of TCP or plain UDP.
@@ -140,6 +139,7 @@ Experimental QUIC support for nginx
         http3_max_concurrent_pushes
         http3_push
         http3_push_preload
+        http3_hq (requires NGX_HTTP_V3_HQ macro)
 
     An additional variable is available: $quic.
     The value of $quic is "quic" if QUIC connection is used,
index 3af21178b99f071357c72e6dbb3cea7ca053e447..f43e51eacaec8e2e4d8dda876e160c2554359c64 100644 (file)
@@ -417,18 +417,21 @@ ngx_http_ssl_alpn_select(ngx_ssl_conn_t *ssl_conn, const unsigned char **out,
     void *arg)
 {
 #if (NGX_HTTP_V3)
-    const char             *fmt;
+    const char              *fmt;
 #endif
-    unsigned int            srvlen;
-    unsigned char          *srv;
+    unsigned int             srvlen;
+    unsigned char           *srv;
 #if (NGX_DEBUG)
-    unsigned int            i;
+    unsigned int             i;
 #endif
 #if (NGX_HTTP_V2 || NGX_HTTP_V3)
-    ngx_http_connection_t  *hc;
+    ngx_http_connection_t   *hc;
+#endif
+#if (NGX_HTTP_V3 && NGX_HTTP_V3_HQ)
+    ngx_http_v3_srv_conf_t  *h3scf;
 #endif
 #if (NGX_HTTP_V2 || NGX_HTTP_V3 || NGX_DEBUG)
-    ngx_connection_t       *c;
+    ngx_connection_t        *c;
 
     c = ngx_ssl_get_connection(ssl_conn);
 #endif
@@ -452,16 +455,21 @@ ngx_http_ssl_alpn_select(ngx_ssl_conn_t *ssl_conn, const unsigned char **out,
     } else
 #endif
 #if (NGX_HTTP_V3)
-    if (hc->addr_conf->quic) {
-        if (hc->addr_conf->http3) {
+    if (hc->addr_conf->http3) {
+
+#if (NGX_HTTP_V3_HQ)
+        h3scf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_v3_module);
+
+        if (h3scf->hq) {
+            srv = (unsigned char *) NGX_HTTP_V3_HQ_ALPN_PROTO;
+            srvlen = sizeof(NGX_HTTP_V3_HQ_ALPN_PROTO) - 1;
+            fmt = NGX_HTTP_V3_HQ_ALPN_DRAFT_FMT;
+        } else
+#endif
+        {
             srv = (unsigned char *) NGX_HTTP_V3_ALPN_PROTO;
             srvlen = sizeof(NGX_HTTP_V3_ALPN_PROTO) - 1;
             fmt = NGX_HTTP_V3_ALPN_DRAFT_FMT;
-
-        } else {
-            srv = (unsigned char *) NGX_HTTP_QUIC_ALPN_PROTO;
-            srvlen = sizeof(NGX_HTTP_QUIC_ALPN_PROTO) - 1;
-            fmt = NGX_HTTP_QUIC_ALPN_DRAFT_FMT;
         }
 
         /* QUIC draft */
@@ -1317,16 +1325,13 @@ ngx_http_ssl_init(ngx_conf_t *cf)
         addr = port[p].addrs.elts;
         for (a = 0; a < port[p].addrs.nelts; a++) {
 
-            if (!addr[a].opt.ssl && !addr[a].opt.quic) {
+            if (!addr[a].opt.ssl && !addr[a].opt.http3) {
                 continue;
             }
 
             if (addr[a].opt.http3) {
                 name = "http3";
 
-            } else if (addr[a].opt.quic) {
-                name = "quic";
-
             } else {
                 name = "ssl";
             }
@@ -1336,7 +1341,7 @@ ngx_http_ssl_init(ngx_conf_t *cf)
 
             if (sscf->certificates) {
 
-                if (addr[a].opt.quic && !(sscf->protocols & NGX_SSL_TLSv1_3)) {
+                if (addr[a].opt.http3 && !(sscf->protocols & NGX_SSL_TLSv1_3)) {
                     ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
                                   "\"ssl_protocols\" must enable TLSv1.3 for "
                                   "the \"listen ... %s\" directive in %s:%ui",
index 187d867bb4b9352ca6fb74e741d8960ac1505d8f..4886a88bf35b90cd216aa53049e01d51e7e9bdf0 100644 (file)
@@ -1241,7 +1241,6 @@ ngx_http_add_addresses(ngx_conf_t *cf, ngx_http_core_srv_conf_t *cscf,
     ngx_uint_t             http2;
 #endif
 #if (NGX_HTTP_V3)
-    ngx_uint_t             quic;
     ngx_uint_t             http3;
 #endif
 
@@ -1280,7 +1279,6 @@ ngx_http_add_addresses(ngx_conf_t *cf, ngx_http_core_srv_conf_t *cscf,
         http2 = lsopt->http2 || addr[i].opt.http2;
 #endif
 #if (NGX_HTTP_V3)
-        quic = lsopt->quic || addr[i].opt.quic;
         http3 = lsopt->http3 || addr[i].opt.http3;
 #endif
 
@@ -1320,7 +1318,6 @@ ngx_http_add_addresses(ngx_conf_t *cf, ngx_http_core_srv_conf_t *cscf,
         addr[i].opt.http2 = http2;
 #endif
 #if (NGX_HTTP_V3)
-        addr[i].opt.quic = quic;
         addr[i].opt.http3 = http3;
 #endif
 
@@ -1367,10 +1364,10 @@ ngx_http_add_address(ngx_conf_t *cf, ngx_http_core_srv_conf_t *cscf,
 
 #if (NGX_HTTP_V3 && !defined NGX_QUIC)
 
-    if (lsopt->quic) {
+    if (lsopt->http3) {
         ngx_conf_log_error(NGX_LOG_WARN, cf, 0,
                            "nginx was built with OpenSSL that lacks QUIC "
-                           "support, QUIC is not enabled for %V",
+                           "support, HTTP/3 is not enabled for %V",
                            &lsopt->addr_text);
     }
 
@@ -1836,7 +1833,7 @@ ngx_http_add_listening(ngx_conf_t *cf, ngx_http_conf_addr_t *addr)
     ls->wildcard = addr->opt.wildcard;
 
 #if (NGX_HTTP_V3)
-    ls->quic = addr->opt.quic;
+    ls->quic = addr->opt.http3;
 #endif
 
     return ls;
@@ -1872,7 +1869,6 @@ ngx_http_add_addrs(ngx_conf_t *cf, ngx_http_port_t *hport,
         addrs[i].conf.http2 = addr[i].opt.http2;
 #endif
 #if (NGX_HTTP_V3)
-        addrs[i].conf.quic = addr[i].opt.quic;
         addrs[i].conf.http3 = addr[i].opt.http3;
 #endif
         addrs[i].conf.proxy_protocol = addr[i].opt.proxy_protocol;
@@ -1941,7 +1937,6 @@ ngx_http_add_addrs6(ngx_conf_t *cf, ngx_http_port_t *hport,
         addrs6[i].conf.http2 = addr[i].opt.http2;
 #endif
 #if (NGX_HTTP_V3)
-        addrs6[i].conf.quic = addr[i].opt.quic;
         addrs6[i].conf.http3 = addr[i].opt.http3;
 #endif
         addrs6[i].conf.proxy_protocol = addr[i].opt.proxy_protocol;
index 1e8e27802001887303ceb9b529353b46ec97875c..12f7bfb2766c102bc933188b36c07bc5239b78ed 100644 (file)
@@ -4096,22 +4096,8 @@ ngx_http_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
 #endif
         }
 
-        if (ngx_strcmp(value[n].data, "quic") == 0) {
-#if (NGX_HTTP_V3)
-            lsopt.quic = 1;
-            lsopt.type = SOCK_DGRAM;
-            continue;
-#else
-            ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                               "the \"quic\" parameter requires "
-                               "ngx_http_v3_module");
-            return NGX_CONF_ERROR;
-#endif
-        }
-
         if (ngx_strcmp(value[n].data, "http3") == 0) {
 #if (NGX_HTTP_V3)
-            lsopt.quic = 1;
             lsopt.http3 = 1;
             lsopt.type = SOCK_DGRAM;
             continue;
@@ -4224,20 +4210,10 @@ ngx_http_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
         return NGX_CONF_ERROR;
     }
 
-#if (NGX_HTTP_SSL)
-
-#if (NGX_HTTP_V3)
+#if (NGX_HTTP_SSL && NGX_HTTP_V3)
     if (lsopt.ssl && lsopt.http3) {
         return "\"ssl\" parameter is incompatible with \"http3\"";
     }
-#endif
-
-#if (NGX_HTTP_V3)
-    if (lsopt.ssl && lsopt.quic) {
-        return "\"ssl\" parameter is incompatible with \"quic\"";
-    }
-#endif
-
 #endif
 
     for (n = 0; n < u.naddrs; n++) {
index 1486966418af5c0272c424f70b01ee8ede7767b0..822c7d26450dfc61e92bf60853fc754b19b448c4 100644 (file)
@@ -74,7 +74,6 @@ typedef struct {
     unsigned                   bind:1;
     unsigned                   wildcard:1;
     unsigned                   ssl:1;
-    unsigned                   quic:1;
     unsigned                   http2:1;
     unsigned                   http3:1;
 #if (NGX_HAVE_INET6)
index 0acedb6e93370224c49c9fdf09e69836fd579cea..e8907c100357460c3246c7030027851a1e2592e3 100644 (file)
@@ -327,7 +327,7 @@ ngx_http_init_connection(ngx_connection_t *c)
 #endif
 
 #if (NGX_HTTP_V3)
-    if (hc->addr_conf->quic) {
+    if (hc->addr_conf->http3) {
         ngx_http_v3_init(c);
         return;
     }
index bee073e1d7c8d5e50e8ee23f9ff1ca4ae19e93ad..f470b327d83ed6a09990e7b3c903055db5122892 100644 (file)
@@ -22,8 +22,8 @@
 #define NGX_HTTP_V3_ALPN_PROTO                     "\x02h3"
 #define NGX_HTTP_V3_ALPN_DRAFT_FMT                 "\x05h3-%02uD"
 
-#define NGX_HTTP_QUIC_ALPN_PROTO                   "\x0Ahq-interop"
-#define NGX_HTTP_QUIC_ALPN_DRAFT_FMT               "\x05hq-%02uD"
+#define NGX_HTTP_V3_HQ_ALPN_PROTO                  "\x0Ahq-interop"
+#define NGX_HTTP_V3_HQ_ALPN_DRAFT_FMT              "\x05hq-%02uD"
 
 #define NGX_HTTP_V3_VARLEN_INT_LEN                 4
 #define NGX_HTTP_V3_PREFIX_INT_LEN                 11
@@ -102,6 +102,9 @@ typedef struct {
     ngx_uint_t                    max_blocked_streams;
     ngx_uint_t                    max_concurrent_pushes;
     ngx_uint_t                    max_uni_streams;
+#if (NGX_HTTP_V3_HQ)
+    ngx_flag_t                    hq;
+#endif
     ngx_quic_conf_t               quic;
 } ngx_http_v3_srv_conf_t;
 
index 14e24d29a43bf3b054c2c86cc76c46d30261175e..0b2e59b9abfd8162f02d59ac11e0c54b673236b9 100644 (file)
@@ -68,6 +68,15 @@ static ngx_command_t  ngx_http_v3_commands[] = {
       offsetof(ngx_http_v3_srv_conf_t, max_uni_streams),
       NULL },
 
+#if (NGX_HTTP_V3_HQ)
+    { ngx_string("http3_hq"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
+      ngx_conf_set_flag_slot,
+      NGX_HTTP_SRV_CONF_OFFSET,
+      offsetof(ngx_http_v3_srv_conf_t, hq),
+      NULL },
+#endif
+
     { ngx_string("http3_push"),
       NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
       ngx_http_v3_push,
@@ -300,6 +309,9 @@ ngx_http_v3_create_srv_conf(ngx_conf_t *cf)
     h3scf->max_blocked_streams = NGX_CONF_UNSET_UINT;
     h3scf->max_concurrent_pushes = NGX_CONF_UNSET_UINT;
     h3scf->max_uni_streams = NGX_CONF_UNSET_UINT;
+#if (NGX_HTTP_V3_HQ)
+    h3scf->hq = NGX_CONF_UNSET;
+#endif
 
     h3scf->quic.tp.max_idle_timeout = NGX_CONF_UNSET_MSEC;
     h3scf->quic.tp.max_ack_delay = NGX_CONF_UNSET_MSEC;
@@ -343,6 +355,10 @@ ngx_http_v3_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
     ngx_conf_merge_uint_value(conf->max_uni_streams,
                               prev->max_uni_streams, 3);
 
+#if (NGX_HTTP_V3_HQ)
+    ngx_conf_merge_value(conf->hq, prev->hq, 0);
+#endif
+
     ngx_conf_merge_msec_value(conf->quic.tp.max_idle_timeout,
                               prev->quic.tp.max_idle_timeout, 60000);
 
index a4b570370b3d14b8c080011ab9f179f2a457deec..7fce688aa8c1f90c9928fcceb51f35d8940cd3dc 100644 (file)
@@ -10,7 +10,9 @@
 #include <ngx_http.h>
 
 
+#if (NGX_HTTP_V3_HQ)
 static void ngx_http_v3_init_hq_stream(ngx_connection_t *c);
+#endif
 static void ngx_http_v3_init_request_stream(ngx_connection_t *c);
 static void ngx_http_v3_wait_request_handler(ngx_event_t *rev);
 static void ngx_http_v3_cleanup_request(void *data);
@@ -64,11 +66,10 @@ ngx_http_v3_init(ngx_connection_t *c)
 
     hc->ssl = 1;
 
-    if (c->quic == NULL) {
-        h3scf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_v3_module);
+    h3scf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_v3_module);
 
+    if (c->quic == NULL) {
         ngx_quic_run(c, &h3scf->quic);
-
         return;
     }
 
@@ -82,10 +83,12 @@ ngx_http_v3_init(ngx_connection_t *c)
         ngx_set_connection_log(c, clcf->error_log);
     }
 
-    if (!hc->addr_conf->http3) {
+#if (NGX_HTTP_V3_HQ)
+    if (h3scf->hq) {
         ngx_http_v3_init_hq_stream(c);
         return;
     }
+#endif
 
     if (ngx_http_v3_init_session(c) != NGX_OK) {
         ngx_http_close_connection(c);
@@ -101,6 +104,8 @@ ngx_http_v3_init(ngx_connection_t *c)
 }
 
 
+#if (NGX_HTTP_V3_HQ)
+
 static void
 ngx_http_v3_init_hq_stream(ngx_connection_t *c)
 {
@@ -168,6 +173,8 @@ ngx_http_v3_init_hq_stream(ngx_connection_t *c)
     }
 }
 
+#endif
+
 
 static void
 ngx_http_v3_init_request_stream(ngx_connection_t *c)
@@ -387,16 +394,15 @@ ngx_http_v3_wait_request_handler(ngx_event_t *rev)
 void
 ngx_http_v3_reset_connection(ngx_connection_t *c)
 {
-    ngx_http_connection_t   *hc;
     ngx_http_v3_srv_conf_t  *h3scf;
 
-    hc = ngx_http_quic_get_connection(c);
+    h3scf = ngx_http_v3_get_module_srv_conf(c, ngx_http_v3_module);
 
-    if (!hc->addr_conf->http3) {
+#if (NGX_HTTP_V3_HQ)
+    if (h3scf->hq) {
         return;
     }
-
-    h3scf = ngx_http_v3_get_module_srv_conf(c, ngx_http_v3_module);
+#endif
 
     if (h3scf->max_table_capacity > 0 && !c->read->eof) {
         (void) ngx_http_v3_send_cancel_stream(c, c->quic->id);