details:   
https://github.com/nginx/nginx/commit/9857578f15352ec248813f5b3e58ca55dc82f967
branches:  master
commit:    9857578f15352ec248813f5b3e58ca55dc82f967
user:      Sergey Kandaurov <pluk...@nginx.com>
date:      Wed, 21 May 2025 20:32:48 +0400
description:
QUIC: factored out SSL_provide_quic_data() to the helper function.

It is now called from ngx_quic_handle_crypto_frame(), prior to proceeding
with the handshake.  With this logic removed, the handshake function is
renamed to ngx_quic_handshake() to better match ngx_ssl_handshake().

---
 src/event/quic/ngx_event_quic_ssl.c | 53 +++++++++++++++++++++++++------------
 1 file changed, 36 insertions(+), 17 deletions(-)

diff --git a/src/event/quic/ngx_event_quic_ssl.c 
b/src/event/quic/ngx_event_quic_ssl.c
index 1bb34831c..c9ebd70bc 100644
--- a/src/event/quic/ngx_event_quic_ssl.c
+++ b/src/event/quic/ngx_event_quic_ssl.c
@@ -36,7 +36,8 @@ static int ngx_quic_add_handshake_data(ngx_ssl_conn_t 
*ssl_conn,
 static int ngx_quic_flush_flight(ngx_ssl_conn_t *ssl_conn);
 static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn,
     enum ssl_encryption_level_t level, uint8_t alert);
-static ngx_int_t ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data,
+static ngx_int_t ngx_quic_handshake(ngx_connection_t *c);
+static ngx_int_t ngx_quic_crypto_provide(ngx_connection_t *c, ngx_chain_t *out,
     enum ssl_encryption_level_t level);
 
 
@@ -357,7 +358,11 @@ ngx_quic_handle_crypto_frame(ngx_connection_t *c, 
ngx_quic_header_t *pkt,
     }
 
     if (f->offset == ctx->crypto.offset) {
-        if (ngx_quic_crypto_input(c, frame->data, pkt->level) != NGX_OK) {
+        if (ngx_quic_crypto_provide(c, frame->data, pkt->level) != NGX_OK) {
+            return NGX_ERROR;
+        }
+
+        if (ngx_quic_handshake(c) != NGX_OK) {
             return NGX_ERROR;
         }
 
@@ -375,7 +380,11 @@ ngx_quic_handle_crypto_frame(ngx_connection_t *c, 
ngx_quic_header_t *pkt,
     cl = ngx_quic_read_buffer(c, &ctx->crypto, (uint64_t) -1);
 
     if (cl) {
-        if (ngx_quic_crypto_input(c, cl, pkt->level) != NGX_OK) {
+        if (ngx_quic_crypto_provide(c, cl, pkt->level) != NGX_OK) {
+            return NGX_ERROR;
+        }
+
+        if (ngx_quic_handshake(c) != NGX_OK) {
             return NGX_ERROR;
         }
 
@@ -387,12 +396,9 @@ ngx_quic_handle_crypto_frame(ngx_connection_t *c, 
ngx_quic_header_t *pkt,
 
 
 static ngx_int_t
-ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data,
-    enum ssl_encryption_level_t level)
+ngx_quic_handshake(ngx_connection_t *c)
 {
     int                     n, sslerr;
-    ngx_buf_t              *b;
-    ngx_chain_t            *cl;
     ngx_ssl_conn_t         *ssl_conn;
     ngx_quic_frame_t       *frame;
     ngx_quic_connection_t  *qc;
@@ -401,16 +407,6 @@ ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t 
*data,
 
     ssl_conn = c->ssl->connection;
 
-    for (cl = data; cl; cl = cl->next) {
-        b = cl->buf;
-
-        if (!SSL_provide_quic_data(ssl_conn, level, b->pos, b->last - b->pos)) 
{
-            ngx_ssl_error(NGX_LOG_ALERT, c->log, 0,
-                          "SSL_provide_quic_data() failed");
-            return NGX_ERROR;
-        }
-    }
-
     n = SSL_do_handshake(ssl_conn);
 
     ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_do_handshake: %d", n);
@@ -503,6 +499,29 @@ ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t 
*data,
 }
 
 
+static ngx_int_t
+ngx_quic_crypto_provide(ngx_connection_t *c, ngx_chain_t *out,
+    enum ssl_encryption_level_t level)
+{
+    ngx_buf_t    *b;
+    ngx_chain_t  *cl;
+
+    for (cl = out; cl; cl = cl->next) {
+        b = cl->buf;
+
+        if (!SSL_provide_quic_data(c->ssl->connection, level, b->pos,
+                                   b->last - b->pos))
+        {
+            ngx_ssl_error(NGX_LOG_ALERT, c->log, 0,
+                          "SSL_provide_quic_data() failed");
+            return NGX_ERROR;
+        }
+    }
+
+    return NGX_OK;
+}
+
+
 ngx_int_t
 ngx_quic_init_connection(ngx_connection_t *c)
 {
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx-devel

Reply via email to