mirror of
https://github.com/nginx/nginx.git
synced 2024-11-21 16:28:40 +00:00
HTTP/3: added more compatibility checks for "listen ... quic".
Now "fastopen", "backlog", "accept_filter", "deferred", and "so_keepalive" parameters are not allowed with "quic" in the "listen" directive. Reported by Izorkin.
This commit is contained in:
parent
2a10e48620
commit
71a0a4acdb
@ -3961,7 +3961,7 @@ ngx_http_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
|
|||||||
|
|
||||||
ngx_str_t *value, size;
|
ngx_str_t *value, size;
|
||||||
ngx_url_t u;
|
ngx_url_t u;
|
||||||
ngx_uint_t n, i;
|
ngx_uint_t n, i, backlog;
|
||||||
ngx_http_listen_opt_t lsopt;
|
ngx_http_listen_opt_t lsopt;
|
||||||
|
|
||||||
cscf->listen = 1;
|
cscf->listen = 1;
|
||||||
@ -4000,6 +4000,8 @@ ngx_http_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
|
|||||||
lsopt.ipv6only = 1;
|
lsopt.ipv6only = 1;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
backlog = 0;
|
||||||
|
|
||||||
for (n = 2; n < cf->args->nelts; n++) {
|
for (n = 2; n < cf->args->nelts; n++) {
|
||||||
|
|
||||||
if (ngx_strcmp(value[n].data, "default_server") == 0
|
if (ngx_strcmp(value[n].data, "default_server") == 0
|
||||||
@ -4058,6 +4060,8 @@ ngx_http_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
|
|||||||
return NGX_CONF_ERROR;
|
return NGX_CONF_ERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
backlog = 1;
|
||||||
|
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -4305,9 +4309,29 @@ ngx_http_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
|
|||||||
return NGX_CONF_ERROR;
|
return NGX_CONF_ERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if (NGX_HTTP_V3)
|
|
||||||
|
|
||||||
if (lsopt.quic) {
|
if (lsopt.quic) {
|
||||||
|
#if (NGX_HAVE_TCP_FASTOPEN)
|
||||||
|
if (lsopt.fastopen != -1) {
|
||||||
|
return "\"fastopen\" parameter is incompatible with \"quic\"";
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (backlog) {
|
||||||
|
return "\"backlog\" parameter is incompatible with \"quic\"";
|
||||||
|
}
|
||||||
|
|
||||||
|
#if (NGX_HAVE_DEFERRED_ACCEPT && defined SO_ACCEPTFILTER)
|
||||||
|
if (lsopt.accept_filter) {
|
||||||
|
return "\"accept_filter\" parameter is incompatible with \"quic\"";
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if (NGX_HAVE_DEFERRED_ACCEPT && defined TCP_DEFER_ACCEPT)
|
||||||
|
if (lsopt.deferred_accept) {
|
||||||
|
return "\"deferred\" parameter is incompatible with \"quic\"";
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
#if (NGX_HTTP_SSL)
|
#if (NGX_HTTP_SSL)
|
||||||
if (lsopt.ssl) {
|
if (lsopt.ssl) {
|
||||||
return "\"ssl\" parameter is incompatible with \"quic\"";
|
return "\"ssl\" parameter is incompatible with \"quic\"";
|
||||||
@ -4320,13 +4344,15 @@ ngx_http_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
if (lsopt.so_keepalive) {
|
||||||
|
return "\"so_keepalive\" parameter is incompatible with \"quic\"";
|
||||||
|
}
|
||||||
|
|
||||||
if (lsopt.proxy_protocol) {
|
if (lsopt.proxy_protocol) {
|
||||||
return "\"proxy_protocol\" parameter is incompatible with \"quic\"";
|
return "\"proxy_protocol\" parameter is incompatible with \"quic\"";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#endif
|
|
||||||
|
|
||||||
for (n = 0; n < u.naddrs; n++) {
|
for (n = 0; n < u.naddrs; n++) {
|
||||||
|
|
||||||
for (i = 0; i < n; i++) {
|
for (i = 0; i < n; i++) {
|
||||||
|
Loading…
Reference in New Issue
Block a user