quiche icon indicating copy to clipboard operation
quiche copied to clipboard

Published 20 hours ago • verified publisher icon cloudflare

Support for nginx 1.20

Open fabianfrz opened this issue 4 years ago • 5 comments

The patch for nginx 1.16 does not work with version 1.20.

This issue may be related to #859, however it is locked.

In general, the patch will not work anymore, because of this call:

ngx_add_timer(rev, c->listening->post_accept_timeout);

It is done two times in src/http/ngx_http_request.c and nginx compiles just fine without them. According to the nginx mailing list it is "no longer needed": http://mailman.nginx.org/pipermail/nginx-devel/2021-January/013756.html

I guess the patch needs to be adjusted for those nginx source code changes or a different patch needs to be created for 1.20. I compiled nginx that way and I did not get a working connection with Firefox so I might have done something wrong when building the project or misconfigured anything as well.

fabianfrz avatar May 19 '21 07:05 fabianfrz

NGINX has a bespoke QUIC implementation I believe, but I would prefer to use this one, as it is written in a safer language.

DemiMarie avatar Jun 03 '21 04:06 DemiMarie

This is the patch I made a while ago for my needs to fix this issue: https://github.com/patrikjuvonen/docker-nginx-http3/blob/master/nginx-1.19.7.patch

patrikjuvonen avatar Jun 09 '21 11:06 patrikjuvonen

Thanks for your work, @patrikjuvonen — now you just need to update it, since it doesn't get applied correctly on the 1.20/1.21 series (see https://github.com/patrikjuvonen/docker-nginx-http3/issues/2).— it seems to work fine with the 1.20/1.21 series as well!

I'm a bit sad that this long-standing issue hasn't been fixed in the original nginx patch for Quiche. I understand that it's considered 'unofficial' and therefore not at the forefront of the core developers' minds... but it would nevertheless be a good idea not to backpatch nginx with what the nginx team considers deprecated code (e.g. setting timer events for timeouts, which AFAIK are already being handled elsewhere)...

GwynethLlewelyn avatar Sep 04 '21 12:09 GwynethLlewelyn

Does it work with nginx 1.25 as well?

bolinocroustibat avatar Jul 11 '23 11:07 bolinocroustibat

Hello, I encountered some problems when configuring the quic service of NGINX. My configuration is the same as that of the official website, but I still cannot use the quic protocol when accessing the server. The h2 protocol is still used. Here is my compilation information: root@learn:/usr/local/nginx/sbin# ./nginx -V nginx version: nginx/1.16.1 (quiche-83d9168a) built by gcc 11.4.0 (Ubuntu 11.4.0-1ubuntu1~22.04) built with OpenSSL 1.1.1 (compatible; BoringSSL) (running with BoringSSL) TLS SNI support enabled configure arguments: --prefix=/usr/local/nginx --build=quiche-83d9168a --with-http_v3_module --with-http_v2_module --with-quiche=/quiche --with-http_ssl_module --with-openssl=/quiche/quiche/deps/boringssl --add-module=/connect

Ryenum avatar Dec 03 '23 07:12 Ryenum