nghttpx: Fix missing ALPN validation (--npn-list)

This commit fixes the bug that ALPN validation does not occur when
ALPN list is not sent from client.
This commit is contained in:
Tatsuhiro Tsujikawa 2018-01-04 22:43:47 +09:00
parent a776b0dbcc
commit 74754982f1
1 changed files with 10 additions and 18 deletions

View File

@ -556,28 +556,20 @@ int ClientHandler::validate_next_proto() {
}
#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
if (next_proto == nullptr) {
StringRef proto;
if (next_proto) {
proto = StringRef{next_proto, next_proto_len};
if (LOG_ENABLED(INFO)) {
CLOG(INFO, this) << "The negotiated next protocol: " << proto;
}
} else {
if (LOG_ENABLED(INFO)) {
CLOG(INFO, this) << "No protocol negotiated. Fallback to HTTP/1.1";
}
upstream_ = make_unique<HttpsUpstream>(this);
alpn_ = StringRef::from_lit("http/1.1");
// At this point, input buffer is already filled with some bytes.
// The read callback is not called until new data come. So consume
// input buffer here.
if (on_read() != 0) {
return -1;
}
return 0;
}
auto proto = StringRef{next_proto, next_proto_len};
if (LOG_ENABLED(INFO)) {
CLOG(INFO, this) << "The negotiated next protocol: " << proto;
proto = StringRef::from_lit("http/1.1");
}
if (!tls::in_proto_list(get_config()->tls.npn_list, proto)) {