Conversation
|
I've been able to serve a Rails application with QUIC+HTTP/3 using this patch: 
|
|
Thanks for working on this! I wonder if QUIC listener SSL, QUIC connection SSL, and QUIC stream SSL should be represented as separate (sub)classes. Although they all have the same type I think the blocking methods such as Regarding the thread assisted mode ( @ioquatix, what do you think? |
| have_func("SSL_get_accept_connection_queue_len(NULL)", ssl_h) | ||
| have_func("SSL_listen(NULL)", ssl_h) | ||
| have_func("SSL_poll(NULL, 0, 0, NULL, 0, NULL)", ssl_h) | ||
| have_func("SSL_set_incoming_stream_policy(NULL, 0, 0)", ssl_h) |
There was a problem hiding this comment.
We can simply require OpenSSL 3.5+ and remove most of the conditionals. There is little need to support 3.2-3.4 which are non-LTS releases and will reach EOL in 8 months, and we want the server side support in 3.5 to write meaningful tests.
There was a problem hiding this comment.
Makes sense, but I'm not sure how to do that. How do we take other SSL implementations in to account?
|
|
||
| GetSSL(self, ssl); | ||
| return SSL_is_init_finished(ssl) ? Qtrue : Qfalse; | ||
| } |
There was a problem hiding this comment.
Is this related to QUIC support? Is this different from seeing whether #accept/#connect/#accept_connection successfully returned or not?
There was a problem hiding this comment.
Yes. I'm using it on the server side to detect if the handshake has finished here. Without this, open_streams can raise an exception.
| /* | ||
| * call-seq: | ||
| * ssl.accept_connection(flags = 0) => SSLSocket or nil | ||
| * | ||
| * Accepts an incoming QUIC connection from the listener. Returns a new | ||
| * SSLSocket representing the connection, or +nil+ if no connection is | ||
| * available (when using non-blocking mode or ACCEPT_CONNECTION_NO_BLOCK). | ||
| */ |
There was a problem hiding this comment.
Would it make sense to provide a blocking and non-blocking variants, similar to TCPServer#accept and #accept_nonblock?
Maybe also for #accept_stream.
There was a problem hiding this comment.
Yes, I think that makes sense. From reading OpenSSL source code, NO_BLOCK is the only flag it cares about.
I'll change this to accept and add an accept_nonblock
This commit exposes various QUIC methods so that you can build QUIC clients and servers
I'm not sure. We could do that, and I'm happy to do that work. It's up to you.
I think we shouldn't support it, and I'll remove it. I've updated the patch to make QUIC connections always non-blocking, and I think that's the way we should go. I've removed the accessor to |
Ah, I remember. I had considered adding a subclass as you say, but I've always run in to issues when trying to work with a subclass on |
Clients should use IO.select and non-blocking sockets instead
3 participants
This commit exposes various QUIC methods so that you can build QUIC clients and servers.
I'm really sorry about the very large patch. I can split it in to smaller patches if that helps to get this upstream. I think the patch is pretty straightforward though. It just adds different QUIC related methods that OpenSSL provides. I've been using this patch to develop a QUIC/HTTP3 client and server in Ruby.
My development branch is here. Here is an example script that uses these APIs.