Comments (5)
The current design allows for multiple ALPNs to be used on the server side by creating multiple listeners in different sessions (one for each ALPN). Since each listener only registers for a single ALPN, you know which ALPN is negotiated based on which listener is given the NEW_CONNECTION. The AlpnList here is in TLS format, and does contain the full list.
Besides that, I generally agree with all your other statements. It's been on my TODO list for some time to clean up how we deal with ALPNs at the API layer.
from msquic.
The AlpnList here is in TLS format, and does contain the full list.
Great, that just need documentation then.
The current design allows for multiple ALPNs to be used on the server side by creating multiple listeners in different sessions (one for each ALPN). Since each listener only registers for a single ALPN, you know which ALPN is negotiated based on which listener is given the NEW_CONNECTION
Can you have multiple listeners on the same IP+port?
This model precludes allowing the server to make a dynamic decision about ALPNs after receiving the Client Hello, such as using a different ALPN depending on the SNI information.
from msquic.
Can you have multiple listeners on the same IP+port?
Yes, for the same process you can unlimited listeners (for different/unique ALPNs) on the same IP+port. We don't currently support cross-process sharing of the IP+port though.
This model precludes allowing the server to make a dynamic decision about ALPNs after receiving the Client Hello, such as using a different ALPN depending on the SNI information.
Correct. It is not a goal to be able to pick the ALPN as a result of the requested SNI. The listener is first chosen from the currently registered based on the connection's requested IP, UDP port and ALPN list. Once the listener is chosen, the NEW_CONNECTION event is delivered and then the listener can decide which certificate to provide. To add SNI to the mix would complicate the transport logic considerably.
from msquic.
Correct. It is not a goal to be able to pick the ALPN as a result of the requested SNI.
I understand that's the current design and we're not blocked by it, but expect customers to ask for dynamic ALPN at some point, they've already asked for every other setting to be dynamic.
What kind of diagnostics does the app get if a new connection does not match any registered ALPNs?
from msquic.
What kind of diagnostics does the app get if a new connection does not match any registered ALPNs?
The (server) app is not directly informed of any failed connection attempts due to requests for unregistered ALPNs. This follows the similar pattern of not informing the server of an attempt to connect to a UDP port it wasn't listening to.
I understand that's the current design and we're not blocked by it, but expect customers to ask for dynamic ALPN at some point, they've already asked for every other setting to be dynamic.
As far as supporting dynamic ALPN support, that would greatly complicate the design msquic currently has, and I'd push back hard until a real good reason for supporting this was provided.
from msquic.
Related Issues (20)
- Support for Android HOT 1
- Stream blocked timings stats incorrectly initialized HOT 1
- Testes
- allow upper layer applications to access estimated bandwidth
- secnetperf TCP Cleanup Synchronization Issues
- Crash in recvfuzz.exe HOT 3
- libmsquic package is missing for Fedora 39 HOT 7
- Missing headers in latest NuGet package
- Certificate rejection via ConnectionCertificateValidationComplete leads to connection timeout. HOT 3
- do you have plan to support AF_UNIX ? HOT 2
- secnetperf not working for big payload sizes HOT 14
- Cannot receive message in stream_callback on server HOT 1
- Some Function in msquic source is undeclared, is Openssl3.2.1 unsupport? HOT 2
- MsQuic interoperability with cronet HOT 1
- ConnectionShutdown with pending (async) CertificateValidation sends Application CONNECTION_CLOSE HOT 2
- StreamSend method hangs when called in an infinite loop HOT 7
- POSIX QuicAddrToString uses incorrect `QUIC_ADDR_STR::Address` buffer length
- WSASetUdpRecvMaxCoalescedSize is not working ! HOT 8
- Test immediately get aborted HOT 4
- Investigate failing platform unit tests
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from msquic.