From: seantywork Date: Wed, 2 Jul 2025 01:18:15 +0000 (+0900) Subject: quic connection successful 2.5 X-Git-Url: https://git.feebdaed.xyz/?a=commitdiff_plain;h=509f5dd77469af9aa2672f94f2822924e151d980;p=linuxyz.git quic connection successful 2.5 --- diff --git a/quic-bench/quic/certgen.sh b/quic-bench/quic/certgen.sh index 902992a..e8f2107 100755 --- a/quic-bench/quic/certgen.sh +++ b/quic-bench/quic/certgen.sh @@ -37,8 +37,8 @@ echo "signing requests for client...." openssl x509 -req -extfile <(printf "subjectAltName = DNS:client") -days 365 -in ./certs/client.csr -CA ./certs/ca.pem -CAkey ./certs/ca_priv.pem -CAcreateserial -sha256 -out ./certs/client.crt.pem -sudo /bin/cp -Rf ./certs/ca.pem /usr/local/share/ca-certificates/quicroot.crt +#sudo /bin/cp -Rf ./certs/ca.pem /usr/local/share/ca-certificates/quicroot.crt -sudo update-ca-certificates +#sudo update-ca-certificates echo "done!" \ No newline at end of file diff --git a/quic-bench/quic/quic.c b/quic-bench/quic/quic.c index 815786d..ba66762 100644 --- a/quic-bench/quic/quic.c +++ b/quic-bench/quic/quic.c @@ -26,50 +26,8 @@ QUIC_TLS_SECRETS quic_client_secrets = {0}; char* quic_ssl_keylog_env = "SSLKEYLOGFILE"; -void -ServerSend( - _In_ HQUIC Stream - ) -{ - // - // Allocates and builds the buffer to send over the stream. - // - void* SendBufferRaw = malloc(sizeof(QUIC_BUFFER) + quic_send_buffer_len); - if (SendBufferRaw == NULL) { - printf("SendBuffer allocation failed!\n"); - quic_api->StreamShutdown(Stream, QUIC_STREAM_SHUTDOWN_FLAG_ABORT, 0); - return; - } - QUIC_BUFFER* SendBuffer = (QUIC_BUFFER*)SendBufferRaw; - SendBuffer->Buffer = (uint8_t*)SendBufferRaw + sizeof(QUIC_BUFFER); - SendBuffer->Length = quic_send_buffer_len; +QUIC_STATUS server_stream_cb(HQUIC Stream, void* Context, QUIC_STREAM_EVENT* Event){ - printf("[strm][%p] Sending data...\n", Stream); - - // - // Sends the buffer over the stream. Note the FIN flag is passed along with - // the buffer. This indicates this is the last buffer on the stream and the - // the stream is shut down (in the send direction) immediately after. - // - QUIC_STATUS Status; - if (QUIC_FAILED(Status = quic_api->StreamSend(Stream, SendBuffer, 1, QUIC_SEND_FLAG_FIN, SendBuffer))) { - printf("StreamSend failed, 0x%x!\n", Status); - free(SendBufferRaw); - quic_api->StreamShutdown(Stream, QUIC_STREAM_SHUTDOWN_FLAG_ABORT, 0); - } -} - - -_IRQL_requires_max_(DISPATCH_LEVEL) -_Function_class_(QUIC_STREAM_CALLBACK) -QUIC_STATUS -QUIC_API -ServerStreamCallback( - _In_ HQUIC Stream, - _In_opt_ void* Context, - _Inout_ QUIC_STREAM_EVENT* Event - ) -{ UNREFERENCED_PARAMETER(Context); switch (Event->Type) { case QUIC_STREAM_EVENT_SEND_COMPLETE: @@ -91,7 +49,6 @@ ServerStreamCallback( // The peer gracefully shut down its send direction of the stream. // printf("[strm][%p] Peer shut down\n", Stream); - ServerSend(Stream); break; case QUIC_STREAM_EVENT_PEER_SEND_ABORTED: // @@ -117,16 +74,8 @@ ServerStreamCallback( // // The server's callback for connection events from quic_api. // -_IRQL_requires_max_(DISPATCH_LEVEL) -_Function_class_(QUIC_CONNECTION_CALLBACK) -QUIC_STATUS -QUIC_API -ServerConnectionCallback( - _In_ HQUIC Connection, - _In_opt_ void* Context, - _Inout_ QUIC_CONNECTION_EVENT* Event - ) -{ +QUIC_STATUS server_conn_cb(HQUIC Connection,void* Context, QUIC_CONNECTION_EVENT* Event){ + UNREFERENCED_PARAMETER(Context); switch (Event->Type) { case QUIC_CONNECTION_EVENT_CONNECTED: @@ -168,7 +117,7 @@ ServerConnectionCallback( // callback handler before returning. // printf("[strm][%p] Peer started\n", Event->PEER_STREAM_STARTED.Stream); - quic_api->SetCallbackHandler(Event->PEER_STREAM_STARTED.Stream, (void*)ServerStreamCallback, NULL); + quic_api->SetCallbackHandler(Event->PEER_STREAM_STARTED.Stream, (void*)server_stream_cb, NULL); break; case QUIC_CONNECTION_EVENT_RESUMED: // @@ -186,16 +135,9 @@ ServerConnectionCallback( // // The server's callback for listener events from quic_api. // -_IRQL_requires_max_(PASSIVE_LEVEL) -_Function_class_(QUIC_LISTENER_CALLBACK) -QUIC_STATUS -QUIC_API -ServerListenerCallback( - _In_ HQUIC Listener, - _In_opt_ void* Context, - _Inout_ QUIC_LISTENER_EVENT* Event - ) -{ + +QUIC_STATUS server_listen_cb(HQUIC Listener, void* Context, QUIC_LISTENER_EVENT* Event){ + UNREFERENCED_PARAMETER(Listener); UNREFERENCED_PARAMETER(Context); QUIC_STATUS Status = QUIC_STATUS_NOT_SUPPORTED; @@ -206,7 +148,7 @@ ServerListenerCallback( // proceed, the server must provide a configuration for QUIC to use. The // app MUST set the callback handler before returning. // - quic_api->SetCallbackHandler(Event->NEW_CONNECTION.Connection, (void*)ServerConnectionCallback, NULL); + quic_api->SetCallbackHandler(Event->NEW_CONNECTION.Connection, (void*)server_conn_cb, NULL); Status = quic_api->ConnectionSetConfiguration(Event->NEW_CONNECTION.Connection, quic_configuration); break; default: @@ -220,7 +162,7 @@ ServerListenerCallback( // Helper function to load a server configuration. Uses the command line // arguments to load the credential part of the configuration. // -BOOLEAN ServerLoadConfiguration() { +BOOLEAN server_conf() { QUIC_SETTINGS Settings = {0}; // @@ -245,8 +187,10 @@ BOOLEAN ServerLoadConfiguration() { QUIC_CREDENTIAL_CONFIG_HELPER Config; memset(&Config, 0, sizeof(Config)); Config.CredConfig.Flags = QUIC_CREDENTIAL_FLAG_NONE; + Config.CredConfig.Flags |= QUIC_CREDENTIAL_FLAG_SET_CA_CERTIFICATE_FILE; + const char* Ca = "certs/ca.pem"; const char* Cert = "certs/server.crt.pem"; const char* KeyFile = "certs/server.key.pem"; @@ -255,6 +199,7 @@ BOOLEAN ServerLoadConfiguration() { Config.CertFile.PrivateKeyFile = (char*)KeyFile; Config.CredConfig.Type = QUIC_CREDENTIAL_TYPE_CERTIFICATE_FILE; Config.CredConfig.CertificateFile = &Config.CertFile; + Config.CredConfig.CaCertificateFile = Ca; // // Allocate/initialize the configuration object, with the configured ALPN // and settings. @@ -279,7 +224,7 @@ BOOLEAN ServerLoadConfiguration() { // // Runs the server side of the protocol. // -void RunServer(){ +void run_server(){ QUIC_STATUS Status; HQUIC Listener = NULL; @@ -294,14 +239,14 @@ void RunServer(){ // // Load the server configuration based on the command line. // - if (!ServerLoadConfiguration()) { + if (!server_conf()) { return; } // // Create/allocate a new listener object. // - if (QUIC_FAILED(Status = quic_api->ListenerOpen(quic_registration, ServerListenerCallback, NULL, &Listener))) { + if (QUIC_FAILED(Status = quic_api->ListenerOpen(quic_registration, server_listen_cb, NULL, &Listener))) { printf("ListenerOpen failed, 0x%x!\n", Status); goto Error; } @@ -329,16 +274,9 @@ Error: -_IRQL_requires_max_(DISPATCH_LEVEL) -_Function_class_(QUIC_STREAM_CALLBACK) -QUIC_STATUS -QUIC_API -ClientStreamCallback( - _In_ HQUIC Stream, - _In_opt_ void* Context, - _Inout_ QUIC_STREAM_EVENT* Event - ) -{ + +QUIC_STATUS client_stream_cb(HQUIC Stream, void* Context, QUIC_STREAM_EVENT* Event){ + UNREFERENCED_PARAMETER(Context); switch (Event->Type) { case QUIC_STREAM_EVENT_SEND_COMPLETE: @@ -383,11 +321,8 @@ ClientStreamCallback( return QUIC_STATUS_SUCCESS; } -void -ClientSend( - _In_ HQUIC Connection - ) -{ +void client_send(HQUIC Connection){ + QUIC_STATUS Status; HQUIC Stream = NULL; uint8_t* SendBufferRaw; @@ -397,7 +332,7 @@ ClientSend( // Create/allocate a new bidirectional stream. The stream is just allocated // and no QUIC stream identifier is assigned until it's started. // - if (QUIC_FAILED(Status = quic_api->StreamOpen(Connection, QUIC_STREAM_OPEN_FLAG_NONE, ClientStreamCallback, NULL, &Stream))) { + if (QUIC_FAILED(Status = quic_api->StreamOpen(Connection, QUIC_STREAM_OPEN_FLAG_NONE, client_stream_cb, NULL, &Stream))) { printf("StreamOpen failed, 0x%x!\n", Status); goto Error; } @@ -450,16 +385,9 @@ Error: // // The clients's callback for connection events from quic_api. // -_IRQL_requires_max_(DISPATCH_LEVEL) -_Function_class_(QUIC_CONNECTION_CALLBACK) -QUIC_STATUS -QUIC_API -ClientConnectionCallback( - _In_ HQUIC Connection, - _In_opt_ void* Context, - _Inout_ QUIC_CONNECTION_EVENT* Event - ) -{ + +QUIC_STATUS client_conn_cb(HQUIC Connection, void* Context, QUIC_CONNECTION_EVENT* Event){ + UNREFERENCED_PARAMETER(Context); if (Event->Type == QUIC_CONNECTION_EVENT_CONNECTED) { @@ -473,7 +401,7 @@ ClientConnectionCallback( // The handshake has completed for the connection. // printf("[conn][%p] Connected\n", Connection); - ClientSend(Connection); + client_send(Connection); break; case QUIC_CONNECTION_EVENT_SHUTDOWN_INITIATED_BY_TRANSPORT: // @@ -523,7 +451,7 @@ ClientConnectionCallback( // // Helper function to load a client configuration. // -BOOLEAN ClientLoadConfiguration() +BOOLEAN client_conf() { QUIC_SETTINGS Settings = {0}; // @@ -540,17 +468,17 @@ BOOLEAN ClientLoadConfiguration() memset(&Config, 0, sizeof(Config)); Config.Type = QUIC_CREDENTIAL_TYPE_CERTIFICATE_FILE; Config.Flags = QUIC_CREDENTIAL_FLAG_CLIENT; + Config.Flags |= QUIC_CREDENTIAL_FLAG_SET_CA_CERTIFICATE_FILE; -// const char* Ca = "certs/ca.pem"; + const char* Ca = "certs/ca.pem"; const char* Cert = "certs/client.crt.pem"; const char* Key = "certs/client.key.pem"; -// Config.CaCertificateFile = Ca; - QUIC_CERTIFICATE_FILE CertFile; CertFile.CertificateFile = (char*)Cert; CertFile.PrivateKeyFile = (char*)Key; Config.CertificateFile = &CertFile; + Config.CaCertificateFile = Ca; // // Allocate/initialize the configuration object, with the configured ALPN @@ -577,11 +505,11 @@ BOOLEAN ClientLoadConfiguration() // // Runs the client side of the protocol. // -void RunClient() { +void run_client() { // // Load the client configuration based on the "unsecure" command line option. // - if (!ClientLoadConfiguration()) { + if (!client_conf()) { return; } @@ -593,7 +521,7 @@ void RunClient() { // // Allocate a new connection object. // - if (QUIC_FAILED(Status = quic_api->ConnectionOpen(quic_registration, ClientConnectionCallback, NULL, &Connection))) { + if (QUIC_FAILED(Status = quic_api->ConnectionOpen(quic_registration, client_conn_cb, NULL, &Connection))) { printf("ConnectionOpen failed, 0x%x!\n", Status); goto Error; } @@ -601,7 +529,7 @@ void RunClient() { // // Get the target / server name or IP from the command line. // - const char* Target = "localhost"; + const char* Target = SERVER_ADDR; printf("[conn][%p] Connecting...\n", Connection); @@ -649,9 +577,9 @@ int main(int argc, char** argv){ } if(strcmp(argv[1], "c") == 0){ - RunClient(); + run_client(); } else if(strcmp(argv[1], "s") == 0){ - RunServer(); + run_server(); } else { help(); return -1; diff --git a/quic-bench/quic/quic.h b/quic-bench/quic/quic.h index 54310aa..26975d7 100644 --- a/quic-bench/quic/quic.h +++ b/quic-bench/quic/quic.h @@ -25,9 +25,10 @@ #define UNREFERENCED_PARAMETER(P) (void)(P) #endif -#define SERVER_ADDR "192.168.62.6" +#define SERVER_ADDR "quicbench" #define SERVER_PORT 9999 -#define INPUT_BUFF_CHUNK 65536 +//#define INPUT_BUFF_CHUNK 65536 +#define INPUT_BUFF_CHUNK 100 #define INPUT_BUFF_MAX 4294967296 typedef struct QUIC_CREDENTIAL_CONFIG_HELPER { diff --git a/sock-quic/certgen.sh b/sock-quic/certgen.sh index 5c0c47d..058bbe1 100755 --- a/sock-quic/certgen.sh +++ b/sock-quic/certgen.sh @@ -36,8 +36,8 @@ echo "signing requests for client...." openssl x509 -req -extfile <(printf "subjectAltName = DNS:client") -days 365 -in ./certs/client.csr -CA ./certs/ca.pem -CAkey ./certs/ca_priv.pem -CAcreateserial -sha256 -out ./certs/client.crt.pem -sudo /bin/cp -Rf ca.pem /usr/local/share/ca-certificates/quicroot.crt +#sudo /bin/cp -Rf ca.pem /usr/local/share/ca-certificates/quicroot.crt -sudo update-ca-certificates +#sudo update-ca-certificates echo "done!" \ No newline at end of file diff --git a/sock-quic/certs/ca.srl b/sock-quic/certs/ca.srl index c36bd82..ad9b5cc 100644 --- a/sock-quic/certs/ca.srl +++ b/sock-quic/certs/ca.srl @@ -1 +1 @@ -385BA503DD2CEE5C641636C223D9A1A9B9467564 +7D6BD521EF534B87C07400F0696201893381288D diff --git a/sock-quic/certs/client.csr b/sock-quic/certs/client.csr index b5db241..7a3a0d0 100644 --- a/sock-quic/certs/client.csr +++ b/sock-quic/certs/client.csr @@ -1,26 +1,26 @@ -----BEGIN CERTIFICATE REQUEST----- MIIEVjCCAj4CAQAwETEPMA0GA1UEAwwGY2xpZW50MIICIjANBgkqhkiG9w0BAQEF -AAOCAg8AMIICCgKCAgEAtL+G2dTkxvCCuLhJUdF6cTrh4Z+04nGJfJU74dT7Ywr3 -z+QW532h584Z2+oLh2PQ6VTTAzC3UwCxjcBXaGqFPXaBwJruABt/CX+cluZa7vKr -zZJS96m6MUYPRdXjFN6l2S5lVY0BTEbvisbDt12tP0Ca/f7muDrUnrhrkJtFeaUS -OCz8O9JpZkuSjZ7wTtvj0qKVkxp/Af50g73oYhcXhgjOBw2QGHZyPAK1hxzQVBp/ -yeHqfXyub/LoZqKSiT07iM0wjaXbQkHUMhhvxdUW5rdD/9/7nQpKXfviOwOYw1ev -jeDMhLh//9Q/kbCFrfiT2FOC9baXUYhOv+rmjpS7gS3xZc7av2yH819IMMKvhB7C -PJfiHL1a6ZYfDDrZ4UIXoKWDkho7ejli+Q8tMs0RpyRREpSeL4XB8D975AGrNNXG -dF0jqlNk7Y65/Nr7RZLmXjcgNJ9PlCKc/06Ax2KAzfhghtb92k3s+02E/k9vbg0T -GrAA/cjGaaCMaRUMMw9Mt3+sxMo0vRQR/Czs+Gxmh5wLP18zf6zpLp92kVRni+sw -iFBCti6GPJiaC7hSpQn8IUJSlLvNLtxfbhes3PmeR45UnmXr+VSry5kR8rbO7BkI -8y6MdYHFeZizM1XpH7nH7zCz+GhXvaXZYwjz3NdlkKw2pxHljy/svuMOcOSc3HsC -AwEAAaAAMA0GCSqGSIb3DQEBCwUAA4ICAQCG4vWTkCh6SkgtmW/igywB4KvUra3F -X6WnUW6AgGNtHganJ4ADGk/ULS7MDrbvehyDeeSXGkDj/KZFnSZNJ23f9lBibCR4 -z+lRI87xHChFTrMDaTZKq2LGD1ckULzZ4ijjQW34JasgmyPjDlaAQ9mMf0TIehkL -jCjPeCS7gLphC3HAUYloC8cufgn5hCtMB7uqQCm9iurzO7HVi1RtBJK09+oWmhUw -fd/liuwp9sU2crhh6q54+q4gxwcg3T8Hv9K/0QoNqpYpsDXZtj3R5gZmA0SEJBzt -C9gGhB+4Wh2yNaaai4atV3Nlg1SUDvtK6dKMheq6fwkrHWqlRQyMF5snpl/So45r -paf65eFp/0S/BvxX94htEoxLAUEiSzH47v2io7ybDTK0G7tnpYYwo+3TZVB7C/Vz -GGBdONxrK5S4uv9vKelX8gkIoXrY36ts1Xy92XgoKnJQb7HUb5V1YVHwGCpdwm3e -gNcYSUjuG5j8qdgLVJ9UhD/8svGKOExz+kCT9RucWyCi4TVt/ZSrQNgbIUg8M4r3 -WdUAeDk0WCk1zfbC0VH7CXO4jU72sk6jrlTc58WQu3NreymLMrXKH0i6zCdZSjfK -zUAvb9P3bAZ07c0QTXZ74TqQm7jafyaEL9yo4kooCremqAu314tv/LT0qAq42Mux -fUgke9umRLHEIg== +AAOCAg8AMIICCgKCAgEAm6bvmEJajwLOroGUuNrhfT8ukGMYKd8XrNtB82nq4x50 +YEamGRdqa9W0zwDcktXrCFjbJMVlLxXXuPLZtUe7P3NdFWL1pinl8+ONPRjzzuBK +prylib79Il+zhSJ15r0MdFpJh5DWfdmotEiGJCn71XQTFagsFTi5wOqdoT3waAOm +IwkxQ1aY5bEIvV72WknhNQF8+Wa9gDySfl/0sqMfiUTILe/tfpwZ9L8GIgdX/1SY +AE/YSJ2lKnkCKwvc2eCeREAu3oEwbuMxCYNTj1+/j4q3+Metws/z6j/vTE7JbMmH +cRQlqgs59TfDGIvkXfehzplvKo8JDA8ukGbdPsy3a1dtg4rRuqpUM/Qo6WAGABvX +7D738mX4qaTlHtD9DkGh1Ys0YVcaRDtIPu5mRfTfulTWu5MGVIU/jl6A9q281Yez +fo63VjZRdxYOy46VFsVcA3rsiTUOtE4SYABbYEc8IVOjLY3BofDxTHLzzoI2eZN7 +wKRnN8Fbkzd7IDQ5WzTaTpX0y8QC2QUu38Vt2SQ3n3eRzjXlsjtQjpjcRssiIvA8 +AtXgsWC1/s793dYrXLKjjkstp3qCr717UeZG0dcwitjD2XnvmGpLDfzbb8Ri/w7h +Sm+lUqx8CWg3nDrl8+6xQjQS6WgW7HonvsApEAnVDFgLnKjsjDIb/2sl0slTDEsC +AwEAAaAAMA0GCSqGSIb3DQEBCwUAA4ICAQBLGbo7KuV5P3h1EIk4dBJDjTBOi6L4 +p1/f8lPjmEn4iciZVr/rh5kEWvfdeJPQgN555TXa7jzbNarNy9GHA+k/1cu2vD8D +gblhbUIN0Aealkno17+/O95DoYsdpxtemaHNKnbj2grwkfDIftKN+5TP6BqBEQOs +M7D/ZFMZI9+TvJNaQxtYtgpxLmDbZ5p4p/M6LJh6SlQnK5sDfv9XgOlaN6WDDURv +7hBLN5QcOkFUUpgorojfHp0zlos0ixIMEVuQ0maeP6HUYuS9YfhbGhgwYX6DtyUa +qoDtycmnqlEHXsUYtGKhr04xjPSAyQlJHa5D8yg4PS5UUyrrt+/GkRLi8PWHXV2i +y80FSkRwHqEqeZD4p8Or3Vq4tt2ugb9y/uRWerdAxwhEEDYW/LG8j1FkYxmxDRlQ +CshRs2f7PEsmwexAQky7KaEKyw/BmeTebbgyGPBOvfgWk/lC7akOU8lQt1wYF+Uy +0X7zOU6fbpTretPLJPqSaXFymLenXoCSye33SwLlSBFt4Rib70FWDzorka8h/EXV +MlYAIwHe/mDiYb7y4Yjsm0TWkRFi8DJhn8wAZ7+or8TRIVaNpKNGZ3QNCsKozp/4 +7qcjzel4eYdSw7COW0X6bPdAffxRXni15tItXIXhxswgBwJfDHdUk14Tw/CWBuDt +L5U4TJxj9OLtmg== -----END CERTIFICATE REQUEST----- diff --git a/sock-quic/certs/server.csr b/sock-quic/certs/server.csr index 0065815..467ff18 100644 --- a/sock-quic/certs/server.csr +++ b/sock-quic/certs/server.csr @@ -1,26 +1,26 @@ -----BEGIN CERTIFICATE REQUEST----- MIIEWTCCAkECAQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MIICIjANBgkqhkiG9w0B -AQEFAAOCAg8AMIICCgKCAgEAt48hhOLdH/ufNwIUyDs5NrGZrmsB85Lgzv8WXe8D -lUh/J93BmNa3TQkxzddNnnfiHwVatiAjCjPhUCYAgsXT2XKbaLx0CXfEHCRa8FYs -a4f3/4HhF/lRbtKw4HzhyY7OL/gF3djjCNwjwNcqSVqP7eJ1FP6fEQmHUsblbuo7 -o/JaejuDXO1Tb+mRfKFDUKWCP0nkXYxGXlfdKQ1Da0WYoQ5KhVbF26Knxue/q6Df -rCKOlc7nkvOYxRzvO2C4bb5HBRRHcKNNzYnnGVNpHQJU6EO8vhvXiiHckG9wDCeY -Vi6YDcbsLQwbn1MVWBtTSnHz7xEYjn8D8Sym4QBeSIAfufrr0ohFGXB0G1KCBRUI -JqtXaSV2n8izFBCl49EgPNT51kUx/ZANe3bb1SXM5in1/A+ENIkcPyEIEq+ZhgDl -mRMiOYEv8CVAF9Yu/FPGtCS/Lt9GxJX4XS3I0oKlXWYiiHo5SWPJuhCbu93nPpkl -JlO2u1vPjmjA1JpsaMc3AE+n0ScnOkCbxRXB6JahWXecBsXp1lXkaci2mfGQqy2c -EHQiaXb5/5llVBg+E2JSM7YIMDiTf6AbUOZQ13JfbaZ7fXEw7NxuWJPNY20Kmm+Q -817jCx13PyEPZLKBpGVqrBFddUQx08UcWWI43KSqaRXJFy4Bfs71IbcrNRi7+jKs -l8sCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4ICAQCT8BywKxsDYXH3VB1h/FfgwwYs -Ofb/EW5hQrhwF3SiMtm2wWSk90w4obDh2+NsEAi6LOghDR8xawceLHx4EyzuPSW5 -SN1ElwStMO78fvZwRaDSgoI8tDxaaIRILDpwhVxx66ovfTdaemMK2k8eYmKJ9zv5 -QXeAo2Sp/y4+g09tnOxO4dP3loqzQxq2BUln0ooMCOWz/noypAmvo/z31qpEFeGx -W07JT0Fv6tiCkuHJlLRrc0/f1cW76LkcX7IqMlXhKWkuLcoo+4NcghMmHsCWoruh -5LrsroB5iwFBqdHX/zf+dU2D2ZDVBZS6mfmBuesiubJb8/u4xSmQLbYZAxgYaWjG -Lg9hH9oc1XWFN7En6EFR5sMCMJ3UNYTebTJsj4QOkF1uI+rN04wJaOrBc7Le7A40 -3fkQHMApMHy+JrMTqP3ZgeqvXE55ZtXax/qL8fcY7mrc84mIdqryOu6EDsDOlm4k -qHjRcCc0qj4j8uPGA5vpEUTEn3mRrQw3/2lEX/2ttbOtyN3xIZ7r6/cICDJuvy4g -kSLExUnWWk7lsDfoHYk5uYnH0+MyOAVaj9Yn1fTBtFxiu4jpZFWocHk8HklYG0gd -2r81hpFrjhjSgorLbi2uwndQ/rL8eNZO6qyILMfUP2LMFA0GwnQGxQf8KyaGROOz -+y/pRXdg5scGWPKNfg== +AQEFAAOCAg8AMIICCgKCAgEA1vV+fz/LJUocR30RKOUKiN18k6jobgDW79uMkPXH +7MM4dkIRGJZUxo6vYEzjSxJ5xIA5rlKNPUtc661A6nZG9xCHGWlPywfBzQ8ARIIy +izvCRGlAXKXqD6tkcJOCgtDD1Ynfjlgvr7yy93g/z1+Ef3Izq8zk/5q38AGrk02/ +okjw3b/p49dEnSwFKrBalXISb/6YRFqQ6wKXofIenHdwOoFvDAmTBGuukoKljsha +vngbmmmqKZW66k69nsovyPqhEFB3Krullh0rAxr03938yNqj4T5GaggaUCVxgC0D +z+3tZeYOKRtP+r0TY8bYWyNOI0MER8m/eb00fd6ZV0pKATqNLOvjCm/i2lyDc2/q +uDcqyP47Aj43ds8Rr4+BqTTUHmeVO+oKKdePItoLvJsIqmBfQ/MsyzOJsEEcd58G +cb/VA0959rWIZ+MUJDJ/niNJsCqRtFXS6WxIs2GoK2eanfMIwIK36ZvTFTeD2OOD +YDfpbSvun03nFOotJI2zoZqxJbu0DCRDy3sBAUGONPDTgmFxuozp6BExCREgcbQ/ +UrGYvB9z/uLvFFLhtoQvChKuK3edttBFgLdevVivbMog4EteKqB1xOebRIir4vzD +YV5pT4bRn4kIYWygay/bXTnu/zTpoEKSshAKoWch3kZRABofKau8ElcjWSZ3W4wB +YckCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4ICAQBV1csf9Lk5rI072CRWDakjmh+b +FbsQTIJ1g3r2/QzmTlf8qAlNuJjBTNzfNyMHkeE4GbTdonuWiHKRiXEPWG+z+P82 +lzvyaI27tkF6gOjJt9zAqUCOY2b8RbgPbZOAJ+WUytSwcswrBsKyAQdMZ+q5IxaT +LTO1DvP6VCL+lZKNiYkL/M/k9eiAfALfVNQrqQ4HJyizOBzVDYZ27RkxwSzAlBou +VJES38fOcjTqa0wbhpXSVn8dMoVEKdtLOXO0ySrqhqDBp2CUrTlWNR1r/V/NlQeT +2vLHXjOqmrHEiWI0HeeBlJh5+xFjdQ2aBQESASF067f/yKknXQ3LXcu1Oi6Y+HiI +qPSjt/dsulSchZOQeQ3V0f35A6+NVcJ7mirsXz+iwDPELg6TpuldzPy+xqv8dIuM +AG5gsmgoXOXez3bohWtNI7VYKGNYgAQ7YeNyLyWbwTcTmvDRb1ubyQ2p3SuHXZoX +onx/pBl6AsZtXKmLHd/ECYdgBsTV2ev7PEWDBcXBCIw401K6O+Nzsl9Kl9+Afkjf +ynHU+Ochj+3Uf2Wz56/onCLwsXaSR8dgBXI/OuPonH8y78B//XVf71tqBMcQpr15 +oyA/r+iHbIPYpFwc+WTTBwbaGy0eYKAoJolo9LcJPiAiSZXYDAoBR4kauu9/gW8C +PXblffeKrs5jPq/6ew== -----END CERTIFICATE REQUEST----- diff --git a/sock-quic/client/client.c b/sock-quic/client/client.c index 591d9a0..026c109 100644 --- a/sock-quic/client/client.c +++ b/sock-quic/client/client.c @@ -237,17 +237,17 @@ BOOLEAN ClientLoadConfiguration() memset(&Config, 0, sizeof(Config)); Config.Type = QUIC_CREDENTIAL_TYPE_CERTIFICATE_FILE; Config.Flags = QUIC_CREDENTIAL_FLAG_CLIENT; + Config.Flags |= QUIC_CREDENTIAL_FLAG_SET_CA_CERTIFICATE_FILE; -// const char* Ca = "certs/ca.pem"; + const char* Ca = "certs/ca.pem"; const char* Cert = "certs/client.crt.pem"; const char* Key = "certs/client.key.pem"; -// Config.CaCertificateFile = Ca; - QUIC_CERTIFICATE_FILE CertFile; CertFile.CertificateFile = (char*)Cert; CertFile.PrivateKeyFile = (char*)Key; Config.CertificateFile = &CertFile; + Config.CaCertificateFile = Ca; // // Allocate/initialize the configuration object, with the configured ALPN diff --git a/sock-quic/server/server.c b/sock-quic/server/server.c index 86a19e8..f0911bf 100644 --- a/sock-quic/server/server.c +++ b/sock-quic/server/server.c @@ -245,8 +245,10 @@ BOOLEAN ServerLoadConfiguration() { QUIC_CREDENTIAL_CONFIG_HELPER Config; memset(&Config, 0, sizeof(Config)); Config.CredConfig.Flags = QUIC_CREDENTIAL_FLAG_NONE; + Config.CredConfig.Flags |= QUIC_CREDENTIAL_FLAG_SET_CA_CERTIFICATE_FILE; + const char* Ca = "certs/ca.pem"; const char* Cert = "certs/server.crt.pem"; const char* KeyFile = "certs/server.key.pem"; @@ -255,6 +257,7 @@ BOOLEAN ServerLoadConfiguration() { Config.CertFile.PrivateKeyFile = (char*)KeyFile; Config.CredConfig.Type = QUIC_CREDENTIAL_TYPE_CERTIFICATE_FILE; Config.CredConfig.CertificateFile = &Config.CertFile; + Config.CredConfig.CaCertificateFile = Ca; // // Allocate/initialize the configuration object, with the configured ALPN // and settings.