forked from wolfSSL/wolfssl
Merge pull request #5993 from anhu/quic_doc_switcharoo
Move the wolfSSL Configuration section higher in QUIC.md
This commit is contained in:
34
doc/QUIC.md
34
doc/QUIC.md
@ -12,6 +12,22 @@ QUIC, on the other hand, is always protected by TLS. A QUIC implementation does
|
|||||||
implementation of the TLS protocol, specifically TLSv1.3. It does this in new ways and TLS
|
implementation of the TLS protocol, specifically TLSv1.3. It does this in new ways and TLS
|
||||||
implementations need to accommodate these. Those specifics have been added to wolfSSL.
|
implementations need to accommodate these. Those specifics have been added to wolfSSL.
|
||||||
|
|
||||||
|
## wolfSSL Configuration
|
||||||
|
|
||||||
|
QUIC support is enabled in the common autoconf style via:
|
||||||
|
|
||||||
|
```
|
||||||
|
> ./configure --enable-quic
|
||||||
|
```
|
||||||
|
|
||||||
|
this drags in some very basic features. To have everything necessary for a QUIC protocol implementation like ngtcp2, one would do:
|
||||||
|
|
||||||
|
```
|
||||||
|
./configure --enable-quic --enable-session-ticket --enable-earlydata --enable-psk
|
||||||
|
```
|
||||||
|
|
||||||
|
**Note**: for now, quic is not enabled via `--enable-all` and always needs to be specified.
|
||||||
|
|
||||||
## ngtcp2
|
## ngtcp2
|
||||||
|
|
||||||
One of the recommended QUIC implementations is [ngtpc2](https://github.com/ngtcp2/ngtcp2). It now
|
One of the recommended QUIC implementations is [ngtpc2](https://github.com/ngtcp2/ngtcp2). It now
|
||||||
@ -43,24 +59,6 @@ The separation of QUIC's "crypto" parts from its other protocol enabling functio
|
|||||||
|
|
||||||
Therefore, the complete TLSv1.3 handshake became part of the QUIC protocol, with some restrictions and simplifications (UDP based QUIC does not accommodate broken TCP middle boxes). With the need for a complete TLSv1.3 stack, QUIC implementors happily make use of existing TLS libraries.
|
Therefore, the complete TLSv1.3 handshake became part of the QUIC protocol, with some restrictions and simplifications (UDP based QUIC does not accommodate broken TCP middle boxes). With the need for a complete TLSv1.3 stack, QUIC implementors happily make use of existing TLS libraries.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## wolfSSL Configuration
|
|
||||||
|
|
||||||
QUIC support is enabled in the common autoconf style via:
|
|
||||||
|
|
||||||
```
|
|
||||||
> ./configure --enable-quic
|
|
||||||
```
|
|
||||||
|
|
||||||
this drags in some very basic features. To have everything necessary for a QUIC protocol implementation like ngtcp2, one would do:
|
|
||||||
|
|
||||||
```
|
|
||||||
./configure --enable-quic --enable-session-ticket --enable-earlydata --enable-psk
|
|
||||||
```
|
|
||||||
|
|
||||||
**Note**: for now, quic is not enabled via `--enable-all` and always needs to be specified.
|
|
||||||
|
|
||||||
## wolfSSL API
|
## wolfSSL API
|
||||||
|
|
||||||
The exposed API carries all methods that the [quictls/openssl](https://github.com/quictls/openssl) introduces. This seems to become the standard, since other *SLL libraries have picked those up or are about to. The methods are all in the `wolfSSL_` prefix. There are some additional methods, which are covered below.
|
The exposed API carries all methods that the [quictls/openssl](https://github.com/quictls/openssl) introduces. This seems to become the standard, since other *SLL libraries have picked those up or are about to. The methods are all in the `wolfSSL_` prefix. There are some additional methods, which are covered below.
|
||||||
|
Reference in New Issue
Block a user