From: Samson S. Kolge Date: Wed, 2 Apr 2025 10:32:10 +0000 (+0530) Subject: Update README-QUIC.md with server-side QUIC support information X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c66e00398c9feabc02ff6e678089a3dc95f985d2;p=thirdparty%2Fopenssl.git Update README-QUIC.md with server-side QUIC support information - Add information about OpenSSL 3.5 server-side QUIC support - Include specific command instructions for running the QUIC server example - Explicitly note that s_server does NOT support QUIC - Fix documentation formatting (trailing spaces and blank lines around code blocks) Signed-off-by: Samson S. Kolge Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/27230) --- diff --git a/README-QUIC.md b/README-QUIC.md index 554fe9bc2b8..5b70464e5db 100644 --- a/README-QUIC.md +++ b/README-QUIC.md @@ -2,7 +2,7 @@ Using OpenSSL with QUIC ======================= From OpenSSL 3.2, OpenSSL features support for making QUIC connections as a -client. +client. Starting with OpenSSL 3.5, server-side QUIC support has also been added. Users interested in using the new QUIC functionality are encouraged to look at some of the following resources: @@ -70,6 +70,34 @@ using simple TCP/TLS-like usage. Note that OpenSSL has no direct support for HTTP/3 so connecting to an HTTP/3 server should be possible but sending an HTTP/3 request or receiving any response data is not. +### How can I create a QUIC server with OpenSSL? + +Starting with OpenSSL 3.5, you can create a QUIC server. OpenSSL provides a server +implementation example that you can use as a reference: + +The example QUIC server implementation can be found in the source tree under +[`demos/quic/server`](./demos/quic/server/). This demonstrates how to implement a +basic QUIC server using the OpenSSL API. + +To run the example QUIC server: + +```shell +$ ./demos/quic/server/server +``` + +For example: + +```shell +$ ./demos/quic/server/server 4433 server.pem server.key +``` + +Replace `server.pem` and `server.key` with your certificate and private key files. +Note that the standard `openssl s_server` command does NOT support QUIC - you must +use this dedicated server example instead. + +For more information about implementing QUIC servers with OpenSSL, refer to the +[OpenSSL Guide] and the [openssl-quic(7) manual page]. + [openssl-quic(7) manual page]: https://www.openssl.org/docs/manmaster/man7/openssl-quic.html [OpenSSL Guide]: https://www.openssl.org/docs/manmaster/man7/ossl-guide-introduction.html [DDD]: https://github.com/openssl/openssl/tree/master/doc/designs/ddd