Mercurial > hg > nginx
comparison src/event/quic/ngx_event_quic_protection.h @ 9168:ff98ae7d261e
QUIC: split keys availability checks to read and write sides.
Keys may be released by TLS stack in different times, so it makes sense
to check this independently as well. This allows to fine-tune what key
direction is used when checking keys availability.
When discarding, server keys are now marked in addition to client keys.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Thu, 31 Aug 2023 19:54:10 +0400 |
parents | 2880f60a80c3 |
children | f98636db77ef |
comparison
equal
deleted
inserted
replaced
9167:3038bd4d7816 | 9168:ff98ae7d261e |
---|---|
93 ngx_int_t ngx_quic_keys_set_encryption_secret(ngx_log_t *log, | 93 ngx_int_t ngx_quic_keys_set_encryption_secret(ngx_log_t *log, |
94 ngx_uint_t is_write, ngx_quic_keys_t *keys, | 94 ngx_uint_t is_write, ngx_quic_keys_t *keys, |
95 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, | 95 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |
96 const uint8_t *secret, size_t secret_len); | 96 const uint8_t *secret, size_t secret_len); |
97 ngx_uint_t ngx_quic_keys_available(ngx_quic_keys_t *keys, | 97 ngx_uint_t ngx_quic_keys_available(ngx_quic_keys_t *keys, |
98 enum ssl_encryption_level_t level); | 98 enum ssl_encryption_level_t level, ngx_uint_t is_write); |
99 void ngx_quic_keys_discard(ngx_quic_keys_t *keys, | 99 void ngx_quic_keys_discard(ngx_quic_keys_t *keys, |
100 enum ssl_encryption_level_t level); | 100 enum ssl_encryption_level_t level); |
101 void ngx_quic_keys_switch(ngx_connection_t *c, ngx_quic_keys_t *keys); | 101 void ngx_quic_keys_switch(ngx_connection_t *c, ngx_quic_keys_t *keys); |
102 void ngx_quic_keys_update(ngx_event_t *ev); | 102 void ngx_quic_keys_update(ngx_event_t *ev); |
103 ngx_int_t ngx_quic_encrypt(ngx_quic_header_t *pkt, ngx_str_t *res); | 103 ngx_int_t ngx_quic_encrypt(ngx_quic_header_t *pkt, ngx_str_t *res); |