Mercurial > hg > nginx
diff src/event/ngx_event_quic_protection.h @ 8306:058a5af7ddfc quic
Refactored QUIC secrets storage.
The quic->keys[4] array now contains secrets related to the corresponding
encryption level. All protection-level functions get proper keys and do
not need to switch manually between levels.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Wed, 01 Apr 2020 14:25:25 +0300 |
parents | 2ac03e80d013 |
children | 29354c6fc5f2 |
line wrap: on
line diff
--- a/src/event/ngx_event_quic_protection.h Wed Apr 01 17:21:52 2020 +0300 +++ b/src/event/ngx_event_quic_protection.h Wed Apr 01 14:25:25 2020 +0300 @@ -8,6 +8,9 @@ #define _NGX_EVENT_QUIC_PROTECTION_H_INCLUDED_ +#define NGX_QUIC_ENCRYPTION_LAST ((ssl_encryption_application) + 1) + + typedef struct ngx_quic_secret_s { ngx_str_t secret; ngx_str_t key; @@ -17,25 +20,18 @@ typedef struct { - ngx_quic_secret_t in; - ngx_quic_secret_t ed; - ngx_quic_secret_t hs; - ngx_quic_secret_t ad; -} ngx_quic_peer_secrets_t; - - -typedef struct { - ngx_quic_peer_secrets_t client; - ngx_quic_peer_secrets_t server; + ngx_quic_secret_t client; + ngx_quic_secret_t server; } ngx_quic_secrets_t; ngx_int_t ngx_quic_set_initial_secret(ngx_pool_t *pool, - ngx_quic_secrets_t *secrets, ngx_str_t *secret); + ngx_quic_secret_t *client, ngx_quic_secret_t *server, + ngx_str_t *secret); int ngx_quic_set_encryption_secret(ngx_pool_t *pool, ngx_ssl_conn_t *ssl_conn, enum ssl_encryption_level_t level, const uint8_t *secret, size_t secret_len, - ngx_quic_peer_secrets_t *qsec); + ngx_quic_secret_t *peer_secret); ssize_t ngx_quic_encrypt(ngx_quic_header_t *pkt, ngx_ssl_conn_t *ssl_conn, ngx_str_t *res);