Mercurial > hg > nginx
changeset 8303:2ac03e80d013 quic
TLS Early Data key derivation support.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Wed, 01 Apr 2020 13:27:42 +0300 |
parents | 76818c9cdd6f |
children | 90f94413177e |
files | src/event/ngx_event_quic.c src/event/ngx_event_quic_protection.c src/event/ngx_event_quic_protection.h |
diffstat | 3 files changed, 11 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/src/event/ngx_event_quic.c Wed Apr 01 13:27:42 2020 +0300 +++ b/src/event/ngx_event_quic.c Wed Apr 01 13:27:42 2020 +0300 @@ -195,7 +195,6 @@ c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); ngx_quic_hexdump(c->log, "level:%d read", rsecret, secret_len, level); - ngx_quic_hexdump(c->log, "level:%d write", wsecret, secret_len, level); rc = ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, rsecret, secret_len, @@ -204,6 +203,12 @@ return rc; } + if (level == ssl_encryption_early_data) { + return 1; + } + + ngx_quic_hexdump(c->log, "level:%d write", wsecret, secret_len, level); + return ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, wsecret, secret_len, &c->quic->secrets.server);
--- a/src/event/ngx_event_quic_protection.c Wed Apr 01 13:27:42 2020 +0300 +++ b/src/event/ngx_event_quic_protection.c Wed Apr 01 13:27:42 2020 +0300 @@ -620,6 +620,10 @@ switch (level) { + case ssl_encryption_early_data: + peer_secret = &qsec->ed; + break; + case ssl_encryption_handshake: peer_secret = &qsec->hs; break;
--- a/src/event/ngx_event_quic_protection.h Wed Apr 01 13:27:42 2020 +0300 +++ b/src/event/ngx_event_quic_protection.h Wed Apr 01 13:27:42 2020 +0300 @@ -18,6 +18,7 @@ typedef struct { ngx_quic_secret_t in; + ngx_quic_secret_t ed; ngx_quic_secret_t hs; ngx_quic_secret_t ad; } ngx_quic_peer_secrets_t;