Mercurial > hg > nginx
comparison src/event/quic/ngx_event_quic_ssl.c @ 9152:2880f60a80c3
QUIC: posted generating TLS Key Update next keys.
Since at least f9fbeb4ee0de and certainly after 924882f42dea, which
TLS Key Update support predates, queued data output is deferred to a
posted push handler. To address timing signals after these changes,
generating next keys is now posted to run after the push handler.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Fri, 25 Aug 2023 13:51:38 +0400 |
parents | 58afcd72446f |
children | daf8f5ba23d8 |
comparison
equal
deleted
inserted
replaced
9151:933f37273282 | 9152:2880f60a80c3 |
---|---|
480 * RFC 9001, 9.5. Header Protection Timing Side Channels | 480 * RFC 9001, 9.5. Header Protection Timing Side Channels |
481 * | 481 * |
482 * Generating next keys before a key update is received. | 482 * Generating next keys before a key update is received. |
483 */ | 483 */ |
484 | 484 |
485 if (ngx_quic_keys_update(c, qc->keys) != NGX_OK) { | 485 ngx_post_event(&qc->key_update, &ngx_posted_events); |
486 return NGX_ERROR; | |
487 } | |
488 | 486 |
489 /* | 487 /* |
490 * RFC 9001, 4.9.2. Discarding Handshake Keys | 488 * RFC 9001, 4.9.2. Discarding Handshake Keys |
491 * | 489 * |
492 * An endpoint MUST discard its Handshake keys | 490 * An endpoint MUST discard its Handshake keys |