Mercurial > hg > nginx
comparison src/event/quic/ngx_event_quic.c @ 8816:7f29db5294bd quic
QUIC: avoid processing 1-RTT with incomplete handshake in OpenSSL.
OpenSSL is known to provide read keys for an encryption level before the
level is active in TLS, following the old BoringSSL API. In BoringSSL,
it was then fixed to defer releasing read keys until QUIC may use them.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Thu, 22 Jul 2021 15:00:37 +0300 |
| parents | f8ad3dd142ad |
| children | 4009f120cad4 |
comparison
equal
deleted
inserted
replaced
| 8815:8ab0d609af09 | 8816:7f29db5294bd |
|---|---|
| 916 "quic no %s keys, ignoring packet", | 916 "quic no %s keys, ignoring packet", |
| 917 ngx_quic_level_name(pkt->level)); | 917 ngx_quic_level_name(pkt->level)); |
| 918 return NGX_DECLINED; | 918 return NGX_DECLINED; |
| 919 } | 919 } |
| 920 | 920 |
| 921 #if !defined (OPENSSL_IS_BORINGSSL) | |
| 922 /* OpenSSL provides read keys for an application level before it's ready */ | |
| 923 | |
| 924 if (pkt->level == ssl_encryption_application | |
| 925 && SSL_quic_read_level(c->ssl->connection) | |
| 926 < ssl_encryption_application) | |
| 927 { | |
| 928 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
| 929 "quic no %s keys ready, ignoring packet", | |
| 930 ngx_quic_level_name(pkt->level)); | |
| 931 return NGX_DECLINED; | |
| 932 } | |
| 933 #endif | |
| 934 | |
| 921 pkt->keys = qc->keys; | 935 pkt->keys = qc->keys; |
| 922 pkt->key_phase = qc->key_phase; | 936 pkt->key_phase = qc->key_phase; |
| 923 pkt->plaintext = buf; | 937 pkt->plaintext = buf; |
| 924 | 938 |
| 925 ctx = ngx_quic_get_send_ctx(qc, pkt->level); | 939 ctx = ngx_quic_get_send_ctx(qc, pkt->level); |