Mercurial > hg > nginx-quic

comparison src/event/quic/ngx_event_quic_protection.c @ 8295:d4e02b3b734f quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
QUIC: fixed indentation.
author Sergey Kandaurov <pluknet@nginx.com>
date Mon, 15 Feb 2021 14:54:28 +0300
parents cef042935003
children 81bb3a690c10
comparison
equal deleted inserted replaced
8294:ba9e34c03968 8295:d4e02b3b734f
182 .data = is, 182 .data = is,
183 .len = is_len 183 .len = is_len
184 }; 184 };
185 185
186 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, pool->log, 0, 186 ngx_log_debug0(NGX_LOG_DEBUG_EVENT, pool->log, 0,
187 "quic ngx_quic_set_initial_secret"); 187 "quic ngx_quic_set_initial_secret");
188 #ifdef NGX_QUIC_DEBUG_CRYPTO 188 #ifdef NGX_QUIC_DEBUG_CRYPTO
189 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pool->log, 0, 189 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pool->log, 0,
190 "quic salt len:%uz %*xs", sizeof(salt), sizeof(salt), salt); 190 "quic salt len:%uz %*xs", sizeof(salt), sizeof(salt), salt);
191 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pool->log, 0, 191 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pool->log, 0,
192 "quic initial secret len:%uz %*xs", is_len, is_len, is); 192 "quic initial secret len:%uz %*xs", is_len, is_len, is);
240 ngx_string("tls13 quic iv"), 240 ngx_string("tls13 quic iv"),
241 &server->iv, 241 &server->iv,
242 &server->secret, 242 &server->secret,
243 }, 243 },
244 { 244 {
245 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.4.1 */ 245 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.4.1 */
246 ngx_string("tls13 quic hp"), 246 ngx_string("tls13 quic hp"),
247 &server->hp, 247 &server->hp,
248 &server->secret, 248 &server->secret,
249 }, 249 },
250 250
722 } 722 }
723 723
724 724
725 void 725 void
726 ngx_quic_keys_discard(ngx_quic_keys_t *keys, 726 ngx_quic_keys_discard(ngx_quic_keys_t *keys,
727 enum ssl_encryption_level_t level) 727 enum ssl_encryption_level_t level)
728 { 728 {
729 keys->secrets[level].client.key.len = 0; 729 keys->secrets[level].client.key.len = 0;
730 } 730 }
731 731
732 732
954 954
955 digest = EVP_sha256(); 955 digest = EVP_sha256();
956 956
957 if (ngx_hkdf_extract(is, &is_len, digest, secret->data, secret->len, 957 if (ngx_hkdf_extract(is, &is_len, digest, secret->data, secret->len,
958 salt->data, salt->len) 958 salt->data, salt->len)
959 != NGX_OK) 959 != NGX_OK)
960 { 960 {
961 ngx_ssl_error(NGX_LOG_INFO, log, 0, 961 ngx_ssl_error(NGX_LOG_INFO, log, 0,
962 "ngx_hkdf_extract(%s) failed", label); 962 "ngx_hkdf_extract(%s) failed", label);
963 return NGX_ERROR; 963 return NGX_ERROR;
964 } 964 }