Mercurial > hg > nginx-quic

diff src/event/ngx_event_quic_protection.h @ 7772:058a5af7ddfc quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Refactored QUIC secrets storage. The quic->keys[4] array now contains secrets related to the corresponding encryption level. All protection-level functions get proper keys and do not need to switch manually between levels.
author Vladimir Homutov <vl@nginx.com>
date Wed, 01 Apr 2020 14:25:25 +0300
parents 2ac03e80d013
children 29354c6fc5f2
line wrap: on
line diff
--- a/src/event/ngx_event_quic_protection.h
+++ b/src/event/ngx_event_quic_protection.h
@@ -8,6 +8,9 @@
 #define _NGX_EVENT_QUIC_PROTECTION_H_INCLUDED_
 
 
+#define NGX_QUIC_ENCRYPTION_LAST  ((ssl_encryption_application) + 1)
+
+
 typedef struct ngx_quic_secret_s {
     ngx_str_t                 secret;
     ngx_str_t                 key;
@@ -17,25 +20,18 @@ typedef struct ngx_quic_secret_s {
 
 
 typedef struct {
-    ngx_quic_secret_t         in;
-    ngx_quic_secret_t         ed;
-    ngx_quic_secret_t         hs;
-    ngx_quic_secret_t         ad;
-} ngx_quic_peer_secrets_t;
-
-
-typedef struct {
-    ngx_quic_peer_secrets_t   client;
-    ngx_quic_peer_secrets_t   server;
+    ngx_quic_secret_t         client;
+    ngx_quic_secret_t         server;
 } ngx_quic_secrets_t;
 
 
 ngx_int_t ngx_quic_set_initial_secret(ngx_pool_t *pool,
-    ngx_quic_secrets_t *secrets, ngx_str_t *secret);
+    ngx_quic_secret_t *client, ngx_quic_secret_t *server,
+    ngx_str_t *secret);
 
 int ngx_quic_set_encryption_secret(ngx_pool_t *pool, ngx_ssl_conn_t *ssl_conn,
     enum ssl_encryption_level_t level, const uint8_t *secret, size_t secret_len,
-    ngx_quic_peer_secrets_t *qsec);
+    ngx_quic_secret_t *peer_secret);
 
 ssize_t ngx_quic_encrypt(ngx_quic_header_t *pkt, ngx_ssl_conn_t *ssl_conn,
      ngx_str_t *res);