Mercurial > hg > nginx
changeset 8926:3341e4089c6c quic
QUIC: converted ngx_quic_keys_set_encryption_secret() to NGX codes.
While here, removed check for encryption level zero, redundant by its nature.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Tue, 07 Dec 2021 15:42:10 +0300 |
| parents | 18d23ed15eef |
| children | e4952530e6af |
| files | src/event/quic/ngx_event_quic_protection.c src/event/quic/ngx_event_quic_protection.h src/event/quic/ngx_event_quic_ssl.c |
| diffstat | 3 files changed, 27 insertions(+), 17 deletions(-) [+] |
line wrap: on
line diff
--- a/src/event/quic/ngx_event_quic_protection.c +++ b/src/event/quic/ngx_event_quic_protection.c @@ -649,7 +649,8 @@ failed: } -int ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write, +ngx_int_t +ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write, ngx_quic_keys_t *keys, enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, const uint8_t *secret, size_t secret_len) { @@ -667,11 +668,7 @@ int ngx_quic_keys_set_encryption_secret( if (key_len == NGX_ERROR) { ngx_ssl_error(NGX_LOG_INFO, pool->log, 0, "unexpected cipher"); - return 0; - } - - if (level == ssl_encryption_initial) { - return 0; + return NGX_ERROR; } peer_secret->secret.data = ngx_pnalloc(pool, secret_len); @@ -702,11 +699,11 @@ int ngx_quic_keys_set_encryption_secret( seq[i].secret, secret_len) != NGX_OK) { - return 0; + return NGX_ERROR; } } - return 1; + return NGX_OK; }
--- a/src/event/quic/ngx_event_quic_protection.h +++ b/src/event/quic/ngx_event_quic_protection.h @@ -20,9 +20,10 @@ ngx_quic_keys_t *ngx_quic_keys_new(ngx_pool_t *pool); ngx_int_t ngx_quic_keys_set_initial_secret(ngx_pool_t *pool, ngx_quic_keys_t *keys, ngx_str_t *secret, uint32_t version); -int ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write, - ngx_quic_keys_t *keys, enum ssl_encryption_level_t level, - const SSL_CIPHER *cipher, const uint8_t *secret, size_t secret_len); +ngx_int_t ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, + ngx_uint_t is_write, ngx_quic_keys_t *keys, + enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, + const uint8_t *secret, size_t secret_len); ngx_uint_t ngx_quic_keys_available(ngx_quic_keys_t *keys, enum ssl_encryption_level_t level); void ngx_quic_keys_discard(ngx_quic_keys_t *keys,
--- a/src/event/quic/ngx_event_quic_ssl.c +++ b/src/event/quic/ngx_event_quic_ssl.c @@ -75,7 +75,7 @@ ngx_quic_set_read_secret(ngx_ssl_conn_t if (ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level, cipher, rsecret, secret_len) - != 1) + != NGX_OK) { return 0; } @@ -109,8 +109,14 @@ ngx_quic_set_write_secret(ngx_ssl_conn_t secret_len, wsecret); #endif - return ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level, - cipher, wsecret, secret_len); + if (ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level, + cipher, wsecret, secret_len) + != NGX_OK) + { + return 0; + } + + return 1; } #else @@ -139,7 +145,7 @@ ngx_quic_set_encryption_secrets(ngx_ssl_ if (ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level, cipher, rsecret, secret_len) - != 1) + != NGX_OK) { return 0; } @@ -158,8 +164,14 @@ ngx_quic_set_encryption_secrets(ngx_ssl_ secret_len, wsecret); #endif - return ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level, - cipher, wsecret, secret_len); + if (ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level, + cipher, wsecret, secret_len) + != NGX_OK) + { + return 0; + } + + return 1; } #endif