diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/event/quic/ngx_event_quic_protection.c | 13 | ||||
| -rw-r--r-- | src/event/quic/ngx_event_quic_protection.h | 7 | ||||
| -rw-r--r-- | src/event/quic/ngx_event_quic_ssl.c | 24 |
3 files changed, 27 insertions, 17 deletions
diff --git a/src/event/quic/ngx_event_quic_protection.c b/src/event/quic/ngx_event_quic_protection.c index d193a7738..3db510eef 100644 --- a/src/event/quic/ngx_event_quic_protection.c +++ b/src/event/quic/ngx_event_quic_protection.c @@ -649,7 +649,8 @@ failed: } -int ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write, +ngx_int_t +ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write, ngx_quic_keys_t *keys, enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, const uint8_t *secret, size_t secret_len) { @@ -667,11 +668,7 @@ int ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write, if (key_len == NGX_ERROR) { ngx_ssl_error(NGX_LOG_INFO, pool->log, 0, "unexpected cipher"); - return 0; - } - - if (level == ssl_encryption_initial) { - return 0; + return NGX_ERROR; } peer_secret->secret.data = ngx_pnalloc(pool, secret_len); @@ -702,11 +699,11 @@ int ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write, seq[i].secret, secret_len) != NGX_OK) { - return 0; + return NGX_ERROR; } } - return 1; + return NGX_OK; } diff --git a/src/event/quic/ngx_event_quic_protection.h b/src/event/quic/ngx_event_quic_protection.h index 7a1604c6c..92491f02a 100644 --- a/src/event/quic/ngx_event_quic_protection.h +++ b/src/event/quic/ngx_event_quic_protection.h @@ -20,9 +20,10 @@ ngx_quic_keys_t *ngx_quic_keys_new(ngx_pool_t *pool); ngx_int_t ngx_quic_keys_set_initial_secret(ngx_pool_t *pool, ngx_quic_keys_t *keys, ngx_str_t *secret, uint32_t version); -int ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write, - ngx_quic_keys_t *keys, enum ssl_encryption_level_t level, - const SSL_CIPHER *cipher, const uint8_t *secret, size_t secret_len); +ngx_int_t ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, + ngx_uint_t is_write, ngx_quic_keys_t *keys, + enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, + const uint8_t *secret, size_t secret_len); ngx_uint_t ngx_quic_keys_available(ngx_quic_keys_t *keys, enum ssl_encryption_level_t level); void ngx_quic_keys_discard(ngx_quic_keys_t *keys, diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c index 9fc5c3985..fb4b1af85 100644 --- a/src/event/quic/ngx_event_quic_ssl.c +++ b/src/event/quic/ngx_event_quic_ssl.c @@ -75,7 +75,7 @@ ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn, if (ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level, cipher, rsecret, secret_len) - != 1) + != NGX_OK) { return 0; } @@ -109,8 +109,14 @@ ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn, secret_len, wsecret); #endif - return ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level, - cipher, wsecret, secret_len); + if (ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level, + cipher, wsecret, secret_len) + != NGX_OK) + { + return 0; + } + + return 1; } #else @@ -139,7 +145,7 @@ ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn, if (ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level, cipher, rsecret, secret_len) - != 1) + != NGX_OK) { return 0; } @@ -158,8 +164,14 @@ ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn, secret_len, wsecret); #endif - return ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level, - cipher, wsecret, secret_len); + if (ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level, + cipher, wsecret, secret_len) + != NGX_OK) + { + return 0; + } + + return 1; } #endif |