diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/event/quic/ngx_event_quic_protection.c | 7 | ||||
| -rw-r--r-- | src/event/quic/ngx_event_quic_ssl.c | 40 |
2 files changed, 23 insertions, 24 deletions
diff --git a/src/event/quic/ngx_event_quic_protection.c b/src/event/quic/ngx_event_quic_protection.c index ee3ebc6f7..1247e1954 100644 --- a/src/event/quic/ngx_event_quic_protection.c +++ b/src/event/quic/ngx_event_quic_protection.c @@ -147,6 +147,7 @@ ngx_quic_keys_set_initial_secret(ngx_quic_keys_t *keys, ngx_str_t *secret, { size_t is_len; uint8_t is[SHA256_DIGEST_LENGTH]; + ngx_str_t iss; ngx_uint_t i; const EVP_MD *digest; ngx_quic_hkdf_t seq[8]; @@ -176,10 +177,8 @@ ngx_quic_keys_set_initial_secret(ngx_quic_keys_t *keys, ngx_str_t *secret, return NGX_ERROR; } - ngx_str_t iss = { - .data = is, - .len = is_len - }; + iss.len = is_len; + iss.data = is; ngx_log_debug0(NGX_LOG_DEBUG_EVENT, log, 0, "quic ngx_quic_set_initial_secret"); diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c index 2d9de48a5..fd0d8252e 100644 --- a/src/event/quic/ngx_event_quic_ssl.c +++ b/src/event/quic/ngx_event_quic_ssl.c @@ -39,19 +39,6 @@ static int ngx_quic_send_alert(ngx_ssl_conn_t *ssl_conn, static ngx_int_t ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data); -static SSL_QUIC_METHOD quic_method = { -#if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER - .set_read_secret = ngx_quic_set_read_secret, - .set_write_secret = ngx_quic_set_write_secret, -#else - .set_encryption_secrets = ngx_quic_set_encryption_secrets, -#endif - .add_handshake_data = ngx_quic_add_handshake_data, - .flush_flight = ngx_quic_flush_flight, - .send_alert = ngx_quic_send_alert, -}; - - #if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER static int @@ -533,13 +520,14 @@ ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data) ngx_int_t ngx_quic_init_connection(ngx_connection_t *c) { - u_char *p; - size_t clen; - ssize_t len; - ngx_str_t dcid; - ngx_ssl_conn_t *ssl_conn; - ngx_quic_socket_t *qsock; - ngx_quic_connection_t *qc; + u_char *p; + size_t clen; + ssize_t len; + ngx_str_t dcid; + ngx_ssl_conn_t *ssl_conn; + ngx_quic_socket_t *qsock; + ngx_quic_connection_t *qc; + static SSL_QUIC_METHOD quic_method; qc = ngx_quic_get_connection(c); @@ -551,6 +539,18 @@ ngx_quic_init_connection(ngx_connection_t *c) ssl_conn = c->ssl->connection; + if (!quic_method.send_alert) { +#if defined OPENSSL_IS_BORINGSSL || defined LIBRESSL_VERSION_NUMBER + quic_method.set_read_secret = ngx_quic_set_read_secret; + quic_method.set_write_secret = ngx_quic_set_write_secret; +#else + quic_method.set_encryption_secrets = ngx_quic_set_encryption_secrets; +#endif + quic_method.add_handshake_data = ngx_quic_add_handshake_data; + quic_method.flush_flight = ngx_quic_flush_flight; + quic_method.send_alert = ngx_quic_send_alert; + } + if (SSL_set_quic_method(ssl_conn, &quic_method) == 0) { ngx_log_error(NGX_LOG_INFO, c->log, 0, "quic SSL_set_quic_method() failed"); |