QUIC: ignore CRYPTO frames after handshake completion.

author Roman Arutyunyan <arut@nginx.com>

Tue, 28 May 2024 13:19:08 +0000 (17:19 +0400)

committer Roman Arutyunyan <arut@nginx.com>

Tue, 28 May 2024 13:19:08 +0000 (17:19 +0400)
author Roman Arutyunyan <arut@nginx.com>
Tue, 28 May 2024 13:19:08 +0000 (17:19 +0400)
committer Roman Arutyunyan <arut@nginx.com>
Tue, 28 May 2024 13:19:08 +0000 (17:19 +0400)
diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c

index 7872783f8980b0e550f8d34b19a0422ddf5660e2..ba0b5929fdee47b4431eb459e04f6f76356467e9 100644 (file)
--- a/src/event/quic/ngx_event_quic_ssl.c
+++ b/src/event/quic/ngx_event_quic_ssl.c
@@ -326,6 +326,11 @@ ngx_quic_handle_crypto_frame(ngx_connection_t *c, ngx_quic_header_t *pkt,
      ngx_quic_crypto_frame_t  *f;
  
      qc = ngx_quic_get_connection(c);
+
+    if (!ngx_quic_keys_available(qc->keys, pkt->level, 0)) {
+        return NGX_OK;
+    }
+
      ctx = ngx_quic_get_send_ctx(qc, pkt->level);
      f = &frame->u.crypto;
author	Roman Arutyunyan <arut@nginx.com>
	Tue, 28 May 2024 13:19:08 +0000 (17:19 +0400)
committer	Roman Arutyunyan <arut@nginx.com>
	Tue, 28 May 2024 13:19:08 +0000 (17:19 +0400)