Initial packets are protected with AEAD_AES_128_GCM.

author Sergey Kandaurov <pluknet@nginx.com>

Thu, 5 Mar 2020 16:49:49 +0000 (19:49 +0300)

committer Sergey Kandaurov <pluknet@nginx.com>

Thu, 5 Mar 2020 16:49:49 +0000 (19:49 +0300)
author Sergey Kandaurov <pluknet@nginx.com>
Thu, 5 Mar 2020 16:49:49 +0000 (19:49 +0300)
committer Sergey Kandaurov <pluknet@nginx.com>
Thu, 5 Mar 2020 16:49:49 +0000 (19:49 +0300)
diff --git a/src/event/ngx_event_quic.c b/src/event/ngx_event_quic.c

index a6999f7f4ded1115b413b6de983b7900b5665417..30a130339aba83743906d72037ac8ade28485244 100644 (file)
--- a/src/event/ngx_event_quic.c
+++ b/src/event/ngx_event_quic.c
@@ -634,18 +634,23 @@ ngx_quic_create_long_packet(ngx_connection_t *c, ngx_ssl_conn_t *ssl_conn,
  
      ngx_quic_hexdump0(c->log, "ad", ad.data, ad.len);
  
-    switch (SSL_CIPHER_get_id(SSL_get_current_cipher(ssl_conn)) & 0xffff) {
+    if (pkt->level != ssl_encryption_initial) {
+        switch (SSL_CIPHER_get_id(SSL_get_current_cipher(ssl_conn)) & 0xffff) {
  
-    case NGX_AES_128_GCM_SHA256:
-        cipher = EVP_aes_128_gcm();
-        break;
+        case NGX_AES_128_GCM_SHA256:
+            cipher = EVP_aes_128_gcm();
+            break;
  
-    case NGX_AES_256_GCM_SHA384:
-        cipher = EVP_aes_256_gcm();
-        break;
+        case NGX_AES_256_GCM_SHA384:
+            cipher = EVP_aes_256_gcm();
+            break;
  
-    default:
-        return NGX_ERROR;
+        default:
+            return NGX_ERROR;
+        }
+
+    } else {
+        cipher = EVP_aes_128_gcm();
      }
  
      nonce = ngx_pstrdup(c->pool, &pkt->secret->iv);
author	Sergey Kandaurov <pluknet@nginx.com>
	Thu, 5 Mar 2020 16:49:49 +0000 (19:49 +0300)
committer	Sergey Kandaurov <pluknet@nginx.com>
	Thu, 5 Mar 2020 16:49:49 +0000 (19:49 +0300)