diff options
author | Daiki Ueno <dueno@redhat.com> | 2020-03-29 14:53:39 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2020-03-30 16:00:48 +0200 |
commit | 8efd26afbfad72d86c665ec79418db3ac4927638 (patch) | |
tree | d418eb9e339fb6b329eac71d23b23327b4066f69 /lib/vquic | |
parent | 69d5d183dec0d45a139e1a1e06bb616e2209e239 (diff) |
ngtcp2: update to git master for the key installation API change
This updates the ngtcp2 OpenSSL backend to follow the API change in
commit 32e703164 of ngtcp2.
Notable changes are:
- ngtcp2_crypto_derive_and_install_{rx,tx}_key have been added to replace
ngtcp2_crypto_derive_and_install_key
- the 'side' argument of ngtcp2_crypto_derive_and_install_initial_key
has been removed
Fixes #5166
Closes #5168
Diffstat (limited to 'lib/vquic')
-rw-r--r-- | lib/vquic/ngtcp2.c | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/lib/vquic/ngtcp2.c b/lib/vquic/ngtcp2.c index 2f6ee8bdf..22aa53b29 100644 --- a/lib/vquic/ngtcp2.c +++ b/lib/vquic/ngtcp2.c @@ -123,8 +123,8 @@ static int setup_initial_crypto_context(struct quicsocket *qs) const ngtcp2_cid *dcid = ngtcp2_conn_get_dcid(qs->qconn); if(ngtcp2_crypto_derive_and_install_initial_key( - qs->qconn, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, dcid, - NGTCP2_CRYPTO_SIDE_CLIENT) != 0) + qs->qconn, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, + dcid) != 0) return -1; return 0; @@ -169,9 +169,13 @@ static int quic_set_encryption_secrets(SSL *ssl, struct quicsocket *qs = (struct quicsocket *)SSL_get_app_data(ssl); int level = quic_from_ossl_level(ossl_level); - if(ngtcp2_crypto_derive_and_install_key( - qs->qconn, ssl, NULL, NULL, NULL, NULL, NULL, NULL, level, rx_secret, - tx_secret, secretlen, NGTCP2_CRYPTO_SIDE_CLIENT) != 0) + if(level != NGTCP2_CRYPTO_LEVEL_EARLY && + ngtcp2_crypto_derive_and_install_rx_key( + qs->qconn, ssl, NULL, NULL, NULL, level, rx_secret, secretlen) != 0) + return 0; + + if(ngtcp2_crypto_derive_and_install_tx_key( + qs->qconn, ssl, NULL, NULL, NULL, level, tx_secret, secretlen) != 0) return 0; if(level == NGTCP2_CRYPTO_LEVEL_APP) { |