aboutsummaryrefslogtreecommitdiff
path: root/lib/vquic
diff options
context:
space:
mode:
authorDaiki Ueno <dueno@redhat.com>2020-03-29 14:53:39 +0200
committerDaniel Stenberg <daniel@haxx.se>2020-03-30 16:00:48 +0200
commit8efd26afbfad72d86c665ec79418db3ac4927638 (patch)
treed418eb9e339fb6b329eac71d23b23327b4066f69 /lib/vquic
parent69d5d183dec0d45a139e1a1e06bb616e2209e239 (diff)
ngtcp2: update to git master for the key installation API change
This updates the ngtcp2 OpenSSL backend to follow the API change in commit 32e703164 of ngtcp2. Notable changes are: - ngtcp2_crypto_derive_and_install_{rx,tx}_key have been added to replace ngtcp2_crypto_derive_and_install_key - the 'side' argument of ngtcp2_crypto_derive_and_install_initial_key has been removed Fixes #5166 Closes #5168
Diffstat (limited to 'lib/vquic')
-rw-r--r--lib/vquic/ngtcp2.c14
1 files changed, 9 insertions, 5 deletions
diff --git a/lib/vquic/ngtcp2.c b/lib/vquic/ngtcp2.c
index 2f6ee8bdf..22aa53b29 100644
--- a/lib/vquic/ngtcp2.c
+++ b/lib/vquic/ngtcp2.c
@@ -123,8 +123,8 @@ static int setup_initial_crypto_context(struct quicsocket *qs)
const ngtcp2_cid *dcid = ngtcp2_conn_get_dcid(qs->qconn);
if(ngtcp2_crypto_derive_and_install_initial_key(
- qs->qconn, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, dcid,
- NGTCP2_CRYPTO_SIDE_CLIENT) != 0)
+ qs->qconn, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+ dcid) != 0)
return -1;
return 0;
@@ -169,9 +169,13 @@ static int quic_set_encryption_secrets(SSL *ssl,
struct quicsocket *qs = (struct quicsocket *)SSL_get_app_data(ssl);
int level = quic_from_ossl_level(ossl_level);
- if(ngtcp2_crypto_derive_and_install_key(
- qs->qconn, ssl, NULL, NULL, NULL, NULL, NULL, NULL, level, rx_secret,
- tx_secret, secretlen, NGTCP2_CRYPTO_SIDE_CLIENT) != 0)
+ if(level != NGTCP2_CRYPTO_LEVEL_EARLY &&
+ ngtcp2_crypto_derive_and_install_rx_key(
+ qs->qconn, ssl, NULL, NULL, NULL, level, rx_secret, secretlen) != 0)
+ return 0;
+
+ if(ngtcp2_crypto_derive_and_install_tx_key(
+ qs->qconn, ssl, NULL, NULL, NULL, level, tx_secret, secretlen) != 0)
return 0;
if(level == NGTCP2_CRYPTO_LEVEL_APP) {