From 10121a417d965af73224d43e85ed78af1f14064d Mon Sep 17 00:00:00 2001 From: Jay Satiro Date: Wed, 18 Dec 2019 13:56:16 -0500 Subject: ngtcp2: Support the latest update key callback type - Remove our cb_update_key in favor of ngtcp2's new ngtcp2_crypto_update_key_cb which does the same thing. Several days ago the ngtcp2_update_key callback function prototype was changed in ngtcp2/ngtcp2@42ce09c. Though it would be possible to fix up our cb_update_key for that change they also added ngtcp2_crypto_update_key_cb which does the same thing so we'll use that instead. Ref: https://github.com/ngtcp2/ngtcp2/commit/42ce09c Closes https://github.com/curl/curl/pull/4735 --- lib/vquic/ngtcp2.c | 31 +------------------------------ lib/vquic/ngtcp2.h | 3 --- 2 files changed, 1 insertion(+), 33 deletions(-) diff --git a/lib/vquic/ngtcp2.c b/lib/vquic/ngtcp2.c index c39dba23a..e97e9e871 100644 --- a/lib/vquic/ngtcp2.c +++ b/lib/vquic/ngtcp2.c @@ -177,15 +177,6 @@ static int quic_set_encryption_secrets(SSL *ssl, if(level == NGTCP2_CRYPTO_LEVEL_APP) { if(init_ngh3_conn(qs) != CURLE_OK) return 0; - - /* malloc an area big enough for both secrets */ - qs->rx_secret = malloc(secretlen * 2); - if(!qs->rx_secret) - return 0; - memcpy(qs->rx_secret, rx_secret, secretlen); - memcpy(&qs->rx_secret[secretlen], tx_secret, secretlen); - qs->tx_secret = &qs->rx_secret[secretlen]; - qs->rx_secretlen = secretlen; } return 1; @@ -516,25 +507,6 @@ static int cb_get_new_connection_id(ngtcp2_conn *tconn, ngtcp2_cid *cid, return 0; } -static int cb_update_key(ngtcp2_conn *tconn, uint8_t *rx_key, - uint8_t *rx_iv, uint8_t *tx_key, - uint8_t *tx_iv, void *user_data) -{ - struct quicsocket *qs = (struct quicsocket *)user_data; - uint8_t rx_secret[64]; - uint8_t tx_secret[64]; - - if(ngtcp2_crypto_update_key(tconn, rx_secret, tx_secret, - rx_key, rx_iv, tx_key, tx_iv, qs->rx_secret, - qs->tx_secret, qs->rx_secretlen) != 0) - return NGTCP2_ERR_CALLBACK_FAILURE; - - /* store the updated secrets */ - memcpy(qs->rx_secret, rx_secret, qs->rx_secretlen); - memcpy(qs->tx_secret, tx_secret, qs->rx_secretlen); - return 0; -} - static ngtcp2_conn_callbacks ng_callbacks = { cb_initial, NULL, /* recv_client_initial */ @@ -556,7 +528,7 @@ static ngtcp2_conn_callbacks ng_callbacks = { NULL, /* rand */ cb_get_new_connection_id, NULL, /* remove_connection_id */ - cb_update_key, /* update_key */ + ngtcp2_crypto_update_key_cb, /* update_key */ NULL, /* path_validation */ NULL, /* select_preferred_addr */ cb_stream_reset, @@ -701,7 +673,6 @@ static CURLcode ng_disconnect(struct connectdata *conn, int i; struct quicsocket *qs = &conn->hequic[0]; (void)dead_connection; - free(qs->rx_secret); if(qs->ssl) SSL_free(qs->ssl); for(i = 0; i < 3; i++) diff --git a/lib/vquic/ngtcp2.h b/lib/vquic/ngtcp2.h index 82b8d41e3..30d442fdd 100644 --- a/lib/vquic/ngtcp2.h +++ b/lib/vquic/ngtcp2.h @@ -46,9 +46,6 @@ struct quicsocket { ngtcp2_settings settings; SSL_CTX *sslctx; SSL *ssl; - uint8_t *rx_secret; /* malloced */ - uint8_t *tx_secret; /* points into the above buffer */ - size_t rx_secretlen; struct quic_handshake crypto_data[3]; /* the last TLS alert description generated by the local endpoint */ uint8_t tls_alert; -- cgit v1.2.3