Generate initial packet keys based on new dcid for addr validation
When using retry packets in QUIC to implement address validation, the
2nd inital packet that arrives after the server sends the retry frame
will have its CRYPTO packet encrypted using keys derived from the new
dcid, rather than the dcid in the 1st initial packet. Update the
channel creation code to update those keys on the server so that the
CRYPTO packet is decrypted successfully
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25890)
projects / thirdparty / openssl.git / commit
