MINOR: quic: Update the initial salt to that of draft-29.

This salt is ued at leat up to draft-32. At this date ngtcp2 always
uses this salt even if it started the draft-33 development.

Note that when the salt is not correct, we cannot remove the header
protection. In this case the packet number length is wrong.

diff --git a/src/quic_tls.c b/src/quic_tls.c
index ff24e94d875a8754f911c1a5b2b0ce467709d9c2..f80565ec0123e9c1fefa2ef75efc4ffff91bb2f5 100644 (file)
--- a/src/quic_tls.c
+++ b/src/quic_tls.c
@@ -19,12 +19,12 @@ __attribute__((format (printf, 3, 4)))
 void hexdump(const void *buf, size_t buflen, const char *title_fmt, ...);
 
 /* Initial salt depending on QUIC version to derive client/server initial secrets.
- * This one is for draft-23 QUIC version.
+ * This one is for draft-29 QUIC version.
  */
 unsigned char initial_salt[20] = {
-       0xc3, 0xee, 0xf7, 0x12, 0xc7, 0x2e, 0xbb, 0x5a,
-       0x11, 0xa7, 0xd2, 0x43, 0x2b, 0xb4, 0x63, 0x65,
-       0xbe, 0xf9, 0xf5, 0x02,
+       0xaf, 0xbf, 0xec, 0x28, 0x99, 0x93, 0xd2, 0x4c,
+       0x9e, 0x97, 0x86, 0xf1, 0x9c, 0x61, 0x11, 0xe0,
+       0x43, 0x90, 0xa8, 0x99
 };
 
 /* Dump the RX/TX secrets of <secs> QUIC TLS secrets. */