From: Daiki Ueno Date: Sun, 29 Mar 2020 12:53:39 +0000 (+0200) Subject: ngtcp2: update to git master for the key installation API change X-Git-Tag: curl-7_70_0~163 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8efd26afbfad72d86c665ec79418db3ac4927638;p=thirdparty%2Fcurl.git ngtcp2: update to git master for the key installation API change This updates the ngtcp2 OpenSSL backend to follow the API change in commit 32e703164 of ngtcp2. Notable changes are: - ngtcp2_crypto_derive_and_install_{rx,tx}_key have been added to replace ngtcp2_crypto_derive_and_install_key - the 'side' argument of ngtcp2_crypto_derive_and_install_initial_key has been removed Fixes #5166 Closes #5168 --- diff --git a/lib/vquic/ngtcp2.c b/lib/vquic/ngtcp2.c index 2f6ee8bdf9..22aa53b29f 100644 --- a/lib/vquic/ngtcp2.c +++ b/lib/vquic/ngtcp2.c @@ -123,8 +123,8 @@ static int setup_initial_crypto_context(struct quicsocket *qs) const ngtcp2_cid *dcid = ngtcp2_conn_get_dcid(qs->qconn); if(ngtcp2_crypto_derive_and_install_initial_key( - qs->qconn, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, dcid, - NGTCP2_CRYPTO_SIDE_CLIENT) != 0) + qs->qconn, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, + dcid) != 0) return -1; return 0; @@ -169,9 +169,13 @@ static int quic_set_encryption_secrets(SSL *ssl, struct quicsocket *qs = (struct quicsocket *)SSL_get_app_data(ssl); int level = quic_from_ossl_level(ossl_level); - if(ngtcp2_crypto_derive_and_install_key( - qs->qconn, ssl, NULL, NULL, NULL, NULL, NULL, NULL, level, rx_secret, - tx_secret, secretlen, NGTCP2_CRYPTO_SIDE_CLIENT) != 0) + if(level != NGTCP2_CRYPTO_LEVEL_EARLY && + ngtcp2_crypto_derive_and_install_rx_key( + qs->qconn, ssl, NULL, NULL, NULL, level, rx_secret, secretlen) != 0) + return 0; + + if(ngtcp2_crypto_derive_and_install_tx_key( + qs->qconn, ssl, NULL, NULL, NULL, level, tx_secret, secretlen) != 0) return 0; if(level == NGTCP2_CRYPTO_LEVEL_APP) {