]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c3d4303) | patch
Move the Handshake read secret change earlier in the process for QUIC 0-RTT
authorMatt Caswell <matt@openssl.org>
Wed, 19 Mar 2025 15:18:06 +0000 (15:18 +0000)
committerTomas Mraz <tomas@openssl.org>
Thu, 20 Mar 2025 19:22:53 +0000 (20:22 +0100)
commitfb55383c65bb47eef3bf5f73be5a0ad41d81bb3f
tree9630fae7440f35f544715dd6b2881ed8e1bbcc58tree
parentc3d43037b460c7a836073713b78e2c536a08714dcommit | diff
Move the Handshake read secret change earlier in the process for QUIC 0-RTT

On the server side we were changing the handshake rx secret a little late.
This meant the application was forced to call SSL_do_handshake() again
even if there was nothing to read in order to get the secret. We move it
a little earlier int the process to avoid this.

Fixes the issue described in:
https://github.com/ngtcp2/ngtcp2/pull/1582#issuecomment-2735950083

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27101)

(cherry picked from commit 95051052b319d346a8aa3d34d6105d683bb77294)
include/internal/statem.h diff | blob | blame | history
ssl/ssl_lib.c diff | blob | blame | history
ssl/statem/statem.c diff | blob | blame | history
ssl/statem/statem_clnt.c diff | blob | blame | history
ssl/statem/statem_srvr.c diff | blob | blame | history
test/sslapitest.c diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git