From 7a01ff7921cd72f41ebfd8268b6874ae6c7c139d Mon Sep 17 00:00:00 2001 From: =?utf8?q?Fr=C3=A9d=C3=A9ric=20L=C3=A9caille?= Date: Tue, 2 May 2023 20:03:19 +0200 Subject: [PATCH] BUG/MINOR: quic: Wrong key update cipher context initialization for encryption As noticed by Miroslav, there was a typo in quic_tls_key_update() which lead a cipher context for decryption to be initialized and used in place of a cipher context for encryption. Surprisingly, this did not prevent the key update from working. Perhaps this is due to the fact that the underlying cryptographic algorithms used by QUIC are all symetric algorithms. Also modify incorrect traces. Must be backported in 2.6 and 2.7. --- src/quic_conn.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/quic_conn.c b/src/quic_conn.c index 096f5e3887..069609ab68 100644 --- a/src/quic_conn.c +++ b/src/quic_conn.c @@ -948,7 +948,7 @@ static int quic_tls_key_update(struct quic_conn *qc) } if (!quic_tls_rx_ctx_init(&nxt_rx->ctx, tls_ctx->rx.aead, nxt_rx->key)) { - TRACE_ERROR("could not initial RX TLS cipher context", QUIC_EV_CONN_KP, qc); + TRACE_ERROR("could not initialize RX TLS cipher context", QUIC_EV_CONN_KP, qc); goto leave; } @@ -957,8 +957,8 @@ static int quic_tls_key_update(struct quic_conn *qc) nxt_tx->ctx = NULL; } - if (!quic_tls_rx_ctx_init(&nxt_tx->ctx, tls_ctx->tx.aead, nxt_tx->key)) { - TRACE_ERROR("could not initial RX TLS cipher context", QUIC_EV_CONN_KP, qc); + if (!quic_tls_tx_ctx_init(&nxt_tx->ctx, tls_ctx->tx.aead, nxt_tx->key)) { + TRACE_ERROR("could not initialize TX TLS cipher context", QUIC_EV_CONN_KP, qc); goto leave; } -- 2.47.3