ngtcp2: Support the latest update key callback type

- Remove our cb_update_key in favor of ngtcp2's new
  ngtcp2_crypto_update_key_cb which does the same thing.

Several days ago the ngtcp2_update_key callback function prototype was
changed in ngtcp2/ngtcp2@42ce09c. Though it would be possible to
fix up our cb_update_key for that change they also added
ngtcp2_crypto_update_key_cb which does the same thing so we'll use that
instead.

Ref: https://github.com/ngtcp2/ngtcp2/commit/42ce09c

Closes https://github.com/curl/curl/pull/4735

diff --git a/lib/vquic/ngtcp2.c b/lib/vquic/ngtcp2.c
index c39dba23a141df8045436102e7697c5ec0e31659..e97e9e871b4b92b66910336765f15fb084e2c376 100644 (file)
--- a/lib/vquic/ngtcp2.c
+++ b/lib/vquic/ngtcp2.c
@@ -177,15 +177,6 @@ static int quic_set_encryption_secrets(SSL *ssl,
   if(level == NGTCP2_CRYPTO_LEVEL_APP) {
     if(init_ngh3_conn(qs) != CURLE_OK)
       return 0;
-
-    /* malloc an area big enough for both secrets */
-    qs->rx_secret = malloc(secretlen * 2);
-    if(!qs->rx_secret)
-      return 0;
-    memcpy(qs->rx_secret, rx_secret, secretlen);
-    memcpy(&qs->rx_secret[secretlen], tx_secret, secretlen);
-    qs->tx_secret = &qs->rx_secret[secretlen];
-    qs->rx_secretlen = secretlen;
   }
 
   return 1;
@@ -516,25 +507,6 @@ static int cb_get_new_connection_id(ngtcp2_conn *tconn, ngtcp2_cid *cid,
   return 0;
 }
 
-static int cb_update_key(ngtcp2_conn *tconn, uint8_t *rx_key,
-                         uint8_t *rx_iv, uint8_t *tx_key,
-                         uint8_t *tx_iv, void *user_data)
-{
-  struct quicsocket *qs = (struct quicsocket *)user_data;
-  uint8_t rx_secret[64];
-  uint8_t tx_secret[64];
-
-  if(ngtcp2_crypto_update_key(tconn, rx_secret, tx_secret,
-                              rx_key, rx_iv, tx_key, tx_iv, qs->rx_secret,
-                              qs->tx_secret, qs->rx_secretlen) != 0)
-    return NGTCP2_ERR_CALLBACK_FAILURE;
-
-  /* store the updated secrets */
-  memcpy(qs->rx_secret, rx_secret, qs->rx_secretlen);
-  memcpy(qs->tx_secret, tx_secret, qs->rx_secretlen);
-  return 0;
-}
-
 static ngtcp2_conn_callbacks ng_callbacks = {
   cb_initial,
   NULL, /* recv_client_initial */
@@ -556,7 +528,7 @@ static ngtcp2_conn_callbacks ng_callbacks = {
   NULL, /* rand  */
   cb_get_new_connection_id,
   NULL, /* remove_connection_id */
-  cb_update_key, /* update_key */
+  ngtcp2_crypto_update_key_cb, /* update_key */
   NULL, /* path_validation */
   NULL, /* select_preferred_addr */
   cb_stream_reset,
@@ -701,7 +673,6 @@ static CURLcode ng_disconnect(struct connectdata *conn,
   int i;
   struct quicsocket *qs = &conn->hequic[0];
   (void)dead_connection;
-  free(qs->rx_secret);
   if(qs->ssl)
     SSL_free(qs->ssl);
   for(i = 0; i < 3; i++)

diff --git a/lib/vquic/ngtcp2.h b/lib/vquic/ngtcp2.h
index 82b8d41e38ecdc05d2d211d67666cebcfc29929a..30d442fddef23d6a5c70c6a67f4a399ed47449f0 100644 (file)
--- a/lib/vquic/ngtcp2.h
+++ b/lib/vquic/ngtcp2.h
@@ -46,9 +46,6 @@ struct quicsocket {
   ngtcp2_settings settings;
   SSL_CTX *sslctx;
   SSL *ssl;
-  uint8_t *rx_secret; /* malloced */
-  uint8_t *tx_secret; /* points into the above buffer */
-  size_t rx_secretlen;
   struct quic_handshake crypto_data[3];
   /* the last TLS alert description generated by the local endpoint */
   uint8_t tls_alert;