]> git.kaiwu.me - nginx.git/commitdiff
QUIC: converted ngx_quic_keys_set_encryption_secret() to NGX codes.
authorSergey Kandaurov <pluknet@nginx.com>
Tue, 7 Dec 2021 12:42:10 +0000 (15:42 +0300)
committerSergey Kandaurov <pluknet@nginx.com>
Tue, 7 Dec 2021 12:42:10 +0000 (15:42 +0300)
While here, removed check for encryption level zero, redundant by its nature.

src/event/quic/ngx_event_quic_protection.c
src/event/quic/ngx_event_quic_protection.h
src/event/quic/ngx_event_quic_ssl.c

index d193a7738c85aa0ad6fa7a1f961a4e0c6a7af328..3db510eef15074aaf1d9cb21652a3255590b0023 100644 (file)
@@ -649,7 +649,8 @@ failed:
 }
 
 
-int ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write,
+ngx_int_t
+ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write,
     ngx_quic_keys_t *keys, enum ssl_encryption_level_t level,
     const SSL_CIPHER *cipher, const uint8_t *secret, size_t secret_len)
 {
@@ -667,11 +668,7 @@ int ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write,
 
     if (key_len == NGX_ERROR) {
         ngx_ssl_error(NGX_LOG_INFO, pool->log, 0, "unexpected cipher");
-        return 0;
-    }
-
-    if (level == ssl_encryption_initial) {
-        return 0;
+        return NGX_ERROR;
     }
 
     peer_secret->secret.data = ngx_pnalloc(pool, secret_len);
@@ -702,11 +699,11 @@ int ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write,
                                  seq[i].secret, secret_len)
             != NGX_OK)
         {
-            return 0;
+            return NGX_ERROR;
         }
     }
 
-    return 1;
+    return NGX_OK;
 }
 
 
index 7a1604c6c4ac262ffa988e30bd8dfffb97801c3f..92491f02ab9e39c0358b5b8ec2403f370a58473a 100644 (file)
 ngx_quic_keys_t *ngx_quic_keys_new(ngx_pool_t *pool);
 ngx_int_t ngx_quic_keys_set_initial_secret(ngx_pool_t *pool,
     ngx_quic_keys_t *keys, ngx_str_t *secret, uint32_t version);
-int ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write,
-    ngx_quic_keys_t *keys, enum ssl_encryption_level_t level,
-    const SSL_CIPHER *cipher, const uint8_t *secret, size_t secret_len);
+ngx_int_t ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool,
+    ngx_uint_t is_write, ngx_quic_keys_t *keys,
+    enum ssl_encryption_level_t level, const SSL_CIPHER *cipher,
+    const uint8_t *secret, size_t secret_len);
 ngx_uint_t ngx_quic_keys_available(ngx_quic_keys_t *keys,
     enum ssl_encryption_level_t level);
 void ngx_quic_keys_discard(ngx_quic_keys_t *keys,
index 9fc5c3985c7a59e28d70481b2bd542b448bf5852..fb4b1af85fc3fb03c4b3d772aeb90942fcdee318 100644 (file)
@@ -75,7 +75,7 @@ ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn,
 
     if (ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level,
                                             cipher, rsecret, secret_len)
-        != 1)
+        != NGX_OK)
     {
         return 0;
     }
@@ -109,8 +109,14 @@ ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn,
                    secret_len, wsecret);
 #endif
 
-    return ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level,
-                                               cipher, wsecret, secret_len);
+    if (ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level,
+                                            cipher, wsecret, secret_len)
+        != NGX_OK)
+    {
+        return 0;
+    }
+
+    return 1;
 }
 
 #else
@@ -139,7 +145,7 @@ ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn,
 
     if (ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level,
                                             cipher, rsecret, secret_len)
-        != 1)
+        != NGX_OK)
     {
         return 0;
     }
@@ -158,8 +164,14 @@ ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn,
                    secret_len, wsecret);
 #endif
 
-    return ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level,
-                                               cipher, wsecret, secret_len);
+    if (ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level,
+                                            cipher, wsecret, secret_len)
+        != NGX_OK)
+    {
+        return 0;
+    }
+
+    return 1;
 }
 
 #endif