return NGX_ERROR;
}
+ /*
+ * 4.10.1. The successful use of Handshake packets indicates
+ * that no more Initial packets need to be exchanged
+ */
+ ctx = ngx_quic_get_send_ctx(c->quic, ssl_encryption_initial);
+ ngx_quic_free_frames(c, &ctx->sent);
+
return ngx_quic_payload_handler(c, pkt);
}
int sslerr;
ssize_t n;
ngx_ssl_conn_t *ssl_conn;
+ ngx_quic_send_ctx_t *ctx;
ngx_quic_crypto_frame_t *f;
f = &frame->u.crypto;
{
return NGX_ERROR;
}
+
+ /*
+ * 4.10.2 An endpoint MUST discard its handshake keys
+ * when the TLS handshake is confirmed
+ */
+ ctx = ngx_quic_get_send_ctx(c->quic, ssl_encryption_handshake);
+ ngx_quic_free_frames(c, &ctx->sent);
}
ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
f->last = now;
}
- if (start->level == ssl_encryption_initial) {
- /* ack will not be sent in initial packets due to initial keys being
- * discarded when handshake start.
- * Thus consider initial packets as non-ack-eliciting
- */
- pkt.need_ack = 0;
- }
-
out.len = p - out.data;
while (out.len < 4) {