So that connections are protected from failing from on-path attacks.
Decryption failure of long packets used during handshake still leads
to connection close since it barely makes sense to handle them there.
ctx = ngx_quic_get_send_ctx(qc, pkt->level);
- if (ngx_quic_decrypt(pkt, c->ssl->connection, &ctx->largest_pn) != NGX_OK) {
+ rc = ngx_quic_decrypt(pkt, c->ssl->connection, &ctx->largest_pn);
+
+ if (rc != NGX_OK) {
qc->error = pkt->error;
- return NGX_ERROR;
+ return rc;
}
/* switch keys on Key Phase change */
!= NGX_OK)
{
pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION;
- return NGX_ERROR;
+ return NGX_DECLINED;
}
if (ngx_quic_long_pkt(pkt->flags)) {
if (rc != NGX_OK) {
pkt->error = NGX_QUIC_ERR_PROTOCOL_VIOLATION;
- return rc;
+ return NGX_DECLINED;
}
if (badflags) {