[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnurl] 33/151: ngtcp2: handle key updates as ngtcp2 master branch tells
From: |
gnunet |
Subject: |
[gnurl] 33/151: ngtcp2: handle key updates as ngtcp2 master branch tells us |
Date: |
Fri, 20 Dec 2019 14:25:42 +0100 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit a72b6b9606d382e3c4b883484743735b3e2ed241
Author: Daniel Stenberg <address@hidden>
AuthorDate: Mon Nov 18 10:34:26 2019 +0100
ngtcp2: handle key updates as ngtcp2 master branch tells us
Reviewed-by: Tatsuhiro Tsujikawa
Fixes #4612
Closes #4613
---
lib/vquic/ngtcp2.c | 36 +++++++++++++++++++++++++++++++++---
lib/vquic/ngtcp2.h | 3 +++
2 files changed, 36 insertions(+), 3 deletions(-)
diff --git a/lib/vquic/ngtcp2.c b/lib/vquic/ngtcp2.c
index 86151b8a2..b97c0c3d4 100644
--- a/lib/vquic/ngtcp2.c
+++ b/lib/vquic/ngtcp2.c
@@ -174,8 +174,19 @@ static int quic_set_encryption_secrets(SSL *ssl,
tx_secret, secretlen, NGTCP2_CRYPTO_SIDE_CLIENT) != 0)
return 0;
- if(level == NGTCP2_CRYPTO_LEVEL_APP && init_ngh3_conn(qs) != CURLE_OK)
- return 0;
+ if(level == NGTCP2_CRYPTO_LEVEL_APP) {
+ if(init_ngh3_conn(qs) != CURLE_OK)
+ return 0;
+
+ /* malloc an area big enough for both secrets */
+ qs->rx_secret = malloc(secretlen * 2);
+ if(!qs->rx_secret)
+ return 0;
+ memcpy(qs->rx_secret, rx_secret, secretlen);
+ memcpy(&qs->rx_secret[secretlen], tx_secret, secretlen);
+ qs->tx_secret = &qs->rx_secret[secretlen];
+ qs->rx_secretlen = secretlen;
+ }
return 1;
}
@@ -503,6 +514,25 @@ static int cb_get_new_connection_id(ngtcp2_conn *tconn,
ngtcp2_cid *cid,
return 0;
}
+static int cb_update_key(ngtcp2_conn *tconn, uint8_t *rx_key,
+ uint8_t *rx_iv, uint8_t *tx_key,
+ uint8_t *tx_iv, void *user_data)
+{
+ struct quicsocket *qs = (struct quicsocket *)user_data;
+ uint8_t rx_secret[64];
+ uint8_t tx_secret[64];
+
+ if(ngtcp2_crypto_update_key(tconn, rx_secret, tx_secret,
+ rx_key, rx_iv, tx_key, tx_iv, qs->rx_secret,
+ qs->tx_secret, qs->rx_secretlen) != 0)
+ return NGTCP2_ERR_CALLBACK_FAILURE;
+
+ /* store the updated secrets */
+ memcpy(qs->rx_secret, rx_secret, qs->rx_secretlen);
+ memcpy(qs->tx_secret, tx_secret, qs->rx_secretlen);
+ return 0;
+}
+
static ngtcp2_conn_callbacks ng_callbacks = {
cb_initial,
NULL, /* recv_client_initial */
@@ -524,7 +554,7 @@ static ngtcp2_conn_callbacks ng_callbacks = {
NULL, /* rand */
cb_get_new_connection_id,
NULL, /* remove_connection_id */
- NULL, /* update_key */
+ cb_update_key, /* update_key */
NULL, /* path_validation */
NULL, /* select_preferred_addr */
cb_stream_reset,
diff --git a/lib/vquic/ngtcp2.h b/lib/vquic/ngtcp2.h
index 5570fc7e7..62eae4895 100644
--- a/lib/vquic/ngtcp2.h
+++ b/lib/vquic/ngtcp2.h
@@ -46,6 +46,9 @@ struct quicsocket {
ngtcp2_settings settings;
SSL_CTX *sslctx;
SSL *ssl;
+ uint8_t *rx_secret; /* malloced */
+ uint8_t *tx_secret; /* points into the above buffer */
+ size_t rx_secretlen;
struct quic_handshake client_crypto_data[3];
/* the last TLS alert description generated by the local endpoint */
uint8_t tls_alert;
--
To stop receiving notification emails like this one, please contact
address@hidden.
- [gnurl] 08/151: RELEASE-NOTES: synced, (continued)
- [gnurl] 08/151: RELEASE-NOTES: synced, gnunet, 2019/12/20
- [gnurl] 24/151: curl: fix -T globbing, gnunet, 2019/12/20
- [gnurl] 20/151: CURL-DISABLE: initial docs for the CURL_DISABLE_* defines, gnunet, 2019/12/20
- [gnurl] 23/151: HISTORY: added cmake, HTTP/3 and parallel downloads with curl, gnunet, 2019/12/20
- [gnurl] 09/151: copyrights: fix copyright year range, gnunet, 2019/12/20
- [gnurl] 26/151: examples: add multi-poll.c, gnunet, 2019/12/20
- [gnurl] 14/151: TODO: curl_multi_unblock, gnunet, 2019/12/20
- [gnurl] 17/151: pause: avoid updating socket if done was already called, gnunet, 2019/12/20
- [gnurl] 25/151: multi_poll: avoid busy-loop when called without easy handles attached, gnunet, 2019/12/20
- [gnurl] 27/151: config-win32: cpu-machine-OS for Windows on ARM, gnunet, 2019/12/20
- [gnurl] 33/151: ngtcp2: handle key updates as ngtcp2 master branch tells us,
gnunet <=
- [gnurl] 32/151: multi: Fix curl_multi_poll wait when extra_fds && !extra_nfds, gnunet, 2019/12/20
- [gnurl] 29/151: doh: improced both encoding and decoding, gnunet, 2019/12/20
- [gnurl] 28/151: ngtcp2: increase QUIC window size when data is consumed, gnunet, 2019/12/20
- [gnurl] 34/151: ngtcp2: free used resources on disconnect, gnunet, 2019/12/20
- [gnurl] 45/151: openssl: Revert to less sensitivity for SYSCALL errors, gnunet, 2019/12/20
- [gnurl] 44/151: openssl: improve error message for SYSCALL during connect, gnunet, 2019/12/20
- [gnurl] 40/151: curl: add --parallel-immediate, gnunet, 2019/12/20
- [gnurl] 37/151: RELEASE-NOTES: synced, gnunet, 2019/12/20
- [gnurl] 42/151: include: make CURLE_HTTP3 use a new error code, gnunet, 2019/12/20
- [gnurl] 39/151: docs: fix typos, gnunet, 2019/12/20