From 18f9330cd6ce76469d4ffa81040af8d634280fd9 Mon Sep 17 00:00:00 2001
From: Sergey Kandaurov <pluknet@nginx.com>
Date: Wed, 31 Mar 2021 21:43:17 +0300
Subject: [PATCH] QUIC: HKDF API compatibility with OpenSSL master branch.

OpenSSL 3.0 started to require HKDF-Extract output PRK length pointer
used to represent the amount of data written to contain the length of
the key buffer before the call.  EVP_PKEY_derive() documents this.

See HKDF_Extract() internal implementation update in this change:
https://github.com/openssl/openssl/commit/5a285ad
---
 src/event/quic/ngx_event_quic_protection.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/event/quic/ngx_event_quic_protection.c b/src/event/quic/ngx_event_quic_protection.c
index 4b29869ce..efc15a22b 100644
--- a/src/event/quic/ngx_event_quic_protection.c
+++ b/src/event/quic/ngx_event_quic_protection.c
@@ -165,6 +165,7 @@ ngx_quic_keys_set_initial_secret(ngx_pool_t *pool, ngx_quic_keys_t *keys,
 
     cipher = EVP_aes_128_gcm();
     digest = EVP_sha256();
+    is_len = SHA256_DIGEST_LENGTH;
 
     if (ngx_hkdf_extract(is, &is_len, digest, secret->data, secret->len,
                          (version & 0xff000000) ? salt29 : salt, sizeof(salt))
@@ -968,6 +969,7 @@ ngx_quic_derive_key(ngx_log_t *log, const char *label, ngx_str_t *secret,
     uint8_t        info[20];
 
     digest = EVP_sha256();
+    is_len = SHA256_DIGEST_LENGTH;
 
     if (ngx_hkdf_extract(is, &is_len, digest, secret->data, secret->len,
                          salt->data, salt->len)