QUIC: converted ngx_quic_keys_set_encryption_secret() to NGX codes.

While here, removed check for encryption level zero, redundant by its nature.

src/event/quic/ngx_event_quic_protection.c

@@ -649,7 +649,8 @@ failed:
 }
 
 
-int ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write,
+ngx_int_t
+ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write,
     ngx_quic_keys_t *keys, enum ssl_encryption_level_t level,
     const SSL_CIPHER *cipher, const uint8_t *secret, size_t secret_len)
 {
@@ -667,11 +668,7 @@ int ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write,
 
     if (key_len == NGX_ERROR) {
         ngx_ssl_error(NGX_LOG_INFO, pool->log, 0, "unexpected cipher");
-        return 0;
+        return NGX_ERROR;
-    }
-
-    if (level == ssl_encryption_initial) {
-        return 0;
     }
 
     peer_secret->secret.data = ngx_pnalloc(pool, secret_len);
@@ -702,11 +699,11 @@ int ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write,
                                  seq[i].secret, secret_len)
             != NGX_OK)
         {
-            return 0;
+            return NGX_ERROR;
         }
     }
 
-    return 1;
+    return NGX_OK;
 }
 
 

src/event/quic/ngx_event_quic_protection.h

@@ -20,9 +20,10 @@
 ngx_quic_keys_t *ngx_quic_keys_new(ngx_pool_t *pool);
 ngx_int_t ngx_quic_keys_set_initial_secret(ngx_pool_t *pool,
     ngx_quic_keys_t *keys, ngx_str_t *secret, uint32_t version);
-int ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool, ngx_uint_t is_write,
+ngx_int_t ngx_quic_keys_set_encryption_secret(ngx_pool_t *pool,
-    ngx_quic_keys_t *keys, enum ssl_encryption_level_t level,
+    ngx_uint_t is_write, ngx_quic_keys_t *keys,
-    const SSL_CIPHER *cipher, const uint8_t *secret, size_t secret_len);
+    enum ssl_encryption_level_t level, const SSL_CIPHER *cipher,
+    const uint8_t *secret, size_t secret_len);
 ngx_uint_t ngx_quic_keys_available(ngx_quic_keys_t *keys,
     enum ssl_encryption_level_t level);
 void ngx_quic_keys_discard(ngx_quic_keys_t *keys,

src/event/quic/ngx_event_quic_ssl.c

@@ -75,7 +75,7 @@ ngx_quic_set_read_secret(ngx_ssl_conn_t *ssl_conn,
 
     if (ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level,
                                             cipher, rsecret, secret_len)
-        != 1)
+        != NGX_OK)
     {
         return 0;
     }
@@ -109,8 +109,14 @@ ngx_quic_set_write_secret(ngx_ssl_conn_t *ssl_conn,
                    secret_len, wsecret);
 #endif
 
-    return ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level,
+    if (ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level,
-                                               cipher, wsecret, secret_len);
+                                            cipher, wsecret, secret_len)
+        != NGX_OK)
+    {
+        return 0;
+    }
+
+    return 1;
 }
 
 #else
@@ -139,7 +145,7 @@ ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn,
 
     if (ngx_quic_keys_set_encryption_secret(c->pool, 0, qc->keys, level,
                                             cipher, rsecret, secret_len)
-        != 1)
+        != NGX_OK)
     {
         return 0;
     }
@@ -158,8 +164,14 @@ ngx_quic_set_encryption_secrets(ngx_ssl_conn_t *ssl_conn,
                    secret_len, wsecret);
 #endif
 
-    return ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level,
+    if (ngx_quic_keys_set_encryption_secret(c->pool, 1, qc->keys, level,
-                                               cipher, wsecret, secret_len);
+                                            cipher, wsecret, secret_len)
+        != NGX_OK)
+    {
+        return 0;
+    }
+
+    return 1;
 }
 
 #endif