mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2024-11-23 20:19:02 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

QUIC: fixed compat with ciphers other than AES128 (ticket #2500).

Browse Source 
Previously, rec.level field was not uninitialized in SSL_provide_quic_data().
As a result, its value was always ssl_encryption_initial.  Later in
ngx_quic_ciphers() such level resulted in resetting the cipher to
TLS1_3_CK_AES_128_GCM_SHA256 and using AES128 to encrypt the packet.

Now the level is initialized and the right cipher is used.
This commit is contained in:
Roman Arutyunyan 2023-05-28 11:17:07 +04:00
parent fddcc30e99
commit cb70d5954c
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/event/quic/ngx_event_quic_openssl_compat.c
View File

@ -463,6 +463,7 @@ SSL_provide_quic_data(SSL *ssl, enum ssl_encryption_level_t level,
rec.log = c->log;
rec.number = com->read_record++;
rec.keys = &com->keys;
rec.level = level;
if (level == ssl_encryption_initial) {
n = ngx_min(len, 65535);