From cd5f4cd8d3991414167a734f452e8e3fe98f3916 Mon Sep 17 00:00:00 2001 From: Sergey Kandaurov Date: Thu, 31 Aug 2023 19:54:10 +0400 Subject: QUIC: split keys availability checks to read and write sides. Keys may be released by TLS stack in different times, so it makes sense to check this independently as well. This allows to fine-tune what key direction is used when checking keys availability. When discarding, server keys are now marked in addition to client keys. --- src/event/quic/ngx_event_quic_ssl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/event/quic/ngx_event_quic_ssl.c') diff --git a/src/event/quic/ngx_event_quic_ssl.c b/src/event/quic/ngx_event_quic_ssl.c index c719a1dd4..7872783f8 100644 --- a/src/event/quic/ngx_event_quic_ssl.c +++ b/src/event/quic/ngx_event_quic_ssl.c @@ -434,7 +434,7 @@ ngx_quic_crypto_input(ngx_connection_t *c, ngx_chain_t *data, } if (n <= 0 || SSL_in_init(ssl_conn)) { - if (ngx_quic_keys_available(qc->keys, ssl_encryption_early_data) + if (ngx_quic_keys_available(qc->keys, ssl_encryption_early_data, 0) && qc->client_tp_done) { if (ngx_quic_init_streams(c) != NGX_OK) { -- cgit