drop 0-RTT write keys when receiving the 1-RTT keys

2019-08-11 13:10:25 +07:00
parent 40a993e31c
commit 22abcfe6fb
2 changed files with 4 additions and 12 deletions
--- a/internal/handshake/crypto_setup.go
+++ b/internal/handshake/crypto_setup.go
@@ -568,6 +568,10 @@ func (h *cryptoSetup) SetWriteKey(encLevel qtls.EncryptionLevel, suite *qtls.Cip
 		h.aead.SetWriteKey(suite, trafficSecret)
 		h.has1RTTSealer = true
 		h.logger.Debugf("Installed 1-RTT Write keys (using %s)", cipherSuiteName(suite.ID))
+		if h.zeroRTTSealer != nil {
+			h.zeroRTTSealer = nil
+			h.logger.Debugf("Dropping 0-RTT keys.")
+		}
 	default:
 		panic("unexpected write encryption level")
 	}