commit c06016afff9bc99cd677c09ad36e012e31a2d6f7
author Alessandro Ghedini <alessandro@ghedini.me> Fri Aug 14 13:29:39 2020 +0100
committer Alessandro Ghedini <alessandro@ghedini.me> Wed Oct 07 09:46:49 2020 +0100
tree c9951a868a313d7171359261edc3352c41d5863d
parent ac4715a1f60bfe5adb7504fd4e31e5b99c7ce416

refactor open AEAD selection

No functional change, just cosmetic. It still looks kind of gross, but
IMO better than before.

src/lib.rs

diff --git a/src/lib.rs b/src/lib.rs
index f2a85de..b5759ad 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -1597,39 +1597,25 @@
         // Select packet number space epoch based on the received packet's type.
         let epoch = hdr.ty.to_epoch()?;
 
-        // TODO: somehow deal with re-ordered 0-RTT data.
-        let aead = if hdr.ty == packet::Type::ZeroRTT &&
-            self.pkt_num_spaces[epoch].crypto_0rtt_open.is_some()
-        {
-            // TODO: buffer 0-RTT packets instead of discarding when key is not
-            // available yet, as an optimization.
-            self.pkt_num_spaces[epoch]
-                .crypto_0rtt_open
-                .as_ref()
-                .unwrap()
-        } else {
-            match self.pkt_num_spaces[epoch].crypto_open {
-                Some(ref v) => v,
-
-                // Ignore packets that can't be decrypted because we don't have
-                // the necessary decryption key (either because we don't yet
-                // have it or because we already dropped it).
-                //
-                // For example, this is necessary to prevent packet reordering
-                // (e.g. between Initial and Handshake) from causing the
-                // connection to be closed.
-                //
-                // TODO: buffer 1-RTT packets instead of discarding when key is
-                // not available yet, as an optimization.
-                None =>
-                    return Err(drop_pkt_on_err(
-                        Error::CryptoFail,
-                        self.recv_count,
-                        self.is_server,
-                        &self.trace_id,
-                    )),
-            }
-        };
+        // Select AEAD context used to open incoming packet.
+        #[allow(clippy::or_fun_call)]
+        let aead = (self.pkt_num_spaces[epoch].crypto_0rtt_open.as_ref())
+            // Only use 0-RTT key if incoming packet is 0-RTT.
+            .filter(|_| hdr.ty == packet::Type::ZeroRTT)
+            // Otherwise use the packet number space's main key.
+            .or(self.pkt_num_spaces[epoch].crypto_open.as_ref())
+            // Finally, discard packet if no usable key is available.
+            //
+            // TODO: buffer 0-RTT/1-RTT packets instead of discarding when the
+            // required key is not available yet, as an optimization.
+            .ok_or_else(|| {
+                drop_pkt_on_err(
+                    Error::CryptoFail,
+                    self.recv_count,
+                    self.is_server,
+                    &self.trace_id,
+                )
+            })?;
 
         let aead_tag_len = aead.alg().tag_len();