BUG/MEDIUM: quic: Too short Initial packet sent (enc. level allocation failed)

If the Handshake encryption level could not be allocated, this could lead
to Initial packets to be sent because no Handshake CRYPTO frames were generated.

Furthermore in such an allocation failure case, the connection should be closed
as soon as possible. This is done making ha_quic_set_encryption_secrets() return
0 upon an encryption level allocation failure.

Also fix a typo in the trace in relation to this allocation failure.

No need to be backported.

diff --git a/src/quic_ssl.c b/src/quic_ssl.c
index 14a5eca86cb1d9f99f158c7f84c9ae2542f89096..085f4b8b325da3c04405fd467999a4ea2de07a80 100644 (file)
--- a/src/quic_ssl.c
+++ b/src/quic_ssl.c
@@ -173,8 +173,8 @@ static int ha_quic_set_encryption_secrets(SSL *ssl, enum ssl_encryption_level_t
        BUG_ON(secret_len > QUIC_TLS_SECRET_LEN);
 
        if (!*qel && !qc_enc_level_alloc(qc, pktns, qel, level)) {
-               TRACE_PROTO("Could not allocated an encryption level", QUIC_EV_CONN_ADDDATA, qc);
-               goto out;
+               TRACE_PROTO("Could not allocate an encryption level", QUIC_EV_CONN_ADDDATA, qc);
+               goto leave;
        }
 
        tls_ctx = &(*qel)->tls_ctx;