MINOR: quic: Post handshake packet building improvements

Make qc_prep_hdshk_pkts() and qui_conn_io_cb() handle the case
where we enter them with QUIC_HS_ST_COMPLETE or QUIC_HS_ST_CONFIRMED
as connection state with QUIC_TLS_ENC_LEVEL_APP and QUIC_TLS_ENC_LEVEL_NONE
to consider to prepare packets.
quic_get_tls_enc_levels() is modified to return QUIC_TLS_ENC_LEVEL_APP
and QUIC_TLS_ENC_LEVEL_NONE as levels to consider when coalescing
packets in the same datagram.

diff --git a/include/haproxy/quic_tls.h b/include/haproxy/quic_tls.h
index d6d0e8610c5f9d1e95eeb2e1621373c0a1995bf6..288cc16c0455ff6ca5d0562f86ded2961606577b 100644 (file)
--- a/include/haproxy/quic_tls.h
+++ b/include/haproxy/quic_tls.h
@@ -361,11 +361,14 @@ static inline int quic_get_tls_enc_levels(enum quic_tls_enc_level *level,
                break;
        case QUIC_HS_ST_SERVER_HANDSHAKE:
        case QUIC_HS_ST_CLIENT_HANDSHAKE:
-       case QUIC_HS_ST_COMPLETE:
-       case QUIC_HS_ST_CONFIRMED:
                *level = QUIC_TLS_ENC_LEVEL_HANDSHAKE;
                *next_level = QUIC_TLS_ENC_LEVEL_APP;
                break;
+       case QUIC_HS_ST_COMPLETE:
+       case QUIC_HS_ST_CONFIRMED:
+               *level = QUIC_TLS_ENC_LEVEL_APP;
+               *next_level = QUIC_TLS_ENC_LEVEL_NONE;
+               break;
        default:
                return 0;
        }

diff --git a/src/xprt_quic.c b/src/xprt_quic.c
index 11afae7f40655c2191aaca67e8462d11e2dd6475..634c553f83494345c2c7ce2f4416f11597222754 100644 (file)
--- a/src/xprt_quic.c
+++ b/src/xprt_quic.c
@@ -2114,7 +2114,8 @@ static int qc_prep_hdshk_pkts(struct qring *qr, struct ssl_sock_ctx *ctx)
                         * been sent, select the next level.
                         */
                        if ((tel == QUIC_TLS_ENC_LEVEL_INITIAL || tel == QUIC_TLS_ENC_LEVEL_HANDSHAKE) &&
-                           (MT_LIST_ISEMPTY(&qel->pktns->tx.frms) || qc->els[next_tel].pktns->tx.in_flight)) {
+                           (MT_LIST_ISEMPTY(&qel->pktns->tx.frms) ||
+                            (next_tel != QUIC_TLS_ENC_LEVEL_NONE && qc->els[next_tel].pktns->tx.in_flight))) {
                                tel = next_tel;
                                qel = &qc->els[tel];
                                if (!MT_LIST_ISEMPTY(&qel->pktns->tx.frms)) {
@@ -2644,7 +2645,7 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state)
                goto err;
 
        qel = &qc->els[tel];
-       next_qel = &qc->els[next_tel];
+       next_qel = next_tel == QUIC_TLS_ENC_LEVEL_NONE ? NULL : &qc->els[next_tel];
 
  next_level:
        tls_ctx = &qel->tls_ctx;
@@ -2685,7 +2686,7 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state)
  skip_send:
        /* Check if there is something to do for the next level.
         */
-       if ((next_qel->tls_ctx.rx.flags & QUIC_FL_TLS_SECRETS_SET) &&
+       if (next_qel && (next_qel->tls_ctx.rx.flags & QUIC_FL_TLS_SECRETS_SET) &&
            (!MT_LIST_ISEMPTY(&next_qel->rx.pqpkts) || !eb_is_empty(&next_qel->rx.pkts))) {
                qel = next_qel;
                goto next_level;