From: Frédéric Lécaille <flecaille@haproxy.com>
Date: Tue, 6 Jun 2023 15:40:41 +0000 (+0200)
Subject: MINOR: quic: Make ->set_encryption_secrets() be callable two times
X-Git-Tag: v2.9-dev2~10
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=91f1950ed665a8f3a33adcaa0904f0fdb5b07ad1;p=thirdparty%2Fhaproxy.git

MINOR: quic: Make ->set_encryption_secrets() be callable two times

With this patch, ha_set_encryption_secrets() may be callable two times,
one time to derive the RX secrets and a second time to derive the TX secrets.

There was a missing step to do so when the RX secret was received from the stack.
In this case the secret was not stored for the keyupdate, leading the keyupdate
RX part to be uninitialized.

Add a label to initialize the keyupdate RX part and a "goto" statement to run
the concerned code after having derived the RX secrets.

This patch is required to make the keupdate feature work with the OpenSSL wrapper.

Must be backported as far as 2.6.
---

diff --git a/src/quic_conn.c b/src/quic_conn.c
index c1d9cd8025..e495836a33 100644
--- a/src/quic_conn.c
+++ b/src/quic_conn.c
@@ -1112,7 +1112,7 @@ int ha_quic_set_encryption_secrets(SSL *ssl, enum ssl_encryption_level_t level,
 write:
 
 	if (!write_secret)
-		goto out;
+		goto keyupdate_init;
 
 	tx = &tls_ctx->tx;
 	if (!quic_tls_secrets_keys_alloc(tx)) {
@@ -1157,6 +1157,8 @@ write:
 		}
 	}
 
+ keyupdate_init:
+	/* Store the secret provided by the TLS stack, required for keyupdate. */
 	if (level == ssl_encryption_application) {
 		struct quic_tls_kp *prv_rx = &qc->ku.prv_rx;
 		struct quic_tls_kp *nxt_rx = &qc->ku.nxt_rx;