From: Frédéric Lécaille Date: Wed, 12 Jan 2022 16:46:56 +0000 (+0100) Subject: MINOR: quic: Do not wakeup the I/O handler before the mux is started X-Git-Tag: v2.6-dev1~133 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b80b20c6ff50bb8eec9b0fc9394f3fa4a22a7da0;p=thirdparty%2Fhaproxy.git MINOR: quic: Do not wakeup the I/O handler before the mux is started If we wakeup the I/O handler before the mux is started, it is possible it has enough time to parse the ClientHello TLS message and update the mux transport parameters, leading to a crash. So, we initialize ->qcc quic_conn struct member at the very last time, when the mux if fully initialized. The condition to wakeup the I/O handler from lstnr_rcv_pkt() is: xprt context and mux both initialized. Note that if the xprt context is initialized, it implies its tasklet is initialized. So, we do not check anymore this latter condition. --- diff --git a/src/mux_quic.c b/src/mux_quic.c index 9326dc819a..2156730cfd 100644 --- a/src/mux_quic.c +++ b/src/mux_quic.c @@ -395,7 +395,6 @@ static int qc_init(struct connection *conn, struct proxy *prx, qcc->conn = conn; conn->ctx = qcc; - conn->qc->qcc = qcc; qcc->app_ops = NULL; @@ -441,6 +440,7 @@ static int qc_init(struct connection *conn, struct proxy *prx, qcc->wait_event.tasklet->process = qc_io_cb; qcc->wait_event.tasklet->context = qcc; + HA_ATOMIC_STORE(&conn->qc->qcc, qcc); /* init read cycle */ tasklet_wakeup(qcc->wait_event.tasklet); diff --git a/src/xprt_quic.c b/src/xprt_quic.c index 4d0f75246a..094bb64c91 100644 --- a/src/xprt_quic.c +++ b/src/xprt_quic.c @@ -4456,7 +4456,7 @@ static ssize_t qc_lstnr_pkt_rcv(unsigned char *buf, const unsigned char *end, * initialized. */ conn_ctx = HA_ATOMIC_LOAD(&qc->xprt_ctx); - if (conn_ctx && conn_ctx->wait_event.tasklet) + if (conn_ctx && HA_ATOMIC_LOAD(&qc->qcc)) tasklet_wakeup(conn_ctx->wait_event.tasklet); TRACE_LEAVE(QUIC_EV_CONN_LPKT, qc ? qc : NULL, pkt);