From: Frédéric Lécaille <flecaille@haproxy.com>
Date: Wed, 7 Sep 2022 15:34:18 +0000 (+0200)
Subject: BUG/MINOR: quic: Speed up the handshake completion only one time
X-Git-Tag: v2.7-dev6~64
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=bb995eafc7e8e7d0457e1c3af17a98ef94d8b40b;p=thirdparty%2Fhaproxy.git

BUG/MINOR: quic: Speed up the handshake completion only one time

It is possible to speed up the handshake completion but only one time
by connection as mentionned in RFC 9002 "6.2.3. Speeding up Handshake Completion".
Add a flag to prevent this process to be run several times
(see https://www.rfc-editor.org/rfc/rfc9002#name-speeding-up-handshake-compl).

Must be backported to 2.6.
---

diff --git a/include/haproxy/xprt_quic-t.h b/include/haproxy/xprt_quic-t.h
index 6ee7f4298c..9af3cc6b07 100644
--- a/include/haproxy/xprt_quic-t.h
+++ b/include/haproxy/xprt_quic-t.h
@@ -598,6 +598,7 @@ enum qc_mux_state {
 #define QUIC_FL_CONN_TLS_ALERT                   (1U << 9)
 /* gap here */
 #define QUIC_FL_CONN_HALF_OPEN_CNT_DECREMENTED   (1U << 11) /* The half-open connection counter was decremented */
+#define QUIC_FL_CONN_HANDSHAKE_SPEED_UP          (1U << 12) /* Handshake speeding up was done */
 #define QUIC_FL_CONN_NOTIFY_CLOSE                (1U << 27) /* MUX notified about quic-conn imminent closure (idle-timeout or CONNECTION_CLOSE emission/reception) */
 #define QUIC_FL_CONN_EXP_TIMER                   (1U << 28) /* timer has expired, quic-conn can be freed */
 #define QUIC_FL_CONN_CLOSING                     (1U << 29)
diff --git a/src/xprt_quic.c b/src/xprt_quic.c
index 4fd1872963..108a6e03b4 100644
--- a/src/xprt_quic.c
+++ b/src/xprt_quic.c
@@ -2651,7 +2651,8 @@ static int qc_parse_pkt_frms(struct quic_rx_packet *pkt, struct ssl_sock_ctx *ct
 					TRACE_PROTO("Already received CRYPTO data",
 					            QUIC_EV_CONN_RXPKT, qc, pkt, &cfdebug);
 					if (qc_is_listener(ctx->qc) &&
-					    qel == &qc->els[QUIC_TLS_ENC_LEVEL_INITIAL])
+					    qel == &qc->els[QUIC_TLS_ENC_LEVEL_INITIAL] &&
+					    !(qc->flags & QUIC_FL_CONN_HANDSHAKE_SPEED_UP))
 						fast_retrans = 1;
 					break;
 				}
@@ -2810,7 +2811,9 @@ static int qc_parse_pkt_frms(struct quic_rx_packet *pkt, struct ssl_sock_ctx *ct
 		struct quic_enc_level *iqel = &qc->els[QUIC_TLS_ENC_LEVEL_INITIAL];
 		struct quic_enc_level *hqel = &qc->els[QUIC_TLS_ENC_LEVEL_HANDSHAKE];
 
+		TRACE_PROTO("speeding up handshake completion", QUIC_EV_CONN_PRSHPKT, qc);
 		qc_prep_hdshk_fast_retrans(qc, &iqel->pktns->tx.frms, &hqel->pktns->tx.frms);
+		qc->flags |= QUIC_FL_CONN_HANDSHAKE_SPEED_UP;
 	}
 
 	/* The server must switch from INITIAL to HANDSHAKE handshake state when it