From: Frédéric Lécaille <flecaille@haproxy.com>
Date: Mon, 23 Nov 2020 14:37:11 +0000 (+0100)
Subject: MINOR: ssl: QUIC transport parameters parsing.
X-Git-Tag: v2.4-dev5~66
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e9473c7833874cbc1dbfa800b4310b439e1aaac4;p=thirdparty%2Fhaproxy.git

MINOR: ssl: QUIC transport parameters parsing.

This patch modifies the TLS ClientHello message callback so that to parse the QUIC
client transport parameters.
---

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index abcca654c6..35298d5305 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -2326,6 +2326,24 @@ int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *arg)
 	conn = SSL_get_ex_data(ssl, ssl_app_data_index);
 	s = __objt_listener(conn->target)->bind_conf;
 
+#ifdef USE_QUIC
+	if (conn->qc) {
+		/* Look for the QUIC transport parameters. */
+#ifdef OPENSSL_IS_BORINGSSL
+		if (!SSL_early_callback_ctx_extension_get(ctx, TLS_EXTENSION_QUIC_TRANSPORT_PARAMETERS,
+		                                          &extension_data, &extension_len))
+#else
+		if (!SSL_client_hello_get0_ext(ssl, TLS_EXTENSION_QUIC_TRANSPORT_PARAMETERS,
+		                               &extension_data, &extension_len))
+#endif
+			goto abort;
+
+		if (!quic_transport_params_store(conn->qc, 0, extension_data,
+		                                 extension_data + extension_len))
+			goto abort;
+	}
+#endif
+
 	if (s->ssl_conf.early_data)
 		allow_early = 1;
 #ifdef OPENSSL_IS_BORINGSSL