git.ipfire.org Git - thirdparty/haproxy.git/commit

author	Amaury Denoyelle <adenoyelle@haproxy.com>
	Tue, 15 Oct 2024 15:37:00 +0000 (17:37 +0200)
committer	Amaury Denoyelle <adenoyelle@haproxy.com>
	Wed, 16 Oct 2024 09:51:35 +0000 (11:51 +0200)
commit	0918c41ef63964a986c627d20b8a1324de639cc2
tree	7d01f02175824b00d3a25499b69f6a74ded5875f	tree
parent	73031e81cdd5cf5ba889ed4c676a4ae6284f5cf6	commit \| diff

BUG/MEDIUM: quic: support wait-for-handshake

wait-for-handshake http-request action was completely ineffective with
QUIC protocol. This commit implements its support for QUIC.

QUIC MUX layer is extended to support wait-for-handshake. A new function
qcc_handle_wait_for_hs() is executed during qcc_io_process(). It detects
if MUX processing occurs after underlying QUIC handshake completion. If
this is the case, it indicates that early data may be received. As such,
connection is flagged with CO_FL_EARLY_SSL_HS, which is necessary to
block stream processing on wait-for-handshake action.

After this, qcc subscribs on quic_conn layer for RECV notification. This
is used to detect QUIC handshake completion. Thus,
qcc_handle_wait_for_hs() can be reexecuted one last time, to remove
CO_FL_EARLY_SSL_HS and notify every streams flagged as
SE_FL_WAIT_FOR_HS.

This patch must be backported up to 2.6, after a mandatory period of
observation. Note that it relies on the backport of the two previous
patches :
- MINOR: quic: notify connection layer on handshake completion
- BUG/MINOR: stream: unblock stream on wait-for-handshake completion

include/haproxy/mux_quic-t.h		diff \| blob \| blame \| history
src/mux_quic.c		diff \| blob \| blame \| history