MINOR: quic: Implement qc_ssl_eary_data_accepted().

This function is a wrapper around SSL_get_early_data_status() for
OpenSSL derived stack and SSL_early_data_accepted() boringSSL derived
stacks like AWS-LC. It returns true for a TLS server if it has
accepted the early data received from a client.

Also implement quic_ssl_early_data_status_str() which is dedicated to be used
for debugging purposes (traces). This function converts the enum returned
by the two function mentionned above to a human readable string.

diff --git a/include/haproxy/quic_ssl.h b/include/haproxy/quic_ssl.h
index a84f5fffcc2c934d008e67fae930936c30265824..a5bcb4fb49e85c4eea652ce0bc87ef36d563920b 100644 (file)
--- a/include/haproxy/quic_ssl.h
+++ b/include/haproxy/quic_ssl.h
@@ -47,5 +47,44 @@ static inline void qc_free_ssl_sock_ctx(struct ssl_sock_ctx **ctx)
        *ctx = NULL;
 }
 
+#if defined(HAVE_SSL_0RTT_QUIC)
+static inline int qc_ssl_eary_data_accepted(const SSL *ssl)
+{
+#if defined(OPENSSL_IS_AWSLC)
+       return SSL_early_data_accepted(ssl);
+#else
+       return SSL_get_early_data_status(ssl) == SSL_EARLY_DATA_ACCEPTED;
+#endif
+}
+
+static inline const char *quic_ssl_early_data_status_str(const SSL *ssl)
+{
+#if defined(OPENSSL_IS_AWSLC)
+       if (SSL_early_data_accepted(ssl))
+               return "ACCEPTED";
+       else
+               return "UNKNOWN";
+#else
+       int early_data_status = SSL_get_early_data_status(ssl);
+
+       switch (early_data_status) {
+       case SSL_EARLY_DATA_ACCEPTED:
+               return "ACCEPTED";
+       case SSL_EARLY_DATA_REJECTED:
+               return "REJECTED";
+       case SSL_EARLY_DATA_NOT_SENT:
+               return "NOT_SENT";
+       default:
+               return "UNKNOWN";
+       }
+#endif
+}
+#else
+static inline const char *quic_ssl_early_data_status_str(const SSL *ssl)
+{
+       return "NOT_SUPPORTED";
+}
+#endif
+
 #endif /* USE_QUIC */
 #endif /* _HAPROXY_QUIC_SSL_H */