MINOR: quic: Make ->set_encryption_secrets() be callable two times

With this patch, ha_set_encryption_secrets() may be callable two times,
one time to derive the RX secrets and a second time to derive the TX secrets.

There was a missing step to do so when the RX secret was received from the stack.
In this case the secret was not stored for the keyupdate, leading the keyupdate
RX part to be uninitialized.

Add a label to initialize the keyupdate RX part and a "goto" statement to run
the concerned code after having derived the RX secrets.

This patch is required to make the keupdate feature work with the OpenSSL wrapper.

Must be backported as far as 2.6.

diff --git a/src/quic_conn.c b/src/quic_conn.c
index c1d9cd8025491675b26e923de3d0f8d31a43b73c..e495836a337acd8a65a0e13271ad95598b087396 100644 (file)
--- a/src/quic_conn.c
+++ b/src/quic_conn.c
@@ -1112,7 +1112,7 @@ int ha_quic_set_encryption_secrets(SSL *ssl, enum ssl_encryption_level_t level,
 write:
 
        if (!write_secret)
-               goto out;
+               goto keyupdate_init;
 
        tx = &tls_ctx->tx;
        if (!quic_tls_secrets_keys_alloc(tx)) {
@@ -1157,6 +1157,8 @@ write:
                }
        }
 
+ keyupdate_init:
+       /* Store the secret provided by the TLS stack, required for keyupdate. */
        if (level == ssl_encryption_application) {
                struct quic_tls_kp *prv_rx = &qc->ku.prv_rx;
                struct quic_tls_kp *nxt_rx = &qc->ku.nxt_rx;