From: Hugo Landau <hlandau@openssl.org>
Date: Fri, 18 Nov 2022 17:25:25 +0000 (+0000)
Subject: QUIC_CHANNEL: Handle deferred packet processing after yielding of secrets correctly
X-Git-Tag: openssl-3.2.0-alpha1~1491
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4e64437a5fdf5c8ff1b5c2cede6c358a19a28e85;p=thirdparty%2Fopenssl.git

QUIC_CHANNEL: Handle deferred packet processing after yielding of secrets correctly

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19703)
---

diff --git a/ssl/quic/quic_channel.c b/ssl/quic/quic_channel.c
index 7da3095ee11..04f87c92925 100644
--- a/ssl/quic/quic_channel.c
+++ b/ssl/quic/quic_channel.c
@@ -531,6 +531,7 @@ static int ch_on_handshake_yield_secret(uint32_t enc_level, int direction,
             return 0;
     }
 
+    ch->have_new_secret = 1;
     return 1;
 }
 
@@ -1007,14 +1008,23 @@ static void ch_tick(QUIC_TICK_RESULT *res, void *arg)
         }
     }
 
-    /* Handle any incoming data from the network. */
-    ch_rx(ch);
+    do {
+        /* Handle any incoming data from the network. */
+        ch_rx(ch);
 
-    /*
-     * Allow the handshake layer to check for any new incoming data and generate
-     * new outgoing data.
-     */
-    ossl_quic_dhs_tick(ch->dhs);
+        /*
+         * Allow the handshake layer to check for any new incoming data and generate
+         * new outgoing data.
+         */
+        ch->have_new_secret = 0;
+        ossl_quic_dhs_tick(ch->dhs);
+
+        /*
+         * If the handshake layer gave us a new secret, we need to do RX again
+         * because packets that were not previously processable and were
+         * deferred might now be processable.
+         */
+    } while (ch->have_new_secret);
 
     /*
      * Handle any timer events which are due to fire; namely, the loss detection
diff --git a/ssl/quic/quic_channel_local.h b/ssl/quic/quic_channel_local.h
index 5859c0391a4..88e49d588c1 100644
--- a/ssl/quic/quic_channel_local.h
+++ b/ssl/quic/quic_channel_local.h
@@ -263,6 +263,12 @@ struct quic_channel_st {
 
     /* Are we in server mode? Never changes after instantiation. */
     unsigned int                    is_server               : 1;
+
+    /*
+     * Set temporarily when the handshake layer has given us a new secret. Used
+     * to determine if we need to check our RX queues again.
+     */
+    unsigned int                    have_new_secret         : 1;
 };
 
 # endif