From: Frédéric Lécaille <flecaille@haproxy.com>
Date: Sat, 22 Jul 2023 09:46:15 +0000 (+0200)
Subject: BUG/MINOR: quic: Possible crash when acknowledging Initial v2 packets
X-Git-Tag: v2.9-dev3~95
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8d1936683295ec81bc5e576d4b66e55018d241e6;p=thirdparty%2Fhaproxy.git

BUG/MINOR: quic: Possible crash when acknowledging Initial v2 packets

The memory allocated for TLS cipher context used to encrypt/decrypt QUIC v2
packets should not be released as soon as possible. Indeed, even if
after having received an client Handshake packet one may drop the Initial
TLS cipher context, one has often to used it to acknowledged Initial packets.

No need to backport.
---

diff --git a/src/quic_conn.c b/src/quic_conn.c
index b735cfa27d..a95afec8b4 100644
--- a/src/quic_conn.c
+++ b/src/quic_conn.c
@@ -3390,8 +3390,6 @@ static int qc_parse_pkt_frms(struct quic_conn *qc, struct quic_rx_packet *pkt,
 				qc_set_timer(qc);
 				qc_el_rx_pkts_del(qc->iel);
 				qc_release_pktns_frms(qc, qc->ipktns);
-				/* Also release the negotiated Inital TLS context. */
-				quic_nictx_free(qc);
 			}
 		    if (qc->state < QUIC_HS_ST_SERVER_HANDSHAKE)
 			    qc->state = QUIC_HS_ST_SERVER_HANDSHAKE;