From: Frédéric Lécaille <flecaille@haproxy.com>
Date: Mon, 14 Feb 2022 16:54:04 +0000 (+0100)
Subject: MINOR: quic: ha_quic_set_encryption_secrets without server specific code
X-Git-Tag: v2.6-dev2~137
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ee4508da4f11145faa66b10cc6689325e1a9788f;p=thirdparty%2Fhaproxy.git

MINOR: quic: ha_quic_set_encryption_secrets without server specific code

Remove this server specific code section. It is useless, not tested. Furthermore
this is really not the good place to retrieve the peer transport parameters.
---

diff --git a/src/xprt_quic.c b/src/xprt_quic.c
index ffd9941854..11c5d32006 100644
--- a/src/xprt_quic.c
+++ b/src/xprt_quic.c
@@ -788,7 +788,7 @@ int ha_quic_set_encryption_secrets(SSL *ssl, enum ssl_encryption_level_t level,
 		quic_accept_push_qc(qc);
 
 	if (!write_secret)
-		goto tp;
+		goto out;
 
 	if (!quic_tls_derive_keys(tx->aead, tx->hp, tx->md, tx->key, tx->keylen,
 	                          tx->iv, tx->ivlen, tx->hp_key, sizeof tx->hp_key,
@@ -798,19 +798,6 @@ int ha_quic_set_encryption_secrets(SSL *ssl, enum ssl_encryption_level_t level,
 	}
 
 	tx->flags |= QUIC_FL_TLS_SECRETS_SET;
- tp:
-	if (!qc_is_listener(qc) && level == ssl_encryption_application) {
-		const unsigned char *buf;
-		size_t buflen;
-
-		SSL_get_peer_quic_transport_params(ssl, &buf, &buflen);
-		if (!buflen)
-			goto err;
-
-		if (!quic_transport_params_store(qc, 1, buf, buf + buflen))
-			goto err;
-	}
-
 	if (level == ssl_encryption_application) {
 		struct quic_tls_kp *prv_rx = &qc->ku.prv_rx;
 		struct quic_tls_kp *nxt_rx = &qc->ku.nxt_rx;
@@ -832,6 +819,7 @@ int ha_quic_set_encryption_secrets(SSL *ssl, enum ssl_encryption_level_t level,
 		if (!quic_tls_key_update(qc))
 			goto err;
 	}
+
  out:
 	TRACE_LEAVE(QUIC_EV_CONN_RWSEC, qc, &level);
 	return 1;