MINOR: quic: remove qc from quic_rx_packet

quic_rx_packet struct had a reference to the quic_conn instance. This is useless as qc instance is always passed through function argument. In fact, pkt.qc is used only in qc_pkt_decrypt() on key update, even though qc is also passed as argument. Simplify this by removing qc field from quic_rx_packet structure definition. Also clean up qc_pkt_decrypt() documentation and interface to align it with other quic-conn related functions. This should be backported up to 2.7.
2025-04-28 05:48:01 +00:00 · 2022-11-24 17:12:25 +01:00 · 2022-11-24 17:12:25 +01:00 · 518c98f150
commit 518c98f150
parent 52ddd99940
2 changed files with 16 additions and 17 deletions
--- a/include/haproxy/quic_conn-t.h
+++ b/include/haproxy/quic_conn-t.h
@ -400,7 +400,6 @@ struct quic_rx_packet {
 	/* QUIC version used in packet. */
 	const struct quic_version *version;
 	struct quic_conn *qc;
 	unsigned char type;
 	/* Initial desctination connection ID. */
--- a/src/quic_conn.c
+++ b/src/quic_conn.c
@ -1424,11 +1424,13 @@ static int quic_packet_encrypt(unsigned char *payload, size_t payload_len,
 	goto leave;
 }
-/* Decrypt <pkt> QUIC packet with <tls_ctx> as QUIC TLS cryptographic context.
+/* Decrypt <pkt> packet using encryption level <qel> for <qc> connection.
- * Returns 1 if succeeded, 0 if not.
+ * Decryption is done in place in packet buffer.
 *
 * Returns 1 on sucess else 0.
 */
-static int qc_pkt_decrypt(struct quic_rx_packet *pkt, struct quic_enc_level *qel,
+static int qc_pkt_decrypt(struct quic_conn *qc, struct quic_enc_level *qel,
-                          struct quic_conn *qc)
+                          struct quic_rx_packet *pkt)
 {
 	int ret, kp_changed;
 	unsigned char iv[QUIC_TLS_IV_LEN];
@ -1454,21 +1456,21 @@ static int qc_pkt_decrypt(struct quic_rx_packet *pkt, struct quic_enc_level *qel
 				 * secrets.
 				 */
 				// TODO: check if BUG_ON() more suitable
-				if (!pkt->qc->ku.prv_rx.pn) {
+				if (!qc->ku.prv_rx.pn) {
 					TRACE_ERROR("null previous packet number", QUIC_EV_CONN_RXPKT, qc);
 					goto leave;
 				}
-				rx_ctx = pkt->qc->ku.prv_rx.ctx;
+				rx_ctx = qc->ku.prv_rx.ctx;
-				rx_iv  = pkt->qc->ku.prv_rx.iv;
+				rx_iv  = qc->ku.prv_rx.iv;
-				rx_key = pkt->qc->ku.prv_rx.key;
+				rx_key = qc->ku.prv_rx.key;
 			}
 			else if (pkt->pn > qel->pktns->rx.largest_pn) {
 				/* Next key phase */
 				kp_changed = 1;
-				rx_ctx = pkt->qc->ku.nxt_rx.ctx;
+				rx_ctx = qc->ku.nxt_rx.ctx;
-				rx_iv  = pkt->qc->ku.nxt_rx.iv;
+				rx_iv  = qc->ku.nxt_rx.iv;
-				rx_key = pkt->qc->ku.nxt_rx.key;
+				rx_key = qc->ku.nxt_rx.key;
 			}
 		}
 	}
@ -1488,13 +1490,13 @@ static int qc_pkt_decrypt(struct quic_rx_packet *pkt, struct quic_enc_level *qel
 	/* Update the keys only if the packet decryption succeeded. */
 	if (kp_changed) {
-		quic_tls_rotate_keys(pkt->qc);
+		quic_tls_rotate_keys(qc);
 		/* Toggle the Key Phase bit */
 		tls_ctx->flags ^= QUIC_FL_TLS_KP_BIT_SET;
 		/* Store the lowest packet number received for the current key phase */
 		tls_ctx->rx.pn = pkt->pn;
 		/* Prepare the next key update */
-		if (!quic_tls_key_update(pkt->qc)) {
+		if (!quic_tls_key_update(qc)) {
 			TRACE_ERROR("quic_tls_key_update() failed", QUIC_EV_CONN_RXPKT, qc);
 			goto leave;
 		}
@ -3935,7 +3937,7 @@ int qc_treat_rx_pkts(struct quic_conn *qc, struct quic_enc_level *cur_el,
 		pkt = eb64_entry(node, struct quic_rx_packet, pn_node);
 		TRACE_DATA("new packet", QUIC_EV_CONN_RXPKT,
 		            qc, pkt, NULL, qc->xprt_ctx->ssl);
-		if (!qc_pkt_decrypt(pkt, qel, qc)) {
+		if (!qc_pkt_decrypt(qc, qel, pkt)) {
 			/* Drop the packet */
 			TRACE_ERROR("packet decryption failed -> dropped",
 			            QUIC_EV_CONN_RXPKT, qc, pkt);
@ -6059,8 +6061,6 @@ static struct quic_conn *quic_rx_pkt_retrieve_conn(struct quic_rx_packet *pkt,
 		goto err;
 	}
 	pkt->qc = qc;
 out:
 	TRACE_LEAVE(QUIC_EV_CONN_LPKT, qc);
 	return qc;