MINOR: quic: Support transport parameters draft TLS extension

If we want to run quic-tracker against haproxy, we must at least support the draft version of the TLS extension for the QUIC transport parameters (0xffa5). quic-tracker QUIC version is draft-29 at this time. We select this depending on the QUIC version. If draft, we select the draft TLS extension.
2025-02-04 12:32:23 +00:00 · 2021-11-10 09:24:22 +01:00 · 2021-11-10 09:24:22 +01:00 · a956d15118
commit a956d15118
parent 28f51faf0b
4 changed files with 10 additions and 4 deletions
--- a/include/haproxy/quic_tls-t.h
+++ b/include/haproxy/quic_tls-t.h
@ -37,8 +37,9 @@
 #endif
 #endif

-/* The TLS extension (enum) for QUIC transport parameters */
-#define TLS_EXTENSION_QUIC_TRANSPORT_PARAMETERS 0x0039
+/* The TLS extensions for QUIC transport parameters */
+#define TLS_EXTENSION_QUIC_TRANSPORT_PARAMETERS       0x0039
+#define TLS_EXTENSION_QUIC_TRANSPORT_PARAMETERS_DRAFT 0xffa5

 /* QUIC handshake states for both clients and servers. */
 enum quic_handshake_state {
--- a/include/haproxy/xprt_quic-t.h
+++ b/include/haproxy/xprt_quic-t.h
@ -608,6 +608,8 @@ struct rxbuf {
 #define QUIC_FL_PKTNS_ACK_REQUIRED  (1UL << QUIC_FL_PKTNS_ACK_REQUIRED_BIT)
 struct quic_conn {
 	uint32_t version;
+	/* QUIC transport parameters TLS extension */
+	int tps_tls_ext;

 	int state;
 	unsigned char enc_params[QUIC_TP_MAX_ENCLEN]; /* encoded QUIC transport parameters */
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@ -2451,10 +2451,10 @@ int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *arg)
 	if (conn->qc) {
 		/* Look for the QUIC transport parameters. */
 #ifdef OPENSSL_IS_BORINGSSL
-		if (!SSL_early_callback_ctx_extension_get(ctx, TLS_EXTENSION_QUIC_TRANSPORT_PARAMETERS,
+		if (!SSL_early_callback_ctx_extension_get(ctx, con->qc->tps_tls_ext,
 		                                          &extension_data, &extension_len))
 #else
-		if (!SSL_client_hello_get0_ext(ssl, TLS_EXTENSION_QUIC_TRANSPORT_PARAMETERS,
+		if (!SSL_client_hello_get0_ext(ssl, conn->qc->tps_tls_ext,
 		                               &extension_data, &extension_len))
 #endif
 			goto abort;
--- a/src/xprt_quic.c
+++ b/src/xprt_quic.c
@ -3095,6 +3095,9 @@ static struct quic_conn *qc_new_conn(unsigned int version, int ipv4,
 	}

 	qc->version = version;
+	qc->tps_tls_ext = qc->version & 0xff000000 ?
+		TLS_EXTENSION_QUIC_TRANSPORT_PARAMETERS_DRAFT:
+		TLS_EXTENSION_QUIC_TRANSPORT_PARAMETERS;
 	/* TX part. */
 	LIST_INIT(&qc->tx.frms_to_send);
 	qc->tx.nb_buf = QUIC_CONN_TX_BUFS_NB;