MINOR: quic: No TX secret at EARLY_DATA encryption level The TLS does not provide us with TX secrets after we have provided it with 0-RTT data. This is logic: the server does not need to send 0-RTT data. We must skip the section where such secrets are derived if we do not want to close the connection with a TLS alert.

commit: 4015cbb723111e4d4bdd43ad073061f7d44466a1 [log] [tgz]
author: Frédéric Lécaille <flecaille@haproxy.com> Tue Dec 14 19:29:34 2021 +0100
committer: Amaury Denoyelle <adenoyelle@haproxy.com> Fri Dec 17 08:38:43 2021 +0100
tree: 0364cbfa091b0bfbd22724d1d88976c9266ee2af
parent: ad3c07ae8188f3fce52bb838954ec638781d1506 [diff]
diff --git a/src/xprt_quic.c b/src/xprt_quic.c
index 55c45f9..d1f1c5b 100644
--- a/src/xprt_quic.c
+++ b/src/xprt_quic.c

@@ -812,6 +812,10 @@
 	}
 
 	rx->flags |= QUIC_FL_TLS_SECRETS_SET;
+
+	if (!write_secret)
+		goto tp;
+
 	if (!quic_tls_derive_keys(tx->aead, tx->hp, tx->md, tx->key, tx->keylen,
 	                          tx->iv, tx->ivlen, tx->hp_key, sizeof tx->hp_key,
 	                          write_secret, secret_len)) {
@@ -820,6 +824,7 @@
 	}
 
 	tx->flags |= QUIC_FL_TLS_SECRETS_SET;
+ tp:
 	if (objt_server(conn->target) && level == ssl_encryption_application) {
 		const unsigned char *buf;
 		size_t buflen;
commit	4015cbb723111e4d4bdd43ad073061f7d44466a1	[log] [tgz]
author	Frédéric Lécaille <flecaille@haproxy.com>	Tue Dec 14 19:29:34 2021 +0100
committer	Amaury Denoyelle <adenoyelle@haproxy.com>	Fri Dec 17 08:38:43 2021 +0100
tree	0364cbfa091b0bfbd22724d1d88976c9266ee2af
parent	ad3c07ae8188f3fce52bb838954ec638781d1506 [diff]