MINOR: quic: Immediately close if no transport parameters extension found If the ClientHello callback does not manage to find a correct QUIC transport parameters extension, we immediately close the connection with missing_extension(109) as TLS alert which is turned into 0x16d QUIC connection error.

commit: b5b5247b18cd2d1f81d577b1418cf8df202b2ca1 [log] [tgz]
author: Frédéric Lécaille <flecaille@haproxy.com> Mon Nov 22 15:55:16 2021 +0100
committer: Frédéric Lécaille <flecaille@haproxy.com> Tue Nov 30 11:47:46 2021 +0100
tree: e9d172074e05691a239a93e787b0502e3e0645a6
parent: 1fc5e16c4c5c7a5078a400bbcc33a782e873d20d [diff] [blame]
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index ffbfa50..158cb48 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c

@@ -2463,7 +2463,15 @@
 		if (!SSL_client_hello_get0_ext(ssl, conn->qc->tps_tls_ext,
 		                               &extension_data, &extension_len))
 #endif
-			goto abort;
+		{
+			/* This is not redundant. It we only return 0 without setting
+			 * <*al>, this has as side effect to generate another TLS alert
+			 * which would be set after calling quic_set_tls_alert().
+			 */
+			*al = SSL_AD_MISSING_EXTENSION;
+			quic_set_tls_alert(conn->qc, SSL_AD_MISSING_EXTENSION);
+			return 0;
+		}
 
 		if (!quic_transport_params_store(conn->qc, 0, extension_data,
 		                                 extension_data + extension_len))
commit	b5b5247b18cd2d1f81d577b1418cf8df202b2ca1	[log] [tgz]
author	Frédéric Lécaille <flecaille@haproxy.com>	Mon Nov 22 15:55:16 2021 +0100
committer	Frédéric Lécaille <flecaille@haproxy.com>	Tue Nov 30 11:47:46 2021 +0100
tree	e9d172074e05691a239a93e787b0502e3e0645a6
parent	1fc5e16c4c5c7a5078a400bbcc33a782e873d20d [diff] [blame]