From 754f99e9956dc904a56479ffc296d0ecc8280a34 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Fr=C3=A9d=C3=A9ric=20L=C3=A9caille?= <flecaille@haproxy.com>
Date: Thu, 19 Aug 2021 15:35:59 +0200
Subject: [PATCH] MINOR: quic: Missing case when discarding HANDSHAKE secrets

With very few packets received by the listener, it is possible
that its state may move from QUIC_HS_ST_SERVER_INITIAL to
QUIC_HS_ST_COMPLETE without transition to QUIC_HS_ST_SERVER_HANDSHAKE state.
This latter state is not mandatory.
---
 src/xprt_quic.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/xprt_quic.c b/src/xprt_quic.c
index 9cfade7..11afae7 100644
--- a/src/xprt_quic.c
+++ b/src/xprt_quic.c
@@ -2661,7 +2661,8 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state)
 		goto err;
 
 	st = HA_ATOMIC_LOAD(&qc->state);
-	if (prev_st == QUIC_HS_ST_SERVER_HANDSHAKE && st >= QUIC_HS_ST_COMPLETE) {
+	if (st >= QUIC_HS_ST_COMPLETE &&
+	    (prev_st == QUIC_HS_ST_SERVER_INITIAL || prev_st == QUIC_HS_ST_SERVER_HANDSHAKE)) {
 		/* Discard the Handshake keys. */
 		quic_tls_discard_keys(&qc->els[QUIC_TLS_ENC_LEVEL_HANDSHAKE]);
 		quic_pktns_discard(qc->els[QUIC_TLS_ENC_LEVEL_HANDSHAKE].pktns, qc);
-- 
1.7.10.4