Repositories - haproxy-2.9.git/commit

author	Frédéric Lécaille <flecaille@haproxy.com>
	Thu, 21 Dec 2023 15:11:35 +0000 (16:11 +0100)
committer	Christopher Faulet <cfaulet@haproxy.com>
	Tue, 2 Jan 2024 06:53:06 +0000 (07:53 +0100)
commit	5373e050200d6c60a8cf8ae340cea7074cef927a
tree	676655c36283bdc615bfafd39c8afc3b7fb46c47	tree \| snapshot
parent	0de4bd402ff29712985649384ba47005e4d2b057	commit \| diff

BUG/MINOR: quic: Missing call to TLS message callbacks

This bug impacts only the QUIC OpenSSL compatibility module (USE_QUIC_OPENSSL_COMPAT).

The TLS capture of information from client hello enabled by
tune.ssl.capture-buffer-size could not work with USE_QUIC_OPENSSL_COMPAT. This
is due to the fact the callback set for this feature was replaced by
quic_tls_compat_msg_callback(). In fact this called must be registered by
ssl_sock_register_msg_callback() as this done for the TLS client hello capture.
A call to this function appends the function passed as parameter to a list of
callbacks to be called when the TLS stack parse a TLS message.
quic_tls_compat_msg_callback() had to be modified to return if it is called
for a non-QUIC TLS session.

Must be backported to 2.8.

(cherry picked from commit 10e96fcd177e858284252d413aaf16af06474beb)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>

include/haproxy/quic_openssl_compat.h		diff \| blob \| history
src/quic_openssl_compat.c		diff \| blob \| history
src/ssl_sock.c		diff \| blob \| history