From 034cf74437a7bde8b0dafdbc38d99bd13f7adb8b Mon Sep 17 00:00:00 2001 From: Frederic Lecaille Date: Wed, 28 May 2025 16:30:41 +0200 Subject: [PATCH] MINOR: quic-be: Make the secret derivation works for QUIC backends (USE_QUIC_OPENSSL_COMPAT) quic_tls_compat_keylog_callback() is the callback used by the QUIC OpenSSL compatibility module to derive the TLS secrets from other secrets provided by keylog. The local variable to this function is initialized to denote the direction (write to send, read to receive) the secret is supposed to be used for. That said, as the QUIC cryptographic algorithms are symmetrical, the direction is inversed between the peer: a secret which is used to write/send/cipher data from a peer point of view is also the secret which is used to read/receive/decipher data. This was confirmed by the fact that without this patch, the TLS stack first provides the peer with Handshake to send/cipher data. The client could not use such secret to decipher the Handshake packets received from the server. This patch simply reverse the direction stored by variable to make the secrets derivation works for the QUIC client. --- src/quic_openssl_compat.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/quic_openssl_compat.c b/src/quic_openssl_compat.c index 2f36c68d6..f293419e3 100644 --- a/src/quic_openssl_compat.c +++ b/src/quic_openssl_compat.c @@ -150,22 +150,22 @@ void quic_tls_compat_keylog_callback(const SSL *ssl, const char *line) if (sizeof(QUIC_OPENSSL_COMPAT_CLIENT_HANDSHAKE) - 1 == n && !strncmp(start, QUIC_OPENSSL_COMPAT_CLIENT_HANDSHAKE, n)) { level = ssl_encryption_handshake; - write = 0; + write = qc_is_listener(qc) ? 0 : 1; } else if (sizeof(QUIC_OPENSSL_COMPAT_SERVER_HANDSHAKE) - 1 == n && !strncmp(start, QUIC_OPENSSL_COMPAT_SERVER_HANDSHAKE, n)) { level = ssl_encryption_handshake; - write = 1; + write = qc_is_listener(qc) ? 1 : 0; } else if (sizeof(QUIC_OPENSSL_COMPAT_CLIENT_APPLICATION) - 1 == n && !strncmp(start, QUIC_OPENSSL_COMPAT_CLIENT_APPLICATION, n)) { level = ssl_encryption_application; - write = 0; + write = qc_is_listener(qc) ? 0 : 1; } else if (sizeof(QUIC_OPENSSL_COMPAT_SERVER_APPLICATION) - 1 == n && !strncmp(start, QUIC_OPENSSL_COMPAT_SERVER_APPLICATION, n)) { level = ssl_encryption_application; - write = 1; + write = qc_is_listener(qc) ? 1 : 0; } else goto leave;