From 779cc1ea3d5bf307d3b42ba0b3c98f55ecdf2d88 Mon Sep 17 00:00:00 2001
From: Frederic Lecaille <flecaille@haproxy.com>
Date: Wed, 17 Jan 2024 15:30:04 +0100
Subject: [PATCH] MINOR: quic-be: Store the remote transport parameters asap

This is done from TLS secrets derivation callback at Application level (the last
encryption level) calling SSL_get_peer_quic_transport_params() to have an access
to the TLS transport paremeters extension embedded into the Server Hello TLS message.
Then, quic_transport_params_store() is called to store a decoded version of
these transport parameters.
---
 src/quic_ssl.c | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/src/quic_ssl.c b/src/quic_ssl.c
index c129add4f..772a4c6a1 100644
--- a/src/quic_ssl.c
+++ b/src/quic_ssl.c
@@ -278,12 +278,26 @@ write:
 		goto leave;
 
  keyupdate_init:
-	/* Store the secret provided by the TLS stack, required for keyupdate. */
 	if (level == ssl_encryption_application) {
 		struct quic_tls_kp *prv_rx = &qc->ku.prv_rx;
 		struct quic_tls_kp *nxt_rx = &qc->ku.nxt_rx;
 		struct quic_tls_kp *nxt_tx = &qc->ku.nxt_tx;
 
+#if !defined(USE_QUIC_OPENSSL_COMPAT) && !defined(HAVE_OPENSSL_QUIC)
+		if (!qc_is_listener(qc)) {
+			const unsigned char *tp;
+			size_t tplen;
+
+			SSL_get_peer_quic_transport_params(ssl, &tp, &tplen);
+			if (!tplen || !quic_transport_params_store(qc, 1,tp, tp + tplen)) {
+				TRACE_ERROR("Could not parse remote transport paratemers",
+				            QUIC_EV_CONN_RWSEC, qc);
+				goto leave;
+			}
+		}
+#endif
+
+		/* Store the secret provided by the TLS stack, required for keyupdate. */
 		if (rx) {
 			if (!(rx->secret = pool_alloc(pool_head_quic_tls_secret))) {
 				TRACE_ERROR("Could not allocate RX Application secrete keys", QUIC_EV_CONN_RWSEC, qc);