From bfa6885c2f4005560f508afba817c9704e8174ed Mon Sep 17 00:00:00 2001
From: Frederic Lecaille <flecaille@haproxy.com>
Date: Thu, 11 Jan 2024 19:05:55 +0100
Subject: [PATCH] MINOR: quic-be: Mux initialization

Reset the flags which denotes that the connection is waiting for a TLS handshake
completion. This must be accomplished before the mux creation.
Check the alpn has been successfully negotiated.
Then, finally create the mux. Note that the ->mux_proto of the server must be
set before calling conn_create_mux().
---
 src/quic_ssl.c | 31 +++++++++++++++++++++++++++----
 1 file changed, 27 insertions(+), 4 deletions(-)

diff --git a/src/quic_ssl.c b/src/quic_ssl.c
index c4c4f037a..9cea272ed 100644
--- a/src/quic_ssl.c
+++ b/src/quic_ssl.c
@@ -926,10 +926,33 @@ static int qc_ssl_provide_quic_data(struct ncbuf *ncbuf,
 #endif
 
 		/* Check the alpn could be negotiated */
-		if (!qc->app_ops) {
-			TRACE_ERROR("No negotiated ALPN", QUIC_EV_CONN_IO_CB, qc, &state);
-			quic_set_tls_alert(qc, SSL_AD_NO_APPLICATION_PROTOCOL);
-			goto leave;
+		if (qc_is_listener(qc)) {
+			if (!qc->app_ops) {
+				TRACE_ERROR("No negotiated ALPN", QUIC_EV_CONN_IO_CB, qc, &state);
+				quic_set_tls_alert(qc, SSL_AD_NO_APPLICATION_PROTOCOL);
+				goto leave;
+			}
+		}
+		else {
+			const unsigned char *alpn;
+			size_t alpn_len;
+			struct server *s = objt_server(ctx->conn->target);
+
+			ctx->conn->flags &= ~(CO_FL_SSL_WAIT_HS | CO_FL_WAIT_L6_CONN);
+			if (!ssl_sock_get_alpn(ctx->conn, ctx, (const char **)&alpn, (int *)&alpn_len) ||
+			    !quic_set_app_ops(qc, alpn, alpn_len)) {
+				TRACE_ERROR("No negotiated ALPN", QUIC_EV_CONN_IO_CB, qc, &state);
+				quic_set_tls_alert(qc, SSL_AD_NO_APPLICATION_PROTOCOL);
+				goto leave;
+			}
+
+			s->mux_proto = get_mux_proto(ist("quic"));
+			if (conn_create_mux(ctx->conn, NULL) < 0) {
+				TRACE_ERROR("mux creation failed", QUIC_EV_CONN_IO_CB, qc, &state);
+				goto leave;
+			}
+
+			qc->mux_state = QC_MUX_READY;
 		}
 
 		/* I/O callback switch */