MINOR: quic-be: Missing callbacks initializations (USE_QUIC_OPENSSL_COMPAT)

quic_tls_compat_init() function is called from OpenSSL QUIC compatibility module (USE_QUIC_OPENSSL_COMPAT) to initialize the keylog callback and the callback which stores the QUIC transport parameters as a TLS extensions into the stack. These callbacks must also be initialized for QUIC backends.
2025-05-28 15:58:44 +02:00 · 2025-05-28 15:58:44 +02:00 · d1cd0bb987
commit d1cd0bb987
parent fc90964b55
2 changed files with 11 additions and 2 deletions
--- a/src/quic_openssl_compat.c
+++ b/src/quic_openssl_compat.c
@ -58,7 +58,7 @@ static int qc_ssl_compat_add_tps_cb(SSL *ssl, unsigned int ext_type, unsigned in
 int quic_tls_compat_init(struct bind_conf *bind_conf, SSL_CTX *ctx)
 {
 	/* Ignore non-QUIC connections */
-	if (bind_conf->xprt != xprt_get(XPRT_QUIC))
+	if (bind_conf && bind_conf->xprt != xprt_get(XPRT_QUIC))
 		return 1;

 	/* This callback is already registered if the TLS keylog is activated for
--- a/src/quic_ssl.c
+++ b/src/quic_ssl.c
@ -773,7 +773,7 @@ int ssl_quic_initial_ctx(struct bind_conf *bind_conf)
 */
 SSL_CTX *ssl_quic_srv_new_ssl_ctx(void)
 {
-	SSL_CTX *ctx;
+	SSL_CTX *ctx = NULL;
 	/* XXX TODO: check this: XXX */
 	long options =
 		(SSL_OP_ALL & ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS) |
@ -791,10 +791,19 @@ SSL_CTX *ssl_quic_srv_new_ssl_ctx(void)
 	SSL_CTX_set_options(ctx, options);
 	SSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION);
 	SSL_CTX_set_max_proto_version(ctx, TLS1_3_VERSION);
+#ifdef USE_QUIC_OPENSSL_COMPAT
+	if (!quic_tls_compat_init(NULL, ctx))
+		goto err;
+#endif

 leave:
 	TRACE_LEAVE(QUIC_EV_CONN_NEW);
 	return ctx;
+ err:
+	SSL_CTX_free(ctx);
+	ctx = NULL;
+	TRACE_DEVEL("leaving on error", QUIC_EV_CONN_NEW);
+	goto leave;
 }

 /* This function gives the detail of the SSL error. It is used only