MEDIUM: quic-be: enable the use of 0-RTT

This patch allows the use of 0-RTT feature on QUIC server lines with "allow-0rtt"
option. In fact 0-RTT is really enabled only if ssl_sock_srv_try_reuse_sess()
successfully manages to reuse the SSL session and the chosen application protocol
from previous connections.

Note that, at this time, 0-RTT works only with quictls and aws-lc as TLS stack.

(0-RTT does not work at all (even for QUIC frontends) with libressl).

include/haproxy/openssl-compat.h

@@ -78,6 +78,7 @@ enum ssl_encryption_level_t {
 #if defined(OPENSSL_IS_AWSLC)
 #define OPENSSL_NO_DH
 #define SSL_CTX_set1_sigalgs_list       SSL_CTX_set1_sigalgs_list
+#define SSL_set_quic_early_data_enabled SSL_set_early_data_enabled
 #endif
 
 

src/quic_ssl.c

@@ -1322,7 +1322,23 @@ int qc_alloc_ssl_sock_ctx(struct quic_conn *qc, void *target)
 		if (!qc_ssl_set_quic_transport_params(ctx->ssl, qc, quic_version_1, 0))
 			goto err;
 
+		if (!(srv->ssl_ctx.options & SRV_SSL_O_EARLY_DATA))
 		    ssl_sock_srv_try_reuse_sess(ctx, srv);
+#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L) && defined(HAVE_SSL_0RTT_QUIC)
+		else {
+			/* Enable early data only if the SSL session, transport parameters
+			 * and application protocol could be reused. This insures the mux is
+			 * correctly selected.
+			 */
+			if (ssl_sock_srv_try_reuse_sess(ctx, srv))
+				SSL_set_quic_early_data_enabled(ctx->ssl, 1);
+			else {
+				/* No error here. 0-RTT will not be enabled. */
+				TRACE_PROTO("Could not reuse any ALPN", QUIC_EV_CONN_NEW, qc);
+			}
+		}
+#endif
+
 		SSL_set_connect_state(ctx->ssl);
 	}