From b75eecc87413da681ce40ce39231680fb5c2cabe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20L=C3=A9caille?= <flecaille@haproxy.com>
Date: Thu, 26 Jan 2023 15:18:17 +0100
Subject: [PATCH] BUG/MINOR: quic: Too big PTO during handshakes

During the handshake and when the handshake has not been confirmed
the acknowledgement delays reported by the peer may be larger
than max_ack_delay. max_ack_delay SHOULD be ignored before the
handshake is completed when computing the PTO. But the current code considered
the wrong condition "before the hanshake is completed".

Replace the enum value QUIC_HS_ST_COMPLETED by QUIC_HS_ST_CONFIRMED to
fix this issue. In quic_loss.c, the parameter passed to quic_pto_pktns()
is renamed to avoid any possible confusion.

Must be backported to 2.7 and 2.6.
---
 src/quic_conn.c | 8 ++++----
 src/quic_loss.c | 4 ++--
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/quic_conn.c b/src/quic_conn.c
index 8fa28ba2f..f0935f210 100644
--- a/src/quic_conn.c
+++ b/src/quic_conn.c
@@ -734,7 +734,7 @@ static inline void qc_set_timer(struct quic_conn *qc)
 {
 	struct quic_pktns *pktns;
 	unsigned int pto;
-	int handshake_complete;
+	int handshake_confirmed;
 
 	TRACE_ENTER(QUIC_EV_CONN_STIMER, qc,
 	            NULL, NULL, &qc->path->ifae_pkts);
@@ -762,8 +762,8 @@ static inline void qc_set_timer(struct quic_conn *qc)
 		goto out;
 	}
 
-	handshake_complete = qc->state >= QUIC_HS_ST_COMPLETE;
-	pktns = quic_pto_pktns(qc, handshake_complete, &pto);
+	handshake_confirmed = qc->state >= QUIC_HS_ST_CONFIRMED;
+	pktns = quic_pto_pktns(qc, handshake_confirmed, &pto);
 	if (tick_isset(pto))
 		qc->timer = pto;
  out:
@@ -4650,7 +4650,7 @@ struct task *qc_process_timer(struct task *task, void *ctx, unsigned int state)
 	}
 
 	if (qc->path->in_flight) {
-		pktns = quic_pto_pktns(qc, qc->state >= QUIC_HS_ST_COMPLETE, NULL);
+		pktns = quic_pto_pktns(qc, qc->state >= QUIC_HS_ST_CONFIRMED, NULL);
 		if (qc->subs && qc->subs->events & SUB_RETRY_SEND) {
 			pktns->tx.pto_probe = QUIC_MAX_NB_PTO_DGRAMS;
 			tasklet_wakeup(qc->subs->tasklet);
diff --git a/src/quic_loss.c b/src/quic_loss.c
index 0c7c3a1d9..a92b69942 100644
--- a/src/quic_loss.c
+++ b/src/quic_loss.c
@@ -80,7 +80,7 @@ struct quic_pktns *quic_loss_pktns(struct quic_conn *qc)
  * as PTO value if not.
  */
 struct quic_pktns *quic_pto_pktns(struct quic_conn *qc,
-                                  int handshake_completed,
+                                  int handshake_confirmed,
                                   unsigned int *pto)
 {
 	int i;
@@ -117,7 +117,7 @@ struct quic_pktns *quic_pto_pktns(struct quic_conn *qc,
 			continue;
 
 		if (i == QUIC_TLS_PKTNS_01RTT) {
-			if (!handshake_completed) {
+			if (!handshake_confirmed) {
 				TRACE_STATE("handshake not already completed", QUIC_EV_CONN_SPTO, qc);
 				pktns = p;
 				goto out;