BUG/MINOR: quic: ensure handshake speed up is only run once per conn

When a duplicated CRYPTO frame is received during handshake, a server
may consider that there was a packet loss and immediately retransmit its
pending CRYPTO data without having to wait for PTO expiration. However,
RFC 9002 indicates that this should only be performed at most once per
connection to avoid excessive packet transmission.

QUIC connection is flagged with QUIC_FL_CONN_HANDSHAKE_SPEED_UP to mark
that a fast retransmit has been performed. However, during the
refactoring on CRYPTO handling with the storage conversion from ncbuf to
ncbmbuf, the check on the flag was accidentely removed. The faulty patch
is the following one :

  commit f50425c021
  MINOR: quic: remove received CRYPTO temporary tree storage

This patch adds again the check on QUIC_FL_CONN_HANDSHAKE_SPEED_UP
before initiating fast retransmit. This ensures this is only performed
once per connection.

This must be backported up to 3.3.

src/quic_rx.c

@@ -1155,7 +1155,17 @@ static int qc_parse_pkt_frms(struct quic_conn *qc, struct quic_rx_packet *pkt,
 	if (frm)
 		qc_frm_free(qc, &frm);
 
-	if (fast_retrans && qc->iel && qc->hel) {
+	/* RFC 9002 6.2.3. Speeding up Handshake Completion
+	 *
+	 * To speed up handshake completion under these conditions, an endpoint
+	 * MAY, for a limited number of times per connection, send a packet
+	 * containing unacknowledged CRYPTO data earlier than the PTO expiry,
+	 * subject to the address validation limits in Section 8.1 of [QUIC-
+	 * TRANSPORT]. Doing so at most once for each connection is adequate to
+	 * quickly recover from a single packet loss.
+	 */
+	if (fast_retrans && !(qc->flags & QUIC_FL_CONN_HANDSHAKE_SPEED_UP) &&
+	    qc->iel && qc->hel) {
 		struct quic_enc_level *iqel = qc->iel;
 		struct quic_enc_level *hqel = qc->hel;