From cac619b4d29a8ae5281fef619d47172a86ddd7c6 Mon Sep 17 00:00:00 2001
From: Willy Tarreau <w@1wt.eu>
Date: Fri, 20 May 2022 17:53:32 +0200
Subject: [PATCH] MINOR: config: detect and report mux and transport
 incompatibilities

Till now, placing "proto h1" or "proto h2" on a "quic" bind or placing
"proto quic" on a TCP line would parse fine but would crash when traffic
arrived. The reason is that there's a strong binding between the QUIC
mux and QUIC transport and that they're not expected to be called with
other types at all.

Now that we have the mux's type and we know the type of the protocol used
on the bind conf, we can perform such checks. This now returns:

  [ALERT]    (16978) : config : frontend 'decrypt' : stream-based MUX protocol 'h2' is incompatible with framed transport of 'bind quic4@:4448' at [quic-mini.cfg:27].
  [ALERT]    (16978) : config : frontend 'decrypt' : frame-based MUX protocol 'quic' is incompatible with stream transport of 'bind :4448' at [quic-mini.cfg:29].

This config tightening is only tagged MINOR since while such a config,
despite not reporting error, cannot work at all so even if it breaks
experimental configs, they were just waiting for a single connection
to crash.
---
 src/cfgparse.c | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/src/cfgparse.c b/src/cfgparse.c
index 7031478810..b2426639d6 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -3769,6 +3769,23 @@ out_uri_auth_compat:
 					 bind_conf->mux_proto->token.ptr,
 					 bind_conf->arg, bind_conf->file, bind_conf->line);
 				cfgerr++;
+			} else {
+				if ((mux_ent->mux->flags & MX_FL_FRAMED) && !(bind_conf->options & BC_O_USE_SOCK_DGRAM)) {
+					ha_alert("%s '%s' : frame-based MUX protocol '%.*s' is incompatible with stream transport of 'bind %s' at [%s:%d].\n",
+						 proxy_type_str(curproxy), curproxy->id,
+						 (int)bind_conf->mux_proto->token.len,
+						 bind_conf->mux_proto->token.ptr,
+						 bind_conf->arg, bind_conf->file, bind_conf->line);
+					cfgerr++;
+				}
+				else if (!(mux_ent->mux->flags & MX_FL_FRAMED) && !(bind_conf->options & BC_O_USE_SOCK_STREAM)) {
+					ha_alert("%s '%s' : stream-based MUX protocol '%.*s' is incompatible with framed transport of 'bind %s' at [%s:%d].\n",
+						 proxy_type_str(curproxy), curproxy->id,
+						 (int)bind_conf->mux_proto->token.len,
+						 bind_conf->mux_proto->token.ptr,
+						 bind_conf->arg, bind_conf->file, bind_conf->line);
+					cfgerr++;
+				}
 			}
 
 			/* update the mux */
-- 
2.47.3