QUIC Retry generation relies on global cluster-secret to produce token
valid even after a process restart and across several LBs instances.
Before this patch, Retry is automatically deactivated if no
cluster-secret is provided. This is the case even if a user has
configured a QUIC listener with quic-force-retry. Change this behavior
by now returning an error during configuration parsing. The user must
provide a cluster-secret if quic-force-retry is used.
This shoud be backported up to 2.6.
contains a token. This token must be sent back to the Retry packet sender,
this latter being the only one to be able to validate the token. Note that QUIC
Retry will always be used even if a Retry threshold was set (see
- "tune.quic.retry-threshold" setting). To be functional this setting needs a
- cluster secret to be set, if not it will be silently ignored (see "cluster-secret"
- setting).
+ "tune.quic.retry-threshold" setting).
+
+ This setting requires the cluster secret to be set or else an error will be
+ reported on startup (see "cluster-secret").
See https://www.rfc-editor.org/rfc/rfc9000.html#section-8.1.2 for more
information about QUIC retry.
#ifdef USE_QUIC
/* override the accept callback for QUIC listeners. */
if (listener->flags & LI_F_QUIC_LISTENER) {
- if (!global.cluster_secret)
+ if (!global.cluster_secret) {
diag_no_cluster_secret = 1;
+ if (listener->bind_conf->options & BC_O_QUIC_FORCE_RETRY) {
+ ha_alert("QUIC listener with quic-force-retry requires global cluster-secret to be set.\n");
+ cfgerr++;
+ }
+ }
li_init_per_thr(listener);
}
projects / thirdparty / haproxy.git / commitdiff
