]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b9acb44)
BUG/MEDIUM: servers: Don't forget to set srv_hash when needed
authorOlivier Houchard <ohouchard@haproxy.com>
Wed, 20 May 2026 11:05:05 +0000 (13:05 +0200)
committerOlivier Houchard <cognet@ci0.org>
Wed, 20 May 2026 10:32:19 +0000 (12:32 +0200)
Commit 8aa854ab26a7daa613a17548f1fe1d0adb8cf61b made it so we'd store
the hash corresponding to the server parameters, so that we could detect
if we're still talking to the same server, and not use those parameters
if not.
However, when updating those parameters, we forgot to store the new
hash, which would result in the new parameters never be used, and
breakling 0RTT.
Fix that by properly update the hash when needed.
This should be backported when 8aa854ab26a7daa613a17548f1fe1d0adb8cf61b
is backported.

src/ssl_sock.c patch | blob | blame | history

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index b74ee1952dee48b199628b5f2d37503bfa13c20d..ee6ddfd84f50701c4f378a616e48f457c63acce2 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -4295,6 +4295,7 @@ static int ssl_sess_new_srv_cb(SSL *ssl, SSL_SESSION *sess)
                                        memcpy(&s->path_params.nego_alpn, alpn, len);
                                        s->path_params.nego_alpn[len] = 0;
                                        /* The transport parameters are not stored without ALPN */
+                                       s->path_params.srv_hash = conn->hash_node.key;
                                        qc_early_transport_params_cpy(qc, etps, &qc->tx.params);
                                        HA_RWLOCK_WRUNLOCK(SERVER_LOCK, &s->path_params.param_lock);
                                }
@@ -6928,6 +6929,7 @@ struct task *ssl_sock_io_cb(struct task *t, void *context, unsigned int state)
                                                HA_RWLOCK_WRLOCK(SERVER_LOCK, &srv->path_params.param_lock);
                                                memcpy(&srv->path_params.nego_alpn, alpn, len);
                                                srv->path_params.nego_alpn[len] = 0;
+                                               srv->path_params.srv_hash = conn->hash_node.key;
                                                HA_RWLOCK_WRUNLOCK(SERVER_LOCK, &srv->path_params.param_lock);
                                        }
                                }
Mirror of https://github.com/haproxy/haproxy.git