]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 071e506)
BUG/MEDIUM: quic-be: do not launch the connection migration process
authorFrederic Lecaille <flecaille@haproxy.com>
Thu, 13 Nov 2025 10:26:14 +0000 (11:26 +0100)
committerFrederic Lecaille <flecaille@haproxy.com>
Thu, 13 Nov 2025 12:52:40 +0000 (13:52 +0100)
At this time the connection migration is not supported by QUIC backends.
This patch prevents this process to be launched for connections to QUIC backends.

Furthermore, the connection migration process could be started systematically
when connecting a backend to INADDR_ANY, leading to crashes into qc_handle_conn_migration()
(when referencing qc->li).

Thank you to @InputOutputZ for having reported this issue in GH #3178.

This patch simply checks the connection type (listener or not) before checking if
a connection migration must be started.

No need to backport because support for QUIC backends is available from 3.3.

src/quic_rx.c patch | blob | blame | history

diff --git a/src/quic_rx.c b/src/quic_rx.c
index dbbe320f0bf33cde1ea4f913b6f745b5c1f4f4b9..7b993b29f6d64ad87c4f06779f7956307df68593 100644 (file)
--- a/src/quic_rx.c
+++ b/src/quic_rx.c
@@ -2295,6 +2295,7 @@ int quic_dgram_parse(struct quic_dgram *dgram, struct quic_conn *from_qc,
        struct quic_conn *qc = NULL;
        unsigned char *pos, *end;
        struct list *tasklist_head = NULL;
+       struct listener *li = objt_listener(o);
 
        TRACE_ENTER(QUIC_EV_CONN_LPKT);
 
@@ -2336,7 +2337,6 @@ int quic_dgram_parse(struct quic_dgram *dgram, struct quic_conn *from_qc,
                 */
                if (!qc) {
                        int new_tid = -1;
-                       struct listener *li = objt_listener(o);
 
                        qc = from_qc ? from_qc : quic_rx_pkt_retrieve_conn(pkt, dgram, li, &new_tid);
                        /* qc is NULL if receiving a non Initial packet for an
@@ -2375,7 +2375,7 @@ int quic_dgram_parse(struct quic_dgram *dgram, struct quic_conn *from_qc,
                }
 
                /* Detect QUIC connection migration. */
-               if (ipcmp(&qc->peer_addr, &dgram->saddr, 1)) {
+               if (li && ipcmp(&qc->peer_addr, &dgram->saddr, 1)) {
                        if (qc_handle_conn_migration(qc, &dgram->saddr, &dgram->daddr)) {
                                /* Skip the entire datagram. */
                                TRACE_ERROR("error during connection migration, datagram dropped", QUIC_EV_CONN_LPKT, qc);
Mirror of https://github.com/haproxy/haproxy.git