From: Amaury Denoyelle <adenoyelle@haproxy.com>
Date: Fri, 31 Oct 2025 08:58:57 +0000 (+0100)
Subject: MINOR: quic: enable SSL on QUIC servers automatically
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=1af3caae7d9c0639fbcc5829bd5664bc3259c5df;p=thirdparty%2Fhaproxy.git

MINOR: quic: enable SSL on QUIC servers automatically

Previously, QUIC servers were rejected if SSL was not explicitely
activated using 'ssl' configuration keyword.

Change this behavior : now SSL is automatically activated for QUIC
servers when the keyword is missing. A warning is displayed as it is
considered better to explicitely note that SSL is in use.
---

diff --git a/src/server.c b/src/server.c
index 0411eb4a3..26103cf18 100644
--- a/src/server.c
+++ b/src/server.c
@@ -3931,8 +3931,8 @@ static int _srv_parse_finalize(char **args, int cur_arg,
 #ifdef USE_QUIC
 	if (srv_is_quic(srv)) {
 		if (!srv->use_ssl) {
-			ha_alert("QUIC protocol detected without explicit SSL requirement. Use 'ssl' to fix this.\n");
-			return ERR_ALERT | ERR_FATAL;
+			srv->use_ssl = 1;
+			ha_warning("QUIC protocol detected, enabling ssl. Use 'ssl' to shut this warning.\n");
 		}
 
 		if (!srv->ssl_ctx.alpn_str &&