89c75b0777
The QUIC mux requires "application operations" (app ops), which are a list of callbacks associated with the application level (i.e., h3, h0.9) and derived from the ALPN. For 0-RTT, when the session cache cannot be reused before activation, the current code fails to reach the initialization of these app ops, causing the mux to crash during its initialization. To fix this, this patch restores the behavior of ssl_sock_srv_try_reuse_sess(), whose purpose was to reuse sessions stored in the session cache regardless of whether 0-RTT was enabled, prior to this commit: MEDIUM: quic-be: modify ssl_sock_srv_try_reuse_sess() to reuse backend sessions (0-RTT) With this patch, this function now does only one thing: attempt to reuse a session, and that's it! This patch allows ignoring whether a session was successfully reused from the cache or not. This directly fixes the issue where app ops initialization was skipped upon a session cache reuse failure. From a functional standpoint, starting a mux without reusing the session cache has no negative impact; the mux will start, but with no early data to send. Finally, there is the case where the ALPN is reset when the backend is stopped. It is critical to continue locking read access to the ALPN to secure shared access, which this patch does. It is indeed possible for the server to be stopped between the call to connect_server() and quic_reuse_srv_params(). But this cannot prevent the mux to start without app ops. This is why a 'TODO' section was added, as a reminder that a race condition regarding the ALPN reset still needs to be fixed. Must be backported to 3.3 |
||
|---|---|---|
| .github | ||
| addons | ||
| admin | ||
| dev | ||
| doc | ||
| examples | ||
| include | ||
| reg-tests | ||
| scripts | ||
| src | ||
| tests | ||
| .cirrus.yml | ||
| .gitattributes | ||
| .gitignore | ||
| .mailmap | ||
| .travis.yml | ||
| BRANCHES | ||
| BSDmakefile | ||
| CHANGELOG | ||
| CONTRIBUTING | ||
| INSTALL | ||
| LICENSE | ||
| MAINTAINERS | ||
| Makefile | ||
| README.md | ||
| SUBVERS | ||
| VERDATE | ||
| VERSION | ||
HAProxy
HAProxy is a free, very fast and reliable reverse-proxy offering high availability, load balancing, and proxying for TCP and HTTP-based applications.
Installation
The INSTALL file describes how to build HAProxy. A list of packages is also available on the wiki.
Getting help
The discourse and the mailing-list are available for questions or configuration assistance. You can also use the slack or IRC channel. Please don't use the issue tracker for these.
The issue tracker is only for bug reports or feature requests.
Documentation
The HAProxy documentation has been split into a number of different files for ease of use. It is available in text format as well as HTML. The wiki is also meant to replace the old architecture guide.
Please refer to the following files depending on what you're looking for:
- INSTALL for instructions on how to build and install HAProxy
- BRANCHES to understand the project's life cycle and what version to use
- LICENSE for the project's license
- CONTRIBUTING for the process to follow to submit contributions
The more detailed documentation is located into the doc/ directory:
- doc/intro.txt for a quick introduction on HAProxy
- doc/configuration.txt for the configuration's reference manual
- doc/lua.txt for the Lua's reference manual
- doc/SPOE.txt for how to use the SPOE engine
- doc/network-namespaces.txt for how to use network namespaces under Linux
- doc/management.txt for the management guide
- doc/regression-testing.txt for how to use the regression testing suite
- doc/peers.txt for the peers protocol reference
- doc/coding-style.txt for how to adopt HAProxy's coding style
- doc/internals for developer-specific documentation (not all up to date)
License
HAProxy is licensed under GPL 2 or any later version, the headers under LGPL 2.1. See the LICENSE file for a more detailed explanation.