mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-11-10 05:21:00 +01:00
Code Issues Projects Releases Wiki Activity

MINOR: quic: enable SSL on QUIC servers automatically

Browse Source 
Previously, QUIC servers were rejected if SSL was not explicitely
activated using 'ssl' configuration keyword.

Change this behavior : now SSL is automatically activated for QUIC
servers when the keyword is missing. A warning is displayed as it is
considered better to explicitely note that SSL is in use.
This commit is contained in:
Amaury Denoyelle 2025-10-31 09:58:57 +01:00
parent 0a14ad11be
commit 1af3caae7d
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/server.c
View File

@ -3931,8 +3931,8 @@ static int _srv_parse_finalize(char **args, int cur_arg,
#ifdef USE_QUIC #ifdef USE_QUIC
if (srv_is_quic(srv)) { if (srv_is_quic(srv)) {
if (!srv->use_ssl) { if (!srv->use_ssl) {
ha_alert("QUIC protocol detected without explicit SSL requirement. Use 'ssl' to fix this.\n"); srv->use_ssl = 1;
return ERR_ALERT | ERR_FATAL; ha_warning("QUIC protocol detected, enabling ssl. Use 'ssl' to shut this warning.\n");
} }
if (!srv->ssl_ctx.alpn_str && if (!srv->ssl_ctx.alpn_str &&