diff --git a/doc/configuration.txt b/doc/configuration.txt index 46f49bf5c..c3d4ea5cc 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -1239,8 +1239,11 @@ cluster-secret same cluster. It could be used for different usages. It is at least used to derive stateless reset tokens for all the QUIC connections instantiated by this process. This is also the case to derive secrets used to encrypt Retry - tokens. If you do not set this parameter, the stateless reset and Retry QUIC - features will be both silently disabled. + tokens. + + If this parameter is not set, a random value will be selected on process + startup. This allows to use features which rely on it, albeit with some + limitations. cpu-map [auto:][/] ... On some operating systems, it is possible to bind a thread group or a thread diff --git a/src/cfgparse.c b/src/cfgparse.c index 5a5744c21..2410cee75 100644 --- a/src/cfgparse.c +++ b/src/cfgparse.c @@ -4375,9 +4375,11 @@ int check_config_validity() goto init_proxies_list_stage2; } - if (diag_no_cluster_secret) - ha_diag_warning("No cluster secret was set. The stateless reset and Retry" - " features are disabled for all QUIC bindings.\n"); + if (diag_no_cluster_secret) { + ha_diag_warning("Generating a random cluster secret. " + "You should define your own one in the configuration to ensure consistency " + "after reload/restart or across your whole cluster.\n"); + } /* * Recount currently required checks. diff --git a/src/haproxy.c b/src/haproxy.c index a4916cfa5..50850e9e3 100644 --- a/src/haproxy.c +++ b/src/haproxy.c @@ -1895,6 +1895,26 @@ static void dump_registered_keywords(void) } } +/* Generate a random cluster-secret in case the setting is not provided in the + * configuration. This allows to use features which rely on it albeit with some + * limitations. + */ +static void generate_random_cluster_secret() +{ + /* used as a default random cluster-secret if none defined. */ + uint64_t rand = ha_random64(); + + /* The caller must not overwrite an already defined secret. */ + BUG_ON(global.cluster_secret); + + global.cluster_secret = malloc(8); + if (!global.cluster_secret) + return; + + memcpy(global.cluster_secret, &rand, sizeof(rand)); + global.cluster_secret[7] = '\0'; +} + /* * This function initializes all the necessary variables. It only returns * if everything is OK. If something fails, it exits. @@ -2562,6 +2582,9 @@ static void init(int argc, char **argv) exit(1); } + if (!global.cluster_secret) + generate_random_cluster_secret(); + /* * Note: we could register external pollers here. * Built-in pollers have been registered before main().