From 996ca7d0fa6a01ef6f4e5c6a9fc511cdcf06afe2 Mon Sep 17 00:00:00 2001 From: Amaury Denoyelle Date: Mon, 14 Nov 2022 16:17:13 +0100 Subject: [PATCH] MINOR: quic: report error if force-retry without cluster-secret QUIC Retry generation relies on global cluster-secret to produce token valid even after a process restart and across several LBs instances. Before this patch, Retry is automatically deactivated if no cluster-secret is provided. This is the case even if a user has configured a QUIC listener with quic-force-retry. Change this behavior by now returning an error during configuration parsing. The user must provide a cluster-secret if quic-force-retry is used. This shoud be backported up to 2.6. --- doc/configuration.txt | 7 ++++--- src/cfgparse.c | 7 ++++++- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/doc/configuration.txt b/doc/configuration.txt index 36d738637..46f49bf5c 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -14586,9 +14586,10 @@ quic-force-retry contains a token. This token must be sent back to the Retry packet sender, this latter being the only one to be able to validate the token. Note that QUIC Retry will always be used even if a Retry threshold was set (see - "tune.quic.retry-threshold" setting). To be functional this setting needs a - cluster secret to be set, if not it will be silently ignored (see "cluster-secret" - setting). + "tune.quic.retry-threshold" setting). + + This setting requires the cluster secret to be set or else an error will be + reported on startup (see "cluster-secret"). See https://www.rfc-editor.org/rfc/rfc9000.html#section-8.1.2 for more information about QUIC retry. diff --git a/src/cfgparse.c b/src/cfgparse.c index 998afcd5e..5a5744c21 100644 --- a/src/cfgparse.c +++ b/src/cfgparse.c @@ -4317,8 +4317,13 @@ int check_config_validity() #ifdef USE_QUIC /* override the accept callback for QUIC listeners. */ if (listener->flags & LI_F_QUIC_LISTENER) { - if (!global.cluster_secret) + if (!global.cluster_secret) { diag_no_cluster_secret = 1; + if (listener->bind_conf->options & BC_O_QUIC_FORCE_RETRY) { + ha_alert("QUIC listener with quic-force-retry requires global cluster-secret to be set.\n"); + cfgerr++; + } + } li_init_per_thr(listener); }