mirror of
https://git.haproxy.org/git/haproxy.git/
synced 2026-02-10 03:41:24 +01:00
8417beb7da
This bug was revealed by some C1 interop tests (heavy hanshake packet corruption) when receiving 1-RTT packets with a key phase update. This lead the packet to be decrypted with the next key phase secrets. But this latter is initialized only after the handshake is complete. In fact, 1-RTT must never be processed before the handshake is complete. Relying on the "qc->mux_state == QC_MUX_NULL" condition to check the handshake is complete is wrong during 0-RTT sessions when the mux is initialized before the handshake is complete. Must be backported to 2.7 and 2.6.
The HAProxy documentation has been split into a number of different files for ease of use. Please refer to the following files depending on what you're looking for : - INSTALL for instructions on how to build and install HAProxy - BRANCHES to understand the project's life cycle and what version to use - LICENSE for the project's license - CONTRIBUTING for the process to follow to submit contributions The more detailed documentation is located into the doc/ directory : - doc/intro.txt for a quick introduction on HAProxy - doc/configuration.txt for the configuration's reference manual - doc/lua.txt for the Lua's reference manual - doc/SPOE.txt for how to use the SPOE engine - doc/network-namespaces.txt for how to use network namespaces under Linux - doc/management.txt for the management guide - doc/regression-testing.txt for how to use the regression testing suite - doc/peers.txt for the peers protocol reference - doc/coding-style.txt for how to adopt HAProxy's coding style - doc/internals for developer-specific documentation (not all up to date)