mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-21 05:41:26 +02:00
Code Issues Projects Releases Wiki Activity
20,463 Commits 19 Branches 396 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Frédéric Lécaille bdd863477d BUG/MINOR: quic+openssl_compat: Non initialized TLS encryption levels 
The ->openssl_compat struct member of the QUIC connection object was not fully
initialized. This was done on purpose, believing that ->write_level and
->read_level member was initialized by quic_tls_compat_keylog_callback() (the
keylog callback) before entering quic_tls_compat_msg_callback() which
has to parse the TLS messages. In fact this is not the case at all.
quic_tls_compat_msg_callback() is called before quic_tls_compat_keylog_callback()
when receiving the first TLS ClientHello message.

->write_level and ->read_level was not initialized to <ssl_encryption_initial> (= 0)
as this is implicitely done by the originial ngxinx wrapper which calloc()s the openssl
compatibily structure. This could lead to a crash after ssl_to_qel_addr() returns
NULL when called by ha_quic_add_handshake_data().

This patch explicitely initialializes ->write_level and ->read_level to
<ssl_encryption_initial> (=0).

No need to backport.
2023-07-31 15:18:36 +02:00
.github
CI: explicitely highlight VTest result section if there's something
2023-07-17 15:56:53 +02:00
addons
MINOR: tree-wide: use free_acl_cond() where relevant
2023-05-11 15:37:04 +02:00
admin
MINOR: acme.sh: add the deploy script for acme.sh in admin directory
2023-04-26 17:32:15 +02:00
dev
DEV: add a Lua helper script for SSL keys logging
2023-05-24 16:08:23 +02:00
doc
DOC: configuration: rework the custom log format table
2023-07-28 14:29:08 +02:00
examples
EXAMPLES: maintain haproxy 2.8 retrocompatibility for lua mailers script
2023-07-11 16:04:22 +02:00
include
MINOR: quic; Move the QUIC frame pool to its proper location
2023-07-27 10:51:03 +02:00
reg-tests
MEDIUM: ssl: new sample fetch method to get curve name
2023-07-17 15:45:41 +02:00
scripts
SCRIPTS: publish-release: update the umask to keep group write access
2023-05-24 22:49:12 +02:00
src
BUG/MINOR: quic+openssl_compat: Non initialized TLS encryption levels
2023-07-31 15:18:36 +02:00
tests
TESTS: add a unit test for one_among_mask()
2022-06-21 20:29:57 +02:00
.cirrus.yml
CI: cirrus-ci: bump FreeBSD image to 13-1
2023-04-23 09:44:53 +02:00
.gitattributes
MINOR: Configure the cpp userdiff driver for *.[ch] in .gitattributes
2021-02-22 18:17:57 +01:00
.gitignore
CONTRIB: Add vi file extensions to .gitignore
2023-06-02 18:14:34 +02:00
.mailmap
DOC: update Tim's address in .mailmap
2021-09-16 09:14:14 +02:00
.travis.yml
CI: travis-ci: temporarily disable arm64 builds
2021-08-07 07:28:15 +02:00
BRANCHES
DOC: fix some spelling issues over multiple files
2021-01-08 14:53:47 +01:00
BSDmakefile
BUILD: makefile: commit the tiny FreeBSD makefile stub
2023-05-24 17:17:36 +02:00
CHANGELOG
[RELEASE] Released version 2.9-dev2
2023-07-21 20:29:42 +02:00
CONTRIBUTING
CLEANUP: assorted typo fixes in the code and comments
2021-08-16 12:37:59 +02:00
INSTALL
DOC: install: Document how to build a limited support for QUIC
2023-07-21 20:27:13 +02:00
LICENSE
LICENSE: add licence exception for OpenSSL
2012-09-07 13:52:26 +02:00
MAINTAINERS
CLEANUP: assorted typo fixes in the code and comments
2022-11-30 14:02:36 +01:00
Makefile
MINOR: quic: Split QUIC connection code into three parts
2023-07-27 10:51:03 +02:00
README
DOC: create a BRANCHES file to explain the life cycle
2019-06-15 22:00:14 +02:00
SUBVERS
BUILD: use format tags in VERDATE and SUBVERS files
2013-12-10 11:22:49 +01:00
VERDATE
[RELEASE] Released version 2.9-dev2
2023-07-21 20:29:42 +02:00
VERSION
[RELEASE] Released version 2.9-dev2
2023-07-21 20:29:42 +02:00

README 

The HAProxy documentation has been split into a number of different files for
ease of use.

Please refer to the following files depending on what you're looking for :

  - INSTALL for instructions on how to build and install HAProxy
  - BRANCHES to understand the project's life cycle and what version to use
  - LICENSE for the project's license
  - CONTRIBUTING for the process to follow to submit contributions

The more detailed documentation is located into the doc/ directory :

  - doc/intro.txt for a quick introduction on HAProxy
  - doc/configuration.txt for the configuration's reference manual
  - doc/lua.txt for the Lua's reference manual
  - doc/SPOE.txt for how to use the SPOE engine
  - doc/network-namespaces.txt for how to use network namespaces under Linux
  - doc/management.txt for the management guide
  - doc/regression-testing.txt for how to use the regression testing suite
  - doc/peers.txt for the peers protocol reference
  - doc/coding-style.txt for how to adopt HAProxy's coding style
  - doc/internals for developer-specific documentation (not all up to date)
Description
No description provided
Readme 51 MiB
Languages
C 98.1%
Shell 0.8%
Makefile 0.5%
Lua 0.2%
Python 0.2%