MINOR: cfgparse: Update for "cluster-secret" keyword for QUIC Retry

The QUIC Retry feature is disabled if no "cluster-secret" setting was set.
2025-04-16 20:15:49 +00:00 · 2022-05-16 16:51:41 +02:00 · 2022-05-16 16:51:41 +02:00 · ad20a56971
commit ad20a56971
parent 3f3ff47998
2 changed files with 5 additions and 4 deletions
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@ -1170,8 +1170,9 @@ cluster-secret <secret>
  Define an ASCII string secret shared between several nodes belonging to the
  same cluster. It could be used for different usages. It is at least used to
  derive stateless reset tokens for all the QUIC connections instantiated by
-  this process. If you do not set this parameter, the stateless reset QUIC
-  feature will be silently disabled.
+  this process. This is also the case to derive secrets used to encrypt Retry
+  tokens. If you do not set this parameter, the stateless reset and Retry QUIC
+  features will be both silently disabled.

 close-spread-time <time>
  Define a time window during which idle connections and active connections
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@ -4010,8 +4010,8 @@ out_uri_auth_compat:
 	}

 	if (diag_no_cluster_secret)
-		ha_diag_warning("No cluster secret was set. The stateless reset feature"
-		                " is disabled for all QUIC bindings.\n");
+		ha_diag_warning("No cluster secret was set. The stateless reset and Retry"
+		                " features are disabled for all QUIC bindings.\n");

 	/*
 	 * Recount currently required checks.