MINOR: quic: Add "limited-quic" new tuning setting

This setting which may be used into a "global" section, enables the QUIC listener bindings when haproxy is compiled with the OpenSSL wrapper. It has no effect when haproxy is compiled against a TLS stack with QUIC support, typically quictls.
2025-02-22 05:36:56 +00:00 · 2023-07-21 18:22:38 +02:00 · 2023-07-21 18:22:38 +02:00 · f32201abb0
commit f32201abb0
parent 2fd67c558a
3 changed files with 26 additions and 4 deletions
--- a/include/haproxy/global-t.h
+++ b/include/haproxy/global-t.h
@ -58,7 +58,7 @@
 /* platform-specific options */
 #define GTUNE_USE_SPLICE         (1<<4)
 #define GTUNE_USE_GAI            (1<<5)
-/* unused: (1<<6) */
+#define GTUNE_LIMITED_QUIC       (1<<6)
 #define GTUNE_RESOLVE_DONTFAIL   (1<<7)

 #define GTUNE_SOCKET_TRANSFER	 (1<<8)
--- a/src/cfgparse-global.c
+++ b/src/cfgparse-global.c
@ -47,7 +47,7 @@ static const char *common_kw_list[] = {
 	"log-tag", "spread-checks", "max-spread-checks", "cpu-map", "setenv",
 	"presetenv", "unsetenv", "resetenv", "strict-limits", "localpeer",
 	"numa-cpu-mapping", "defaults", "listen", "frontend", "backend",
-	"peers", "resolvers", "cluster-secret", "no-quic",
+	"peers", "resolvers", "cluster-secret", "no-quic", "limited-quic",
 	NULL /* must be last */
 };

@ -113,6 +113,12 @@ int cfg_parse_global(const char *file, int linenum, char **args, int kwm)
 			goto out;
 		global.tune.options &= ~GTUNE_USE_POLL;
 	}
+	else if (strcmp(args[0], "limited-quic") == 0) {
+		if (alertif_too_many_args(0, file, linenum, args, &err_code))
+			goto out;
+
+		global.tune.options |= GTUNE_LIMITED_QUIC;
+	}
 	else if (strcmp(args[0], "no-quic") == 0) {
 		if (alertif_too_many_args(0, file, linenum, args, &err_code))
 			goto out;
--- a/src/protocol.c
+++ b/src/protocol.c
@ -114,6 +114,22 @@ int protocol_supports_flag(struct protocol *proto, uint flag)
 	return 0;
 }

+#ifdef USE_QUIC
+/* Return 1 if QUIC protocol may be bound, 0 if no, depending on the tuning
+ * parameters.
+ */
+static inline int protocol_may_bind_quic(void)
+{
+	if (global.tune.options & GTUNE_NO_QUIC)
+		return 0;
+#ifdef USE_QUIC_OPENSSL_COMPAT
+	if (!(global.tune.options & GTUNE_LIMITED_QUIC))
+		return 0;
+#endif
+	return 1;
+}
+#endif
+
 /* binds all listeners of all registered protocols. Returns a composition
 * of ERR_NONE, ERR_RETRYABLE, ERR_FATAL.
 */
@ -131,8 +147,8 @@ int protocol_bind_all(int verbose)
 	list_for_each_entry(proto, &protocols, list) {
 		list_for_each_entry(receiver, &proto->receivers, proto_list) {
 #ifdef USE_QUIC
-			if ((global.tune.options & GTUNE_NO_QUIC) &&
-			    (proto == &proto_quic4 || proto == &proto_quic6))
+			if ((proto == &proto_quic4 || proto == &proto_quic6) &&
+			    !protocol_may_bind_quic())
 				continue;
 #endif
 			listener = LIST_ELEM(receiver, struct listener *, rx);