haproxy public development tree
Go to file
Frédéric Lécaille 35b63964a0 BUG/MINOR: quic: Missing Retry token length on receipt
quic_retry_token_check() must decipher the token sent to and received back from
clients. This token is made of the token format byte, the ODCID prefixed by its one byte
length, the timestamp of its creation, and terminated by an AEAD TAG followed
by the salt used to derive the secret to cipher the token.

So, the length of these data must be between
2 + QUIC_ODCID_MINLEN + sizeof(uint32_t) + QUIC_TLS_TAG_LEN + QUIC_RETRY_TOKEN_SALTLEN
and
2 + QUIC_CID_MAXLEN + sizeof(uint32_t) + QUIC_TLS_TAG_LEN + QUIC_RETRY_TOKEN_SALTLEN.

Must be backported to 2.7 and 2.6.
2023-05-24 16:30:11 +02:00
.github CI: drop Fedora m32 pipeline in favour of cross matrix 2023-05-17 14:57:10 +02:00
addons MINOR: tree-wide: use free_acl_cond() where relevant 2023-05-11 15:37:04 +02:00
admin MINOR: acme.sh: add the deploy script for acme.sh in admin directory 2023-04-26 17:32:15 +02:00
dev DEV: add a Lua helper script for SSL keys logging 2023-05-24 16:08:23 +02:00
doc DOC/MINOR: config: Fix typo in description for ssl_bc in configuration.txt 2023-05-23 17:06:06 +02:00
examples EXAMPLES: fix race condition in lua mailers script 2023-05-12 09:45:30 +02:00
include BUILD: makefile: fix build issue on GNU make < 3.82 2023-05-24 15:51:03 +02:00
reg-tests REGTESTS: log: Reduce again response inspect-delay for last_rule.vtc 2023-05-17 11:12:25 +02:00
scripts BUILD: ssl: switch LibreSSL to Fastly CDN 2023-04-26 18:41:03 +02:00
src BUG/MINOR: quic: Missing Retry token length on receipt 2023-05-24 16:30:11 +02:00
tests TESTS: add a unit test for one_among_mask() 2022-06-21 20:29:57 +02:00
.cirrus.yml CI: cirrus-ci: bump FreeBSD image to 13-1 2023-04-23 09:44:53 +02:00
.gitattributes
.gitignore CLEANUP: exclude udp-perturb with .gitignore 2022-09-16 15:47:04 +02:00
.mailmap
.travis.yml
BRANCHES
CHANGELOG [RELEASE] Released version 2.8-dev12 2023-05-17 17:10:12 +02:00
CONTRIBUTING
INSTALL DOC: fix a few reported typos in the config and install doc 2023-05-07 07:10:55 +02:00
LICENSE
MAINTAINERS CLEANUP: assorted typo fixes in the code and comments 2022-11-30 14:02:36 +01:00
Makefile BUILD: makefile: do not erase build options for some build options 2023-05-24 16:23:24 +02:00
README
SUBVERS
VERDATE [RELEASE] Released version 2.8-dev12 2023-05-17 17:10:12 +02:00
VERSION [RELEASE] Released version 2.8-dev12 2023-05-17 17:10:12 +02:00

The HAProxy documentation has been split into a number of different files for
ease of use.

Please refer to the following files depending on what you're looking for :

  - INSTALL for instructions on how to build and install HAProxy
  - BRANCHES to understand the project's life cycle and what version to use
  - LICENSE for the project's license
  - CONTRIBUTING for the process to follow to submit contributions

The more detailed documentation is located into the doc/ directory :

  - doc/intro.txt for a quick introduction on HAProxy
  - doc/configuration.txt for the configuration's reference manual
  - doc/lua.txt for the Lua's reference manual
  - doc/SPOE.txt for how to use the SPOE engine
  - doc/network-namespaces.txt for how to use network namespaces under Linux
  - doc/management.txt for the management guide
  - doc/regression-testing.txt for how to use the regression testing suite
  - doc/peers.txt for the peers protocol reference
  - doc/coding-style.txt for how to adopt HAProxy's coding style
  - doc/internals for developer-specific documentation (not all up to date)