From a0db93f3d84eeb8fab502eee175014d951081112 Mon Sep 17 00:00:00 2001 From: Amaury Denoyelle Date: Wed, 28 May 2025 17:05:44 +0200 Subject: [PATCH] MEDIUM: backend: delay MUX init with ALPN even if proto is forced On backend side, multiplexer layer is initialized during connect_server(). However, this step is not performed if ALPN is used, as the negotiated protocol may be unknown. Multiplexer initialization is delayed after TLS handshake completion. There are still exceptions though that forces the MUX to be initialized even if ALPN is used. One of them was if server field was already set at this stage, which is the case when an explicit proto is selected on the server line configuration. Remove this condition so that now MUX init is delayed with ALPN even if proto is forced. The scope of this change should be minimal. In fact, the only impact concerns server config with both proto and ALPN set, which is pretty unlikely as it is contradictory. The main objective of this patch is to prepare QUIC support on the backend side. Indeed, QUIC proto will be forced on the server if a QUIC address is used, similarly to bind configuration. However, we still want to delay MUX initialization after QUIC handshake completion. This is mandatory to know the selected application protocol, required during QUIC MUX init. --- src/backend.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/backend.c b/src/backend.c index 3a158e3a2..5479d4ddf 100644 --- a/src/backend.c +++ b/src/backend.c @@ -2020,9 +2020,13 @@ int connect_server(struct stream *s) srv_conn->ctx = s->scb; #if defined(USE_OPENSSL) && defined(TLSEXT_TYPE_application_layer_protocol_negotiation) + /* Delay mux initialization if SSL and ALPN/NPN is set. Note + * that this is skipped in TCP mode as we only want mux-pt + * anyway. + */ if (!srv || (srv->use_ssl != 1 || (!(srv->ssl_ctx.alpn_str) && !(srv->ssl_ctx.npn_str)) || - srv->mux_proto || !IS_HTX_STRM(s))) + !IS_HTX_STRM(s))) #endif init_mux = 1;