On 7/2/25 12:00, Willy Tarreau wrote: Agreed on the fact the commit logs were not very clear.
> - an obscure issue affecting the OpenSSL-3.5 QUIC handshake was fixed *at this time, as far as I know*, affects only QUIC backends + OpenSSL-3.5. But the affected code could also be used by future TLS stack. At this time, I do not know any TLS stack which uses the affected code for QUIC listeners. This is why I have flagged this commit with "quic" and not "quic-be". The remote transport parameters could not be stored, leading the connection to be close asap. > - an erroneous encoding of QUIC frame type CONNECTION_CLOSE resulted in > CONNECTION_CLOSE_APP instead to be emitted. The impact is unclear to > me though 🙂 affects both QUIC frontends and listeners... Only the CONNECTION_CLOSE (transport level) frame could be built with an uninitialized <frame_type> field. This is the type of frame which leads the local peer to close the connection on its side. At higher level, this could prevent the packet to be built (with a too big random value for this field) or with an erroneous value (for shorter random value). For the first case the connection is not closed from the peer point of view contrary the second case.
