Ubuntu
haproxy package

CHANGELOG (+137/-0)
SUBVERS (+4/-0)
VERDATE (+5/-0)
VERSION (+4/-0)
debian/changelog (+179/-0)
debian/control (+7/-3)
debian/copyright (+0/-8)
debian/gbp.conf (+4/-0)
debian/rules (+5/-2)
doc/configuration.txt (+29/-0)
doc/lua-api/index.rst (+4/-0)
include/haproxy/stick_table.h (+4/-0)
reg-tests/http-messaging/truncated.vtc (+4/-0)
src/cache.c (+12/-0)
src/h3.c (+10/-0)
src/quic_conn.c (+4466/-0)
src/quic_tp.c (+14/-0)
src/stick_table.c (+14/-0)
src/stream.c (+290/-0)

Conflict in CHANGELOG
Conflict in SUBVERS
Conflict in VERDATE
Conflict in VERSION
Conflict in debian/changelog
Conflict in debian/control
Conflict in debian/gbp.conf
Conflict in debian/rules
Conflict in doc/configuration.txt
Conflict in doc/lua-api/index.rst
Conflict in include/haproxy/stick_table.h
Conflict in reg-tests/http-messaging/truncated.vtc
Conflict in src/cache.c
Conflict in src/h3.c
Conflict in src/quic_conn.c
Conflict in src/quic_tp.c
Conflict in src/stream.c

Undecided

Fix Released

Link a bug report

Reviewer	Date Requested	Status
git-ubuntu bot	2024-01-03	Approve on 2024-01-05
Andreas Hasenack	2024-01-03	Approve on 2024-01-05
Canonical Server Reporter	2024-01-03	Pending
Review via email: mp+457881@code.launchpad.net

Description of the change

Merge for the nn cycle.

As described in https://www.haproxy.org/, 2.8.x is the new LTS version for HAProxy. Hence, instead bringing 2.9.x in (available in debian unstable), let's merge 2.8.5 instead (since there is no breanch with 2.8.5-1, the diff bellow shows a conflict).

PPA: https://launchpad.net/~athos-ribeiro/+archive/ubuntu/haproxy-merge/+packages

DEP8 PPA test run (amd64 still running):

* Results:
  - haproxy/2.8.5-1ubuntu1~ppa2
    + ✅ haproxy on noble for arm64 @ 03.01.24 12:56:51 Log️ 🗒️
    + ✅ haproxy on noble for armhf @ 03.01.24 12:58:43 Log️ 🗒️
    + ✅ haproxy on noble for ppc64el @ 03.01.24 12:49:28 Log️ 🗒️
    + ✅ haproxy on noble for s390x @ 03.01.24 12:52:53 Log️ 🗒️

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2024-01-03:

There are conflicts in the diff, at least according to LP

Revision history for this message

Athos Ribeiro (athos-ribeiro) wrote on 2024-01-03:

Thanks, Andreas.

That's because there is no branch pointing to 2.8.5-1 (LTS). I did point my debian/new tag to 2.8.5-1 though (so it should be possible to do a sane review locally using my branch and tags).

I am unsure how we could improve this LP interface for the merge without creating a new branch under pkg/* though.

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2024-01-04:

Ah, thanks for the explanation. Taking another look.

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2024-01-04:

It looks like this is introducing a new runtime dependency on libjemalloc2:

haproxy (2.8.4-2) experimental; urgency=medium

* d/rules: really link against jemalloc.
* d/rules: enable USE_QUIC (with USE_QUIC_OPENSSL_COMPAT).

-- Vincent Bernat <email address hidden> Wed, 22 Nov 2023 22:52:31 +0100

haproxy (2.8.4-1) experimental; urgency=medium

* New upstream release.
* d/rules: link against jemalloc.

-- Vincent Bernat <email address hidden> Fri, 17 Nov 2023 19:53:48 +0100

I checked the current dependency list of haproxy in noble, and in your ppa, and this is the diff:
- Depends: libc6 (>= 2.38), libcrypt1 (>= 1:4.1.0), liblua5.4-0 (>= 5.4.6), libpcre2-8-0 (>= 10.22), libssl3 (>= 3.0.0), libsystemd0, adduser
+ Depends: libc6 (>= 2.38), libcrypt1 (>= 1:4.1.0), libjemalloc2 (>= 2.1.1), liblua5.4-0 (>= 5.4.6), libpcre2-8-0 (>= 10.22), libssl3 (>= 3.0.0), libsystemd0, adduser, lsb-base (>= 3.0-6)

Since libjemalloc2 is in universe, I think this will introduce a component mismatch, or did I miss something?

review: Needs Information

Revision history for this message

Athos Ribeiro (athos-ribeiro) wrote on 2024-01-05:

Thanks for spotting that Andreas. We have discussed this in the past for a different package and we do not want to include jemalloc in main.

Removed the B-D and linking.

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2024-01-05:

+1!

review: Approve

Revision history for this message

git-ubuntu bot (git-ubuntu-bot) wrote on 2024-01-05:

Approvers: athos-ribeiro, ahasenack
Uploaders: athos-ribeiro, ahasenack
MP auto-approved

review: Approve

Revision history for this message

Athos Ribeiro (athos-ribeiro) wrote on 2024-01-05:

Thanks!

Uploaded

Uploading to ubuntu (via ftp to upload.ubuntu.com):
  Uploading haproxy_2.8.5-1ubuntu1.dsc: done.
  Uploading haproxy_2.8.5.orig.tar.gz: done.
  Uploading haproxy_2.8.5-1ubuntu1.debian.tar.xz: done.
  Uploading haproxy_2.8.5-1ubuntu1_source.buildinfo: done.
  Uploading haproxy_2.8.5-1ubuntu1_source.changes: done.
Successfully uploaded packages.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches

to all changes:

Athos Ribeiro

git-ubuntu developers

 diff --git a/CHANGELOG b/CHANGELOG
 index e555bb8..c43938e 100644
 --- a/CHANGELOG
 +++ b/CHANGELOG
@@ -1,6 +1,7 @@
  ChangeLog :
  ===========
++<<<<<<< CHANGELOG
 /12/15 : 2.9.1
      - BUG/MINOR: ssl: Double free of OCSP Certificate ID
      - MINOR: ssl/cli: Add ha_(warning|alert) msgs to CLI ckch callback
@@ -63,10 +64,28 @@ ChangeLog :
      - MINOR: log/backend: prevent "use-server" rules use with LOG mode
      - MINOR: log/balance: set lbprm tot_weight on server on queue/dequeue
      - DOC: config: specify supported sections for "max-session-srv-conns"
++=======
++2023/12/07 : 2.8.5
++    - BUG/MAJOR: quic: complete thread migration before tcp-rules
++    - BUG/MEDIUM: mux-h2: fail earlier on malloc in takeover()
++    - BUG/MEDIUM: mux-h1: fail earlier on malloc in takeover()
++    - BUG/MEDIUM: mux-fcgi: fail earlier on malloc in takeover()
++    - BUG/MINOR: stream/cli: report correct stream age in "show sess"
++    - MINOR: stktable: add stktable_deinit function
++    - BUG/MINOR: proxy/stktable: missing frees on proxy cleanup
++    - REGTESTS: http: add a test to validate chunked responses delivery
++    - BUG/MINOR: startup: set GTUNE_SOCKET_TRANSFER correctly
++    - BUG/MINOR: sock: mark abns sockets as non-suspendable and always unbind them
++    - BUG/MEDIUM: quic: Possible crash for connections to be killed
++    - BUG/MINOR: quic: Possible RX packet memory leak under heavy load
++    - BUG/MINOR: server: do not leak default-server in defaults sections
++    - DOC: 51d: updated 51Degrees repo URL for v3.2.10
++>>>>>>> CHANGELOG
      - DOC: config: fix timeout check inheritance restrictions
      - REGTESTS: connection: disable http_reuse_be_transparent.vtc if !TPROXY
      - DOC: lua: add sticktable class reference from Proxy.stktable
      - DOC: lua: fix Proxy.get_mode() output
++<<<<<<< CHANGELOG
      - DOC: lua: add "syslog" to Proxy.get_mode() output
      - MEDIUM: ssl: implement rsa/ecdsa selection with WolfSSL
      - MINOR: ssl: replace 'trash.area' by 'servername' in ssl_sock_switchctx_cbk()
@@ -205,6 +224,124 @@ ChangeLog :
 /11/18 : 2.9-dev10
      - CLEANUP: Re-apply xalloc_size.cocci (3)
      - BUG/MEDIUM: stconn: Report send activity during mux-to-mux fast-forward
++=======
++    - BUG/MINOR: quic: fix CONNECTION_CLOSE_APP encoding
++    - BUG/MINOR: compression: possible NULL dereferences in comp_prepare_compress_request()
++    - BUG/MEDIUM: master/cli: Properly pin the master CLI on thread 1 / group 1
++    - BUG/MINOR: h3: fix TRAILERS encoding
++    - BUG/MINOR: h3: always reject PUSH_PROMISE
++    - DOC: config: fix missing characters in set-spoe-group action
++    - BUG/MINOR: quic_tp: fix preferred_address decoding
++    - BUG/MINOR: config: Stopped parsing upon unmatched environment variables
++    - BUG/MINOR: cfgparse-listen: fix warning being reported as an alert
++    - DOC: config: specify supported sections for "max-session-srv-conns"
++    - DOC: config: add matrix entry for "max-session-srv-conns"
++    - DOC: config: fix monitor-fail typo
++    - REGTESTS: sample: Test the behavior of consecutive delimiters for the field converter
++    - BUG/MINOR: sample: Make the `word` converter compatible with `-m found`
++    - DOC: Clarify the differences between field() and word()
++    - BUG/MEDIUM: peers: fix partial message decoding
++    - BUG/MINOR: cache: Remove incomplete entries from the cache when stream is closed
++    - BUG/MEDIUM: quic: Possible crash during retransmissions and heavy load
++    - BUG/MINOR: quic: Possible leak of TX packets under heavy load
++    - BUG/MINOR: quic: Missing QUIC connection path member initialization
++    - BUG/MINOR: quic: Packet number spaces too lately initialized
++    - BUG/MINOR: ssl: Double free of OCSP Certificate ID
++    - MINOR: ssl/cli: Add ha_(warning|alert) msgs to CLI ckch callback
++    - BUG/MINOR: ssl: Wrong OCSP CID after modifying an SSL certficate
++    - BUG/MINOR: lua: Wrong OCSP CID after modifying an SSL certficate (LUA)
++    - BUG/MEDIUM: proxy: always initialize the default settings after init
++
++2023/11/17 : 2.8.4
++    - BUILD: bug: make BUG_ON() void to avoid a rare warning
++    - BUG/MINOR: quic: Leak of frames to send.
++    - BUG/MINOR: quic: Wrong cluster secret initialization
++    - MINOR: quic: QUIC openssl wrapper implementation
++    - MINOR: quic: Include QUIC opensssl wrapper header from TLS stacks compatibility header
++    - MINOR: quic: Do not enable O-RTT with USE_QUIC_OPENSSL_COMPAT
++    - MINOR: quic: Set the QUIC connection as extra data before calling SSL_set_quic_method()
++    - MINOR: quic: Do not enable 0RTT with SSL_set_quic_early_data_enabled()
++    - MINOR: quic: Add a compilation option for the QUIC OpenSSL wrapper
++    - MINOR: quic: Export some KDF functions (QUIC-TLS)
++    - MINOR: quic: Initialize TLS contexts for QUIC openssl wrapper
++    - MINOR: quic: Call the keylog callback for QUIC openssl wrapper from SSL_CTX_keylog()
++    - MINOR: quic: Add a quic_openssl_compat struct to quic_conn struct
++    - MINOR: quic: SSL context initialization with QUIC OpenSSL wrapper.
++    - MINOR: quic: Add "limited-quic" new tuning setting
++    - DOC: quic: Add "limited-quic" new tuning setting
++    - BUG/MINOR: quic+openssl_compat: Non initialized TLS encryption levels
++    - MINOR: quic: Warning for OpenSSL wrapper QUIC bindings without "limited-quic"
++    - MINOR: quic+openssl_compat: Do not start without "limited-quic"
++    - MINOR: quic+openssl_compat: Emit an alert for "allow-0rtt" option
++    - BUILD: Makefile: add USE_QUIC_OPENSSL_COMPAT to make help
++    - BUG/MINOR: quic: allow-0rtt warning must only be emitted with quic bind
++    - BUG/MINOR: quic: ssl_quic_initial_ctx() uses error count not error code
++    - BUILD: quic: fix build on centos 8 and USE_QUIC_OPENSSL_COMPAT
++    - MINOR: hlua: add hlua_stream_ctx_prepare helper function
++    - BUG/MEDIUM: hlua: streams don't support mixing lua-load with lua-load-per-thread
++    - Revert "BUG/MEDIUM: quic: missing check of dcid for init pkt including a token"
++    - CI: musl: highlight section if there are coredumps
++    - CI: musl: drop shopt in workflow invocation
++    - BUG/MEDIUM: hlua: don't pass stale nargs argument to lua_resume()
++    - BUG/MINOR: hlua/init: coroutine may not resume itself
++    - BUG/MEDIUM: mux-fcgi: Don't swap trash and dbuf when handling STDERR records
++    - BUG/MINOR: promex: fix backend_agg_check_status
++    - BUG/MEDIUM: master/cli: Pin the master CLI on the first thread of the group 1
++    - BUG/MINOR: freq_ctr: fix possible negative rate with the scaled API
++    - BUG/MAJOR: mux-h2: Report a protocol error for any DATA frame before headers
++    - BUG/MINOR: server: add missing free for server->rdr_pfx
++    - MINOR: pattern: fix pat_{parse,match}_ip() function comments
++    - BUG/MEDIUM: server/cli: don't delete a dynamic server that has streams
++    - BUG/MINOR: mux-quic: remove full demux flag on ncbuf release
++    - BUG/MEDIUM: actions: always apply a longest match on prefix lookup
++    - BUG/MEDIUM: quic_conn: let the scheduler kill the task when needed
++    - BUG/MEDIUM: http-ana: Try to handle response before handling server abort
++    - MINOR: hlua: Set context's appctx when the lua socket is created
++    - MINOR: hlua: Don't preform operations on a not connected socket
++    - MINOR: hlua: Save the lua socket's timeout in its context
++    - MINOR: hlua: Save the lua socket's server in its context
++    - MINOR: hlua: Test the hlua struct first when the lua socket is connecting
++    - BUG/MEDIUM: hlua: Initialize appctx used by a lua socket on connect only
++    - BUG/MINOR: mux-h1: Handle read0 in rcv_pipe() only when data receipt was tried
++    - BUG/MINOR: mux-h1: Ignore C-L when sending H1 messages if T-E is also set
++    - BUG/MEDIUM: h1: Ignore C-L value in the H1 parser if T-E is also set
++    - BUG/MINOR: hq-interop: simplify parser requirement
++    - BUG/MEDIUM: stconn: Fix comparison sign in sc_need_room()
++    - BUG/MINOR: quic: Avoid crashing with unsupported cryptographic algos
++    - BUG/MINOR: quic: reject packet with no frame
++    - BUG/MEDIUM: mux-quic: fix RESET_STREAM on send-only stream
++    - BUG/MINOR: mux-quic: support initial 0 max-stream-data
++    - BUG/MINOR: h3: strengthen host/authority header parsing
++    - BUG/MINOR: mux-quic: fix free on qcs-new fail alloc
++    - BUG/MEDIUM: quic-conn: free unsent frames on retransmit to prevent crash
++    - BUG/MINOR: mux-h1: Send a 400-bad-request on shutdown before the first request
++    - BUG/MINOR: mux-h2: make up other blocked streams upon removal from list
++    - BUG/MEDIUM: mux-h2: Don't report an error on shutr if a shutw is pending
++    - BUG/MINOR: mux-h2: fix http-request and http-keep-alive timeouts again
++    - BUG/MINOR: trace: fix trace parser error reporting
++    - BUG/MEDIUM: peers: Be sure to always refresh recconnect timer in sync task
++    - BUG/MEDIUM: peers: Fix synchro for huge number of tables
++    - BUG/MINOR: mux-h2: commit the current stream ID even on reject
++    - BUG/MINOR: mux-h2: update tracked counters with req cnt/req err
++    - DOC: internal: filters: fix reference to entities.pdf
++    - BUG/MINOR: ssl: load correctly @system-ca when ca-base is define
++    - MINOR: lua: Add flags to configure logging behaviour
++    - DEBUG: mux-h2/flags: fix list of h2c flags used by the flags decoder
++    - MINOR: connection: add conn_pr_mode_to_proto_mode() helper func
++    - BUG/MEDIUM: server: "proto" not working for dynamic servers
++    - BUG/MINOR: quic: do not consider idle timeout on CLOSING state
++    - BUG/MINOR: ssl: use a thread-safe sslconns increment
++    - MINOR: frontend: implement a dedicated actconn increment function
++    - MEDIUM: quic: count quic_conn instance for maxconn
++    - MEDIUM: quic: count quic_conn for global sslconns
++    - BUG/MINOR: ssl: suboptimal certificate selection with TLSv1.3 and dual ECDSA/RSA
++    - BUG/MINOR: mux-quic: fix early close if unset client timeout
++    - BUG/MEDIUM: ssl: segfault when cipher is NULL
++    - BUG/MINOR: tcpcheck: Report hexstring instead of binary one on check failure
++    - BUG/MINOR: stktable: missing free in parse_stick_table()
++    - BUG/MINOR: cfgparse/stktable: fix error message on stktable_init() failure
++    - BUG/MEDIUM: pattern: don't trim pools under lock in pat_ref_purge_range()
++>>>>>>> CHANGELOG
      - BUG/MEDIUM: stconn: Don't report rcv/snd expiration date if SC cannot epxire
      - MINOR: stconn: Don't queue stream task in past in sc_notify()
      - BUG/MEDIUM: Don't apply a max value on room_needed in sc_need_room()
 diff --git a/SUBVERS b/SUBVERS
 index 2a65295..4770f6b 100644
 --- a/SUBVERS
 +++ b/SUBVERS
@@ -1,2 +1,6 @@
++<<<<<<< SUBVERS
  -f72603c
++=======
++-aaba8d0
++>>>>>>> SUBVERS
 diff --git a/VERDATE b/VERDATE
 index 950d751..85c0180 100644
 --- a/VERDATE
 +++ b/VERDATE
@@ -1,2 +1,7 @@
++<<<<<<< VERDATE
 -12-15 14:35:36 +0100
 /12/15
++=======
++2023-12-07 15:20:36 +0100
++2023/12/07
++>>>>>>> VERDATE
 diff --git a/VERSION b/VERSION
 index dedcc7d..8db7c93 100644
 --- a/VERSION
 +++ b/VERSION
@@ -1 +1,5 @@
++<<<<<<< VERSION
 .9.1
++=======
++2.8.5
++>>>>>>> VERSION
 diff --git a/debian/changelog b/debian/changelog
 index 9d0b612..497abbc 100644
 --- a/debian/changelog
 +++ b/debian/changelog
@@ -1,3 +1,4 @@
++<<<<<<< debian/changelog
  haproxy (2.9.1-1) unstable; urgency=medium
    [ Chris Hofstaedtler ]
@@ -14,6 +15,25 @@ haproxy (2.9.0-1) experimental; urgency=medium
    * New upstream release.
   -- Vincent Bernat <bernat@debian.org>  Sat, 09 Dec 2023 15:33:05 +0100
++=======
++haproxy (2.8.5-1ubuntu1) noble; urgency=medium
++
++  * Merge with Debian unstable (LP: #2040383). Remaining changes:
++    - d/{control,rules}: Remove support for OpenTracing due to it being
++      in universe.
++    - d/control: Upgrade lua build dependency to 5.4
++    - d/rules: Change lua include location to /usr/include/lua5.4
++  * New changes:
++    - d/{control,rules}: do not link against jemalloc (universe).
++
++ -- Athos Ribeiro <athos.ribeiro@canonical.com>  Fri, 05 Jan 2024 11:05:29 -0300
++
++haproxy (2.8.5-1) unstable; urgency=medium
++
++  * New upstream release.
++
++ -- Vincent Bernat <bernat@debian.org>  Sat, 09 Dec 2023 16:14:43 +0100
++>>>>>>> debian/changelog
  haproxy (2.8.4-2) experimental; urgency=medium
@@ -116,6 +136,64 @@ haproxy (2.7.0-1) experimental; urgency=medium
   -- Vincent Bernat <bernat@debian.org>  Thu, 01 Dec 2022 17:25:51 +0100
++haproxy (2.6.15-1ubuntu2) mantic; urgency=medium
++
++  * d/control: Upgrade lua build dependency to 5.4
++  * d/rules: Change lua include location to /usr/include/lua5.4
++
++ -- Lena Voytek <lena.voytek@canonical.com>  Thu, 17 Aug 2023 09:53:22 -0700
++
++haproxy (2.6.15-1ubuntu1) mantic; urgency=medium
++
++  * Merge with Debian unstable. Remaining changes:
++    - d/{control,rules}: Remove support for OpenTracing due to it being
++      in universe.
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 16 Aug 2023 07:40:54 -0400
++
++haproxy (2.6.14-1ubuntu1) mantic; urgency=medium
++
++  * Merge with Debian unstable (LP: #2018073). Remaining changes:
++    - d/{control,rules}: Remove support for OpenTracing due to it being
++      in universe.
++
++ -- Athos Ribeiro <athos.ribeiro@canonical.com>  Fri, 16 Jun 2023 11:08:54 -0300
++
++haproxy (2.6.13-1ubuntu1) mantic; urgency=medium
++
++  * Merge with Debian unstable. Remaining changes:
++    - d/{control,rules}: Remove support for OpenTracing due to it being
++      in universe.
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 07 Jun 2023 14:12:21 -0400
++
++haproxy (2.6.9-1ubuntu1) lunar; urgency=medium
++
++  * Merge with Debian unstable. Remaining changes:
++    - d/{control,rules}: Remove support for OpenTracing due to it is
++      in universe.
++  * Dropped changes:
++    - debian/patches/CVE-2023-0056.patch: removed, included in new version.
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 17 Feb 2023 08:07:41 -0500
++
++haproxy (2.6.7-1ubuntu2) lunar; urgency=medium
++
++  * SECURITY UPDATE: DoS via certain interim responses
++    - debian/patches/CVE-2023-0056.patch: refuse interim responses with
++      end-stream flag set in src/mux_h2.c.
++    - CVE-2023-0056
++
++ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 19 Jan 2023 10:33:43 -0500
++
++haproxy (2.6.7-1ubuntu1) lunar; urgency=medium
++
++  * Merge with Debian unstable (LP: #1993402). Remaining changes:
++    - d/{control,rules}: Removing support for OpenTracing due to it is
++      in universe.
++
++ -- Lucas Kanashiro <kanashiro@ubuntu.com>  Wed, 14 Dec 2022 11:49:52 -0300
++
  haproxy (2.6.6-2) unstable; urgency=medium
    * Upload to unstable.
@@ -226,6 +304,20 @@ haproxy (2.4.19-1) unstable; urgency=medium
   -- Vincent Bernat <bernat@debian.org>  Fri, 30 Sep 2022 09:07:13 +0200
++haproxy (2.4.18-1ubuntu1) kinetic; urgency=medium
++
++  * Merge with Debian unstable. Remaining changes:
++    - d/{control,rules}: Removing support for OpenTracing due to it is
++      in universe.
++  * Dropped (in 2.4.18-1):
++    - d/t/utils: add helper functions to be re-used in tests.
++    - d/t/proxy-localhost: refactor to use the check_index_file helper function.
++    - d/t/proxy-ssl-termination: add test for the SSL termination proxy feature.
++    - d/t/proxy-ssl-pass-through: add test for the SSL Pass-Through proxy feature.
++    - d/t/control: add both SSL related tests.
++
++ -- Andreas Hasenack <andreas@canonical.com>  Mon, 15 Aug 2022 09:46:33 -0300
++
  haproxy (2.4.18-1) unstable; urgency=medium
    [ Lucas Kanashiro ]
@@ -239,6 +331,24 @@ haproxy (2.4.18-1) unstable; urgency=medium
   -- Vincent Bernat <bernat@debian.org>  Wed, 27 Jul 2022 15:59:36 +0200
++haproxy (2.4.17-1ubuntu2) kinetic; urgency=medium
++
++  * d/t/utils: add helper functions to be re-used in tests.
++  * d/t/proxy-localhost: refactor to use the check_index_file helper function.
++  * d/t/proxy-ssl-termination: add test for the SSL termination proxy feature.
++  * d/t/proxy-ssl-pass-through: add test for the SSL Pass-Through proxy feature.
++  * d/t/control: add both SSL related tests.
++
++ -- Lucas Kanashiro <kanashiro@ubuntu.com>  Wed, 15 Jun 2022 17:34:52 -0300
++
++haproxy (2.4.17-1ubuntu1) kinetic; urgency=medium
++
++  * Merge with Debian unstable (LP: #1971279). Remaining changes:
++    - d/{control,rules}: Removing support for OpenTracing due to it is
++      in universe.
++
++ -- Andreas Hasenack <andreas@canonical.com>  Mon, 16 May 2022 10:41:37 -0300
++
  haproxy (2.4.17-1) unstable; urgency=medium
    * New upstream release.
@@ -258,6 +368,18 @@ haproxy (2.4.15-1) unstable; urgency=medium
   -- Vincent Bernat <bernat@debian.org>  Mon, 14 Mar 2022 20:17:04 +0100
++haproxy (2.4.14-1ubuntu1) jammy; urgency=medium
++
++  * Merge with Debian unstable. Remaining changes:
++    - d/{control,rules}: Removing support for OpenTracing due to it is
++      in universe.
++  * Dropped:
++    - d/p/fix-ftbfs-openssl3.patch: Cherry-picked from upstream to fix
++      the build against OpenSSL3 (LP #1945773)
++      [Fixed upstream]
++
++ -- Andreas Hasenack <andreas@canonical.com>  Mon, 28 Feb 2022 13:48:21 -0300
++
  haproxy (2.4.14-1) unstable; urgency=medium
    * New upstream release.
@@ -265,18 +387,54 @@ haproxy (2.4.14-1) unstable; urgency=medium
   -- Vincent Bernat <bernat@debian.org>  Fri, 25 Feb 2022 18:38:27 +0100
++haproxy (2.4.13-1ubuntu1) jammy; urgency=medium
++
++  * Merge with Debian unstable (LP: #1961195). Remaining changes:
++    - d/p/fix-ftbfs-openssl3.patch: Cherry-picked from upstream to fix
++      the build against OpenSSL3 (LP #1945773)
++    - d/{control,rules}: Removing support for OpenTracing due to it is
++      in universe.
++
++ -- Andreas Hasenack <andreas@canonical.com>  Fri, 18 Feb 2022 15:27:14 -0300
++
  haproxy (2.4.13-1) unstable; urgency=medium
    * New upstream release.
   -- Vincent Bernat <bernat@debian.org>  Thu, 17 Feb 2022 10:03:46 +0100
++haproxy (2.4.12-1ubuntu2) jammy; urgency=medium
++
++  * No-change rebuild to update maintainer scripts, see LP: 1959054
++
++ -- Dave Jones <dave.jones@canonical.com>  Wed, 16 Feb 2022 17:01:23 +0000
++
++haproxy (2.4.12-1ubuntu1) jammy; urgency=medium
++
++  * Merge with Debian unstable (LP: #1957099). Remaining changes:
++    - d/p/fix-ftbfs-openssl3.patch: Cherry-picked from upstream to fix
++      the build against OpenSSL3 (LP #1945773)
++    - d/{control,rules}: Removing support for OpenTracing due to it is
++      in universe.
++
++ -- Andreas Hasenack <andreas@canonical.com>  Tue, 11 Jan 2022 14:40:07 -0300
++
  haproxy (2.4.12-1) unstable; urgency=medium
    * New upstream release.
   -- Vincent Bernat <bernat@debian.org>  Tue, 11 Jan 2022 12:06:17 +0100
++haproxy (2.4.11-1ubuntu1) jammy; urgency=medium
++
++  * Merge with Debian unstable (LP: #1946859). Remaining changes:
++    - d/p/fix-ftbfs-openssl3.patch: Cherry-picked from upstream to fix
++      the build against OpenSSL3 (LP #1945773)
++    - d/{control,rules}: Removing support for OpenTracing due to it is
++      in universe.
++
++ -- Andreas Hasenack <andreas@canonical.com>  Sat, 08 Jan 2022 18:58:44 -0300
++
  haproxy (2.4.11-1) unstable; urgency=medium
    * New upstream release.
@@ -301,6 +459,27 @@ haproxy (2.4.8-3) unstable; urgency=medium
   -- Vincent Bernat <bernat@debian.org>  Wed, 24 Nov 2021 09:29:54 +0100
++haproxy (2.4.8-2ubuntu3) jammy; urgency=medium
++
++  * d/{control,rules}: Remove support for OpenTracing because it is
++    in universe.
++
++ -- Miriam España Acebal <miriam.espana@canonical.com>  Thu, 09 Dec 2021 11:57:06 +0100
++
++haproxy (2.4.8-2ubuntu2) jammy; urgency=medium
++
++  * No-change rebuild against libssl3
++
++ -- Steve Langasek <steve.langasek@ubuntu.com>  Wed, 08 Dec 2021 23:32:48 +0000
++
++haproxy (2.4.8-2ubuntu1) jammy; urgency=medium
++
++  [ Simon Chopin ]
++  * d/p/fix-ftbfs-openssl3.patch: Cherry-picked from upstream to fix the build
++    against OpenSSL3 (LP: #1945773)
++
++ -- Lucas Kanashiro <kanashiro@ubuntu.com>  Fri, 19 Nov 2021 18:36:04 -0300
++
  haproxy (2.4.8-2) unstable; urgency=medium
    * Non-maintainer upload.
 diff --git a/debian/control b/debian/control
 index 81528db..31b8e0f 100644
 --- a/debian/control
 +++ b/debian/control
@@ -1,7 +1,8 @@
  Source: haproxy
  Section: net
  Priority: optional
--Maintainer: Debian HAProxy Maintainers <team+haproxy@tracker.debian.org>
++Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
++XSBC-Original-Maintainer: Debian HAProxy Maintainers <team+haproxy@tracker.debian.org>
  Uploaders: Apollon Oikonomopoulos <apoikos@debian.org>,
             Prach Pongpanich <prach@debian.org>,
             Vincent Bernat <bernat@debian.org>
@@ -9,13 +10,16 @@ Standards-Version: 4.4.1
  Build-Depends: debhelper-compat (= 12),
                 libpcre2-dev,
                 libssl-dev,
--               liblua5.3-dev,
++               liblua5.4-dev,
                 libsystemd-dev [linux-any],
--               libjemalloc-dev,
                 python3-sphinx,
++<<<<<<< debian/control
                 libopentracing-c-wrapper-dev,
                 pkg-config,
                 systemd-dev [linux-any]
++=======
++               pkg-config
++>>>>>>> debian/control
  Build-Depends-Indep: python3, python3-mako
  Homepage: http://www.haproxy.org/
  Vcs-Git: https://salsa.debian.org/haproxy-team/haproxy.git
 diff --git a/debian/copyright b/debian/copyright
 index 7eb0d9a..e33a528 100644
 --- a/debian/copyright
 +++ b/debian/copyright
@@ -125,14 +125,6 @@ Comment:
   released under the GPL with the additional exemption that compiling,
   linking, and/or using OpenSSL is allowed."
--Files: debian/dconv/js/*
--Copyright: 2013-2015, Twitter, Inc. and other contributors; Licensed MIT
--License: GPL-2+
--Comment:
-- An OpenSSL exception is present in the LICENSE file: "This program is
-- released under the GPL with the additional exemption that compiling,
-- linking, and/or using OpenSSL is allowed."
--
  Files: debian/dconv/js/typeahead.bundle.js
  Copyright: Copyright 2013-2015 Twitter, Inc. and other contributors
  License: Expat
 diff --git a/debian/gbp.conf b/debian/gbp.conf
 index de6a4c4..18a274f 100644
 --- a/debian/gbp.conf
 +++ b/debian/gbp.conf
@@ -1,4 +1,8 @@
  [DEFAULT]
  pristine-tar = True
++<<<<<<< debian/gbp.conf
  upstream-branch = upstream-2.9
  debian-branch = experimental-2.9
++=======
++upstream-branch = upstream-2.8
++>>>>>>> debian/gbp.conf
 diff --git a/debian/rules b/debian/rules
 index 8b8f78e..5e73851 100755
 --- a/debian/rules
 +++ b/debian/rules
@@ -21,8 +21,7 @@ MAKEARGS=V=1 \
  	 USE_SLZ=1 \
  	 USE_LUA=1 \
  	 USE_PROMEX=1 \
--	 USE_OT=1 \
--	 LUA_INC=/usr/include/lua5.3 \
++	 LUA_INC=/usr/include/lua5.4 \
  	 EXTRA=admin/halog/halog
  ifeq ($(DEB_HOST_ARCH_OS),linux)
@@ -35,9 +34,13 @@ else
  endif
  ifneq ($(filter armel mips mipsel m68k powerpc powerpcspe sh4 riscv64,$(DEB_HOST_ARCH)),)
++<<<<<<< debian/rules
  	MAKEARGS+= ADDLIB="-latomic -Wl,-no-as-needed -ljemalloc -Wl,-as-needed"
  else
  	MAKEARGS+= ADDLIB="-Wl,-no-as-needed -ljemalloc -Wl,-as-needed"
++=======
++	MAKEARGS+= ADDLIB="-latomic"
++>>>>>>> debian/rules
  endif
  MAKEARGS += DEBUG_CFLAGS="$(CFLAGS) $(CPPFLAGS)"
 diff --git a/doc/configuration.txt b/doc/configuration.txt
 index be1058b..0f11732 100644
 --- a/doc/configuration.txt
 +++ b/doc/configuration.txt
@@ -2,8 +2,13 @@
                                  HAProxy
                            Configuration Manual
                           ----------------------
++<<<<<<< doc/configuration.txt
                                version 2.9
 /12/15
++=======
++                              version 2.8
++                              2023/12/07
++>>>>>>> doc/configuration.txt
  This document covers the configuration language as implemented in the version
@@ -9099,7 +9104,16 @@ no option httpclose
  option httplog [ clf ]
    Enable logging of HTTP request, stream state and timers
++<<<<<<< doc/configuration.txt
    May be used in the following contexts: http
++=======
++max-session-srv-conns <nb>
++  Set the maximum number of outgoing connections we can keep idling for a given
++  client session. The default is 5 (it precisely equals MAX_SRV_LIST which is
++  defined at build time).
++  May be used in sections :   defaults | frontend | listen | backend
++                                 yes   |    yes   |   yes  |   no
++>>>>>>> doc/configuration.txt
    May be used in sections :   defaults | frontend | listen | backend
                                   yes   |    yes   |   yes  |   no
@@ -14114,8 +14128,13 @@ normalize-uri query-sort-by-name
        This merges segments that attempt to access the parent directory with
        their preceding segment.
++<<<<<<< doc/configuration.txt
        Empty segments do not receive special treatment. Use the "merge-slashes"
        normalizer first if this is undesired.
++=======
++  This action is is used to trigger sending of a group of SPOE messages. Please
++  refer to "http-request send-spoe-group" for a complete description.
++>>>>>>> doc/configuration.txt
        Segments including percent encoded dots ("%2E") will not be detected. Use
        the "percent-decode-unreserved" normalizer first if this is undesired.
@@ -14568,8 +14587,13 @@ set-bandwidth-limit <name> [limit {<expr> | <size>}] [period {<expr> | <time>}]
              interpreted as a size in bytes for the "limit" parameter and as a
              duration in milliseconds for the "period" parameter.
++<<<<<<< doc/configuration.txt
      <size>  Is a number. It follows the HAProxy size format and is expressed in
              bytes.
++=======
++  This action is is used to trigger sending of a group of SPOE messages. Please
++  refer to "http-request send-spoe-group" for a complete description.
++>>>>>>> doc/configuration.txt
      <time>  Is a number. It follows the HAProxy time format and is expressed in
              milliseconds.
@@ -14686,10 +14710,15 @@ set-mark <mark>
    kernels 2.6.32 and above and requires admin privileges, as well on FreeBSD
    and OpenBSD.
++<<<<<<< doc/configuration.txt
  set-method <fmt>
    Usable in:  TCP RqCon| RqSes| RqCnt| RsCnt|    HTTP Req| Res| Aft
                      -  |   -  |   -  |   -  |          X |  - |  -
++=======
++  See also: "timeout connect", "timeout queue", "timeout server",
++            "timeout tarpit".
++>>>>>>> doc/configuration.txt
    This rewrites the request method with the result of the evaluation of format
    string <fmt>. There should be very few valid reasons for having to do so as
 diff --git a/doc/lua-api/index.rst b/doc/lua-api/index.rst
 index e8df63e..292e637 100644
 --- a/doc/lua-api/index.rst
 +++ b/doc/lua-api/index.rst
@@ -1140,7 +1140,11 @@ Proxy class
    :param class_proxy px: A :ref:`proxy_class` which indicates the manipulated
     proxy.
++<<<<<<< doc/lua-api/index.rst
    :returns: a string "tcp", "http", "syslog" or "unknown"
++=======
++  :returns: a string "tcp", "http" or "unknown"
++>>>>>>> doc/lua-api/index.rst
  .. js:function:: Proxy.get_srv_act(px)
 diff --git a/include/haproxy/stick_table.h b/include/haproxy/stick_table.h
 index 3200437..3478bed 100644
 --- a/include/haproxy/stick_table.h
 +++ b/include/haproxy/stick_table.h
@@ -46,7 +46,11 @@ void stksess_free(struct stktable *t, struct stksess *ts);
  int stksess_kill(struct stktable *t, struct stksess *ts, int decrefcount);
  int stktable_get_key_shard(struct stktable *t, const void *key, size_t len);
++<<<<<<< include/haproxy/stick_table.h
  int stktable_init(struct stktable *t, char **err_msg);
++=======
++int stktable_init(struct stktable *t);
++>>>>>>> include/haproxy/stick_table.h
  void stktable_deinit(struct stktable *t);
  int stktable_parse_type(char **args, int *idx, unsigned long *type, size_t *key_size, const char *file, int linenum);
  int parse_stick_table(const char *file, int linenum, char **args,
 diff --git a/reg-tests/http-messaging/truncated.vtc b/reg-tests/http-messaging/truncated.vtc
 index 7579f6d..59eb827 100644
 --- a/reg-tests/http-messaging/truncated.vtc
 +++ b/reg-tests/http-messaging/truncated.vtc
@@ -96,6 +96,10 @@ client c1h2 -connect ${h1_feh2_sock} {
  		expect resp.status == 200
  		rxdata -all
  		expect resp.bodylen == 16300
++<<<<<<< reg-tests/http-messaging/truncated.vtc
  		#expect resp.chunkedlen == 16300
++=======
++		#expext resp.chunkedlen == 16300
++>>>>>>> reg-tests/http-messaging/truncated.vtc
  	} -run
  } -repeat 2 -run
 diff --git a/src/cache.c b/src/cache.c
 index e436a9c..45191a2 100644
 --- a/src/cache.c
 +++ b/src/cache.c
@@ -668,17 +668,29 @@ cache_store_strm_deinit(struct stream *s, struct filter *filter)
  	 * there too, in case of errors */
  	if (st && st->first_block) {
  		struct cache_entry *object = (struct cache_entry *)st->first_block->data;
++<<<<<<< src/cache.c
++=======
++
++		shctx_lock(shctx);
++>>>>>>> src/cache.c
  		if (!object->complete) {
  			/* The stream was closed but the 'complete' flag was not
  			 * set which means that cache_store_http_end was not
  			 * called. The stream must have been closed before we
  			 * could store the full answer in the cache.
  			 */
++<<<<<<< src/cache.c
  			release_entry_unlocked(&cache->trees[object->eb.key % CACHE_TREE_NUM], object);
+ 		}
  		shctx_wrlock(shctx);
  		shctx_row_reattach(shctx, st->first_block);
  		shctx_wrunlock(shctx);
++=======
++			delete_entry(object);
++		}
++		shctx_row_dec_hot(shctx, st->first_block);
++		shctx_unlock(shctx);
++>>>>>>> src/cache.c
+ 	}
  	if (st) {
  		pool_free(pool_head_cache_st, st);
 diff --git a/src/h3.c b/src/h3.c
 index c849bde..222b8bd 100644
 --- a/src/h3.c
 +++ b/src/h3.c
@@ -306,7 +306,10 @@ static inline size_t h3_decode_frm_header(uint64_t *ftype, uint64_t *flen,
  static int h3_check_frame_valid(struct h3c *h3c, struct qcs *qcs, uint64_t ftype)
+ {
  	struct h3s *h3s = qcs->ctx;
++<<<<<<< src/h3.c
  	int ret = 0;
++=======
++>>>>>>> src/h3.c
  	/* Stream type must be known to ensure frame is valid for this stream. */
  	BUG_ON(h3s->type == H3S_T_UNKNOWN);
@@ -395,15 +398,22 @@ static int h3_check_frame_valid(struct h3c *h3c, struct qcs *qcs, uint64_t ftype
  	case H3_FT_PUSH_PROMISE:
  		/* RFC 9114 7.2.5. PUSH_PROMISE
++<<<<<<< src/h3.c
+ 		 *
++=======
++>>>>>>> src/h3.c
  		 * A client MUST NOT send a PUSH_PROMISE frame. A server MUST treat the
  		 * receipt of a PUSH_PROMISE frame as a connection error of type
  		 * H3_FRAME_UNEXPECTED.
  		 */
  		/* TODO server-side only. */
++<<<<<<< src/h3.c
  		ret = H3_FRAME_UNEXPECTED;
  		break;
++=======
++		return 0;
++>>>>>>> src/h3.c
  	default:
  		/* RFC 9114 9. Extensions to HTTP/3
 diff --git a/src/quic_conn.c b/src/quic_conn.c
 index 5233496..e298183 100644
 --- a/src/quic_conn.c
 +++ b/src/quic_conn.c
@@ -368,11 +368,4378 @@ int qc_h3_request_reject(struct quic_conn *qc, uint64_t id)
  		goto out;
+ 	}
++<<<<<<< src/quic_conn.c
++=======
++/* Schedule a CONNECTION_CLOSE emission on <qc> if the MUX has been released
++ * and all STREAM data are acknowledged. The MUX is responsible to have set
++ * <qc.err> before as it is reused for the CONNECTION_CLOSE frame.
++ *
++ * TODO this should also be called on lost packet detection
++ */
++void qc_check_close_on_released_mux(struct quic_conn *qc)
++{
++	TRACE_ENTER(QUIC_EV_CONN_CLOSE, qc);
++
++	if (qc->mux_state == QC_MUX_RELEASED && eb_is_empty(&qc->streams_by_id)) {
++		/* Reuse errcode which should have been previously set by the MUX on release. */
++		quic_set_connection_close(qc, qc->err);
++		tasklet_wakeup(qc->wait_event.tasklet);
++	}
++
++	TRACE_LEAVE(QUIC_EV_CONN_CLOSE, qc);
++}
++
++/* Remove from <stream> the acknowledged frames.
++ *
++ * Returns 1 if at least one frame was removed else 0.
++ */
++static int quic_stream_try_to_consume(struct quic_conn *qc,
++                                      struct qc_stream_desc *stream)
++{
++	int ret;
++	struct eb64_node *frm_node;
++
++	TRACE_ENTER(QUIC_EV_CONN_ACKSTRM, qc);
++
++	ret = 0;
++	frm_node = eb64_first(&stream->acked_frms);
++	while (frm_node) {
++		struct qf_stream *strm_frm;
++		struct quic_frame *frm;
++		size_t offset, len;
++
++		strm_frm = eb64_entry(frm_node, struct qf_stream, offset);
++		offset = strm_frm->offset.key;
++		len = strm_frm->len;
++
++		if (offset > stream->ack_offset)
++			break;
++
++		if (qc_stream_desc_ack(&stream, offset, len)) {
++			/* cf. next comment : frame may be freed at this stage. */
++			TRACE_DEVEL("stream consumed", QUIC_EV_CONN_ACKSTRM,
++			            qc, stream ? strm_frm : NULL, stream);
++			ret = 1;
++		}
++
++		/* If stream is NULL after qc_stream_desc_ack(), it means frame
++		 * has been freed. with the stream frames tree. Nothing to do
++		 * anymore in here.
++		 */
++		if (!stream) {
++			qc_check_close_on_released_mux(qc);
++			ret = 1;
++			goto leave;
++		}
++
++		frm_node = eb64_next(frm_node);
++		eb64_delete(&strm_frm->offset);
++
++		frm = container_of(strm_frm, struct quic_frame, stream);
++		qc_release_frm(qc, frm);
++	}
++
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_ACKSTRM, qc);
++	return ret;
++}
++
++/* Treat <frm> frame whose packet it is attached to has just been acknowledged. */
++static inline void qc_treat_acked_tx_frm(struct quic_conn *qc,
++                                         struct quic_frame *frm)
++{
++	TRACE_ENTER(QUIC_EV_CONN_PRSAFRM, qc);
++	TRACE_PROTO("RX ack TX frm", QUIC_EV_CONN_PRSAFRM, qc, frm);
++
++	switch (frm->type) {
++	case QUIC_FT_STREAM_8 ... QUIC_FT_STREAM_F:
++	{
++		struct qf_stream *strm_frm = &frm->stream;
++		struct eb64_node *node = NULL;
++		struct qc_stream_desc *stream = NULL;
++		const size_t offset = strm_frm->offset.key;
++		const size_t len = strm_frm->len;
++
++		/* do not use strm_frm->stream as the qc_stream_desc instance
++		 * might be freed at this stage. Use the id to do a proper
++		 * lookup.
++		 *
++		 * TODO if lookup operation impact on the perf is noticeable,
++		 * implement a refcount on qc_stream_desc instances.
++		 */
++		node = eb64_lookup(&qc->streams_by_id, strm_frm->id);
++		if (!node) {
++			TRACE_DEVEL("acked stream for released stream", QUIC_EV_CONN_ACKSTRM, qc, strm_frm);
++			qc_release_frm(qc, frm);
++			/* early return */
++			goto leave;
++		}
++		stream = eb64_entry(node, struct qc_stream_desc, by_id);
++
++		TRACE_DEVEL("acked stream", QUIC_EV_CONN_ACKSTRM, qc, strm_frm, stream);
++		if (offset <= stream->ack_offset) {
++			if (qc_stream_desc_ack(&stream, offset, len)) {
++				TRACE_DEVEL("stream consumed", QUIC_EV_CONN_ACKSTRM,
++				            qc, strm_frm, stream);
++			}
++
++			if (!stream) {
++				/* no need to continue if stream freed. */
++				TRACE_DEVEL("stream released and freed", QUIC_EV_CONN_ACKSTRM, qc);
++				qc_release_frm(qc, frm);
++				qc_check_close_on_released_mux(qc);
++				break;
++			}
++
++			TRACE_DEVEL("stream consumed", QUIC_EV_CONN_ACKSTRM,
++			            qc, strm_frm, stream);
++			qc_release_frm(qc, frm);
++		}
++		else {
++			eb64_insert(&stream->acked_frms, &strm_frm->offset);
++		}
++
++		quic_stream_try_to_consume(qc, stream);
++	}
++	break;
++	default:
++		qc_release_frm(qc, frm);
++	}
++
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_PRSAFRM, qc);
++}
++
++/* Collect newly acknowledged TX packets from <pkts> ebtree into <newly_acked_pkts>
++ * list depending on <largest> and <smallest> packet number of a range of acknowledged
++ * packets announced in an ACK frame. <largest_node> may be provided to start
++ * looking from this packet node.
++ */
++static void qc_newly_acked_pkts(struct quic_conn *qc, struct eb_root *pkts,
++				struct list *newly_acked_pkts,
++				struct eb64_node *largest_node,
++				uint64_t largest, uint64_t smallest)
++{
++	struct eb64_node *node;
++	struct quic_tx_packet *pkt;
++
++	TRACE_ENTER(QUIC_EV_CONN_PRSAFRM, qc);
++
++	node = eb64_lookup_ge(pkts, smallest);
++	if (!node)
++		goto leave;
++
++	largest_node = largest_node ? largest_node : eb64_lookup_le(pkts, largest);
++	if (!largest_node)
++		goto leave;
++
++	while (node && node->key <= largest_node->key) {
++		pkt = eb64_entry(node, struct quic_tx_packet, pn_node);
++		LIST_APPEND(newly_acked_pkts, &pkt->list);
++		node = eb64_next(node);
++		eb64_delete(&pkt->pn_node);
++	}
++
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_PRSAFRM, qc);
++}
++
++/* Remove <largest> down to <smallest> node entries from <pkts> tree of TX packet,
++ * deallocating them, and their TX frames.
++ * May be NULL if <largest> node could not be found.
++ */
++static void qc_ackrng_pkts(struct quic_conn *qc,
++			   unsigned int *pkt_flags, struct list *newly_acked_pkts)
++{
++	struct quic_tx_packet *pkt, *tmp;
++
++	TRACE_ENTER(QUIC_EV_CONN_PRSAFRM, qc);
++
++       list_for_each_entry_safe(pkt, tmp, newly_acked_pkts, list) {
++		struct quic_frame *frm, *frmbak;
++
++		*pkt_flags |= pkt->flags;
++		TRACE_DEVEL("Removing packet #", QUIC_EV_CONN_PRSAFRM, qc, NULL, &pkt->pn_node.key);
++		list_for_each_entry_safe(frm, frmbak, &pkt->frms, list)
++			qc_treat_acked_tx_frm(qc, frm);
++		/* If there are others packet in the same datagram <pkt> is attached to,
++		 * detach the previous one and the next one from <pkt>.
++		 */
++		quic_tx_packet_dgram_detach(pkt);
++		eb64_delete(&pkt->pn_node);
++	}
++
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_PRSAFRM, qc);
++}
++
++/* Remove all frames from <pkt_frm_list> and reinsert them in the same order
++ * they have been sent into <pktns_frm_list>. The loss counter of each frame is
++ * incremented and checked if it does not exceed retransmission limit.
++ *
++ * Returns 1 on success, 0 if a frame loss limit is exceeded. A
++ * CONNECTION_CLOSE is scheduled in this case.
++ */
++static inline int qc_requeue_nacked_pkt_tx_frms(struct quic_conn *qc,
++                                                struct quic_tx_packet *pkt,
++                                                struct list *pktns_frm_list)
++{
++	struct quic_frame *frm, *frmbak;
++	struct list *pkt_frm_list = &pkt->frms;
++	uint64_t pn = pkt->pn_node.key;
++	int close = 0;
++
++	TRACE_ENTER(QUIC_EV_CONN_PRSAFRM, qc);
++
++	list_for_each_entry_safe(frm, frmbak, pkt_frm_list, list) {
++		/* First remove this frame from the packet it was attached to */
++		LIST_DEL_INIT(&frm->list);
++		quic_tx_packet_refdec(pkt);
++		/* At this time, this frame is not freed but removed from its packet */
++		frm->pkt = NULL;
++		/* Remove any reference to this frame */
++		qc_frm_unref(frm, qc);
++		switch (frm->type) {
++		case QUIC_FT_STREAM_8 ... QUIC_FT_STREAM_F:
++		{
++			struct qf_stream *strm_frm = &frm->stream;
++			struct eb64_node *node = NULL;
++			struct qc_stream_desc *stream_desc;
++
++			node = eb64_lookup(&qc->streams_by_id, strm_frm->id);
++			if (!node) {
++				TRACE_DEVEL("released stream", QUIC_EV_CONN_PRSAFRM, qc, frm);
++				TRACE_DEVEL("freeing frame from packet", QUIC_EV_CONN_PRSAFRM,
++				            qc, frm, &pn);
++				qc_frm_free(&frm);
++				continue;
++			}
++
++			stream_desc = eb64_entry(node, struct qc_stream_desc, by_id);
++			/* Do not resend this frame if in the "already acked range" */
++			if (strm_frm->offset.key + strm_frm->len <= stream_desc->ack_offset) {
++				TRACE_DEVEL("ignored frame in already acked range",
++				            QUIC_EV_CONN_PRSAFRM, qc, frm);
++				qc_frm_free(&frm);
++				continue;
++			}
++			else if (strm_frm->offset.key < stream_desc->ack_offset) {
++				uint64_t diff = stream_desc->ack_offset - strm_frm->offset.key;
++
++				qc_stream_frm_mv_fwd(frm, diff);
++				TRACE_DEVEL("updated partially acked frame",
++				            QUIC_EV_CONN_PRSAFRM, qc, frm);
++			}
++			break;
++		}
++
++		default:
++			break;
++		}
++
++		/* Do not resend probing packet with old data */
++		if (pkt->flags & QUIC_FL_TX_PACKET_PROBE_WITH_OLD_DATA) {
++			TRACE_DEVEL("ignored frame with old data from packet", QUIC_EV_CONN_PRSAFRM,
++				    qc, frm, &pn);
++			if (frm->origin)
++				LIST_DEL_INIT(&frm->ref);
++			qc_frm_free(&frm);
++			continue;
++		}
++
++		if (frm->flags & QUIC_FL_TX_FRAME_ACKED) {
++			TRACE_DEVEL("already acked frame", QUIC_EV_CONN_PRSAFRM, qc, frm);
++			TRACE_DEVEL("freeing frame from packet", QUIC_EV_CONN_PRSAFRM,
++			            qc, frm, &pn);
++			qc_frm_free(&frm);
++		}
++		else {
++			if (++frm->loss_count >= global.tune.quic_max_frame_loss) {
++				TRACE_ERROR("retransmission limit reached, closing the connection", QUIC_EV_CONN_PRSAFRM, qc);
++				quic_set_connection_close(qc, quic_err_transport(QC_ERR_INTERNAL_ERROR));
++				qc_notify_err(qc);
++				close = 1;
++			}
++
++			LIST_APPEND(pktns_frm_list, &frm->list);
++			TRACE_DEVEL("frame requeued", QUIC_EV_CONN_PRSAFRM, qc, frm);
++		}
++	}
++
++ end:
++	TRACE_LEAVE(QUIC_EV_CONN_PRSAFRM, qc);
++	return !close;
++}
++
++/* Free <pkt> TX packet and its attached frames.
++ * This is the responsibility of the caller to remove this packet of
++ * any data structure it was possibly attached to.
++ */
++static inline void free_quic_tx_packet(struct quic_conn *qc,
++                                       struct quic_tx_packet *pkt)
++{
++	struct quic_frame *frm, *frmbak;
++
++	TRACE_ENTER(QUIC_EV_CONN_TXPKT, qc);
++
++	if (!pkt)
++		goto leave;
++
++	list_for_each_entry_safe(frm, frmbak, &pkt->frms, list)
++		qc_frm_free(&frm);
++	pool_free(pool_head_quic_tx_packet, pkt);
++
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_TXPKT, qc);
++}
++
++/* Free the TX packets of <pkts> list */
++static inline __maybe_unused void free_quic_tx_pkts(struct quic_conn *qc, struct list *pkts)
++{
++	struct quic_tx_packet *pkt, *tmp;
++
++	TRACE_ENTER(QUIC_EV_CONN_TXPKT, qc);
++
++	list_for_each_entry_safe(pkt, tmp, pkts, list) {
++		LIST_DELETE(&pkt->list);
++		eb64_delete(&pkt->pn_node);
++		free_quic_tx_packet(qc, pkt);
++	}
++
++	TRACE_LEAVE(QUIC_EV_CONN_TXPKT, qc);
++}
++
++/* Remove already sent ranges of acknowledged packet numbers from
++ * <pktns> packet number space tree below <largest_acked_pn> possibly
++ * updating the range which contains <largest_acked_pn>.
++ * Never fails.
++ */
++static void qc_treat_ack_of_ack(struct quic_conn *qc,
++                                struct quic_pktns *pktns,
++                                int64_t largest_acked_pn)
++{
++	struct eb64_node *ar, *next_ar;
++	struct quic_arngs *arngs = &pktns->rx.arngs;
++
++	TRACE_ENTER(QUIC_EV_CONN_PRSAFRM, qc);
++
++	ar = eb64_first(&arngs->root);
++	while (ar) {
++		struct quic_arng_node *ar_node;
++
++		next_ar = eb64_next(ar);
++		ar_node = eb64_entry(ar, struct quic_arng_node, first);
++
++		if ((int64_t)ar_node->first.key > largest_acked_pn) {
++			TRACE_DEVEL("first.key > largest", QUIC_EV_CONN_PRSAFRM, qc);
++			break;
++		}
++
++		if (largest_acked_pn < ar_node->last) {
++			eb64_delete(ar);
++			ar_node->first.key = largest_acked_pn + 1;
++			eb64_insert(&arngs->root, ar);
++			break;
++		}
++
++		/* Do not empty the tree: the first ACK range contains the
++		 * largest acknowledged packet number.
++		 */
++		if (arngs->sz == 1)
++			break;
++
++		eb64_delete(ar);
++		pool_free(pool_head_quic_arng, ar_node);
++		arngs->sz--;
++		ar = next_ar;
++	}
++
++	TRACE_LEAVE(QUIC_EV_CONN_PRSAFRM, qc);
++}
++
++/* Send a packet ack event nofication for each newly acked packet of
++ * <newly_acked_pkts> list and free them.
++ * Always succeeds.
++ */
++static inline void qc_treat_newly_acked_pkts(struct quic_conn *qc,
++                                             struct list *newly_acked_pkts)
++{
++	struct quic_tx_packet *pkt, *tmp;
++	struct quic_cc_event ev = { .type = QUIC_CC_EVT_ACK, };
++
++	TRACE_ENTER(QUIC_EV_CONN_PRSAFRM, qc);
++
++	list_for_each_entry_safe(pkt, tmp, newly_acked_pkts, list) {
++		pkt->pktns->tx.in_flight -= pkt->in_flight_len;
++		qc->path->prep_in_flight -= pkt->in_flight_len;
++		qc->path->in_flight -= pkt->in_flight_len;
++		if (pkt->flags & QUIC_FL_TX_PACKET_ACK_ELICITING)
++			qc->path->ifae_pkts--;
++		/* If this packet contained an ACK frame, proceed to the
++		 * acknowledging of range of acks from the largest acknowledged
++		 * packet number which was sent in an ACK frame by this packet.
++		 */
++		if (pkt->largest_acked_pn != -1)
++			qc_treat_ack_of_ack(qc, pkt->pktns, pkt->largest_acked_pn);
++		ev.ack.acked = pkt->in_flight_len;
++		ev.ack.time_sent = pkt->time_sent;
++		quic_cc_event(&qc->path->cc, &ev);
++		LIST_DEL_INIT(&pkt->list);
++		quic_tx_packet_refdec(pkt);
++	}
++
++	TRACE_LEAVE(QUIC_EV_CONN_PRSAFRM, qc);
++
++}
++
++/* Release all the frames attached to <pktns> packet number space */
++void qc_release_pktns_frms(struct quic_conn *qc, struct quic_pktns *pktns)
++{
++	struct quic_frame *frm, *frmbak;
++
++	TRACE_ENTER(QUIC_EV_CONN_PHPKTS, qc);
++
++	if (!pktns)
++		goto leave;
++
++	list_for_each_entry_safe(frm, frmbak, &pktns->tx.frms, list)
++		qc_frm_free(&frm);
++
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_PHPKTS, qc);
++}
++
++/* Handle <pkts> list of lost packets detected at <now_us> handling their TX
++ * frames. Send a packet loss event to the congestion controller if in flight
++ * packet have been lost. Also frees the packet in <pkts> list.
++ *
++ * Returns 1 on success else 0 if loss limit has been exceeded. A
++ * CONNECTION_CLOSE was prepared to close the connection ASAP.
++ */
++static inline int qc_release_lost_pkts(struct quic_conn *qc,
++                                       struct quic_pktns *pktns,
++                                       struct list *pkts,
++                                       uint64_t now_us)
++{
++	struct quic_tx_packet *pkt, *tmp, *oldest_lost, *newest_lost;
++	int close = 0;
++
++	TRACE_ENTER(QUIC_EV_CONN_PRSAFRM, qc);
++
++	if (LIST_ISEMPTY(pkts))
++		goto leave;
++
++	oldest_lost = newest_lost = NULL;
++	list_for_each_entry_safe(pkt, tmp, pkts, list) {
++		struct list tmp = LIST_HEAD_INIT(tmp);
++
++		pkt->pktns->tx.in_flight -= pkt->in_flight_len;
++		qc->path->prep_in_flight -= pkt->in_flight_len;
++		qc->path->in_flight -= pkt->in_flight_len;
++		if (pkt->flags & QUIC_FL_TX_PACKET_ACK_ELICITING)
++			qc->path->ifae_pkts--;
++		/* Treat the frames of this lost packet. */
++		if (!qc_requeue_nacked_pkt_tx_frms(qc, pkt, &pktns->tx.frms))
++			close = 1;
++		LIST_DELETE(&pkt->list);
++		if (!oldest_lost) {
++			oldest_lost = newest_lost = pkt;
++		}
++		else {
++			if (newest_lost != oldest_lost)
++				quic_tx_packet_refdec(newest_lost);
++			newest_lost = pkt;
++		}
++	}
++
++	if (!close) {
++		if (newest_lost) {
++			/* Sent a congestion event to the controller */
++			struct quic_cc_event ev = { };
++
++			ev.type = QUIC_CC_EVT_LOSS;
++			ev.loss.time_sent = newest_lost->time_sent;
++
++			quic_cc_event(&qc->path->cc, &ev);
++		}
++
++		/* If an RTT have been already sampled, <rtt_min> has been set.
++		 * We must check if we are experiencing a persistent congestion.
++		 * If this is the case, the congestion controller must re-enter
++		 * slow start state.
++		 */
++		if (qc->path->loss.rtt_min && newest_lost != oldest_lost) {
++			unsigned int period = newest_lost->time_sent - oldest_lost->time_sent;
++
++			if (quic_loss_persistent_congestion(&qc->path->loss, period,
++							    now_ms, qc->max_ack_delay))
++				qc->path->cc.algo->slow_start(&qc->path->cc);
++		}
++	}
++
++	/* <oldest_lost> cannot be NULL at this stage because we have ensured
++	 * that <pkts> list is not empty. Without this, GCC 12.2.0 reports a
++	 * possible overflow on a 0 byte region with O2 optimization.
++	 */
++	ALREADY_CHECKED(oldest_lost);
++	quic_tx_packet_refdec(oldest_lost);
++	if (newest_lost != oldest_lost)
++		quic_tx_packet_refdec(newest_lost);
++
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_PRSAFRM, qc);
++	return !close;
++}
++
++/* Parse ACK frame into <frm> from a buffer at <buf> address with <end> being at
++ * one byte past the end of this buffer. Also update <rtt_sample> if needed, i.e.
++ * if the largest acked packet was newly acked and if there was at least one newly
++ * acked ack-eliciting packet.
++ * Return 1, if succeeded, 0 if not.
++ */
++static inline int qc_parse_ack_frm(struct quic_conn *qc,
++                                   struct quic_frame *frm,
++                                   struct quic_enc_level *qel,
++                                   unsigned int *rtt_sample,
++                                   const unsigned char **pos, const unsigned char *end)
++{
++	struct qf_ack *ack_frm = &frm->ack;
++	uint64_t smallest, largest;
++	struct eb_root *pkts;
++	struct eb64_node *largest_node;
++	unsigned int time_sent, pkt_flags;
++	struct list newly_acked_pkts = LIST_HEAD_INIT(newly_acked_pkts);
++	struct list lost_pkts = LIST_HEAD_INIT(lost_pkts);
++	int ret = 0, new_largest_acked_pn = 0;
++	struct quic_tx_packet *pkt, *tmp;
++
++	TRACE_ENTER(QUIC_EV_CONN_PRSAFRM, qc);
++
++	pkts = &qel->pktns->tx.pkts;
++	if (ack_frm->largest_ack > qel->pktns->tx.next_pn) {
++		TRACE_DEVEL("ACK for not sent packet", QUIC_EV_CONN_PRSAFRM,
++		            qc, NULL, &ack_frm->largest_ack);
++		goto err;
++	}
++
++	if (ack_frm->first_ack_range > ack_frm->largest_ack) {
++		TRACE_DEVEL("too big first ACK range", QUIC_EV_CONN_PRSAFRM,
++		            qc, NULL, &ack_frm->first_ack_range);
++		goto err;
++	}
++
++	largest = ack_frm->largest_ack;
++	smallest = largest - ack_frm->first_ack_range;
++	pkt_flags = 0;
++	largest_node = NULL;
++	time_sent = 0;
++
++	if ((int64_t)ack_frm->largest_ack > qel->pktns->rx.largest_acked_pn) {
++		largest_node = eb64_lookup(pkts, largest);
++		if (!largest_node) {
++			TRACE_DEVEL("Largest acked packet not found",
++			            QUIC_EV_CONN_PRSAFRM, qc);
++		}
++		else {
++			time_sent = eb64_entry(largest_node,
++			                       struct quic_tx_packet, pn_node)->time_sent;
++			new_largest_acked_pn = 1;
++		}
++	}
++
++	TRACE_PROTO("RX ack range", QUIC_EV_CONN_PRSAFRM,
++	            qc, NULL, &largest, &smallest);
++	do {
++		uint64_t gap, ack_range;
++
++		qc_newly_acked_pkts(qc, pkts, &newly_acked_pkts,
++				    largest_node, largest, smallest);
++		if (!ack_frm->ack_range_num--)
++			break;
++
++		if (!quic_dec_int(&gap, pos, end)) {
++			TRACE_ERROR("quic_dec_int(gap) failed", QUIC_EV_CONN_PRSAFRM, qc);
++			goto err;
++		}
++
++		if (smallest < gap + 2) {
++			TRACE_DEVEL("wrong gap value", QUIC_EV_CONN_PRSAFRM,
++			            qc, NULL, &gap, &smallest);
++			goto err;
++		}
++
++		largest = smallest - gap - 2;
++		if (!quic_dec_int(&ack_range, pos, end)) {
++			TRACE_ERROR("quic_dec_int(ack_range) failed", QUIC_EV_CONN_PRSAFRM, qc);
++			goto err;
++		}
++
++		if (largest < ack_range) {
++			TRACE_DEVEL("wrong ack range value", QUIC_EV_CONN_PRSAFRM,
++			            qc, NULL, &largest, &ack_range);
++			goto err;
++		}
++
++		/* Do not use this node anymore. */
++		largest_node = NULL;
++		/* Next range */
++		smallest = largest - ack_range;
++
++		TRACE_PROTO("RX next ack range", QUIC_EV_CONN_PRSAFRM,
++		            qc, NULL, &largest, &smallest);
++	} while (1);
++
++	if (!LIST_ISEMPTY(&newly_acked_pkts)) {
++		qc_ackrng_pkts(qc, &pkt_flags, &newly_acked_pkts);
++		if (new_largest_acked_pn && (pkt_flags & QUIC_FL_TX_PACKET_ACK_ELICITING)) {
++			*rtt_sample = tick_remain(time_sent, now_ms);
++			qel->pktns->rx.largest_acked_pn = ack_frm->largest_ack;
++		}
++
++		if (!eb_is_empty(&qel->pktns->tx.pkts)) {
++			qc_packet_loss_lookup(qel->pktns, qc, &lost_pkts);
++			if (!qc_release_lost_pkts(qc, qel->pktns, &lost_pkts, now_ms))
++				goto leave;
++		}
++		qc_treat_newly_acked_pkts(qc, &newly_acked_pkts);
++		if (quic_peer_validated_addr(qc))
++			qc->path->loss.pto_count = 0;
++		qc_set_timer(qc);
++		qc_notify_send(qc);
++	}
++
++	ret = 1;
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_PRSAFRM, qc);
++	return ret;
++
++ err:
++	/* Move back these packets into their tree. */
++	list_for_each_entry_safe(pkt, tmp, &newly_acked_pkts, list) {
++		LIST_DEL_INIT(&pkt->list);
++		eb64_insert(pkts, &pkt->pn_node);
++	}
++	goto leave;
++}
++
++/* This function gives the detail of the SSL error. It is used only
++ * if the debug mode and the verbose mode are activated. It dump all
++ * the SSL error until the stack was empty.
++ */
++static forceinline void qc_ssl_dump_errors(struct connection *conn)
++{
++	if (unlikely(global.mode & MODE_DEBUG)) {
++		while (1) {
++			const char *func = NULL;
++			unsigned long ret;
++
++			ERR_peek_error_func(&func);
++			ret = ERR_get_error();
++			if (!ret)
++				return;
++
++			fprintf(stderr, "conn. @%p OpenSSL error[0x%lx] %s: %s\n", conn, ret,
++			        func, ERR_reason_error_string(ret));
++		}
++	}
++}
++
++int ssl_sock_get_alpn(const struct connection *conn, void *xprt_ctx,
++                      const char **str, int *len);
++
++/* Finalize <qc> QUIC connection:
++ * - initialize the Initial QUIC TLS context for negotiated version,
++ * - derive the secrets for this context,
++ * - set them into the TLS stack,
++ *
++ * MUST be called after having received the remote transport parameters which
++ * are parsed when the TLS callback for the ClientHello message is called upon
++ * SSL_do_handshake() calls, not necessarily at the first time as this TLS
++ * message may be split between packets
++ * Return 1 if succeeded, 0 if not.
++ */
++static int qc_conn_finalize(struct quic_conn *qc, int server)
++{
++	int ret = 0;
++
++	TRACE_ENTER(QUIC_EV_CONN_NEW, qc);
++
++	if (qc->flags & QUIC_FL_CONN_FINALIZED)
++		goto finalized;
++
++	if (qc->negotiated_version &&
++	    !qc_new_isecs(qc, &qc->negotiated_ictx, qc->negotiated_version,
++	                  qc->odcid.data, qc->odcid.len, server))
++		goto out;
++
++	/* This connection is functional (ready to send/receive) */
++	qc->flags |= QUIC_FL_CONN_FINALIZED;
++
++ finalized:
++	ret = 1;
++ out:
++	TRACE_LEAVE(QUIC_EV_CONN_NEW, qc);
++	return ret;
++}
++
++/* Provide CRYPTO data to the TLS stack found at <data> with <len> as length
++ * from <qel> encryption level with <ctx> as QUIC connection context.
++ * Remaining parameter are there for debugging purposes.
++ * Return 1 if succeeded, 0 if not.
++ */
++static inline int qc_provide_cdata(struct quic_enc_level *el,
++                                   struct ssl_sock_ctx *ctx,
++                                   const unsigned char *data, size_t len,
++                                   struct quic_rx_packet *pkt,
++                                   struct quic_rx_crypto_frm *cf)
++{
++#ifdef DEBUG_STRICT
++	enum ncb_ret ncb_ret;
++#endif
++	int ssl_err, state;
++	struct quic_conn *qc;
++	int ret = 0;
++	struct ncbuf *ncbuf = &el->cstream->rx.ncbuf;
++
++	ssl_err = SSL_ERROR_NONE;
++	qc = ctx->qc;
++
++	TRACE_ENTER(QUIC_EV_CONN_SSLDATA, qc);
++
++	if (SSL_provide_quic_data(ctx->ssl, el->level, data, len) != 1) {
++		TRACE_ERROR("SSL_provide_quic_data() error",
++		            QUIC_EV_CONN_SSLDATA, qc, pkt, cf, ctx->ssl);
++		goto leave;
++	}
++
++	TRACE_PROTO("in order CRYPTO data",
++	            QUIC_EV_CONN_SSLDATA, qc, NULL, cf, ctx->ssl);
++
++	state = qc->state;
++	if (state < QUIC_HS_ST_COMPLETE) {
++		ssl_err = SSL_do_handshake(ctx->ssl);
++
++		if (qc->flags & QUIC_FL_CONN_TO_KILL) {
++			TRACE_DEVEL("connection to be killed", QUIC_EV_CONN_IO_CB, qc);
++			goto leave;
++		}
++
++		/* Finalize the connection as soon as possible if the peer transport parameters
++		 * have been received. This may be useful to send packets even if this
++		 * handshake fails.
++		 */
++		if ((qc->flags & QUIC_FL_CONN_TX_TP_RECEIVED) && !qc_conn_finalize(qc, 1)) {
++			TRACE_ERROR("connection finalization failed", QUIC_EV_CONN_IO_CB, qc, &state);
++			goto leave;
++		}
++
++		if (ssl_err != 1) {
++			ssl_err = SSL_get_error(ctx->ssl, ssl_err);
++			if (ssl_err == SSL_ERROR_WANT_READ || ssl_err == SSL_ERROR_WANT_WRITE) {
++				TRACE_PROTO("SSL handshake in progress",
++				            QUIC_EV_CONN_IO_CB, qc, &state, &ssl_err);
++				goto out;
++			}
++
++			/* TODO: Should close the connection asap */
++			if (!(qc->flags & QUIC_FL_CONN_HALF_OPEN_CNT_DECREMENTED)) {
++				qc->flags |= QUIC_FL_CONN_HALF_OPEN_CNT_DECREMENTED;
++				HA_ATOMIC_DEC(&qc->prx_counters->half_open_conn);
++				HA_ATOMIC_INC(&qc->prx_counters->hdshk_fail);
++			}
++			TRACE_ERROR("SSL handshake error", QUIC_EV_CONN_IO_CB, qc, &state, &ssl_err);
++			qc_ssl_dump_errors(ctx->conn);
++			ERR_clear_error();
++			goto leave;
++		}
++
++		TRACE_PROTO("SSL handshake OK", QUIC_EV_CONN_IO_CB, qc, &state);
++
++		/* Check the alpn could be negotiated */
++		if (!qc->app_ops) {
++			TRACE_ERROR("No negotiated ALPN", QUIC_EV_CONN_IO_CB, qc, &state);
++			quic_set_tls_alert(qc, SSL_AD_NO_APPLICATION_PROTOCOL);
++			goto leave;
++		}
++
++		if (!(qc->flags & QUIC_FL_CONN_HALF_OPEN_CNT_DECREMENTED)) {
++			TRACE_DEVEL("dec half open counter", QUIC_EV_CONN_IO_CB, qc, &state);
++			qc->flags |= QUIC_FL_CONN_HALF_OPEN_CNT_DECREMENTED;
++			HA_ATOMIC_DEC(&qc->prx_counters->half_open_conn);
++		}
++		/* I/O callback switch */
++		qc->wait_event.tasklet->process = quic_conn_app_io_cb;
++		if (qc_is_listener(ctx->qc)) {
++			qc->flags |= QUIC_FL_CONN_NEED_POST_HANDSHAKE_FRMS;
++			qc->state = QUIC_HS_ST_CONFIRMED;
++			/* The connection is ready to be accepted. */
++			quic_accept_push_qc(qc);
++		}
++		else {
++			qc->state = QUIC_HS_ST_COMPLETE;
++		}
++
++		/* Prepare the next key update */
++		if (!quic_tls_key_update(qc)) {
++			TRACE_ERROR("quic_tls_key_update() failed", QUIC_EV_CONN_IO_CB, qc);
++			goto leave;
++		}
++	} else {
++		ssl_err = SSL_process_quic_post_handshake(ctx->ssl);
++		if (ssl_err != 1) {
++			ssl_err = SSL_get_error(ctx->ssl, ssl_err);
++			if (ssl_err == SSL_ERROR_WANT_READ || ssl_err == SSL_ERROR_WANT_WRITE) {
++				TRACE_PROTO("SSL post handshake in progress",
++				            QUIC_EV_CONN_IO_CB, qc, &state, &ssl_err);
++				goto out;
++			}
++
++			TRACE_ERROR("SSL post handshake error",
++			            QUIC_EV_CONN_IO_CB, qc, &state, &ssl_err);
++			goto leave;
++		}
++
++		TRACE_STATE("SSL post handshake succeeded", QUIC_EV_CONN_IO_CB, qc, &state);
++	}
++
++ out:
++	ret = 1;
++ leave:
++	/* The CRYPTO data are consumed even in case of an error to release
++	 * the memory asap.
++	 */
++	if (!ncb_is_null(ncbuf)) {
++#ifdef DEBUG_STRICT
++		ncb_ret = ncb_advance(ncbuf, len);
++		/* ncb_advance() must always succeed. This is guaranteed as
++		 * this is only done inside a data block. If false, this will
++		 * lead to handshake failure with quic_enc_level offset shifted
++		 * from buffer data.
++		 */
++		BUG_ON(ncb_ret != NCB_RET_OK);
++#else
++		ncb_advance(ncbuf, len);
++#endif
++	}
++
++	TRACE_LEAVE(QUIC_EV_CONN_SSLDATA, qc);
++	return ret;
++}
++
++/* Parse a STREAM frame <strm_frm> received in <pkt> packet for <qc>
++ * connection. <fin> is true if FIN bit is set on frame type.
++ *
++ * Return 1 on success. On error, 0 is returned. In this case, the packet
++ * containing the frame must not be acknowledged.
++ */
++static inline int qc_handle_strm_frm(struct quic_rx_packet *pkt,
++                                     struct qf_stream *strm_frm,
++                                     struct quic_conn *qc, char fin)
++{
++	int ret;
++
++	/* RFC9000 13.1.  Packet Processing
++	 *
++	 * A packet MUST NOT be acknowledged until packet protection has been
++	 * successfully removed and all frames contained in the packet have
++	 * been processed. For STREAM frames, this means the data has been
++	 * enqueued in preparation to be received by the application protocol,
++	 * but it does not require that data be delivered and consumed.
++	 */
++	TRACE_ENTER(QUIC_EV_CONN_PRSFRM, qc);
++
++	ret = qcc_recv(qc->qcc, strm_frm->id, strm_frm->len,
++	               strm_frm->offset.key, fin, (char *)strm_frm->data);
++
++	/* frame rejected - packet must not be acknowledeged */
++	TRACE_LEAVE(QUIC_EV_CONN_PRSFRM, qc);
++	return !ret;
++}
++
++/* Duplicate all frames from <pkt_frm_list> list into <out_frm_list> list
++ * for <qc> QUIC connection.
++ * This is a best effort function which never fails even if no memory could be
++ * allocated to duplicate these frames.
++ */
++static void qc_dup_pkt_frms(struct quic_conn *qc,
++                            struct list *pkt_frm_list, struct list *out_frm_list)
++{
++	struct quic_frame *frm, *frmbak;
++	struct list tmp = LIST_HEAD_INIT(tmp);
++
++	TRACE_ENTER(QUIC_EV_CONN_PRSAFRM, qc);
++
++	list_for_each_entry_safe(frm, frmbak, pkt_frm_list, list) {
++		struct quic_frame *dup_frm, *origin;
++
++		if (frm->flags & QUIC_FL_TX_FRAME_ACKED) {
++			TRACE_DEVEL("already acknowledged frame", QUIC_EV_CONN_PRSAFRM, qc, frm);
++			continue;
++		}
++
++		switch (frm->type) {
++		case QUIC_FT_STREAM_8 ... QUIC_FT_STREAM_F:
++		{
++			struct qf_stream *strm_frm = &frm->stream;
++			struct eb64_node *node = NULL;
++			struct qc_stream_desc *stream_desc;
++
++			node = eb64_lookup(&qc->streams_by_id, strm_frm->id);
++			if (!node) {
++				TRACE_DEVEL("ignored frame for a released stream", QUIC_EV_CONN_PRSAFRM, qc, frm);
++				continue;
++			}
++
++			stream_desc = eb64_entry(node, struct qc_stream_desc, by_id);
++			/* Do not resend this frame if in the "already acked range" */
++			if (strm_frm->offset.key + strm_frm->len <= stream_desc->ack_offset) {
++				TRACE_DEVEL("ignored frame in already acked range",
++				            QUIC_EV_CONN_PRSAFRM, qc, frm);
++				continue;
++			}
++			else if (strm_frm->offset.key < stream_desc->ack_offset) {
++				uint64_t diff = stream_desc->ack_offset - strm_frm->offset.key;
++
++				qc_stream_frm_mv_fwd(frm, diff);
++				TRACE_DEVEL("updated partially acked frame",
++				            QUIC_EV_CONN_PRSAFRM, qc, frm);
++			}
++
++			strm_frm->dup = 1;
++			break;
++		}
++
++		default:
++			break;
++		}
++
++		/* If <frm> is already a copy of another frame, we must take
++		 * its original frame as source for the copy.
++		 */
++		origin = frm->origin ? frm->origin : frm;
++		dup_frm = qc_frm_dup(origin);
++		if (!dup_frm) {
++			TRACE_ERROR("could not duplicate frame", QUIC_EV_CONN_PRSAFRM, qc, frm);
++			break;
++		}
++
++		TRACE_DEVEL("built probing frame", QUIC_EV_CONN_PRSAFRM, qc, origin);
++		if (origin->pkt) {
++			TRACE_DEVEL("duplicated from packet", QUIC_EV_CONN_PRSAFRM,
++			            qc, dup_frm, &origin->pkt->pn_node.key);
++		}
++		else {
++			/* <origin> is a frame which was sent from a packet detected as lost. */
++			TRACE_DEVEL("duplicated from lost packet", QUIC_EV_CONN_PRSAFRM, qc);
++		}
++
++		LIST_APPEND(&tmp, &dup_frm->list);
++	}
++
++	LIST_SPLICE(out_frm_list, &tmp);
++
++	TRACE_LEAVE(QUIC_EV_CONN_PRSAFRM, qc);
++}
++
++/* Boolean function which return 1 if <pkt> TX packet is only made of
++ * already acknowledged frame.
++ */
++static inline int qc_pkt_with_only_acked_frms(struct quic_tx_packet *pkt)
++{
++	struct quic_frame *frm;
++
++	list_for_each_entry(frm, &pkt->frms, list)
++		if (!(frm->flags & QUIC_FL_TX_FRAME_ACKED))
++			return 0;
++
++	return 1;
++}
++
++/* Prepare a fast retransmission from <qel> encryption level */
++static void qc_prep_fast_retrans(struct quic_conn *qc,
++                                 struct quic_enc_level *qel,
++                                 struct list *frms1, struct list *frms2)
++{
++	struct eb_root *pkts = &qel->pktns->tx.pkts;
++	struct list *frms = frms1;
++	struct eb64_node *node;
++	struct quic_tx_packet *pkt;
++
++	TRACE_ENTER(QUIC_EV_CONN_SPPKTS, qc);
++
++	BUG_ON(frms1 == frms2);
++
++	pkt = NULL;
++	node = eb64_first(pkts);
++ start:
++	while (node) {
++		struct quic_tx_packet *p;
++
++		p = eb64_entry(node, struct quic_tx_packet, pn_node);
++		node = eb64_next(node);
++		/* Skip the empty and coalesced packets */
++		TRACE_PRINTF(TRACE_LEVEL_PROTO, QUIC_EV_CONN_SPPKTS, qc, 0, 0, 0,
++		             "--> pn=%llu (%d %d %d)", (ull)p->pn_node.key,
++		             LIST_ISEMPTY(&p->frms), !!(p->flags & QUIC_FL_TX_PACKET_COALESCED),
++		             qc_pkt_with_only_acked_frms(p));
++		if (!LIST_ISEMPTY(&p->frms) && !qc_pkt_with_only_acked_frms(p)) {
++			pkt = p;
++			break;
++		}
++	}
++
++	if (!pkt)
++		goto leave;
++
++	/* When building a packet from another one, the field which may increase the
++	 * packet size is the packet number. And the maximum increase is 4 bytes.
++	 */
++	if (!quic_peer_validated_addr(qc) && qc_is_listener(qc) &&
++	    pkt->len + 4 > 3 * qc->rx.bytes - qc->tx.prep_bytes) {
++		qc->flags |= QUIC_FL_CONN_ANTI_AMPLIFICATION_REACHED;
++		TRACE_PROTO("anti-amplification limit would be reached", QUIC_EV_CONN_SPPKTS, qc, pkt);
++		goto leave;
++	}
++
++	TRACE_PROTO("duplicating packet", QUIC_EV_CONN_SPPKTS, qc, pkt);
++	qc_dup_pkt_frms(qc, &pkt->frms, frms);
++	if (frms == frms1 && frms2) {
++		frms = frms2;
++		goto start;
++	}
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_SPPKTS, qc);
++}
++
++/* Prepare a fast retransmission during a handshake after a client
++ * has resent Initial packets. According to the RFC a server may retransmit
++ * Initial packets send them coalescing with others (Handshake here).
++ * (Listener only function).
++ */
++static void qc_prep_hdshk_fast_retrans(struct quic_conn *qc,
++                                       struct list *ifrms, struct list *hfrms)
++{
++	struct list itmp = LIST_HEAD_INIT(itmp);
++	struct list htmp = LIST_HEAD_INIT(htmp);
++
++	struct quic_enc_level *iqel = &qc->els[QUIC_TLS_ENC_LEVEL_INITIAL];
++	struct quic_enc_level *hqel = &qc->els[QUIC_TLS_ENC_LEVEL_HANDSHAKE];
++	struct quic_enc_level *qel = iqel;
++	struct eb_root *pkts;
++	struct eb64_node *node;
++	struct quic_tx_packet *pkt;
++	struct list *tmp = &itmp;
++
++	TRACE_ENTER(QUIC_EV_CONN_SPPKTS, qc);
++ start:
++	pkt = NULL;
++	pkts = &qel->pktns->tx.pkts;
++	node = eb64_first(pkts);
++	/* Skip the empty packet (they have already been retransmitted) */
++	while (node) {
++		struct quic_tx_packet *p;
++
++		p = eb64_entry(node, struct quic_tx_packet, pn_node);
++		TRACE_PRINTF(TRACE_LEVEL_PROTO, QUIC_EV_CONN_SPPKTS, qc, 0, 0, 0,
++		             "--> pn=%llu (%d %d)", (ull)p->pn_node.key,
++		             LIST_ISEMPTY(&p->frms), !!(p->flags & QUIC_FL_TX_PACKET_COALESCED));
++		if (!LIST_ISEMPTY(&p->frms) && !(p->flags & QUIC_FL_TX_PACKET_COALESCED) &&
++		    !qc_pkt_with_only_acked_frms(p)) {
++			pkt = p;
++			break;
++		}
++
++		node = eb64_next(node);
++	}
++
++	if (!pkt)
++		goto end;
++
++	/* When building a packet from another one, the field which may increase the
++	 * packet size is the packet number. And the maximum increase is 4 bytes.
++	 */
++	if (!quic_peer_validated_addr(qc) && qc_is_listener(qc)) {
++		size_t dglen = pkt->len + 4;
++
++		dglen += pkt->next ? pkt->next->len + 4 : 0;
++		if (dglen > 3 * qc->rx.bytes - qc->tx.prep_bytes) {
++			qc->flags |= QUIC_FL_CONN_ANTI_AMPLIFICATION_REACHED;
++			TRACE_PROTO("anti-amplification limit would be reached", QUIC_EV_CONN_SPPKTS, qc, pkt);
++			if (pkt->next)
++				TRACE_PROTO("anti-amplification limit would be reached", QUIC_EV_CONN_SPPKTS, qc, pkt->next);
++			goto end;
++		}
++	}
++
++	qel->pktns->tx.pto_probe += 1;
++
++	/* No risk to loop here, #packet per datagram is bounded */
++ requeue:
++	TRACE_PROTO("duplicating packet", QUIC_EV_CONN_PRSAFRM, qc, NULL, &pkt->pn_node.key);
++	qc_dup_pkt_frms(qc, &pkt->frms, tmp);
++	if (qel == iqel) {
++		if (pkt->next && pkt->next->type == QUIC_PACKET_TYPE_HANDSHAKE) {
++			pkt = pkt->next;
++			tmp = &htmp;
++			hqel->pktns->tx.pto_probe += 1;
++			TRACE_DEVEL("looping for next packet", QUIC_EV_CONN_SPPKTS, qc);
++			goto requeue;
++		}
++	}
++
++ end:
++	LIST_SPLICE(ifrms, &itmp);
++	LIST_SPLICE(hfrms, &htmp);
++
++	TRACE_LEAVE(QUIC_EV_CONN_SPPKTS, qc);
++}
++
++static void qc_cc_err_count_inc(struct quic_conn *qc, struct quic_frame *frm)
++{
++	TRACE_ENTER(QUIC_EV_CONN_CLOSE, qc);
++
++	if (frm->type == QUIC_FT_CONNECTION_CLOSE)
++		quic_stats_transp_err_count_inc(qc->prx_counters, frm->connection_close.error_code);
++	else if (frm->type == QUIC_FT_CONNECTION_CLOSE_APP) {
++		if (qc->mux_state != QC_MUX_READY || !qc->qcc->app_ops->inc_err_cnt)
++			goto out;
++
++		qc->qcc->app_ops->inc_err_cnt(qc->qcc->ctx, frm->connection_close_app.error_code);
++	}
++
++ out:
++	TRACE_LEAVE(QUIC_EV_CONN_CLOSE, qc);
++}
++
++/* Cancel a request on connection <qc> for stream id <id>. This is useful when
++ * the client opens a new stream but the MUX has already been released. A
++ * STOP_SENDING + RESET_STREAM frames are prepared for emission.
++ *
++ * TODO this function is closely related to H3. Its place should be in H3 layer
++ * instead of quic-conn but this requires an architecture adjustment.
++ *
++ * Returns 1 on success else 0.
++ */
++static int qc_h3_request_reject(struct quic_conn *qc, uint64_t id)
++{
++	int ret = 0;
++	struct quic_frame *ss, *rs;
++	struct quic_enc_level *qel = &qc->els[QUIC_TLS_ENC_LEVEL_APP];
++	const uint64_t app_error_code = H3_REQUEST_REJECTED;
++
++	TRACE_ENTER(QUIC_EV_CONN_PRSHPKT, qc);
++
++	/* Do not emit rejection for unknown unidirectional stream as it is
++	 * forbidden to close some of them (H3 control stream and QPACK
++	 * encoder/decoder streams).
++	 */
++	if (quic_stream_is_uni(id)) {
++		ret = 1;
++		goto out;
++	}
++
++>>>>>>> src/quic_conn.c
  	ss = qc_frm_alloc(QUIC_FT_STOP_SENDING);
  	if (!ss) {
  		TRACE_ERROR("failed to allocate quic_frame", QUIC_EV_CONN_PRSHPKT, qc);
  		goto out;
+ 	}
++<<<<<<< src/quic_conn.c
++=======
++
++	ss->stop_sending.id = id;
++	ss->stop_sending.app_error_code = app_error_code;
++
++	rs = qc_frm_alloc(QUIC_FT_RESET_STREAM);
++	if (!rs) {
++		TRACE_ERROR("failed to allocate quic_frame", QUIC_EV_CONN_PRSHPKT, qc);
++		qc_frm_free(&ss);
++		goto out;
++	}
++
++	rs->reset_stream.id = id;
++	rs->reset_stream.app_error_code = app_error_code;
++	rs->reset_stream.final_size = 0;
++
++	LIST_APPEND(&qel->pktns->tx.frms, &ss->list);
++	LIST_APPEND(&qel->pktns->tx.frms, &rs->list);
++	ret = 1;
++ out:
++	TRACE_LEAVE(QUIC_EV_CONN_PRSHPKT, qc);
++	return ret;
++}
++
++/* Release the underlying memory use by <ncbuf> non-contiguous buffer */
++static void quic_free_ncbuf(struct ncbuf *ncbuf)
++{
++	struct buffer buf;
++
++	if (ncb_is_null(ncbuf))
++		return;
++
++	buf = b_make(ncbuf->area, ncbuf->size, 0, 0);
++	b_free(&buf);
++	offer_buffers(NULL, 1);
++
++	*ncbuf = NCBUF_NULL;
++}
++
++/* Allocate the underlying required memory for <ncbuf> non-contiguous buffer */
++static struct ncbuf *quic_get_ncbuf(struct ncbuf *ncbuf)
++{
++	struct buffer buf = BUF_NULL;
++
++	if (!ncb_is_null(ncbuf))
++		return ncbuf;
++
++	b_alloc(&buf);
++	BUG_ON(b_is_null(&buf));
++
++	*ncbuf = ncb_make(buf.area, buf.size, 0);
++	ncb_init(ncbuf, 0);
++
++	return ncbuf;
++}
++
++/* Parse <frm> CRYPTO frame coming with <pkt> packet at <qel> <qc> connectionn.
++ * Returns 1 if succeeded, 0 if not. Also set <*fast_retrans> to 1 if the
++ * speed up handshake completion may be run after having received duplicated
++ * CRYPTO data.
++ */
++static int qc_handle_crypto_frm(struct quic_conn *qc,
++                                struct qf_crypto *crypto_frm, struct quic_rx_packet *pkt,
++                                struct quic_enc_level *qel, int *fast_retrans)
++{
++	int ret = 0;
++	enum ncb_ret ncb_ret;
++	/* XXX TO DO: <cfdebug> is used only for the traces. */
++	struct quic_rx_crypto_frm cfdebug = {
++		.offset_node.key = crypto_frm->offset,
++		.len = crypto_frm->len,
++	};
++	struct quic_cstream *cstream = qel->cstream;
++	struct ncbuf *ncbuf = &qel->cstream->rx.ncbuf;
++
++	TRACE_ENTER(QUIC_EV_CONN_PRSHPKT, qc);
++	if (unlikely(qel->tls_ctx.flags & QUIC_FL_TLS_SECRETS_DCD)) {
++		TRACE_PROTO("CRYPTO data discarded",
++					QUIC_EV_CONN_RXPKT, qc, pkt, &cfdebug);
++		goto done;
++	}
++
++	if (unlikely(crypto_frm->offset < cstream->rx.offset)) {
++		size_t diff;
++
++		if (crypto_frm->offset + crypto_frm->len <= cstream->rx.offset) {
++			/* Nothing to do */
++			TRACE_PROTO("Already received CRYPTO data",
++						QUIC_EV_CONN_RXPKT, qc, pkt, &cfdebug);
++			if (qc_is_listener(qc) && qel == &qc->els[QUIC_TLS_ENC_LEVEL_INITIAL] &&
++				!(qc->flags & QUIC_FL_CONN_HANDSHAKE_SPEED_UP))
++				*fast_retrans = 1;
++			goto done;
++		}
++
++		TRACE_PROTO("Partially already received CRYPTO data",
++		            QUIC_EV_CONN_RXPKT, qc, pkt, &cfdebug);
++
++		diff = cstream->rx.offset - crypto_frm->offset;
++		crypto_frm->len -= diff;
++		crypto_frm->data += diff;
++		crypto_frm->offset = cstream->rx.offset;
++	}
++
++	if (crypto_frm->offset == cstream->rx.offset && ncb_is_empty(ncbuf)) {
++		if (!qc_provide_cdata(qel, qc->xprt_ctx, crypto_frm->data, crypto_frm->len,
++		                      pkt, &cfdebug)) {
++			// trace already emitted by function above
++			goto leave;
++		}
++
++		cstream->rx.offset += crypto_frm->len;
++		TRACE_DEVEL("increment crypto level offset", QUIC_EV_CONN_PHPKTS, qc, qel);
++		goto done;
++	}
++
++	if (!quic_get_ncbuf(ncbuf) ||
++	    ncb_is_null(ncbuf)) {
++		TRACE_ERROR("CRYPTO ncbuf allocation failed", QUIC_EV_CONN_PRSHPKT, qc);
++		goto leave;
++	}
++
++	/* crypto_frm->offset > cstream-trx.offset */
++	ncb_ret = ncb_add(ncbuf, crypto_frm->offset - cstream->rx.offset,
++	                  (const char *)crypto_frm->data, crypto_frm->len, NCB_ADD_COMPARE);
++	if (ncb_ret != NCB_RET_OK) {
++		if (ncb_ret == NCB_RET_DATA_REJ) {
++			TRACE_ERROR("overlapping data rejected", QUIC_EV_CONN_PRSHPKT, qc);
++			quic_set_connection_close(qc, quic_err_transport(QC_ERR_PROTOCOL_VIOLATION));
++			qc_notify_err(qc);
++		}
++		else if (ncb_ret == NCB_RET_GAP_SIZE) {
++			TRACE_ERROR("cannot bufferize frame due to gap size limit",
++			            QUIC_EV_CONN_PRSHPKT, qc);
++		}
++		goto leave;
++	}
++
++ done:
++	ret = 1;
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_PRSHPKT, qc);
++	return ret;
++}
++
++/* Build a NEW_CONNECTION_ID frame for <conn_id> CID of <qc> connection.
++ *
++ * Returns 1 on success else 0.
++ */
++static int qc_build_new_connection_id_frm(struct quic_conn *qc,
++                                          struct quic_connection_id *conn_id)
++{
++	int ret = 0;
++	struct quic_frame *frm;
++	struct quic_enc_level *qel;
++
++	TRACE_ENTER(QUIC_EV_CONN_PRSHPKT, qc);
++
++	qel = &qc->els[QUIC_TLS_ENC_LEVEL_APP];
++	frm = qc_frm_alloc(QUIC_FT_NEW_CONNECTION_ID);
++	if (!frm) {
++		TRACE_ERROR("frame allocation error", QUIC_EV_CONN_IO_CB, qc);
++		goto leave;
++	}
++
++	quic_connection_id_to_frm_cpy(frm, conn_id);
++	LIST_APPEND(&qel->pktns->tx.frms, &frm->list);
++	ret = 1;
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_PRSHPKT, qc);
++	return ret;
++}
++
++
++/* Handle RETIRE_CONNECTION_ID frame from <frm> frame.
++ * Return 1 if succeeded, 0 if not. If succeeded, also set <to_retire>
++ * to the CID to be retired if not already retired.
++ */
++static int qc_handle_retire_connection_id_frm(struct quic_conn *qc,
++                                              struct quic_frame *frm,
++                                              struct quic_cid *dcid,
++                                              struct quic_connection_id **to_retire)
++{
++	int ret = 0;
++	struct qf_retire_connection_id *rcid_frm = &frm->retire_connection_id;
++	struct eb64_node *node;
++	struct quic_connection_id *conn_id;
++
++	TRACE_ENTER(QUIC_EV_CONN_PRSHPKT, qc);
++
++	/* RFC 9000 19.16. RETIRE_CONNECTION_ID Frames:
++	 * Receipt of a RETIRE_CONNECTION_ID frame containing a sequence number greater
++	 * than any previously sent to the peer MUST be treated as a connection error
++	 * of type PROTOCOL_VIOLATION.
++	 */
++	if (rcid_frm->seq_num >= qc->next_cid_seq_num) {
++		TRACE_PROTO("CID seq. number too big", QUIC_EV_CONN_PSTRM, qc, frm);
++		goto protocol_violation;
++	}
++
++	/* RFC 9000 19.16. RETIRE_CONNECTION_ID Frames:
++	 * The sequence number specified in a RETIRE_CONNECTION_ID frame MUST NOT refer to
++	 * the Destination Connection ID field of the packet in which the frame is contained.
++	 * The peer MAY treat this as a connection error of type PROTOCOL_VIOLATION.
++	 */
++	node = eb64_lookup(&qc->cids, rcid_frm->seq_num);
++	if (!node) {
++		TRACE_PROTO("CID already retired", QUIC_EV_CONN_PSTRM, qc, frm);
++		goto out;
++	}
++
++	conn_id = eb64_entry(node, struct quic_connection_id, seq_num);
++	/* Note that the length of <dcid> has already been checked. It must match the
++	 * length of the CIDs which have been provided to the peer.
++	 */
++	if (!memcmp(dcid->data, conn_id->cid.data, QUIC_HAP_CID_LEN)) {
++		TRACE_PROTO("cannot retire the current CID", QUIC_EV_CONN_PSTRM, qc, frm);
++		goto protocol_violation;
++	}
++
++	*to_retire = conn_id;
++ out:
++	ret = 1;
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_PRSHPKT, qc);
++	return ret;
++ protocol_violation:
++	quic_set_connection_close(qc, quic_err_transport(QC_ERR_PROTOCOL_VIOLATION));
++	qc_notify_err(qc);
++	goto leave;
++}
++
++/* Remove a <qc> quic-conn from its ha_thread_ctx list. If <closing> is true,
++ * it will immediately be reinserted in the ha_thread_ctx quic_conns_clo list.
++ */
++static void qc_detach_th_ctx_list(struct quic_conn *qc, int closing)
++{
++	struct bref *bref, *back;
++
++	/* Detach CLI context watchers currently dumping this connection.
++	 * Reattach them to the next quic_conn instance.
++	 */
++	list_for_each_entry_safe(bref, back, &qc->back_refs, users) {
++		/* Remove watcher from this quic_conn instance. */
++		LIST_DEL_INIT(&bref->users);
++
++		/* Attach it to next instance unless it was the last list element. */
++		if (qc->el_th_ctx.n != &th_ctx->quic_conns &&
++		    qc->el_th_ctx.n != &th_ctx->quic_conns_clo) {
++			struct quic_conn *next = LIST_NEXT(&qc->el_th_ctx,
++			                                   struct quic_conn *,
++			                                   el_th_ctx);
++			LIST_APPEND(&next->back_refs, &bref->users);
++		}
++		bref->ref = qc->el_th_ctx.n;
++		__ha_barrier_store();
++	}
++
++	/* Remove quic_conn from global ha_thread_ctx list. */
++	LIST_DEL_INIT(&qc->el_th_ctx);
++
++	if (closing)
++		LIST_APPEND(&th_ctx->quic_conns_clo, &qc->el_th_ctx);
++}
++
++/* Parse all the frames of <pkt> QUIC packet for QUIC connection <qc> and <qel>
++ * as encryption level.
++ * Returns 1 if succeeded, 0 if failed.
++ */
++static int qc_parse_pkt_frms(struct quic_conn *qc, struct quic_rx_packet *pkt,
++                             struct quic_enc_level *qel)
++{
++	struct quic_frame frm;
++	const unsigned char *pos, *end;
++	int fast_retrans = 0, ret = 0;
++
++	TRACE_ENTER(QUIC_EV_CONN_PRSHPKT, qc);
++	/* Skip the AAD */
++	pos = pkt->data + pkt->aad_len;
++	end = pkt->data + pkt->len;
++
++	/* Packet with no frame. */
++	if (pos == end) {
++		/* RFC9000 12.4. Frames and Frame Types
++		 *
++		 * The payload of a packet that contains frames MUST contain at least
++		 * one frame, and MAY contain multiple frames and multiple frame types.
++		 * An endpoint MUST treat receipt of a packet containing no frames as a
++		 * connection error of type PROTOCOL_VIOLATION. Frames always fit within
++		 * a single QUIC packet and cannot span multiple packets.
++		 */
++		quic_set_connection_close(qc, quic_err_transport(QC_ERR_PROTOCOL_VIOLATION));
++		goto leave;
++	}
++
++	while (pos < end) {
++		if (!qc_parse_frm(&frm, pkt, &pos, end, qc)) {
++			// trace already emitted by function above
++			goto leave;
++		}
++
++		switch (frm.type) {
++		case QUIC_FT_PADDING:
++			break;
++		case QUIC_FT_PING:
++			break;
++		case QUIC_FT_ACK:
++		{
++			unsigned int rtt_sample;
++
++			rtt_sample = UINT_MAX;
++			if (!qc_parse_ack_frm(qc, &frm, qel, &rtt_sample, &pos, end)) {
++				// trace already emitted by function above
++				goto leave;
++			}
++
++			if (rtt_sample != UINT_MAX) {
++				unsigned int ack_delay;
++
++				ack_delay = !quic_application_pktns(qel->pktns, qc) ? 0 :
++					qc->state >= QUIC_HS_ST_CONFIRMED ?
++					MS_TO_TICKS(QUIC_MIN(quic_ack_delay_ms(&frm.ack, qc), qc->max_ack_delay)) :
++					MS_TO_TICKS(quic_ack_delay_ms(&frm.ack, qc));
++				quic_loss_srtt_update(&qc->path->loss, rtt_sample, ack_delay, qc);
++			}
++			break;
++		}
++		case QUIC_FT_RESET_STREAM:
++			if (qc->mux_state == QC_MUX_READY) {
++				struct qf_reset_stream *rs_frm = &frm.reset_stream;
++				qcc_recv_reset_stream(qc->qcc, rs_frm->id, rs_frm->app_error_code, rs_frm->final_size);
++			}
++			break;
++		case QUIC_FT_STOP_SENDING:
++		{
++			struct qf_stop_sending *ss_frm = &frm.stop_sending;
++			if (qc->mux_state == QC_MUX_READY) {
++				if (qcc_recv_stop_sending(qc->qcc, ss_frm->id,
++				                          ss_frm->app_error_code)) {
++					TRACE_ERROR("qcc_recv_stop_sending() failed", QUIC_EV_CONN_PRSHPKT, qc);
++					goto leave;
++				}
++			}
++			break;
++		}
++		case QUIC_FT_CRYPTO:
++			if (!qc_handle_crypto_frm(qc, &frm.crypto, pkt, qel, &fast_retrans))
++				goto leave;
++			break;
++		case QUIC_FT_STREAM_8 ... QUIC_FT_STREAM_F:
++		{
++			struct qf_stream *strm_frm = &frm.stream;
++			unsigned nb_streams = qc->rx.strms[qcs_id_type(strm_frm->id)].nb_streams;
++			const char fin = frm.type & QUIC_STREAM_FRAME_TYPE_FIN_BIT;
++
++			/* The upper layer may not be allocated. */
++			if (qc->mux_state != QC_MUX_READY) {
++				if ((strm_frm->id >> QCS_ID_TYPE_SHIFT) < nb_streams) {
++					TRACE_DATA("Already closed stream", QUIC_EV_CONN_PRSHPKT, qc);
++				}
++				else {
++					TRACE_DEVEL("No mux for new stream", QUIC_EV_CONN_PRSHPKT, qc);
++					if (qc->app_ops == &h3_ops) {
++						if (!qc_h3_request_reject(qc, strm_frm->id)) {
++							TRACE_ERROR("error on request rejection", QUIC_EV_CONN_PRSHPKT, qc);
++							/* This packet will not be acknowledged */
++							goto leave;
++						}
++					}
++					else {
++						/* This packet will not be acknowledged */
++						goto leave;
++					}
++				}
++
++				break;
++			}
++
++			if (!qc_handle_strm_frm(pkt, strm_frm, qc, fin)) {
++				TRACE_ERROR("qc_handle_strm_frm() failed", QUIC_EV_CONN_PRSHPKT, qc);
++				goto leave;
++			}
++
++			break;
++		}
++		case QUIC_FT_MAX_DATA:
++			if (qc->mux_state == QC_MUX_READY) {
++				struct qf_max_data *md_frm = &frm.max_data;
++				qcc_recv_max_data(qc->qcc, md_frm->max_data);
++			}
++			break;
++		case QUIC_FT_MAX_STREAM_DATA:
++			if (qc->mux_state == QC_MUX_READY) {
++				struct qf_max_stream_data *msd_frm = &frm.max_stream_data;
++				if (qcc_recv_max_stream_data(qc->qcc, msd_frm->id,
++				                              msd_frm->max_stream_data)) {
++					TRACE_ERROR("qcc_recv_max_stream_data() failed", QUIC_EV_CONN_PRSHPKT, qc);
++					goto leave;
++				}
++			}
++			break;
++		case QUIC_FT_MAX_STREAMS_BIDI:
++		case QUIC_FT_MAX_STREAMS_UNI:
++			break;
++		case QUIC_FT_DATA_BLOCKED:
++			qc->cntrs.data_blocked++;
++			break;
++		case QUIC_FT_STREAM_DATA_BLOCKED:
++			qc->cntrs.stream_data_blocked++;
++			break;
++		case QUIC_FT_STREAMS_BLOCKED_BIDI:
++			qc->cntrs.streams_blocked_bidi++;
++			break;
++		case QUIC_FT_STREAMS_BLOCKED_UNI:
++			qc->cntrs.streams_blocked_uni++;
++			break;
++		case QUIC_FT_NEW_CONNECTION_ID:
++			/* XXX TO DO XXX */
++			break;
++		case QUIC_FT_RETIRE_CONNECTION_ID:
++		{
++			struct quic_connection_id *conn_id = NULL;
++
++			if (!qc_handle_retire_connection_id_frm(qc, &frm, &pkt->dcid, &conn_id))
++				goto leave;
++
++			if (!conn_id)
++				break;
++
++			ebmb_delete(&conn_id->node);
++			eb64_delete(&conn_id->seq_num);
++			pool_free(pool_head_quic_connection_id, conn_id);
++			TRACE_PROTO("CID retired", QUIC_EV_CONN_PSTRM, qc);
++
++			conn_id = new_quic_cid(&qc->cids, qc, NULL, NULL);
++			if (!conn_id) {
++				TRACE_ERROR("CID allocation error", QUIC_EV_CONN_IO_CB, qc);
++			}
++			else {
++				quic_cid_insert(conn_id);
++				qc_build_new_connection_id_frm(qc, conn_id);
++			}
++			break;
++		}
++		case QUIC_FT_CONNECTION_CLOSE:
++		case QUIC_FT_CONNECTION_CLOSE_APP:
++			/* Increment the error counters */
++			qc_cc_err_count_inc(qc, &frm);
++			if (!(qc->flags & QUIC_FL_CONN_DRAINING)) {
++				if (!(qc->flags & QUIC_FL_CONN_HALF_OPEN_CNT_DECREMENTED)) {
++					qc->flags |= QUIC_FL_CONN_HALF_OPEN_CNT_DECREMENTED;
++					HA_ATOMIC_DEC(&qc->prx_counters->half_open_conn);
++				}
++				TRACE_STATE("Entering draining state", QUIC_EV_CONN_PRSHPKT, qc);
++				/* RFC 9000 10.2. Immediate Close:
++				 * The closing and draining connection states exist to ensure
++				 * that connections close cleanly and that delayed or reordered
++				 * packets are properly discarded. These states SHOULD persist
++				 * for at least three times the current PTO interval...
++				 *
++				 * Rearm the idle timeout only one time when entering draining
++				 * state.
++				 */
++				qc->flags |= QUIC_FL_CONN_DRAINING|QUIC_FL_CONN_IMMEDIATE_CLOSE;
++				qc_detach_th_ctx_list(qc, 1);
++				qc_idle_timer_do_rearm(qc, 0);
++				qc_notify_err(qc);
++			}
++			break;
++		case QUIC_FT_HANDSHAKE_DONE:
++			if (qc_is_listener(qc)) {
++				TRACE_ERROR("non accepted QUIC_FT_HANDSHAKE_DONE frame",
++				            QUIC_EV_CONN_PRSHPKT, qc);
++				goto leave;
++			}
++
++			qc->state = QUIC_HS_ST_CONFIRMED;
++			break;
++		default:
++			TRACE_ERROR("unknosw frame type", QUIC_EV_CONN_PRSHPKT, qc);
++			goto leave;
++		}
++	}
++
++	/* Flag this packet number space as having received a packet. */
++	qel->pktns->flags |= QUIC_FL_PKTNS_PKT_RECEIVED;
++
++	if (fast_retrans) {
++		struct quic_enc_level *iqel = &qc->els[QUIC_TLS_ENC_LEVEL_INITIAL];
++		struct quic_enc_level *hqel = &qc->els[QUIC_TLS_ENC_LEVEL_HANDSHAKE];
++
++		TRACE_PROTO("speeding up handshake completion", QUIC_EV_CONN_PRSHPKT, qc);
++		qc_prep_hdshk_fast_retrans(qc, &iqel->pktns->tx.frms, &hqel->pktns->tx.frms);
++		qc->flags |= QUIC_FL_CONN_HANDSHAKE_SPEED_UP;
++	}
++
++	/* The server must switch from INITIAL to HANDSHAKE handshake state when it
++	 * has successfully parse a Handshake packet. The Initial encryption must also
++	 * be discarded.
++	 */
++	if (pkt->type == QUIC_PACKET_TYPE_HANDSHAKE && qc_is_listener(qc)) {
++	    if (qc->state >= QUIC_HS_ST_SERVER_INITIAL) {
++			if (!(qc->els[QUIC_TLS_ENC_LEVEL_INITIAL].tls_ctx.flags &
++			      QUIC_FL_TLS_SECRETS_DCD)) {
++				quic_tls_discard_keys(&qc->els[QUIC_TLS_ENC_LEVEL_INITIAL]);
++				TRACE_PROTO("discarding Initial pktns", QUIC_EV_CONN_PRSHPKT, qc);
++				quic_pktns_discard(qc->els[QUIC_TLS_ENC_LEVEL_INITIAL].pktns, qc);
++				qc_set_timer(qc);
++				qc_el_rx_pkts_del(&qc->els[QUIC_TLS_ENC_LEVEL_INITIAL]);
++				qc_release_pktns_frms(qc, qc->els[QUIC_TLS_ENC_LEVEL_INITIAL].pktns);
++			}
++		    if (qc->state < QUIC_HS_ST_SERVER_HANDSHAKE)
++			    qc->state = QUIC_HS_ST_SERVER_HANDSHAKE;
++	    }
++	}
++
++	ret = 1;
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_PRSHPKT, qc);
++	return ret;
++}
++
++
++/* Allocate Tx buffer from <qc> quic-conn if needed.
++ *
++ * Returns allocated buffer or NULL on error.
++ */
++static struct buffer *qc_txb_alloc(struct quic_conn *qc)
++{
++	struct buffer *buf = &qc->tx.buf;
++	if (!b_alloc(buf))
++		return NULL;
++
++	return buf;
++}
++
++/* Free Tx buffer from <qc> if it is empty. */
++static void qc_txb_release(struct quic_conn *qc)
++{
++	struct buffer *buf = &qc->tx.buf;
++
++	/* For the moment sending function is responsible to purge the buffer
++	 * entirely. It may change in the future but this requires to be able
++	 * to reuse old data.
++	 * For the momemt we do not care to leave data in the buffer for
++	 * a connection which is supposed to be killed asap.
++	 */
++	BUG_ON_HOT(buf && b_data(buf));
++
++	if (!b_data(buf)) {
++		b_free(buf);
++		offer_buffers(NULL, 1);
++	}
++}
++
++/* Commit a datagram payload written into <buf> of length <length>. <first_pkt>
++ * must contains the address of the first packet stored in the payload.
++ *
++ * Caller is responsible that there is enough space in the buffer.
++ */
++static void qc_txb_store(struct buffer *buf, uint16_t length,
++                         struct quic_tx_packet *first_pkt)
++{
++	const size_t hdlen = sizeof(uint16_t) + sizeof(void *);
++	BUG_ON_HOT(b_contig_space(buf) < hdlen); /* this must not happen */
++
++	write_u16(b_tail(buf), length);
++	write_ptr(b_tail(buf) + sizeof(length), first_pkt);
++	b_add(buf, hdlen + length);
++}
++
++/* Returns 1 if a packet may be built for <qc> from <qel> encryption level
++ * with <frms> as ack-eliciting frame list to send, 0 if not.
++ * <cc> must equal to 1 if an immediate close was asked, 0 if not.
++ * <probe> must equalt to 1 if a probing packet is required, 0 if not.
++ * Also set <*must_ack> to inform the caller if an acknowledgement should be sent.
++ */
++static int qc_may_build_pkt(struct quic_conn *qc, struct list *frms,
++                            struct quic_enc_level *qel, int cc, int probe,
++                            int *must_ack)
++{
++	int force_ack =
++		qel == &qc->els[QUIC_TLS_ENC_LEVEL_INITIAL] ||
++		qel == &qc->els[QUIC_TLS_ENC_LEVEL_HANDSHAKE];
++	int nb_aepkts_since_last_ack = qel->pktns->rx.nb_aepkts_since_last_ack;
++
++	/* An acknowledgement must be sent if this has been forced by the caller,
++	 * typically during the handshake when the packets must be acknowledged as
++	 * soon as possible. This is also the case when the ack delay timer has been
++	 * triggered, or at least every QUIC_MAX_RX_AEPKTS_SINCE_LAST_ACK packets.
++	 */
++	*must_ack = (qc->flags & QUIC_FL_CONN_ACK_TIMER_FIRED) ||
++		((qel->pktns->flags & QUIC_FL_PKTNS_ACK_REQUIRED) &&
++		 (force_ack || nb_aepkts_since_last_ack >= QUIC_MAX_RX_AEPKTS_SINCE_LAST_ACK));
++
++	/* Do not build any more packet if the TX secrets are not available or
++	 * if there is nothing to send, i.e. if no CONNECTION_CLOSE or ACK are required
++	 * and if there is no more packets to send upon PTO expiration
++	 * and if there is no more ack-eliciting frames to send or in flight
++	 * congestion control limit is reached for prepared data
++	 */
++	if (!quic_tls_has_tx_sec(qel) ||
++	    (!cc && !probe && !*must_ack &&
++	     (LIST_ISEMPTY(frms) || qc->path->prep_in_flight >= qc->path->cwnd))) {
++		return 0;
++	}
++
++	return 1;
++}
++
++/* Prepare as much as possible QUIC packets for sending from prebuilt frames
++ * <frms>. Each packet is stored in a distinct datagram written to <buf>.
++ *
++ * Each datagram is prepended by a two fields header : the datagram length and
++ * the address of the packet contained in the datagram.
++ *
++ * Returns the number of bytes prepared in packets if succeeded (may be 0), or
++ * -1 if something wrong happened.
++ */
++static int qc_prep_app_pkts(struct quic_conn *qc, struct buffer *buf,
++                            struct list *frms)
++{
++	int ret = -1;
++	struct quic_enc_level *qel;
++	unsigned char *end, *pos;
++	struct quic_tx_packet *pkt;
++	size_t total;
++	/* Each datagram is prepended with its length followed by the address
++	 * of the first packet in the datagram.
++	 */
++	const size_t dg_headlen = sizeof(uint16_t) + sizeof(pkt);
++
++	TRACE_ENTER(QUIC_EV_CONN_PHPKTS, qc);
++
++	qel = &qc->els[QUIC_TLS_ENC_LEVEL_APP];
++	total = 0;
++	pos = (unsigned char *)b_tail(buf);
++	while (b_contig_space(buf) >= (int)qc->path->mtu + dg_headlen) {
++		int err, probe, cc, must_ack;
++
++		TRACE_PROTO("TX prep app pkts", QUIC_EV_CONN_PHPKTS, qc, qel, frms);
++		probe = 0;
++		cc =  qc->flags & QUIC_FL_CONN_IMMEDIATE_CLOSE;
++		/* We do not probe if an immediate close was asked */
++		if (!cc)
++			probe = qel->pktns->tx.pto_probe;
++
++		if (!qc_may_build_pkt(qc, frms, qel, cc, probe, &must_ack))
++			break;
++
++		/* Leave room for the datagram header */
++		pos += dg_headlen;
++		if (!quic_peer_validated_addr(qc) && qc_is_listener(qc)) {
++			end = pos + QUIC_MIN((uint64_t)qc->path->mtu, 3 * qc->rx.bytes - qc->tx.prep_bytes);
++		}
++		else {
++			end = pos + qc->path->mtu;
++		}
++
++		pkt = qc_build_pkt(&pos, end, qel, &qel->tls_ctx, frms, qc, NULL, 0,
++		                   QUIC_PACKET_TYPE_SHORT, must_ack, 0, probe, cc, &err);
++		switch (err) {
++		case -3:
++			qc_purge_txbuf(qc, buf);
++			goto leave;
++		case -2:
++			// trace already emitted by function above
++			goto leave;
++		case -1:
++			/* As we provide qc_build_pkt() with an enough big buffer to fulfill an
++			 * MTU, we are here because of the congestion control window. There is
++			 * no need to try to reuse this buffer.
++			 */
++			TRACE_PROTO("could not prepare anymore packet", QUIC_EV_CONN_PHPKTS, qc, qel);
++			goto out;
++		default:
++			break;
++		}
++
++		/* This is to please to GCC. We cannot have (err >= 0 && !pkt) */
++		BUG_ON(!pkt);
++
++		if (qc->flags & QUIC_FL_CONN_RETRANS_OLD_DATA)
++			pkt->flags |= QUIC_FL_TX_PACKET_PROBE_WITH_OLD_DATA;
++
++		total += pkt->len;
++
++		/* Write datagram header. */
++		qc_txb_store(buf, pkt->len, pkt);
++	}
++
++ out:
++	ret = total;
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_PHPKTS, qc);
++	return ret;
++}
++
++/* Prepare as much as possible QUIC packets for sending from prebuilt frames
++ * <frms>. Several packets can be regrouped in a single datagram. The result is
++ * written into <buf>.
++ *
++ * Each datagram is prepended by a two fields header : the datagram length and
++ * the address of first packet in the datagram.
++ *
++ * Returns the number of bytes prepared in packets if succeeded (may be 0), or
++ * -1 if something wrong happened.
++ */
++static int qc_prep_pkts(struct quic_conn *qc, struct buffer *buf,
++                        enum quic_tls_enc_level tel, struct list *tel_frms,
++                        enum quic_tls_enc_level next_tel, struct list *next_tel_frms)
++{
++	struct quic_enc_level *qel;
++	unsigned char *end, *pos;
++	struct quic_tx_packet *first_pkt, *cur_pkt, *prv_pkt;
++	/* length of datagrams */
++	uint16_t dglen;
++	size_t total;
++	int ret = -1, padding;
++	/* Each datagram is prepended with its length followed by the address
++	 * of the first packet in the datagram.
++	 */
++	const size_t dg_headlen = sizeof(uint16_t) + sizeof(first_pkt);
++	struct list *frms;
++
++	TRACE_ENTER(QUIC_EV_CONN_PHPKTS, qc);
++
++	/* Currently qc_prep_pkts() does not handle buffer wrapping so the
++	 * caller must ensure that buf is reset.
++	 */
++	BUG_ON_HOT(buf->head || buf->data);
++
++	total = 0;
++	qel = &qc->els[tel];
++	frms = tel_frms;
++	dglen = 0;
++	padding = 0;
++	pos = (unsigned char *)b_head(buf);
++	first_pkt = prv_pkt = NULL;
++	while (b_contig_space(buf) >= (int)qc->path->mtu + dg_headlen || prv_pkt) {
++		int err, probe, cc, must_ack;
++		enum quic_pkt_type pkt_type;
++		struct quic_tls_ctx *tls_ctx;
++		const struct quic_version *ver;
++
++		TRACE_PROTO("TX prep pkts", QUIC_EV_CONN_PHPKTS, qc, qel);
++		probe = 0;
++		cc =  qc->flags & QUIC_FL_CONN_IMMEDIATE_CLOSE;
++		/* We do not probe if an immediate close was asked */
++		if (!cc)
++			probe = qel->pktns->tx.pto_probe;
++
++		if (!qc_may_build_pkt(qc, frms, qel, cc, probe, &must_ack)) {
++			if (prv_pkt)
++				qc_txb_store(buf, dglen, first_pkt);
++			/* Let's select the next encryption level */
++			if (tel != next_tel && next_tel != QUIC_TLS_ENC_LEVEL_NONE) {
++				tel = next_tel;
++				frms = next_tel_frms;
++				qel = &qc->els[tel];
++				/* Build a new datagram */
++				prv_pkt = NULL;
++				TRACE_DEVEL("next encryption level selected", QUIC_EV_CONN_PHPKTS, qc);
++				continue;
++			}
++			break;
++		}
++
++		pkt_type = quic_tls_level_pkt_type(tel);
++		if (!prv_pkt) {
++			/* Leave room for the datagram header */
++			pos += dg_headlen;
++			if (!quic_peer_validated_addr(qc) && qc_is_listener(qc)) {
++				end = pos + QUIC_MIN((uint64_t)qc->path->mtu, 3 * qc->rx.bytes - qc->tx.prep_bytes);
++			}
++			else {
++				end = pos + qc->path->mtu;
++			}
++		}
++
++		/* RFC 9000 14.1 Initial datagram size
++		 * a server MUST expand the payload of all UDP datagrams carrying ack-eliciting
++		 * Initial packets to at least the smallest allowed maximum datagram size of
++		 * 1200 bytes.
++		 *
++		 * Ensure that no ack-eliciting packets are sent into too small datagrams
++		 */
++		if (pkt_type == QUIC_PACKET_TYPE_INITIAL && !LIST_ISEMPTY(tel_frms)) {
++			if (end - pos < QUIC_INITIAL_PACKET_MINLEN) {
++				TRACE_PROTO("No more enough room to build an Initial packet",
++				            QUIC_EV_CONN_PHPKTS, qc);
++				goto out;
++			}
++
++			/* Pad this Initial packet if there is no ack-eliciting frames to send from
++			 * the next packet number space.
++			 */
++			if (!next_tel_frms || LIST_ISEMPTY(next_tel_frms))
++				padding = 1;
++		}
++
++		if (qc->negotiated_version) {
++			ver = qc->negotiated_version;
++			if (qel == &qc->els[QUIC_TLS_ENC_LEVEL_INITIAL])
++				tls_ctx = &qc->negotiated_ictx;
++			else
++				tls_ctx = &qel->tls_ctx;
++		}
++		else {
++			ver = qc->original_version;
++			tls_ctx = &qel->tls_ctx;
++		}
++
++		cur_pkt = qc_build_pkt(&pos, end, qel, tls_ctx, frms,
++		                       qc, ver, dglen, pkt_type,
++		                       must_ack, padding, probe, cc, &err);
++		switch (err) {
++		case -3:
++			if (first_pkt)
++				qc_txb_store(buf, dglen, first_pkt);
++			qc_purge_tx_buf(buf);
++			goto leave;
++		case -2:
++			// trace already emitted by function above
++			goto leave;
++		case -1:
++			/* If there was already a correct packet present, set the
++			 * current datagram as prepared into <cbuf>.
++			 */
++			if (prv_pkt)
++				qc_txb_store(buf, dglen, first_pkt);
++			TRACE_PROTO("could not prepare anymore packet", QUIC_EV_CONN_PHPKTS, qc, qel);
++			goto out;
++		default:
++			break;
++		}
++
++		/* This is to please to GCC. We cannot have (err >= 0 && !cur_pkt) */
++		BUG_ON(!cur_pkt);
++
++		if (qc->flags & QUIC_FL_CONN_RETRANS_OLD_DATA)
++			cur_pkt->flags |= QUIC_FL_TX_PACKET_PROBE_WITH_OLD_DATA;
++
++		total += cur_pkt->len;
++		/* keep trace of the first packet in the datagram */
++		if (!first_pkt)
++			first_pkt = cur_pkt;
++		/* Attach the current one to the previous one and vice versa */
++		if (prv_pkt) {
++			prv_pkt->next = cur_pkt;
++			cur_pkt->prev = prv_pkt;
++			cur_pkt->flags |= QUIC_FL_TX_PACKET_COALESCED;
++		}
++		/* Let's say we have to build a new dgram */
++		prv_pkt = NULL;
++		dglen += cur_pkt->len;
++		/* If the data for the current encryption level have all been sent,
++		 * select the next level.
++		 */
++		if ((tel == QUIC_TLS_ENC_LEVEL_INITIAL || tel == QUIC_TLS_ENC_LEVEL_HANDSHAKE) &&
++		    next_tel != QUIC_TLS_ENC_LEVEL_NONE && (LIST_ISEMPTY(frms))) {
++			/* If QUIC_TLS_ENC_LEVEL_HANDSHAKE was already reached let's try QUIC_TLS_ENC_LEVEL_APP */
++			if (tel == QUIC_TLS_ENC_LEVEL_HANDSHAKE && next_tel == tel)
++				next_tel = QUIC_TLS_ENC_LEVEL_APP;
++			tel = next_tel;
++			if (tel == QUIC_TLS_ENC_LEVEL_APP)
++				frms = &qc->els[tel].pktns->tx.frms;
++			else
++				frms = next_tel_frms;
++			qel = &qc->els[tel];
++			if (!LIST_ISEMPTY(frms)) {
++				/* If there is data for the next level, do not
++				 * consume a datagram.
++				 */
++				prv_pkt = cur_pkt;
++			}
++		}
++
++		/* If we have to build a new datagram, set the current datagram as
++		 * prepared into <cbuf>.
++		 */
++		if (!prv_pkt) {
++			qc_txb_store(buf, dglen, first_pkt);
++			first_pkt = NULL;
++			dglen = 0;
++			padding = 0;
++		}
++		else if (prv_pkt->type == QUIC_TLS_ENC_LEVEL_INITIAL &&
++		         (!qc_is_listener(qc) ||
++		         prv_pkt->flags & QUIC_FL_TX_PACKET_ACK_ELICITING)) {
++			padding = 1;
++		}
++	}
++
++ out:
++	ret = total;
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_PHPKTS, qc);
++	return ret;
++}
++
++/* Free all frames in <l> list. In addition also remove all these frames
++ * from the original ones if they are the results of duplications.
++ */
++static inline void qc_free_frm_list(struct list *l)
++{
++	struct quic_frame *frm, *frmbak;
++
++	list_for_each_entry_safe(frm, frmbak, l, list) {
++		LIST_DEL_INIT(&frm->ref);
++		qc_frm_free(&frm);
++	}
++}
++
++/* Free <pkt> TX packet and all the packets coalesced to it. */
++static inline void qc_free_tx_coalesced_pkts(struct quic_tx_packet *p)
++{
++	struct quic_tx_packet *pkt, *nxt_pkt;
++
++	for (pkt = p; pkt; pkt = nxt_pkt) {
++		qc_free_frm_list(&pkt->frms);
++		nxt_pkt = pkt->next;
++		pool_free(pool_head_quic_tx_packet, pkt);
++	}
++}
++
++/* Purge <buf> TX buffer from its prepare packets. */
++static void qc_purge_tx_buf(struct buffer *buf)
++{
++	while (b_contig_data(buf, 0)) {
++		uint16_t dglen;
++		struct quic_tx_packet *pkt;
++		size_t headlen = sizeof dglen + sizeof pkt;
++
++		dglen = read_u16(b_head(buf));
++		pkt = read_ptr(b_head(buf) + sizeof dglen);
++		qc_free_tx_coalesced_pkts(pkt);
++		b_del(buf, dglen + headlen);
++	}
++
++	BUG_ON(b_data(buf));
++}
++
++/* Send datagrams stored in <buf>.
++ *
++ * This function returns 1 for success. On error, there is several behavior
++ * depending on underlying sendto() error :
++ * - for an unrecoverable error, 0 is returned and connection is killed.
++ * - a transient error is handled differently if connection has its owned
++ *   socket. If this is the case, 0 is returned and socket is subscribed on the
++ *   poller. The other case is assimilated to a success case with 1 returned.
++ *   Remaining data are purged from the buffer and will eventually be detected
++ *   as lost which gives the opportunity to retry sending.
++ */
++int qc_send_ppkts(struct buffer *buf, struct ssl_sock_ctx *ctx)
++{
++	int ret = 0;
++	struct quic_conn *qc;
++	char skip_sendto = 0;
++
++	qc = ctx->qc;
++	TRACE_ENTER(QUIC_EV_CONN_SPPKTS, qc);
++	while (b_contig_data(buf, 0)) {
++		unsigned char *pos;
++		struct buffer tmpbuf = { };
++		struct quic_tx_packet *first_pkt, *pkt, *next_pkt;
++		uint16_t dglen;
++		size_t headlen = sizeof dglen + sizeof first_pkt;
++		unsigned int time_sent;
++
++		pos = (unsigned char *)b_head(buf);
++		dglen = read_u16(pos);
++		BUG_ON_HOT(!dglen); /* this should not happen */
++
++		pos += sizeof dglen;
++		first_pkt = read_ptr(pos);
++		pos += sizeof first_pkt;
++		tmpbuf.area = (char *)pos;
++		tmpbuf.size = tmpbuf.data = dglen;
++
++		TRACE_PROTO("TX dgram", QUIC_EV_CONN_SPPKTS, qc);
++		/* If sendto is on error just skip the call to it for the rest
++		 * of the loop but continue to purge the buffer. Data will be
++		 * transmitted when QUIC packets are detected as lost on our
++		 * side.
++		 *
++		 * TODO use fd-monitoring to detect when send operation can be
++		 * retry. This should improve the bandwidth without relying on
++		 * retransmission timer. However, it requires a major rework on
++		 * quic-conn fd management.
++		 */
++		if (!skip_sendto) {
++			int ret = qc_snd_buf(qc, &tmpbuf, tmpbuf.data, 0);
++			if (ret < 0) {
++				TRACE_ERROR("sendto fatal error", QUIC_EV_CONN_SPPKTS, qc, first_pkt);
++				qc_kill_conn(qc);
++				qc_free_tx_coalesced_pkts(first_pkt);
++				b_del(buf, dglen + headlen);
++				qc_purge_tx_buf(buf);
++				goto leave;
++			}
++			else if (!ret) {
++				/* Connection owned socket : poller will wake us up when transient error is cleared. */
++				if (qc_test_fd(qc)) {
++					TRACE_ERROR("sendto error, subscribe to poller", QUIC_EV_CONN_SPPKTS, qc);
++					goto leave;
++				}
++
++				/* No connection owned-socket : rely on retransmission to retry sending. */
++				skip_sendto = 1;
++				TRACE_ERROR("sendto error, simulate sending for the rest of data", QUIC_EV_CONN_SPPKTS, qc);
++			}
++		}
++
++		b_del(buf, dglen + headlen);
++		qc->tx.bytes += tmpbuf.data;
++		time_sent = now_ms;
++
++		for (pkt = first_pkt; pkt; pkt = next_pkt) {
++			/* RFC 9000 14.1 Initial datagram size
++			 * a server MUST expand the payload of all UDP datagrams carrying ack-eliciting
++			 * Initial packets to at least the smallest allowed maximum datagram size of
++			 * 1200 bytes.
++			 */
++			qc->cntrs.sent_pkt++;
++			BUG_ON_HOT(pkt->type == QUIC_PACKET_TYPE_INITIAL &&
++			           (pkt->flags & QUIC_FL_TX_PACKET_ACK_ELICITING) &&
++			           dglen < QUIC_INITIAL_PACKET_MINLEN);
++
++			pkt->time_sent = time_sent;
++			if (pkt->flags & QUIC_FL_TX_PACKET_ACK_ELICITING) {
++				pkt->pktns->tx.time_of_last_eliciting = time_sent;
++				qc->path->ifae_pkts++;
++				if (qc->flags & QUIC_FL_CONN_IDLE_TIMER_RESTARTED_AFTER_READ)
++					qc_idle_timer_rearm(qc, 0, 0);
++			}
++			if (!(qc->flags & QUIC_FL_CONN_CLOSING) &&
++			    (pkt->flags & QUIC_FL_TX_PACKET_CC)) {
++				qc->flags |= QUIC_FL_CONN_CLOSING;
++				qc_detach_th_ctx_list(qc, 1);
++
++				/* RFC 9000 10.2. Immediate Close:
++				 * The closing and draining connection states exist to ensure
++				 * that connections close cleanly and that delayed or reordered
++				 * packets are properly discarded. These states SHOULD persist
++				 * for at least three times the current PTO interval...
++				 *
++				 * Rearm the idle timeout only one time when entering closing
++				 * state.
++				 */
++				qc_idle_timer_do_rearm(qc, 0);
++				if (qc->timer_task) {
++					task_destroy(qc->timer_task);
++					qc->timer_task = NULL;
++				}
++			}
++			qc->path->in_flight += pkt->in_flight_len;
++			pkt->pktns->tx.in_flight += pkt->in_flight_len;
++			if (pkt->in_flight_len)
++				qc_set_timer(qc);
++			TRACE_PROTO("TX pkt", QUIC_EV_CONN_SPPKTS, qc, pkt);
++			next_pkt = pkt->next;
++			quic_tx_packet_refinc(pkt);
++			eb64_insert(&pkt->pktns->tx.pkts, &pkt->pn_node);
++		}
++	}
++
++	ret = 1;
++leave:
++	TRACE_LEAVE(QUIC_EV_CONN_SPPKTS, qc);
++
++	return ret;
++}
++
++/* Copy at <pos> position a stateless reset token depending on the
++ * <salt> salt input. This is the cluster secret which will be derived
++ * as HKDF input secret to generate this token.
++ * Return 1 if succeeded, 0 if not.
++ */
++static int quic_stateless_reset_token_cpy(unsigned char *pos, size_t len,
++                                          const unsigned char *salt, size_t saltlen)
++{
++	/* Input secret */
++	const unsigned char *key = global.cluster_secret;
++	size_t keylen = sizeof global.cluster_secret;
++	/* Info */
++	const unsigned char label[] = "stateless token";
++	size_t labellen = sizeof label - 1;
++	int ret;
++
++	ret = quic_hkdf_extract_and_expand(EVP_sha256(), pos, len,
++	                                    key, keylen, salt, saltlen, label, labellen);
++	return ret;
++}
++
++/* Initialize the stateless reset token attached to <conn_id> connection ID.
++ * Returns 1 if succeeded, 0 if not.
++ */
++static int quic_stateless_reset_token_init(struct quic_connection_id *conn_id)
++{
++	/* Output secret */
++	unsigned char *token = conn_id->stateless_reset_token;
++	size_t tokenlen = sizeof conn_id->stateless_reset_token;
++	/* Salt */
++	const unsigned char *cid = conn_id->cid.data;
++	size_t cidlen = conn_id->cid.len;
++
++	return quic_stateless_reset_token_cpy(token, tokenlen, cid, cidlen);
++}
++
++/* Generate a CID directly derived from <orig> CID and <addr> address.
++ *
++ * Returns the derived CID.
++ */
++struct quic_cid quic_derive_cid(const struct quic_cid *orig,
++                                const struct sockaddr_storage *addr)
++{
++	struct quic_cid cid;
++	const struct sockaddr_in *in;
++	const struct sockaddr_in6 *in6;
++	char *pos = trash.area;
++	size_t idx = 0;
++	uint64_t hash;
++	int i;
++
++	/* Prepare buffer for hash using original CID first. */
++	memcpy(pos, orig->data, orig->len);
++	idx += orig->len;
++
++	/* Concatenate client address. */
++	switch (addr->ss_family) {
++	case AF_INET:
++		in = (struct sockaddr_in *)addr;
++
++		memcpy(&pos[idx], &in->sin_addr, sizeof(in->sin_addr));
++		idx += sizeof(in->sin_addr);
++		memcpy(&pos[idx], &in->sin_port, sizeof(in->sin_port));
++		idx += sizeof(in->sin_port);
++		break;
++
++	case AF_INET6:
++		in6 = (struct sockaddr_in6 *)addr;
++
++		memcpy(&pos[idx], &in6->sin6_addr, sizeof(in6->sin6_addr));
++		idx += sizeof(in6->sin6_addr);
++		memcpy(&pos[idx], &in6->sin6_port, sizeof(in6->sin6_port));
++		idx += sizeof(in6->sin6_port);
++		break;
++
++	default:
++		/* TODO to implement */
++		ABORT_NOW();
++	}
++
++	/* Avoid similar values between multiple haproxy process. */
++	memcpy(&pos[idx], boot_seed, sizeof(boot_seed));
++	idx += sizeof(boot_seed);
++
++	/* Hash the final buffer content. */
++	hash = XXH64(pos, idx, 0);
++
++	for (i = 0; i < sizeof(hash); ++i)
++		cid.data[i] = hash >> ((sizeof(hash) * 7) - (8 * i));
++	cid.len = sizeof(hash);
++
++	return cid;
++}
++
++/* Retrieve the thread ID associated to QUIC connection ID <cid> of length
++ * <cid_len>. CID may be not found on the CID tree because it is an ODCID. In
++ * this case, it will derived using client address <cli_addr> as hash
++ * parameter. However, this is done only if <pos> points to an INITIAL or 0RTT
++ * packet of length <len>.
++ *
++ * Returns the thread ID or a negative error code.
++ */
++int quic_get_cid_tid(const unsigned char *cid, size_t cid_len,
++                     const struct sockaddr_storage *cli_addr,
++                     unsigned char *pos, size_t len)
++{
++	struct quic_cid_tree *tree;
++	struct quic_connection_id *conn_id;
++	struct ebmb_node *node;
++
++	tree = &quic_cid_trees[_quic_cid_tree_idx(cid)];
++	HA_RWLOCK_RDLOCK(QC_CID_LOCK, &tree->lock);
++	node = ebmb_lookup(&tree->root, cid, cid_len);
++	HA_RWLOCK_RDUNLOCK(QC_CID_LOCK, &tree->lock);
++
++	if (!node) {
++		struct quic_cid orig, derive_cid;
++		struct quic_rx_packet pkt;
++
++		if (!qc_parse_hd_form(&pkt, &pos, pos + len))
++			goto not_found;
++
++		if (pkt.type != QUIC_PACKET_TYPE_INITIAL &&
++		    pkt.type != QUIC_PACKET_TYPE_0RTT) {
++			goto not_found;
++		}
++
++		memcpy(orig.data, cid, cid_len);
++		orig.len = cid_len;
++		derive_cid = quic_derive_cid(&orig, cli_addr);
++
++		tree = &quic_cid_trees[quic_cid_tree_idx(&derive_cid)];
++		HA_RWLOCK_RDLOCK(QC_CID_LOCK, &tree->lock);
++		node = ebmb_lookup(&tree->root, cid, cid_len);
++		HA_RWLOCK_RDUNLOCK(QC_CID_LOCK, &tree->lock);
++	}
++
++	if (!node)
++		goto not_found;
++
++	conn_id = ebmb_entry(node, struct quic_connection_id, node);
++	return HA_ATOMIC_LOAD(&conn_id->tid);
++
++ not_found:
++	return -1;
++}
++
++/* Allocate a new CID and attach it to <root> ebtree.
++ *
++ * If <orig> and <addr> params are non null, the new CID value is directly
++ * derived from them. Else a random value is generated. The CID is then marked
++ * with the current thread ID.
++ *
++ * Returns the new CID if succeeded, NULL if not.
++ */
++static struct quic_connection_id *new_quic_cid(struct eb_root *root,
++                                               struct quic_conn *qc,
++                                               const struct quic_cid *orig,
++                                               const struct sockaddr_storage *addr)
++{
++	struct quic_connection_id *conn_id;
++
++	TRACE_ENTER(QUIC_EV_CONN_TXPKT, qc);
++
++	/* Caller must set either none or both values. */
++	BUG_ON(!!orig != !!addr);
++
++	conn_id = pool_alloc(pool_head_quic_connection_id);
++	if (!conn_id) {
++		TRACE_ERROR("cid allocation failed", QUIC_EV_CONN_TXPKT, qc);
++		goto err;
++	}
++
++	conn_id->cid.len = QUIC_HAP_CID_LEN;
++
++	if (!orig) {
++		/* TODO: RAND_bytes() should be replaced */
++		if (RAND_bytes(conn_id->cid.data, conn_id->cid.len) != 1) {
++			TRACE_ERROR("RAND_bytes() failed", QUIC_EV_CONN_TXPKT, qc);
++			goto err;
++		}
++	}
++	else {
++		/* Derive the new CID value from original CID. */
++		conn_id->cid = quic_derive_cid(orig, addr);
++	}
++
++	if (quic_stateless_reset_token_init(conn_id) != 1) {
++		TRACE_ERROR("quic_stateless_reset_token_init() failed", QUIC_EV_CONN_TXPKT, qc);
++		goto err;
++	}
++
++	conn_id->qc = qc;
++	HA_ATOMIC_STORE(&conn_id->tid, tid);
++
++	conn_id->seq_num.key = qc ? qc->next_cid_seq_num++ : 0;
++	conn_id->retire_prior_to = 0;
++	/* insert the allocated CID in the quic_conn tree */
++	if (root)
++		eb64_insert(root, &conn_id->seq_num);
++
++	TRACE_LEAVE(QUIC_EV_CONN_TXPKT, qc);
++	return conn_id;
++
++ err:
++	pool_free(pool_head_quic_connection_id, conn_id);
++	TRACE_LEAVE(QUIC_EV_CONN_TXPKT, qc);
++	return NULL;
++}
++
++/* Build all the frames which must be sent just after the handshake have succeeded.
++ * This is essentially NEW_CONNECTION_ID frames. A QUIC server must also send
++ * a HANDSHAKE_DONE frame.
++ * Return 1 if succeeded, 0 if not.
++ */
++static int quic_build_post_handshake_frames(struct quic_conn *qc)
++{
++	int ret = 0, max;
++	struct quic_enc_level *qel;
++	struct quic_frame *frm, *frmbak;
++	struct list frm_list = LIST_HEAD_INIT(frm_list);
++	struct eb64_node *node;
++
++	TRACE_ENTER(QUIC_EV_CONN_IO_CB, qc);
++
++	qel = &qc->els[QUIC_TLS_ENC_LEVEL_APP];
++	/* Only servers must send a HANDSHAKE_DONE frame. */
++	if (qc_is_listener(qc)) {
++		frm = qc_frm_alloc(QUIC_FT_HANDSHAKE_DONE);
++		if (!frm) {
++			TRACE_ERROR("frame allocation error", QUIC_EV_CONN_IO_CB, qc);
++			goto leave;
++		}
++
++		LIST_APPEND(&frm_list, &frm->list);
++	}
++
++	/* Initialize <max> connection IDs minus one: there is
++	 * already one connection ID used for the current connection. Also limit
++	 * the number of connection IDs sent to the peer to 4 (3 from this function
++	 * plus 1 for the current connection.
++	 * Note that active_connection_id_limit >= 2: this has been already checked
++	 * when receiving this parameter.
++	 */
++	max = QUIC_MIN(qc->tx.params.active_connection_id_limit - 1, (uint64_t)3);
++	while (max--) {
++		struct quic_connection_id *conn_id;
++
++		frm = qc_frm_alloc(QUIC_FT_NEW_CONNECTION_ID);
++		if (!frm) {
++			TRACE_ERROR("frame allocation error", QUIC_EV_CONN_IO_CB, qc);
++			goto err;
++		}
++
++		conn_id = new_quic_cid(&qc->cids, qc, NULL, NULL);
++		if (!conn_id) {
++			qc_frm_free(&frm);
++			TRACE_ERROR("CID allocation error", QUIC_EV_CONN_IO_CB, qc);
++			goto err;
++		}
++
++		/* TODO To prevent CID tree locking, all CIDs created here
++		 * could be allocated at the same time as the first one.
++		 */
++		quic_cid_insert(conn_id);
++
++		quic_connection_id_to_frm_cpy(frm, conn_id);
++		LIST_APPEND(&frm_list, &frm->list);
++	}
++
++	LIST_SPLICE(&qel->pktns->tx.frms, &frm_list);
++	qc->flags &= ~QUIC_FL_CONN_NEED_POST_HANDSHAKE_FRMS;
++
++	ret = 1;
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_IO_CB, qc);
++	return ret;
++
++ err:
++	/* free the frames */
++	list_for_each_entry_safe(frm, frmbak, &frm_list, list)
++		qc_frm_free(&frm);
++
++	/* The first CID sequence number value used to allocated CIDs by this function is 1,
++	 * 0 being the sequence number of the CID for this connection.
++	 */
++	node = eb64_lookup_ge(&qc->cids, 1);
++	while (node) {
++		struct quic_connection_id *conn_id;
++
++		conn_id = eb64_entry(node, struct quic_connection_id, seq_num);
++		if (conn_id->seq_num.key >= max)
++			break;
++
++		node = eb64_next(node);
++		quic_cid_delete(conn_id);
++
++		eb64_delete(&conn_id->seq_num);
++		pool_free(pool_head_quic_connection_id, conn_id);
++	}
++	goto leave;
++}
++
++/* Deallocate <l> list of ACK ranges. */
++void quic_free_arngs(struct quic_conn *qc, struct quic_arngs *arngs)
++{
++	struct eb64_node *n;
++	struct quic_arng_node *ar;
++
++	TRACE_ENTER(QUIC_EV_CONN_CLOSE, qc);
++
++	n = eb64_first(&arngs->root);
++	while (n) {
++		struct eb64_node *next;
++
++		ar = eb64_entry(n, struct quic_arng_node, first);
++		next = eb64_next(n);
++		eb64_delete(n);
++		pool_free(pool_head_quic_arng, ar);
++		n = next;
++	}
++
++	TRACE_LEAVE(QUIC_EV_CONN_CLOSE, qc);
++}
++
++/* Return the gap value between <p> and <q> ACK ranges where <q> follows <p> in
++ * descending order.
++ */
++static inline size_t sack_gap(struct quic_arng_node *p,
++                              struct quic_arng_node *q)
++{
++	return p->first.key - q->last - 2;
++}
++
++/* Set the encoded size of <arngs> QUIC ack ranges. */
++static void quic_arngs_set_enc_sz(struct quic_conn *qc, struct quic_arngs *arngs)
++{
++	struct eb64_node *node, *next;
++	struct quic_arng_node *ar, *ar_next;
++
++	TRACE_ENTER(QUIC_EV_CONN_TXPKT, qc);
++
++	node = eb64_last(&arngs->root);
++	if (!node)
++		goto leave;
++
++	ar = eb64_entry(node, struct quic_arng_node, first);
++	arngs->enc_sz = quic_int_getsize(ar->last) +
++		quic_int_getsize(ar->last - ar->first.key) + quic_int_getsize(arngs->sz - 1);
++
++	while ((next = eb64_prev(node))) {
++		ar_next = eb64_entry(next, struct quic_arng_node, first);
++		arngs->enc_sz += quic_int_getsize(sack_gap(ar, ar_next)) +
++			quic_int_getsize(ar_next->last - ar_next->first.key);
++		node = next;
++		ar = eb64_entry(node, struct quic_arng_node, first);
++	}
++
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_TXPKT, qc);
++}
++
++/* Insert <ar> ack range into <argns> tree of ack ranges.
++ * Returns the ack range node which has been inserted if succeeded, NULL if not.
++ */
++static inline
++struct quic_arng_node *quic_insert_new_range(struct quic_conn *qc,
++                                             struct quic_arngs *arngs,
++                                             struct quic_arng *ar)
++{
++	struct quic_arng_node *new_ar;
++
++	TRACE_ENTER(QUIC_EV_CONN_RXPKT, qc);
++
++	if (arngs->sz >= QUIC_MAX_ACK_RANGES) {
++		struct eb64_node *last;
++
++		last = eb64_last(&arngs->root);
++		BUG_ON(last == NULL);
++		eb64_delete(last);
++		pool_free(pool_head_quic_arng, last);
++		arngs->sz--;
++	}
++
++	new_ar = pool_alloc(pool_head_quic_arng);
++	if (!new_ar) {
++		TRACE_ERROR("ack range allocation failed", QUIC_EV_CONN_RXPKT, qc);
++		goto leave;
++	}
++
++	new_ar->first.key = ar->first;
++	new_ar->last = ar->last;
++	eb64_insert(&arngs->root, &new_ar->first);
++	arngs->sz++;
++
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_RXPKT, qc);
++	return new_ar;
++}
++
++/* Update <arngs> tree of ACK ranges with <ar> as new ACK range value.
++ * Note that this function computes the number of bytes required to encode
++ * this tree of ACK ranges in descending order.
++ *
++ *    Descending order
++ *    ------------->
++ *                range1                  range2
++ *    ..........|--------|..............|--------|
++ *              ^        ^              ^        ^
++ *              |        |              |        |
++ *            last1     first1        last2    first2
++ *    ..........+--------+--------------+--------+......
++ *                 diff1       gap12       diff2
++ *
++ * To encode the previous list of ranges we must encode integers as follows in
++ * descending order:
++ *          enc(last2),enc(diff2),enc(gap12),enc(diff1)
++ *  with diff1 = last1 - first1
++ *       diff2 = last2 - first2
++ *       gap12 = first1 - last2 - 2 (>= 0)
++ *
++
++returns 0 on error
++
++ */
++int quic_update_ack_ranges_list(struct quic_conn *qc,
++                                struct quic_arngs *arngs,
++                                struct quic_arng *ar)
++{
++	int ret = 0;
++	struct eb64_node *le;
++	struct quic_arng_node *new_node;
++	struct eb64_node *new;
++
++	TRACE_ENTER(QUIC_EV_CONN_RXPKT, qc);
++
++	new = NULL;
++	if (eb_is_empty(&arngs->root)) {
++		new_node = quic_insert_new_range(qc, arngs, ar);
++		if (new_node)
++			ret = 1;
++
++		goto leave;
++	}
++
++	le = eb64_lookup_le(&arngs->root, ar->first);
++	if (!le) {
++		new_node = quic_insert_new_range(qc, arngs, ar);
++		if (!new_node)
++			goto leave;
++
++		new = &new_node->first;
++	}
++	else {
++		struct quic_arng_node *le_ar =
++			eb64_entry(le, struct quic_arng_node, first);
++
++		/* Already existing range */
++		if (le_ar->last >= ar->last) {
++			ret = 1;
++		}
++		else if (le_ar->last + 1 >= ar->first) {
++			le_ar->last = ar->last;
++			new = le;
++			new_node = le_ar;
++		}
++		else {
++			new_node = quic_insert_new_range(qc, arngs, ar);
++			if (!new_node)
++				goto leave;
++
++			new = &new_node->first;
++		}
++	}
++
++	/* Verify that the new inserted node does not overlap the nodes
++	 * which follow it.
++	 */
++	if (new) {
++		struct eb64_node *next;
++		struct quic_arng_node *next_node;
++
++		while ((next = eb64_next(new))) {
++			next_node =
++				eb64_entry(next, struct quic_arng_node, first);
++			if (new_node->last + 1 < next_node->first.key)
++				break;
++
++			if (next_node->last > new_node->last)
++				new_node->last = next_node->last;
++			eb64_delete(next);
++			pool_free(pool_head_quic_arng, next_node);
++			/* Decrement the size of these ranges. */
++			arngs->sz--;
++		}
++	}
++
++	ret = 1;
++ leave:
++	quic_arngs_set_enc_sz(qc, arngs);
++	TRACE_LEAVE(QUIC_EV_CONN_RXPKT, qc);
++	return ret;
++}
++
++/* Detect the value of the spin bit to be used. */
++static inline void qc_handle_spin_bit(struct quic_conn *qc, struct quic_rx_packet *pkt,
++                                      struct quic_enc_level *qel)
++{
++	uint64_t largest_pn = qel->pktns->rx.largest_pn;
++
++	if (qel != &qc->els[QUIC_TLS_ENC_LEVEL_APP] || largest_pn == -1 ||
++	    pkt->pn <= largest_pn)
++		return;
++
++	if (qc_is_listener(qc)) {
++		if (pkt->flags & QUIC_FL_RX_PACKET_SPIN_BIT)
++			qc->flags |= QUIC_FL_CONN_SPIN_BIT;
++		else
++			qc->flags &= ~QUIC_FL_CONN_SPIN_BIT;
++	}
++	else {
++		if (pkt->flags & QUIC_FL_RX_PACKET_SPIN_BIT)
++			qc->flags &= ~QUIC_FL_CONN_SPIN_BIT;
++		else
++			qc->flags |= QUIC_FL_CONN_SPIN_BIT;
++	}
++}
++
++/* Remove the header protection of packets at <el> encryption level.
++ * Always succeeds.
++ */
++static inline void qc_rm_hp_pkts(struct quic_conn *qc, struct quic_enc_level *el)
++{
++	struct quic_rx_packet *pqpkt, *pkttmp;
++	struct quic_enc_level *app_qel;
++
++	TRACE_ENTER(QUIC_EV_CONN_ELRMHP, qc);
++	app_qel = &qc->els[QUIC_TLS_ENC_LEVEL_APP];
++	/* A server must not process incoming 1-RTT packets before the handshake is complete. */
++	if (el == app_qel && qc_is_listener(qc) && qc->state < QUIC_HS_ST_COMPLETE) {
++		TRACE_PROTO("RX hp not removed (handshake not completed)",
++		            QUIC_EV_CONN_ELRMHP, qc);
++		goto out;
++	}
++
++	list_for_each_entry_safe(pqpkt, pkttmp, &el->rx.pqpkts, list) {
++		struct quic_tls_ctx *tls_ctx;
++
++		tls_ctx = qc_select_tls_ctx(qc, el, pqpkt);
++		if (!qc_do_rm_hp(qc, pqpkt, tls_ctx, el->pktns->rx.largest_pn,
++		                 pqpkt->data + pqpkt->pn_offset, pqpkt->data)) {
++			TRACE_ERROR("RX hp removing error", QUIC_EV_CONN_ELRMHP, qc);
++		}
++		else {
++			qc_handle_spin_bit(qc, pqpkt, el);
++			/* The AAD includes the packet number field */
++			pqpkt->aad_len = pqpkt->pn_offset + pqpkt->pnl;
++			/* Store the packet into the tree of packets to decrypt. */
++			pqpkt->pn_node.key = pqpkt->pn;
++			eb64_insert(&el->rx.pkts, &pqpkt->pn_node);
++			quic_rx_packet_refinc(pqpkt);
++			TRACE_PROTO("RX hp removed", QUIC_EV_CONN_ELRMHP, qc, pqpkt);
++		}
++		LIST_DELETE(&pqpkt->list);
++		quic_rx_packet_refdec(pqpkt);
++	}
++
++  out:
++	TRACE_LEAVE(QUIC_EV_CONN_ELRMHP, qc);
++}
++
++/* Process all the CRYPTO frame at <el> encryption level. This is the
++ * responsibility of the called to ensure there exists a CRYPTO data
++ * stream for this level.
++ * Return 1 if succeeded, 0 if not.
++ */
++static inline int qc_treat_rx_crypto_frms(struct quic_conn *qc,
++                                          struct quic_enc_level *el,
++                                          struct ssl_sock_ctx *ctx)
++{
++	int ret = 0;
++	struct ncbuf *ncbuf;
++	struct quic_cstream *cstream = el->cstream;
++	ncb_sz_t data;
++
++	TRACE_ENTER(QUIC_EV_CONN_PHPKTS, qc);
++
++	BUG_ON(!cstream);
++	ncbuf = &cstream->rx.ncbuf;
++	if (ncb_is_null(ncbuf))
++		goto done;
++
++	/* TODO not working if buffer is wrapping */
++	while ((data = ncb_data(ncbuf, 0))) {
++		const unsigned char *cdata = (const unsigned char *)ncb_head(ncbuf);
++
++		if (!qc_provide_cdata(el, ctx, cdata, data, NULL, NULL))
++			goto leave;
++
++		cstream->rx.offset += data;
++		TRACE_DEVEL("buffered crypto data were provided to TLS stack",
++		            QUIC_EV_CONN_PHPKTS, qc, el);
++	}
++
++ done:
++	ret = 1;
++ leave:
++	if (!ncb_is_null(ncbuf) && ncb_is_empty(ncbuf)) {
++		TRACE_DEVEL("freeing crypto buf", QUIC_EV_CONN_PHPKTS, qc, el);
++		quic_free_ncbuf(ncbuf);
++	}
++	TRACE_LEAVE(QUIC_EV_CONN_PHPKTS, qc);
++	return ret;
++}
++
++/* Process all the packets at <el> and <next_el> encryption level.
++ * This is the caller responsibility to check that <cur_el> is different of <next_el>
++ * as pointer value.
++ * Return 1 if succeeded, 0 if not.
++ */
++int qc_treat_rx_pkts(struct quic_conn *qc, struct quic_enc_level *cur_el,
++                     struct quic_enc_level *next_el)
++{
++	int ret = 0;
++	struct eb64_node *node;
++	int64_t largest_pn = -1;
++	unsigned int largest_pn_time_received = 0;
++	struct quic_enc_level *qel = cur_el;
++
++	TRACE_ENTER(QUIC_EV_CONN_RXPKT, qc);
++	qel = cur_el;
++ next_tel:
++	if (!qel)
++		goto out;
++
++	node = eb64_first(&qel->rx.pkts);
++	while (node) {
++		struct quic_rx_packet *pkt;
++
++		pkt = eb64_entry(node, struct quic_rx_packet, pn_node);
++		TRACE_DATA("new packet", QUIC_EV_CONN_RXPKT,
++		            qc, pkt, NULL, qc->xprt_ctx->ssl);
++		if (!qc_pkt_decrypt(qc, qel, pkt)) {
++			/* Drop the packet */
++			TRACE_ERROR("packet decryption failed -> dropped",
++			            QUIC_EV_CONN_RXPKT, qc, pkt);
++		}
++		else {
++			if (!qc_parse_pkt_frms(qc, pkt, qel)) {
++				/* Drop the packet */
++				TRACE_ERROR("packet parsing failed -> dropped",
++				            QUIC_EV_CONN_RXPKT, qc, pkt);
++				qc->cntrs.dropped_parsing++;
++			}
++			else {
++				struct quic_arng ar = { .first = pkt->pn, .last = pkt->pn };
++
++				/* Update the list of ranges to acknowledge. */
++				if (quic_update_ack_ranges_list(qc, &qel->pktns->rx.arngs, &ar)) {
++					if (pkt->flags & QUIC_FL_RX_PACKET_ACK_ELICITING) {
++						int arm_ack_timer =
++							qc->state >= QUIC_HS_ST_COMPLETE &&
++							qel->pktns == &qc->pktns[QUIC_TLS_PKTNS_01RTT];
++
++						qel->pktns->flags |= QUIC_FL_PKTNS_ACK_REQUIRED;
++						qel->pktns->rx.nb_aepkts_since_last_ack++;
++						qc_idle_timer_rearm(qc, 1, arm_ack_timer);
++					}
++
++					if (pkt->pn > largest_pn) {
++						largest_pn = pkt->pn;
++						largest_pn_time_received = pkt->time_received;
++					}
++				}
++				else {
++					TRACE_ERROR("Could not update ack range list",
++					            QUIC_EV_CONN_RXPKT, qc);
++				}
++			}
++		}
++		node = eb64_next(node);
++		eb64_delete(&pkt->pn_node);
++		quic_rx_packet_refdec(pkt);
++	}
++
++	if (largest_pn != -1 && largest_pn > qel->pktns->rx.largest_pn) {
++		/* Update the largest packet number. */
++		qel->pktns->rx.largest_pn = largest_pn;
++		/* Update the largest acknowledged packet timestamps */
++		qel->pktns->rx.largest_time_received = largest_pn_time_received;
++		qel->pktns->flags |= QUIC_FL_PKTNS_NEW_LARGEST_PN;
++	}
++
++	if (qel->cstream && !qc_treat_rx_crypto_frms(qc, qel, qc->xprt_ctx)) {
++		// trace already emitted by function above
++		goto leave;
++	}
++
++	if (qel == cur_el) {
++		BUG_ON(qel == next_el);
++		qel = next_el;
++		largest_pn = -1;
++		goto next_tel;
++	}
++
++ out:
++	ret = 1;
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_RXPKT, qc);
++	return ret;
++}
++
++/* Check if it's possible to remove header protection for packets related to
++ * encryption level <qel>. If <qel> is NULL, assume it's false.
++ *
++ * Return true if the operation is possible else false.
++ */
++static int qc_qel_may_rm_hp(struct quic_conn *qc, struct quic_enc_level *qel)
++{
++	int ret = 0;
++	enum quic_tls_enc_level tel;
++
++	TRACE_ENTER(QUIC_EV_CONN_TRMHP, qc);
++
++	if (!qel)
++		goto cant_rm_hp;
++
++	tel = ssl_to_quic_enc_level(qel->level);
++
++	/* check if tls secrets are available */
++	if (qel->tls_ctx.flags & QUIC_FL_TLS_SECRETS_DCD) {
++		TRACE_PROTO("Discarded keys", QUIC_EV_CONN_TRMHP, qc);
++		goto cant_rm_hp;
++	}
++
++	if (!quic_tls_has_rx_sec(qel)) {
++		TRACE_PROTO("non available secrets", QUIC_EV_CONN_TRMHP, qc);
++		goto cant_rm_hp;
++	}
++
++	if (tel == QUIC_TLS_ENC_LEVEL_APP && qc->state < QUIC_HS_ST_COMPLETE) {
++		TRACE_PROTO("handshake not complete", QUIC_EV_CONN_TRMHP, qc);
++		goto cant_rm_hp;
++	}
++
++	/* check if the connection layer is ready before using app level */
++	if ((tel == QUIC_TLS_ENC_LEVEL_APP || tel == QUIC_TLS_ENC_LEVEL_EARLY_DATA) &&
++	    qc->mux_state == QC_MUX_NULL) {
++		TRACE_PROTO("connection layer not ready", QUIC_EV_CONN_TRMHP, qc);
++		goto cant_rm_hp;
++	}
++
++	ret = 1;
++ cant_rm_hp:
++	TRACE_LEAVE(QUIC_EV_CONN_TRMHP, qc);
++	return ret;
++}
++
++/* Flush txbuf for <qc> connection. This must be called prior to a packet
++ * preparation when txbuf contains older data. A send will be conducted for
++ * these data.
++ *
++ * Returns 1 on success : buffer is empty and can be use for packet
++ * preparation. On error 0 is returned.
++ */
++static int qc_purge_txbuf(struct quic_conn *qc, struct buffer *buf)
++{
++	TRACE_ENTER(QUIC_EV_CONN_TXPKT, qc);
++
++	/* This operation can only be conducted if txbuf is not empty. This
++	 * case only happens for connection with their owned socket due to an
++	 * older transient sendto() error.
++	 */
++	BUG_ON(!qc_test_fd(qc));
++
++	if (b_data(buf) && !qc_send_ppkts(buf, qc->xprt_ctx)) {
++		if (qc->flags & QUIC_FL_CONN_TO_KILL)
++			qc_txb_release(qc);
++		TRACE_DEVEL("leaving in error", QUIC_EV_CONN_TXPKT, qc);
++		return 0;
++	}
++
++	TRACE_LEAVE(QUIC_EV_CONN_TXPKT, qc);
++	return 1;
++}
++
++/* Try to send application frames from list <frms> on connection <qc>.
++ *
++ * Use qc_send_app_probing wrapper when probing with old data.
++ *
++ * Returns 1 on success. Some data might not have been sent due to congestion,
++ * in this case they are left in <frms> input list. The caller may subscribe on
++ * quic-conn to retry later.
++ *
++ * Returns 0 on critical error.
++ * TODO review and classify more distinctly transient from definitive errors to
++ * allow callers to properly handle it.
++ */
++static int qc_send_app_pkts(struct quic_conn *qc, struct list *frms)
++{
++	int status = 0, ret;
++	struct buffer *buf;
++
++	TRACE_ENTER(QUIC_EV_CONN_TXPKT, qc);
++
++	buf = qc_txb_alloc(qc);
++	if (!buf) {
++		TRACE_ERROR("buffer allocation failed", QUIC_EV_CONN_TXPKT, qc);
++		goto err;
++	}
++
++	if (b_data(buf) && !qc_purge_txbuf(qc, buf))
++		goto err;
++
++	/* Prepare and send packets until we could not further prepare packets. */
++	do {
++		/* Currently buf cannot be non-empty at this stage. Even if a
++		 * previous sendto() has failed it is emptied to simulate
++		 * packet emission and rely on QUIC lost detection to try to
++		 * emit it.
++		 */
++		BUG_ON_HOT(b_data(buf));
++		b_reset(buf);
++
++		ret = qc_prep_app_pkts(qc, buf, frms);
++
++		if (b_data(buf) && !qc_send_ppkts(buf, qc->xprt_ctx)) {
++			if (qc->flags & QUIC_FL_CONN_TO_KILL)
++				qc_txb_release(qc);
++			goto err;
++		}
++	} while (ret > 0);
++
++	qc_txb_release(qc);
++	if (ret < 0)
++		goto err;
++
++	status = 1;
++	TRACE_LEAVE(QUIC_EV_CONN_TXPKT, qc);
++	return status;
++
++ err:
++	TRACE_DEVEL("leaving in error", QUIC_EV_CONN_TXPKT, qc);
++	return 0;
++}
++
++/* Try to send application frames from list <frms> on connection <qc>. Use this
++ * function when probing is required.
++ *
++ * Returns the result from qc_send_app_pkts function.
++ */
++static forceinline int qc_send_app_probing(struct quic_conn *qc,
++                                           struct list *frms)
++{
++	int ret;
++
++	TRACE_ENTER(QUIC_EV_CONN_TXPKT, qc);
++
++	TRACE_PROTO("preparing old data (probing)", QUIC_EV_CONN_FRMLIST, qc, frms);
++	qc->flags |= QUIC_FL_CONN_RETRANS_OLD_DATA;
++	ret = qc_send_app_pkts(qc, frms);
++	qc->flags &= ~QUIC_FL_CONN_RETRANS_OLD_DATA;
++
++	TRACE_LEAVE(QUIC_EV_CONN_TXPKT, qc);
++	return ret;
++}
++
++/* Try to send application frames from list <frms> on connection <qc>. This
++ * function is provided for MUX upper layer usage only.
++ *
++ * Returns the result from qc_send_app_pkts function.
++ */
++int qc_send_mux(struct quic_conn *qc, struct list *frms)
++{
++	int ret;
++
++	TRACE_ENTER(QUIC_EV_CONN_TXPKT, qc);
++	BUG_ON(qc->mux_state != QC_MUX_READY); /* Only MUX can uses this function so it must be ready. */
++
++	if (qc->conn->flags & CO_FL_SOCK_WR_SH) {
++		qc->conn->flags |= CO_FL_ERROR | CO_FL_SOCK_RD_SH;
++		TRACE_DEVEL("connection on error", QUIC_EV_CONN_TXPKT, qc);
++		return 0;
++	}
++
++	/* Try to send post handshake frames first unless on 0-RTT. */
++	if ((qc->flags & QUIC_FL_CONN_NEED_POST_HANDSHAKE_FRMS) &&
++	    qc->state >= QUIC_HS_ST_COMPLETE) {
++		struct quic_enc_level *qel = &qc->els[QUIC_TLS_ENC_LEVEL_APP];
++		quic_build_post_handshake_frames(qc);
++		qc_send_app_pkts(qc, &qel->pktns->tx.frms);
++	}
++
++	TRACE_STATE("preparing data (from MUX)", QUIC_EV_CONN_TXPKT, qc);
++	qc->flags |= QUIC_FL_CONN_TX_MUX_CONTEXT;
++	ret = qc_send_app_pkts(qc, frms);
++	qc->flags &= ~QUIC_FL_CONN_TX_MUX_CONTEXT;
++
++	TRACE_LEAVE(QUIC_EV_CONN_TXPKT, qc);
++	return ret;
++}
++
++/* Sends handshake packets from up to two encryption levels <tel> and <next_te>
++ * with <tel_frms> and <next_tel_frms> as frame list respectively for <qc>
++ * QUIC connection. <old_data> is used as boolean to send data already sent but
++ * not already acknowledged (in flight).
++ * Returns 1 if succeeded, 0 if not.
++ */
++int qc_send_hdshk_pkts(struct quic_conn *qc, int old_data,
++                       enum quic_tls_enc_level tel, struct list *tel_frms,
++                       enum quic_tls_enc_level next_tel, struct list *next_tel_frms)
++{
++	int ret, status = 0;
++	struct buffer *buf = qc_txb_alloc(qc);
++
++	TRACE_ENTER(QUIC_EV_CONN_TXPKT, qc);
++
++	if (!buf) {
++		TRACE_ERROR("buffer allocation failed", QUIC_EV_CONN_TXPKT, qc);
++		goto leave;
++	}
++
++	if (b_data(buf) && !qc_purge_txbuf(qc, buf))
++		goto out;
++
++	/* Currently buf cannot be non-empty at this stage. Even if a previous
++	 * sendto() has failed it is emptied to simulate packet emission and
++	 * rely on QUIC lost detection to try to emit it.
++	 */
++	BUG_ON_HOT(b_data(buf));
++	b_reset(buf);
++
++	if (old_data) {
++		TRACE_STATE("old data for probing asked", QUIC_EV_CONN_TXPKT, qc);
++		qc->flags |= QUIC_FL_CONN_RETRANS_OLD_DATA;
++	}
++
++	ret = qc_prep_pkts(qc, buf, tel, tel_frms, next_tel, next_tel_frms);
++	if (ret == -1) {
++		qc_txb_release(qc);
++		goto out;
++	}
++
++	if (ret && !qc_send_ppkts(buf, qc->xprt_ctx)) {
++		if (qc->flags & QUIC_FL_CONN_TO_KILL)
++			qc_txb_release(qc);
++		goto out;
++	}
++
++	qc_txb_release(qc);
++	status = 1;
++
++ out:
++	TRACE_STATE("no more need old data for probing", QUIC_EV_CONN_TXPKT, qc);
++	qc->flags &= ~QUIC_FL_CONN_RETRANS_OLD_DATA;
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_TXPKT, qc);
++	return status;
++}
++
++/* Retransmit up to two datagrams depending on packet number space.
++ * Return 0 when failed, 0 if not.
++ */
++static int qc_dgrams_retransmit(struct quic_conn *qc)
++{
++	int ret = 0;
++	int sret;
++	struct quic_enc_level *iqel = &qc->els[QUIC_TLS_ENC_LEVEL_INITIAL];
++	struct quic_enc_level *hqel = &qc->els[QUIC_TLS_ENC_LEVEL_HANDSHAKE];
++	struct quic_enc_level *aqel = &qc->els[QUIC_TLS_ENC_LEVEL_APP];
++
++	TRACE_ENTER(QUIC_EV_CONN_TXPKT, qc);
++
++	if (iqel->pktns->flags & QUIC_FL_PKTNS_PROBE_NEEDED) {
++		int i;
++
++		for (i = 0; i < QUIC_MAX_NB_PTO_DGRAMS; i++) {
++			struct list ifrms = LIST_HEAD_INIT(ifrms);
++			struct list hfrms = LIST_HEAD_INIT(hfrms);
++
++			qc_prep_hdshk_fast_retrans(qc, &ifrms, &hfrms);
++			TRACE_DEVEL("Avail. ack eliciting frames", QUIC_EV_CONN_FRMLIST, qc, &ifrms);
++			TRACE_DEVEL("Avail. ack eliciting frames", QUIC_EV_CONN_FRMLIST, qc, &hfrms);
++			if (!LIST_ISEMPTY(&ifrms)) {
++				iqel->pktns->tx.pto_probe = 1;
++				if (!LIST_ISEMPTY(&hfrms))
++					hqel->pktns->tx.pto_probe = 1;
++				sret = qc_send_hdshk_pkts(qc, 1, QUIC_TLS_ENC_LEVEL_INITIAL, &ifrms,
++				                          QUIC_TLS_ENC_LEVEL_HANDSHAKE, &hfrms);
++				qc_free_frm_list(&ifrms);
++				qc_free_frm_list(&hfrms);
++				if (!sret)
++					goto leave;
++			}
++			else {
++				if (!(qc->flags & QUIC_FL_CONN_ANTI_AMPLIFICATION_REACHED)) {
++					iqel->pktns->tx.pto_probe = 1;
++					sret = qc_send_hdshk_pkts(qc, 0, QUIC_TLS_ENC_LEVEL_INITIAL, &ifrms,
++					                          QUIC_TLS_ENC_LEVEL_NONE, NULL);
++					qc_free_frm_list(&hfrms);
++					if (!sret)
++						goto leave;
++				}
++			}
++		}
++		TRACE_STATE("no more need to probe Initial packet number space",
++					QUIC_EV_CONN_TXPKT, qc);
++		iqel->pktns->flags &= ~QUIC_FL_PKTNS_PROBE_NEEDED;
++		hqel->pktns->flags &= ~QUIC_FL_PKTNS_PROBE_NEEDED;
++	}
++	else {
++		int i;
++
++		if (hqel->pktns->flags & QUIC_FL_PKTNS_PROBE_NEEDED) {
++			hqel->pktns->tx.pto_probe = 0;
++			for (i = 0; i < QUIC_MAX_NB_PTO_DGRAMS; i++) {
++				struct list frms1 = LIST_HEAD_INIT(frms1);
++
++				qc_prep_fast_retrans(qc, hqel, &frms1, NULL);
++				TRACE_DEVEL("Avail. ack eliciting frames", QUIC_EV_CONN_FRMLIST, qc, &frms1);
++				if (!LIST_ISEMPTY(&frms1)) {
++					hqel->pktns->tx.pto_probe = 1;
++					sret = qc_send_hdshk_pkts(qc, 1, QUIC_TLS_ENC_LEVEL_HANDSHAKE, &frms1,
++					                          QUIC_TLS_ENC_LEVEL_NONE, NULL);
++					qc_free_frm_list(&frms1);
++					if (!sret)
++						goto leave;
++				}
++			}
++			TRACE_STATE("no more need to probe Handshake packet number space",
++			            QUIC_EV_CONN_TXPKT, qc);
++			hqel->pktns->flags &= ~QUIC_FL_PKTNS_PROBE_NEEDED;
++		}
++		else if (aqel->pktns->flags & QUIC_FL_PKTNS_PROBE_NEEDED) {
++			struct list frms2 = LIST_HEAD_INIT(frms2);
++			struct list frms1 = LIST_HEAD_INIT(frms1);
++
++			aqel->pktns->tx.pto_probe = 0;
++			qc_prep_fast_retrans(qc, aqel, &frms1, &frms2);
++			TRACE_PROTO("Avail. ack eliciting frames", QUIC_EV_CONN_FRMLIST, qc, &frms1);
++			TRACE_PROTO("Avail. ack eliciting frames", QUIC_EV_CONN_FRMLIST, qc, &frms2);
++			if (!LIST_ISEMPTY(&frms1)) {
++				aqel->pktns->tx.pto_probe = 1;
++				sret = qc_send_app_probing(qc, &frms1);
++				qc_free_frm_list(&frms1);
++				if (!sret) {
++					qc_free_frm_list(&frms2);
++					goto leave;
++				}
++			}
++			if (!LIST_ISEMPTY(&frms2)) {
++				aqel->pktns->tx.pto_probe = 1;
++				sret = qc_send_app_probing(qc, &frms2);
++				qc_free_frm_list(&frms2);
++				if (!sret)
++					goto leave;
++			}
++			TRACE_STATE("no more need to probe 01RTT packet number space",
++			            QUIC_EV_CONN_TXPKT, qc);
++			aqel->pktns->flags &= ~QUIC_FL_PKTNS_PROBE_NEEDED;
++		}
++	}
++
++	ret = 1;
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_TXPKT, qc);
++	return ret;
++}
++
++/* QUIC connection packet handler task (post handshake) */
++struct task *quic_conn_app_io_cb(struct task *t, void *context, unsigned int state)
++{
++	struct quic_conn *qc = context;
++	struct quic_enc_level *qel;
++
++	TRACE_ENTER(QUIC_EV_CONN_IO_CB, qc);
++
++	qel = &qc->els[QUIC_TLS_ENC_LEVEL_APP];
++	TRACE_STATE("connection handshake state", QUIC_EV_CONN_IO_CB, qc, &qc->state);
++
++	if (qc_test_fd(qc))
++		qc_rcv_buf(qc);
++
++	/* Prepare post-handshake frames
++	 * - after connection is instantiated (accept is done)
++	 * - handshake state is completed (may not be the case here in 0-RTT)
++	 */
++	if ((qc->flags & QUIC_FL_CONN_NEED_POST_HANDSHAKE_FRMS) && qc->conn &&
++	    qc->state >= QUIC_HS_ST_COMPLETE) {
++		quic_build_post_handshake_frames(qc);
++	}
++
++	/* Retranmissions */
++	if (qc->flags & QUIC_FL_CONN_RETRANS_NEEDED) {
++		TRACE_STATE("retransmission needed", QUIC_EV_CONN_IO_CB, qc);
++		qc->flags &= ~QUIC_FL_CONN_RETRANS_NEEDED;
++		if (!qc_dgrams_retransmit(qc))
++			goto out;
++	}
++
++	if (!LIST_ISEMPTY(&qel->rx.pqpkts) && qc_qel_may_rm_hp(qc, qel))
++		qc_rm_hp_pkts(qc, qel);
++
++	if (!qc_treat_rx_pkts(qc, qel, NULL)) {
++		TRACE_DEVEL("qc_treat_rx_pkts() failed", QUIC_EV_CONN_IO_CB, qc);
++		goto out;
++	}
++
++	if (qc->flags & QUIC_FL_CONN_TO_KILL) {
++		TRACE_DEVEL("connection to be killed", QUIC_EV_CONN_IO_CB, qc);
++		goto out;
++	}
++
++	if ((qc->flags & QUIC_FL_CONN_DRAINING) &&
++	    !(qc->flags & QUIC_FL_CONN_IMMEDIATE_CLOSE)) {
++		TRACE_STATE("draining connection (must not send packets)", QUIC_EV_CONN_IO_CB, qc);
++		goto out;
++	}
++
++	/* XXX TODO: how to limit the list frames to send */
++	if (!qc_send_app_pkts(qc, &qel->pktns->tx.frms)) {
++		TRACE_DEVEL("qc_send_app_pkts() failed", QUIC_EV_CONN_IO_CB, qc);
++		goto out;
++	}
++
++ out:
++	TRACE_LEAVE(QUIC_EV_CONN_IO_CB, qc);
++	return t;
++}
++
++/* Returns a boolean if <qc> needs to emit frames for <qel> encryption level. */
++static int qc_need_sending(struct quic_conn *qc, struct quic_enc_level *qel)
++{
++	return (qc->flags & QUIC_FL_CONN_IMMEDIATE_CLOSE) ||
++	       (qel->pktns->flags & QUIC_FL_PKTNS_ACK_REQUIRED) ||
++	       qel->pktns->tx.pto_probe ||
++	       !LIST_ISEMPTY(&qel->pktns->tx.frms);
++}
++
++/* QUIC connection packet handler task. */
++struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state)
++{
++	int ret, ssl_err;
++	struct quic_conn *qc = context;
++	enum quic_tls_enc_level tel, next_tel;
++	struct quic_enc_level *qel, *next_qel;
++	/* Early-data encryption level */
++	struct quic_enc_level *eqel;
++	struct buffer *buf = NULL;
++	int st, zero_rtt;
++
++	TRACE_ENTER(QUIC_EV_CONN_IO_CB, qc);
++
++	eqel = &qc->els[QUIC_TLS_ENC_LEVEL_EARLY_DATA];
++	st = qc->state;
++	TRACE_PROTO("connection state", QUIC_EV_CONN_IO_CB, qc, &st);
++
++	/* Retranmissions */
++	if (qc->flags & QUIC_FL_CONN_RETRANS_NEEDED) {
++		TRACE_DEVEL("retransmission needed", QUIC_EV_CONN_PHPKTS, qc);
++		qc->flags &= ~QUIC_FL_CONN_RETRANS_NEEDED;
++		if (!qc_dgrams_retransmit(qc))
++			goto out;
++	}
++
++	ssl_err = SSL_ERROR_NONE;
++	zero_rtt = st < QUIC_HS_ST_COMPLETE &&
++		quic_tls_has_rx_sec(eqel) &&
++		(!LIST_ISEMPTY(&eqel->rx.pqpkts) || qc_el_rx_pkts(eqel));
++
++	if (qc_test_fd(qc))
++		qc_rcv_buf(qc);
++
++	if (st >= QUIC_HS_ST_COMPLETE &&
++	    qc_el_rx_pkts(&qc->els[QUIC_TLS_ENC_LEVEL_HANDSHAKE])) {
++		TRACE_DEVEL("remaining Handshake packets", QUIC_EV_CONN_PHPKTS, qc);
++		/* There may be remaining Handshake packets to treat and acknowledge. */
++		tel = QUIC_TLS_ENC_LEVEL_HANDSHAKE;
++		next_tel = QUIC_TLS_ENC_LEVEL_APP;
++	}
++	else if (!quic_get_tls_enc_levels(&tel, &next_tel, qc, st, zero_rtt))
++		goto out;
++
++	qel = &qc->els[tel];
++	next_qel = next_tel == QUIC_TLS_ENC_LEVEL_NONE ? NULL : &qc->els[next_tel];
++
++ next_level:
++	/* Treat packets waiting for header packet protection decryption */
++	if (!LIST_ISEMPTY(&qel->rx.pqpkts) && qc_qel_may_rm_hp(qc, qel))
++		qc_rm_hp_pkts(qc, qel);
++
++	if (!qc_treat_rx_pkts(qc, qel, next_qel))
++		goto out;
++
++	if (qc->flags & QUIC_FL_CONN_TO_KILL) {
++		TRACE_DEVEL("connection to be killed", QUIC_EV_CONN_PHPKTS, qc);
++		goto out;
++	}
++
++	if ((qc->flags & QUIC_FL_CONN_DRAINING) &&
++	    !(qc->flags & QUIC_FL_CONN_IMMEDIATE_CLOSE))
++		goto out;
++
++	zero_rtt = st < QUIC_HS_ST_COMPLETE &&
++		quic_tls_has_rx_sec(eqel) &&
++		(!LIST_ISEMPTY(&eqel->rx.pqpkts) || qc_el_rx_pkts(eqel));
++	if (next_qel && next_qel == eqel && zero_rtt) {
++		TRACE_DEVEL("select 0RTT as next encryption level",
++					QUIC_EV_CONN_PHPKTS, qc);
++		qel = next_qel;
++		next_qel = NULL;
++		goto next_level;
++	}
++
++	st = qc->state;
++	if (st >= QUIC_HS_ST_COMPLETE) {
++		if (!(qc->els[QUIC_TLS_ENC_LEVEL_HANDSHAKE].tls_ctx.flags &
++		           QUIC_FL_TLS_SECRETS_DCD)) {
++			/* Discard the Handshake keys. */
++			quic_tls_discard_keys(&qc->els[QUIC_TLS_ENC_LEVEL_HANDSHAKE]);
++			TRACE_PROTO("discarding Handshake pktns", QUIC_EV_CONN_PHPKTS, qc);
++			quic_pktns_discard(qc->els[QUIC_TLS_ENC_LEVEL_HANDSHAKE].pktns, qc);
++			qc_set_timer(qc);
++			qc_el_rx_pkts_del(&qc->els[QUIC_TLS_ENC_LEVEL_HANDSHAKE]);
++			qc_release_pktns_frms(qc, qc->els[QUIC_TLS_ENC_LEVEL_HANDSHAKE].pktns);
++		}
++
++		if (qc->els[QUIC_TLS_ENC_LEVEL_HANDSHAKE].pktns->flags & QUIC_FL_PKTNS_ACK_REQUIRED) {
++			/* There may be remaining handshake to build (acks) */
++			st = QUIC_HS_ST_SERVER_HANDSHAKE;
++		}
++	}
++
++	/* A listener does not send any O-RTT packet. O-RTT packet number space must not
++	 * be considered.
++	 */
++	if (!quic_get_tls_enc_levels(&tel, &next_tel, qc, st, 0))
++		goto out;
++
++	if (!qc_need_sending(qc, qel) &&
++	    (!next_qel || !qc_need_sending(qc, next_qel))) {
++		goto skip_send;
++	}
++
++	buf = qc_txb_alloc(qc);
++	if (!buf)
++		goto out;
++
++	if (b_data(buf) && !qc_purge_txbuf(qc, buf))
++		goto skip_send;
++
++	/* Currently buf cannot be non-empty at this stage. Even if a previous
++	 * sendto() has failed it is emptied to simulate packet emission and
++	 * rely on QUIC lost detection to try to emit it.
++	 */
++	BUG_ON_HOT(b_data(buf));
++	b_reset(buf);
++
++	ret = qc_prep_pkts(qc, buf, tel, &qc->els[tel].pktns->tx.frms,
++	                   next_tel, &qc->els[next_tel].pktns->tx.frms);
++	if (ret == -1) {
++		qc_txb_release(qc);
++		goto out;
++	}
++
++	if (ret && !qc_send_ppkts(buf, qc->xprt_ctx)) {
++		if (qc->flags & QUIC_FL_CONN_TO_KILL)
++			qc_txb_release(qc);
++		goto out;
++	}
++
++	qc_txb_release(qc);
++
++ skip_send:
++	/* Check if there is something to do for the next level.
++	 */
++	if (next_qel && next_qel != qel &&
++	    quic_tls_has_rx_sec(next_qel) &&
++	    (!LIST_ISEMPTY(&next_qel->rx.pqpkts) || qc_el_rx_pkts(next_qel))) {
++		qel = next_qel;
++		next_qel = NULL;
++		goto next_level;
++	}
++
++ out:
++	TRACE_PROTO("ssl error", QUIC_EV_CONN_IO_CB, qc, &st, &ssl_err);
++	TRACE_LEAVE(QUIC_EV_CONN_IO_CB, qc);
++	return t;
++}
++
++/* Release the memory allocated for <cs> CRYPTO stream */
++void quic_cstream_free(struct quic_cstream *cs)
++{
++	if (!cs) {
++		/* This is the case for ORTT encryption level */
++		return;
++	}
++
++	quic_free_ncbuf(&cs->rx.ncbuf);
++
++	qc_stream_desc_release(cs->desc);
++	pool_free(pool_head_quic_cstream, cs);
++}
++
++/* Allocate a new QUIC stream for <qc>.
++ * Return it if succeeded, NULL if not.
++ */
++struct quic_cstream *quic_cstream_new(struct quic_conn *qc)
++{
++	struct quic_cstream *cs, *ret_cs = NULL;
++
++	TRACE_ENTER(QUIC_EV_CONN_LPKT, qc);
++	cs = pool_alloc(pool_head_quic_cstream);
++	if (!cs) {
++		TRACE_ERROR("crypto stream allocation failed", QUIC_EV_CONN_INIT, qc);
++		goto leave;
++	}
++
++	cs->rx.offset = 0;
++	cs->rx.ncbuf = NCBUF_NULL;
++	cs->rx.offset = 0;
++
++	cs->tx.offset = 0;
++	cs->tx.sent_offset = 0;
++	cs->tx.buf = BUF_NULL;
++	cs->desc = qc_stream_desc_new((uint64_t)-1, -1, cs, qc);
++	if (!cs->desc) {
++		TRACE_ERROR("crypto stream allocation failed", QUIC_EV_CONN_INIT, qc);
++		goto err;
++	}
++
++	ret_cs = cs;
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_LPKT, qc);
++	return ret_cs;
++
++ err:
++	pool_free(pool_head_quic_cstream, cs);
++	goto leave;
++}
++
++/* Uninitialize <qel> QUIC encryption level. Never fails. */
++static void quic_conn_enc_level_uninit(struct quic_conn *qc, struct quic_enc_level *qel)
++{
++	int i;
++
++	TRACE_ENTER(QUIC_EV_CONN_CLOSE, qc);
++
++	for (i = 0; i < qel->tx.crypto.nb_buf; i++) {
++		if (qel->tx.crypto.bufs[i]) {
++			pool_free(pool_head_quic_crypto_buf, qel->tx.crypto.bufs[i]);
++			qel->tx.crypto.bufs[i] = NULL;
++		}
++	}
++	ha_free(&qel->tx.crypto.bufs);
++	quic_cstream_free(qel->cstream);
++
++	TRACE_LEAVE(QUIC_EV_CONN_CLOSE, qc);
++}
++
++/* Initialize QUIC TLS encryption level with <level<> as level for <qc> QUIC
++ * connection allocating everything needed.
++ *
++ * Returns 1 if succeeded, 0 if not. On error the caller is responsible to use
++ * quic_conn_enc_level_uninit() to cleanup partially allocated content.
++ */
++static int quic_conn_enc_level_init(struct quic_conn *qc,
++                                    enum quic_tls_enc_level level)
++{
++	int ret = 0;
++	struct quic_enc_level *qel;
++
++	TRACE_ENTER(QUIC_EV_CONN_CLOSE, qc);
++
++	qel = &qc->els[level];
++	qel->level = quic_to_ssl_enc_level(level);
++	qel->tls_ctx.rx.aead = qel->tls_ctx.tx.aead = NULL;
++	qel->tls_ctx.rx.md   = qel->tls_ctx.tx.md = NULL;
++	qel->tls_ctx.rx.hp   = qel->tls_ctx.tx.hp = NULL;
++	qel->tls_ctx.flags = 0;
++
++	qel->rx.pkts = EB_ROOT;
++	LIST_INIT(&qel->rx.pqpkts);
++
++	/* Allocate only one buffer. */
++	/* TODO: use a pool */
++	qel->tx.crypto.bufs = malloc(sizeof *qel->tx.crypto.bufs);
++	if (!qel->tx.crypto.bufs)
++		goto leave;
++
++	qel->tx.crypto.bufs[0] = pool_alloc(pool_head_quic_crypto_buf);
++	if (!qel->tx.crypto.bufs[0])
++		goto leave;
++
++	qel->tx.crypto.bufs[0]->sz = 0;
++	qel->tx.crypto.nb_buf = 1;
++
++	qel->tx.crypto.sz = 0;
++	qel->tx.crypto.offset = 0;
++	/* No CRYPTO data for early data TLS encryption level */
++	if (level == QUIC_TLS_ENC_LEVEL_EARLY_DATA)
++		qel->cstream = NULL;
++	else {
++		qel->cstream = quic_cstream_new(qc);
++		if (!qel->cstream)
++			goto leave;
++	}
++
++	ret = 1;
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_CLOSE, qc);
++	return ret;
++}
++
++/* Return 1 if <qc> connection may probe the Initial packet number space, 0 if not.
++ * This is not the case if the remote peer address is not validated and if
++ * it cannot send at least QUIC_INITIAL_PACKET_MINLEN bytes.
++ */
++static int qc_may_probe_ipktns(struct quic_conn *qc)
++{
++	return quic_peer_validated_addr(qc) ||
++	       (int)(3 * qc->rx.bytes - qc->tx.prep_bytes) >= QUIC_INITIAL_PACKET_MINLEN;
++}
++
++/* Callback called upon loss detection and PTO timer expirations. */
++struct task *qc_process_timer(struct task *task, void *ctx, unsigned int state)
++{
++	struct quic_conn *qc = ctx;
++	struct quic_pktns *pktns;
++
++	TRACE_ENTER(QUIC_EV_CONN_PTIMER, qc);
++	TRACE_PROTO("process timer", QUIC_EV_CONN_PTIMER, qc,
++	            NULL, NULL, &qc->path->ifae_pkts);
++
++	task->expire = TICK_ETERNITY;
++	pktns = quic_loss_pktns(qc);
++
++	if (qc->flags & (QUIC_FL_CONN_DRAINING|QUIC_FL_CONN_TO_KILL)) {
++		TRACE_PROTO("cancelled action (draining state)", QUIC_EV_CONN_PTIMER, qc);
++		goto out;
++	}
++
++	if (tick_isset(pktns->tx.loss_time)) {
++		struct list lost_pkts = LIST_HEAD_INIT(lost_pkts);
++
++		qc_packet_loss_lookup(pktns, qc, &lost_pkts);
++		if (!LIST_ISEMPTY(&lost_pkts))
++		    tasklet_wakeup(qc->wait_event.tasklet);
++		if (qc_release_lost_pkts(qc, pktns, &lost_pkts, now_ms))
++			qc_set_timer(qc);
++		goto out;
++	}
++
++	if (qc->path->in_flight) {
++		pktns = quic_pto_pktns(qc, qc->state >= QUIC_HS_ST_CONFIRMED, NULL);
++		if (!pktns->tx.in_flight) {
++			TRACE_PROTO("No in flight packets to probe with", QUIC_EV_CONN_TXPKT, qc);
++			goto out;
++		}
++
++		if (pktns == &qc->pktns[QUIC_TLS_PKTNS_INITIAL]) {
++			if (qc_may_probe_ipktns(qc)) {
++				qc->flags |= QUIC_FL_CONN_RETRANS_NEEDED;
++				pktns->flags |= QUIC_FL_PKTNS_PROBE_NEEDED;
++				TRACE_STATE("needs to probe Initial packet number space", QUIC_EV_CONN_TXPKT, qc);
++			}
++			else {
++				TRACE_STATE("Cannot probe Initial packet number space", QUIC_EV_CONN_TXPKT, qc);
++			}
++			if (qc->pktns[QUIC_TLS_PKTNS_HANDSHAKE].tx.in_flight) {
++				qc->flags |= QUIC_FL_CONN_RETRANS_NEEDED;
++				qc->pktns[QUIC_TLS_PKTNS_HANDSHAKE].flags |= QUIC_FL_PKTNS_PROBE_NEEDED;
++				TRACE_STATE("needs to probe Handshake packet number space", QUIC_EV_CONN_TXPKT, qc);
++			}
++		}
++		else if (pktns == &qc->pktns[QUIC_TLS_PKTNS_HANDSHAKE]) {
++			TRACE_STATE("needs to probe Handshake packet number space", QUIC_EV_CONN_TXPKT, qc);
++			qc->flags |= QUIC_FL_CONN_RETRANS_NEEDED;
++			pktns->flags |= QUIC_FL_PKTNS_PROBE_NEEDED;
++			if (qc->pktns[QUIC_TLS_PKTNS_INITIAL].tx.in_flight) {
++				if (qc_may_probe_ipktns(qc)) {
++					qc->pktns[QUIC_TLS_PKTNS_INITIAL].flags |= QUIC_FL_PKTNS_PROBE_NEEDED;
++					TRACE_STATE("needs to probe Initial packet number space", QUIC_EV_CONN_TXPKT, qc);
++				}
++				else {
++					TRACE_STATE("Cannot probe Initial packet number space", QUIC_EV_CONN_TXPKT, qc);
++				}
++			}
++		}
++		else if (pktns == &qc->pktns[QUIC_TLS_PKTNS_01RTT]) {
++			pktns->tx.pto_probe = QUIC_MAX_NB_PTO_DGRAMS;
++			/* Wake up upper layer if waiting to send new data. */
++			if (!qc_notify_send(qc)) {
++				TRACE_STATE("needs to probe 01RTT packet number space", QUIC_EV_CONN_TXPKT, qc);
++				qc->flags |= QUIC_FL_CONN_RETRANS_NEEDED;
++				pktns->flags |= QUIC_FL_PKTNS_PROBE_NEEDED;
++			}
++		}
++	}
++	else if (!qc_is_listener(qc) && qc->state <= QUIC_HS_ST_COMPLETE) {
++		struct quic_enc_level *iel = &qc->els[QUIC_TLS_ENC_LEVEL_INITIAL];
++		struct quic_enc_level *hel = &qc->els[QUIC_TLS_ENC_LEVEL_HANDSHAKE];
++
++		if (quic_tls_has_tx_sec(hel))
++			hel->pktns->tx.pto_probe = 1;
++		if (quic_tls_has_tx_sec(iel))
++			iel->pktns->tx.pto_probe = 1;
++	}
++
++	tasklet_wakeup(qc->wait_event.tasklet);
++	qc->path->loss.pto_count++;
++
++ out:
++	TRACE_PROTO("process timer", QUIC_EV_CONN_PTIMER, qc, pktns);
++	TRACE_LEAVE(QUIC_EV_CONN_PTIMER, qc);
++
++	return task;
++}
++
++/* Parse the Retry token from buffer <token> with <end> a pointer to
++ * one byte past the end of this buffer. This will extract the ODCID
++ * which will be stored into <odcid>
++ *
++ * Returns 0 on success else non-zero.
++ */
++static int parse_retry_token(struct quic_conn *qc,
++                             const unsigned char *token, const unsigned char *end,
++                             struct quic_cid *odcid)
++{
++	int ret = 0;
++	uint64_t odcid_len;
++	uint32_t timestamp;
++	uint32_t now_sec = (uint32_t)date.tv_sec;
++
++	TRACE_ENTER(QUIC_EV_CONN_LPKT, qc);
++
++	if (!quic_dec_int(&odcid_len, &token, end)) {
++		TRACE_ERROR("quic_dec_int() error", QUIC_EV_CONN_LPKT, qc);
++		goto leave;
++	}
++
++	/* RFC 9000 7.2. Negotiating Connection IDs:
++	 * When an Initial packet is sent by a client that has not previously
++	 * received an Initial or Retry packet from the server, the client
++	 * populates the Destination Connection ID field with an unpredictable
++	 * value. This Destination Connection ID MUST be at least 8 bytes in length.
++	 */
++	if (odcid_len < QUIC_ODCID_MINLEN || odcid_len > QUIC_CID_MAXLEN) {
++		TRACE_ERROR("wrong ODCID length", QUIC_EV_CONN_LPKT, qc);
++		goto leave;
++	}
++
++	if (end - token < odcid_len + sizeof timestamp) {
++		TRACE_ERROR("too long ODCID length", QUIC_EV_CONN_LPKT, qc);
++		goto leave;
++	}
++
++	timestamp = ntohl(read_u32(token + odcid_len));
++	/* check if elapsed time is +/- QUIC_RETRY_DURATION_SEC
++	 * to tolerate token generator is not perfectly time synced
++	 */
++	if ((uint32_t)(now_sec - timestamp) > QUIC_RETRY_DURATION_SEC &&
++            (uint32_t)(timestamp - now_sec) > QUIC_RETRY_DURATION_SEC) {
++		TRACE_ERROR("token has expired", QUIC_EV_CONN_LPKT, qc);
++		goto leave;
++	}
++
++	ret = 1;
++	memcpy(odcid->data, token, odcid_len);
++	odcid->len = odcid_len;
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_LPKT, qc);
++	return !ret;
++}
++
++/* Allocate a new QUIC connection with <version> as QUIC version. <ipv4>
++ * boolean is set to 1 for IPv4 connection, 0 for IPv6. <server> is set to 1
++ * for QUIC servers (or haproxy listeners).
++ * <dcid> is the destination connection ID, <scid> is the source connection ID.
++ * This latter <scid> CID as the same value on the wire as the one for <conn_id>
++ * which is the first CID of this connection but a different internal representation used to build
++ * NEW_CONNECTION_ID frames. This is the responsability of the caller to insert
++ * <conn_id> in the CIDs tree for this connection (qc->cids).
++ * <token> is the token found to be used for this connection with <token_len> as
++ * length. Endpoints addresses are specified via <local_addr> and <peer_addr>.
++ * Returns the connection if succeeded, NULL if not.
++ */
++static struct quic_conn *qc_new_conn(const struct quic_version *qv, int ipv4,
++                                     struct quic_cid *dcid, struct quic_cid *scid,
++                                     const struct quic_cid *token_odcid,
++                                     struct quic_connection_id *conn_id,
++                                     struct sockaddr_storage *local_addr,
++                                     struct sockaddr_storage *peer_addr,
++                                     int server, int token, void *owner)
++{
++	int i;
++	struct quic_conn *qc = NULL;
++	/* Initial CID. */
++	char *buf_area = NULL;
++	struct listener *l = NULL;
++	struct quic_cc_algo *cc_algo = NULL;
++	struct quic_tls_ctx *ictx;
++	unsigned int next_actconn = 0, next_sslconn = 0;
++	TRACE_ENTER(QUIC_EV_CONN_INIT);
++
++	next_actconn = increment_actconn();
++	if (!next_actconn) {
++		_HA_ATOMIC_INC(&maxconn_reached);
++		TRACE_STATE("maxconn reached", QUIC_EV_CONN_INIT);
++		goto err;
++	}
++
++	next_sslconn = increment_sslconn();
++	if (!next_sslconn) {
++		TRACE_STATE("sslconn reached", QUIC_EV_CONN_INIT);
++		goto err;
++	}
++
++	/* TODO replace pool_zalloc by pool_alloc(). This requires special care
++	 * to properly initialized internal quic_conn members to safely use
++	 * quic_conn_release() on alloc failure.
++	 */
++	qc = pool_zalloc(pool_head_quic_conn);
++	if (!qc) {
++		TRACE_ERROR("Could not allocate a new connection", QUIC_EV_CONN_INIT);
++		goto err;
++	}
++
++	/* Now that quic_conn instance is allocated, quic_conn_release() will
++	 * ensure global accounting is decremented.
++	 */
++	next_sslconn = next_actconn = 0;
++
++	/* Initialize in priority qc members required for a safe dealloc. */
++
++	/* required to use MTLIST_IN_LIST */
++	MT_LIST_INIT(&qc->accept_list);
++
++	LIST_INIT(&qc->rx.pkt_list);
++
++	qc_init_fd(qc);
++
++	LIST_INIT(&qc->back_refs);
++	LIST_INIT(&qc->el_th_ctx);
++
++	/* Packet number spaces initialization. */
++	for (i = 0; i < QUIC_TLS_PKTNS_MAX; i++)
++		quic_pktns_init(&qc->pktns[i]);
++
++	/* Now proceeds to allocation of qc members. */
++
++	buf_area = pool_alloc(pool_head_quic_conn_rxbuf);
++	if (!buf_area) {
++		TRACE_ERROR("Could not allocate a new RX buffer", QUIC_EV_CONN_INIT, qc);
++		goto err;
++	}
++
++	qc->cids = EB_ROOT;
++	/* QUIC Server (or listener). */
++	if (server) {
++		struct proxy *prx;
++
++		l = owner;
++		prx = l->bind_conf->frontend;
++		cc_algo = l->bind_conf->quic_cc_algo;
++
++		qc->prx_counters = EXTRA_COUNTERS_GET(prx->extra_counters_fe,
++		                                      &quic_stats_module);
++		qc->flags |= QUIC_FL_CONN_LISTENER;
++		qc->state = QUIC_HS_ST_SERVER_INITIAL;
++		/* Copy the client original DCID. */
++		qc->odcid.len = dcid->len;
++		memcpy(qc->odcid.data, dcid->data, dcid->len);
++
++		/* copy the packet SCID to reuse it as DCID for sending */
++		if (scid->len)
++			memcpy(qc->dcid.data, scid->data, scid->len);
++		qc->dcid.len = scid->len;
++		qc->tx.buf = BUF_NULL;
++		qc->li = l;
++	}
++	/* QUIC Client (outgoing connection to servers) */
++	else {
++		qc->state = QUIC_HS_ST_CLIENT_INITIAL;
++		if (dcid->len)
++			memcpy(qc->dcid.data, dcid->data, dcid->len);
++		qc->dcid.len = dcid->len;
++	}
++	qc->mux_state = QC_MUX_NULL;
++	qc->err = quic_err_transport(QC_ERR_NO_ERROR);
++
++	conn_id->qc = qc;
++
++	if ((global.tune.options & GTUNE_QUIC_SOCK_PER_CONN) &&
++	    is_addr(local_addr)) {
++		TRACE_USER("Allocate a socket for QUIC connection", QUIC_EV_CONN_INIT, qc);
++		qc_alloc_fd(qc, local_addr, peer_addr);
++
++		/* haproxy soft-stop is supported only for QUIC connections
++		 * with their owned socket.
++		 */
++		if (qc_test_fd(qc))
++			_HA_ATOMIC_INC(&jobs);
++	}
++
++	/* Select our SCID which is the first CID with 0 as sequence number. */
++	qc->scid = conn_id->cid;
++
++	/* QUIC encryption level context initialization. */
++	for (i = 0; i < QUIC_TLS_ENC_LEVEL_MAX; i++) {
++		if (!quic_conn_enc_level_init(qc, i)) {
++			TRACE_ERROR("Could not initialize an encryption level", QUIC_EV_CONN_INIT, qc);
++			goto err;
++		}
++		/* Initialize the packet number space. */
++		qc->els[i].pktns = &qc->pktns[quic_tls_pktns(i)];
++	}
++
++	qc->original_version = qv;
++	qc->tps_tls_ext = (qc->original_version->num & 0xff000000) == 0xff000000 ?
++		TLS_EXTENSION_QUIC_TRANSPORT_PARAMETERS_DRAFT:
++		TLS_EXTENSION_QUIC_TRANSPORT_PARAMETERS;
++	/* TX part. */
++	LIST_INIT(&qc->tx.frms_to_send);
++	qc->tx.nb_buf = QUIC_CONN_TX_BUFS_NB;
++	qc->tx.wbuf = qc->tx.rbuf = 0;
++	qc->tx.bytes = 0;
++	qc->tx.buf = BUF_NULL;
++	/* RX part. */
++	qc->rx.bytes = 0;
++	qc->rx.buf = b_make(buf_area, QUIC_CONN_RX_BUFSZ, 0, 0);
++	for (i = 0; i < QCS_MAX_TYPES; i++)
++		qc->rx.strms[i].nb_streams = 0;
++
++	qc->nb_pkt_for_cc = 1;
++	qc->nb_pkt_since_cc = 0;
++
++	if (!quic_tls_ku_init(qc)) {
++		TRACE_ERROR("Key update initialization failed", QUIC_EV_CONN_INIT, qc);
++		goto err;
++	}
++
++	/* XXX TO DO: Only one path at this time. */
++	qc->path = &qc->paths[0];
++	quic_path_init(qc->path, ipv4, cc_algo ? cc_algo : default_quic_cc_algo, qc);
++
++	qc->streams_by_id = EB_ROOT_UNIQUE;
++	qc->stream_buf_count = 0;
++	memcpy(&qc->local_addr, local_addr, sizeof(qc->local_addr));
++	memcpy(&qc->peer_addr, peer_addr, sizeof qc->peer_addr);
++
++	if (server && !qc_lstnr_params_init(qc, &l->bind_conf->quic_params,
++	                                    conn_id->stateless_reset_token,
++	                                    dcid->data, dcid->len,
++	                                    qc->scid.data, qc->scid.len, token_odcid))
++		goto err;
++
++	/* Initialize the idle timeout of the connection at the "max_idle_timeout"
++	 * value from local transport parameters.
++	 */
++	qc->max_idle_timeout = qc->rx.params.max_idle_timeout;
++	qc->wait_event.tasklet = tasklet_new();
++	if (!qc->wait_event.tasklet) {
++		TRACE_ERROR("tasklet_new() failed", QUIC_EV_CONN_TXPKT);
++		goto err;
++	}
++	qc->wait_event.tasklet->process = quic_conn_io_cb;
++	qc->wait_event.tasklet->context = qc;
++	qc->wait_event.events = 0;
++	qc->subs = NULL;
++
++	if (qc_conn_alloc_ssl_ctx(qc) ||
++	    !quic_conn_init_timer(qc) ||
++	    !quic_conn_init_idle_timer_task(qc))
++		goto err;
++
++	ictx = &qc->els[QUIC_TLS_ENC_LEVEL_INITIAL].tls_ctx;
++	if (!qc_new_isecs(qc, ictx,qc->original_version, dcid->data, dcid->len, 1))
++		goto err;
++
++	/* Counters initialization */
++	memset(&qc->cntrs, 0, sizeof qc->cntrs);
++
++	LIST_APPEND(&th_ctx->quic_conns, &qc->el_th_ctx);
++	qc->qc_epoch = HA_ATOMIC_LOAD(&qc_epoch);
++
++	TRACE_LEAVE(QUIC_EV_CONN_INIT, qc);
++
++	return qc;
++
++ err:
++	pool_free(pool_head_quic_conn_rxbuf, buf_area);
++	if (qc) {
++		qc->rx.buf.area = NULL;
++		quic_conn_release(qc);
++	}
++
++	/* Decrement global counters. Done only for errors happening before or
++	 * on pool_head_quic_conn alloc. All other cases are covered by
++	 * quic_conn_release().
++	 */
++	if (next_actconn)
++		_HA_ATOMIC_DEC(&actconn);
++	if (next_sslconn)
++		_HA_ATOMIC_DEC(&global.sslconns);
++
++	TRACE_LEAVE(QUIC_EV_CONN_INIT);
++	return NULL;
++}
++
++/* Update the proxy counters of <qc> QUIC connection from its counters */
++static inline void quic_conn_prx_cntrs_update(struct quic_conn *qc)
++{
++	if (!qc->prx_counters)
++		return;
++
++	HA_ATOMIC_ADD(&qc->prx_counters->dropped_pkt, qc->cntrs.dropped_pkt);
++	HA_ATOMIC_ADD(&qc->prx_counters->dropped_pkt_bufoverrun, qc->cntrs.dropped_pkt_bufoverrun);
++	HA_ATOMIC_ADD(&qc->prx_counters->dropped_parsing, qc->cntrs.dropped_parsing);
++	HA_ATOMIC_ADD(&qc->prx_counters->socket_full, qc->cntrs.socket_full);
++	HA_ATOMIC_ADD(&qc->prx_counters->sendto_err, qc->cntrs.sendto_err);
++	HA_ATOMIC_ADD(&qc->prx_counters->sendto_err_unknown, qc->cntrs.sendto_err_unknown);
++	HA_ATOMIC_ADD(&qc->prx_counters->sent_pkt, qc->cntrs.sent_pkt);
++	/* It is possible that ->path was not initialized. For instance if a
++	 * QUIC connection allocation has failed.
++	 */
++	if (qc->path)
++		HA_ATOMIC_ADD(&qc->prx_counters->lost_pkt, qc->path->loss.nb_lost_pkt);
++	HA_ATOMIC_ADD(&qc->prx_counters->conn_migration_done, qc->cntrs.conn_migration_done);
++	/* Stream related counters */
++	HA_ATOMIC_ADD(&qc->prx_counters->data_blocked, qc->cntrs.data_blocked);
++	HA_ATOMIC_ADD(&qc->prx_counters->stream_data_blocked, qc->cntrs.stream_data_blocked);
++	HA_ATOMIC_ADD(&qc->prx_counters->streams_blocked_bidi, qc->cntrs.streams_blocked_bidi);
++	HA_ATOMIC_ADD(&qc->prx_counters->streams_blocked_uni, qc->cntrs.streams_blocked_uni);
++}
++
++/* Release the quic_conn <qc>. The connection is removed from the CIDs tree.
++ * The connection tasklet is killed.
++ *
++ * This function must only be called by the thread responsible of the quic_conn
++ * tasklet.
++ */
++void quic_conn_release(struct quic_conn *qc)
++{
++	int i;
++	struct ssl_sock_ctx *conn_ctx;
++	struct eb64_node *node;
++	struct quic_tls_ctx *app_tls_ctx;
++	struct quic_rx_packet *pkt, *pktback;
++
++	TRACE_ENTER(QUIC_EV_CONN_CLOSE, qc);
++
++	/* We must not free the quic-conn if the MUX is still allocated. */
++	BUG_ON(qc->mux_state == QC_MUX_READY);
++
++	if (qc_test_fd(qc))
++		_HA_ATOMIC_DEC(&jobs);
++
++	/* Close quic-conn socket fd. */
++	qc_release_fd(qc, 0);
++
++	/* in the unlikely (but possible) case the connection was just added to
++	 * the accept_list we must delete it from there.
++	 */
++	MT_LIST_DELETE(&qc->accept_list);
++
++	/* free remaining stream descriptors */
++	node = eb64_first(&qc->streams_by_id);
++	while (node) {
++		struct qc_stream_desc *stream;
++
++		stream = eb64_entry(node, struct qc_stream_desc, by_id);
++		node = eb64_next(node);
++
++		/* all streams attached to the quic-conn are released, so
++		 * qc_stream_desc_free will liberate the stream instance.
++		 */
++		BUG_ON(!stream->release);
++		qc_stream_desc_free(stream, 1);
++	}
++
++	/* Purge Rx packet list. */
++	list_for_each_entry_safe(pkt, pktback, &qc->rx.pkt_list, qc_rx_pkt_list) {
++		LIST_DELETE(&pkt->qc_rx_pkt_list);
++		pool_free(pool_head_quic_rx_packet, pkt);
++	}
++
++	if (qc->idle_timer_task) {
++		task_destroy(qc->idle_timer_task);
++		qc->idle_timer_task = NULL;
++	}
++
++	if (qc->timer_task) {
++		task_destroy(qc->timer_task);
++		qc->timer_task = NULL;
++	}
++
++	tasklet_free(qc->wait_event.tasklet);
++
++	/* remove the connection from receiver cids trees */
++	free_quic_conn_cids(qc);
++
++	conn_ctx = qc->xprt_ctx;
++	if (conn_ctx) {
++		SSL_free(conn_ctx->ssl);
++		pool_free(pool_head_quic_conn_ctx, conn_ctx);
++	}
++
++	quic_tls_ku_free(qc);
++	for (i = 0; i < QUIC_TLS_ENC_LEVEL_MAX; i++) {
++		quic_tls_ctx_secs_free(&qc->els[i].tls_ctx);
++		quic_conn_enc_level_uninit(qc, &qc->els[i]);
++	}
++	quic_tls_ctx_secs_free(&qc->negotiated_ictx);
++
++	app_tls_ctx = &qc->els[QUIC_TLS_ENC_LEVEL_APP].tls_ctx;
++	pool_free(pool_head_quic_tls_secret, app_tls_ctx->rx.secret);
++	pool_free(pool_head_quic_tls_secret, app_tls_ctx->tx.secret);
++
++	for (i = 0; i < QUIC_TLS_PKTNS_MAX; i++) {
++		quic_pktns_tx_pkts_release(&qc->pktns[i], qc);
++		quic_free_arngs(qc, &qc->pktns[i].rx.arngs);
++		qc_release_pktns_frms(qc, &qc->pktns[i]);
++	}
++
++	qc_detach_th_ctx_list(qc, 0);
++
++	quic_conn_prx_cntrs_update(qc);
++	pool_free(pool_head_quic_conn_rxbuf, qc->rx.buf.area);
++	pool_free(pool_head_quic_conn, qc);
++	qc = NULL;
++
++	/* Decrement global counters when quic_conn is deallocated.
++	 * quic_cc_conn instances are not accounted as they run for a short
++	 * time with limited ressources.
++	 */
++	_HA_ATOMIC_DEC(&actconn);
++	_HA_ATOMIC_DEC(&global.sslconns);
++
++	TRACE_PROTO("QUIC conn. freed", QUIC_EV_CONN_FREED, qc);
++
++	TRACE_LEAVE(QUIC_EV_CONN_CLOSE, qc);
++}
++
++/* Initialize the timer task of <qc> QUIC connection.
++ * Returns 1 if succeeded, 0 if not.
++ */
++static int quic_conn_init_timer(struct quic_conn *qc)
++{
++	int ret = 0;
++	/* Attach this task to the same thread ID used for the connection */
++	TRACE_ENTER(QUIC_EV_CONN_NEW, qc);
++
++	qc->timer_task = task_new_here();
++	if (!qc->timer_task) {
++		TRACE_ERROR("timer task allocation failed", QUIC_EV_CONN_NEW, qc);
++		goto leave;
++	}
++
++	qc->timer = TICK_ETERNITY;
++	qc->timer_task->process = qc_process_timer;
++	qc->timer_task->context = qc;
++
++	ret = 1;
++ leave:
++	TRACE_LEAVE(QUIC_EV_CONN_NEW, qc);
++	return ret;
++}
++
++/* Rearm the idle timer or the ack timer (if not already armde) for <qc> QUIC
++ * connection. */
++static void qc_idle_timer_do_rearm(struct quic_conn *qc, int arm_ack)
++{
++	unsigned int expire;
++
++	/* It is possible the idle timer task has been already released. */
++	if (!qc->idle_timer_task)
++		return;
++
++	if (stopping && qc->flags & (QUIC_FL_CONN_CLOSING|QUIC_FL_CONN_DRAINING)) {
++		TRACE_PROTO("executing idle timer immediately on stopping", QUIC_EV_CONN_IDLE_TIMER, qc);
++		qc->ack_expire = TICK_ETERNITY;
++		task_wakeup(qc->idle_timer_task, TASK_WOKEN_MSG);
++	}
++	else {
++		if (qc->flags & (QUIC_FL_CONN_CLOSING|QUIC_FL_CONN_DRAINING)) {
++			/* RFC 9000 10.2. Immediate Close
++			 *
++			 * The closing and draining connection states exist to ensure that
++			 * connections close cleanly and that delayed or reordered packets are
++			 * properly discarded. These states SHOULD persist for at least three
++			 * times the current PTO interval as defined in [QUIC-RECOVERY].
++			 */
++
++			/* Delay is limited to 1s which should cover most of
++			 * network conditions. The process should not be
++			 * impacted by a connection with a high RTT.
++			 */
++			expire = MIN(3 * quic_pto(qc), 1000);
++		}
++		else {
++			/* RFC 9000 10.1. Idle Timeout
++			 *

Ubuntuhaproxy package

Merge ~athos-ribeiro/ubuntu/+source/haproxy:merge-lp2040383-noble into ubuntu/+source/haproxy:debian/sid

Commit message

Description of the change

Preview Diff

Subscribers

Ubuntu
haproxy package