On Thu, Apr 23, 2026 at 04:49:06PM -0700, Andrey Vasilevsky wrote:
> Hi HAProxy security team,
>
> This is a hardening / documentation-clarity report, not a claim of active
> exploitation against a default configuration. Flagging for your threat-model
> review.
> Finding
>
> HAProxy registers four AES sample converters in src/ssl_sample.c (around
> lines 2846-2851):
>
> { "aes_gcm_enc", sample_conv_aes, ... }, /* authenticated (GCM) */
> { "aes_gcm_dec", sample_conv_aes, ... }, /* authenticated (GCM) */
> { "aes_cbc_enc", sample_conv_aes, ... }, /* unauthenticated CBC */
> { "aes_cbc_dec", sample_conv_aes, ... }, /* unauthenticated CBC */
>
> The GCM variants include an AEAD tag; the CBC variants do not.
Because AES-CBC is not a cipher using AEAD. We only provide the mean to encrypt
and decrypt with this cipher, people are suppose to know what they are doing if
they put explicitely this keyword in the configuration.
> No external disclosure is planned before hearing the team's position. Happy
> to draft a doc patch for option (a) if that is the direction the team
> prefers, or to file a public issue/PR if the team considers this out of
> security-list scope.
>
You are sending this to a public mailing-list anyway. But this look like an
AI-generated mail.
--
William Lallemand
