mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2026-05-04 20:46:11 +02:00
Code Issues Projects Releases Wiki Activity

BUG/MINOR: ssl/quic: fix 0RTT define

Browse Source 
Previous patches have reorganize define definitions for SSL 0RTT
support. However a typo was introduced. This caused haproxy to disable
0RTT support announcement and report of an erroneous warning for no
support on the SSL library side when using quictls/openssl compat layer.

This was detected by using ngtcp2-client. No 0RTT packet were emitted by
the client due to haproxy missing support advertisement.

The faulty commit is the following one :
  commit 5c4519934708bfe6a26b9ad0cc93a8c5c87df112
  MEDIUM: ssl/quic: always compile the ssl_conf.early_data test

This must be backported wherever the above patch is.
This commit is contained in:
Amaury Denoyelle 2024-01-31 16:20:00 +01:00
parent fadabc430f
commit 220386ae40
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/haproxy/openssl-compat.h
View File

@ -110,7 +110,7 @@
#endif
#if defined(SSL_OP_NO_ANTI_REPLAY)
#define HAVE_SSL_0RTTT
#define HAVE_SSL_0RTT
#endif
/* At this time, wolfssl, libressl and the openssl QUIC compatibility do not support 0-RTT */