From 220386ae4055832529e50063ade5a58db823be71 Mon Sep 17 00:00:00 2001
From: Amaury Denoyelle <adenoyelle@haproxy.com>
Date: Wed, 31 Jan 2024 16:20:00 +0100
Subject: [PATCH] BUG/MINOR: ssl/quic: fix 0RTT define

Previous patches have reorganize define definitions for SSL 0RTT
support. However a typo was introduced. This caused haproxy to disable
0RTT support announcement and report of an erroneous warning for no
support on the SSL library side when using quictls/openssl compat layer.

This was detected by using ngtcp2-client. No 0RTT packet were emitted by
the client due to haproxy missing support advertisement.

The faulty commit is the following one :
  commit 5c4519934708bfe6a26b9ad0cc93a8c5c87df112
  MEDIUM: ssl/quic: always compile the ssl_conf.early_data test

This must be backported wherever the above patch is.
---
 include/haproxy/openssl-compat.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/haproxy/openssl-compat.h b/include/haproxy/openssl-compat.h
index 37dfa3b24..01d4ec471 100644
--- a/include/haproxy/openssl-compat.h
+++ b/include/haproxy/openssl-compat.h
@@ -110,7 +110,7 @@
 #endif
 
 #if defined(SSL_OP_NO_ANTI_REPLAY)
-#define HAVE_SSL_0RTTT
+#define HAVE_SSL_0RTT
 #endif
 
 /* At this time, wolfssl, libressl and the openssl QUIC compatibility do not support 0-RTT */