From 56eefd6827b42afcefed7cc41d2cc38f5c1a2172 Mon Sep 17 00:00:00 2001
From: William Lallemand <wlallemand@haproxy.com>
Date: Mon, 29 Jul 2024 15:42:47 +0200
Subject: [PATCH] BUG/MEDIUM: ssl: reactivate 0-RTT for AWS-LC

Then reactivate HAVE_SSL_0RTT and HAVE_SSL_0RTT_QUIC for AWS-LC, which
were wrongly deactivated in f5353f2c ("MINOR: ssl: add HAVE_SSL_0RTT
constant").

Must be backported to 3.0.
---
 include/haproxy/openssl-compat.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/haproxy/openssl-compat.h b/include/haproxy/openssl-compat.h
index ab4f58e96..dc903063e 100644
--- a/include/haproxy/openssl-compat.h
+++ b/include/haproxy/openssl-compat.h
@@ -114,7 +114,7 @@
 #define HAVE_SSL_get0_verified_chain
 #endif
 
-#if defined(SSL_OP_NO_ANTI_REPLAY)
+#if defined(SSL_OP_NO_ANTI_REPLAY) || defined(OPENSSL_IS_BORINGSSL) || defined(USE_OPENSSL_AWSLC)
 #define HAVE_SSL_0RTT
 #endif