mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-23 14:51:27 +02:00
Code Issues Projects Releases Wiki Activity

BUILD: quic: enable early data only with >= openssl 1.1.1

Browse Source 
Disable the early data in the QUIC code when not built with openssl >=
1.1.1.

LibreSSL 3.6.0 is impacted.
This commit is contained in:
William Lallemand 2022-09-02 16:24:39 +02:00
parent d2be9d4c48
commit e6ec626ac5
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/xprt_quic.c
View File

@ -5760,10 +5760,11 @@ static int qc_conn_alloc_ssl_ctx(struct quic_conn *qc)
qc->enc_params, qc->enc_params_len) == -1) { qc->enc_params, qc->enc_params_len) == -1) {
goto err; goto err;
} }
#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
/* Enabling 0-RTT */ /* Enabling 0-RTT */
if (bc->ssl_conf.early_data) if (bc->ssl_conf.early_data)
SSL_set_quic_early_data_enabled(ctx->ssl, 1); SSL_set_quic_early_data_enabled(ctx->ssl, 1);
#endif
SSL_set_accept_state(ctx->ssl); SSL_set_accept_state(ctx->ssl);
} }