From: Olivier Houchard <ohouchard@haproxy.com>
Date: Wed, 2 Jan 2019 17:46:41 +0000 (+0100)
Subject: BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT.
X-Git-Tag: v2.0-dev1~232
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=51088ce68fee0bae52118d6823873417046f9efe;p=thirdparty%2Fhaproxy.git

BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT.

When using early data, disable the OpenSSL anti-replay protection, and set
the max amount of early data we're ready to accept, based on the size of
buffers, or early data won't work with the released OpenSSL 1.1.1.

This should be backported to 1.8.
---

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 282b85ddd8..13ce2e5bb8 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3869,6 +3869,10 @@ ssl_sock_initial_ctx(struct bind_conf *bind_conf)
 	SSL_CTX_set_select_certificate_cb(ctx, ssl_sock_switchctx_cbk);
 	SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
 #elif (OPENSSL_VERSION_NUMBER >= 0x10101000L)
+	if (bind_conf->ssl_conf.early_data) {
+		SSL_CTX_set_options(ctx, SSL_OP_NO_ANTI_REPLAY);
+		SSL_CTX_set_max_early_data(ctx, global.tune.bufsize - global.tune.maxrewrite);
+	}
 	SSL_CTX_set_client_hello_cb(ctx, ssl_sock_switchctx_cbk, NULL);
 	SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
 #else