]> git.ipfire.org Git - thirdparty/haproxy.git/commit
projects / thirdparty / haproxy.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 43bb842) | patch
BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT.
authorOlivier Houchard <ohouchard@haproxy.com>
Wed, 2 Jan 2019 17:46:41 +0000 (18:46 +0100)
committerWilly Tarreau <w@1wt.eu>
Wed, 9 Jan 2019 15:26:28 +0000 (16:26 +0100)
commit51088ce68fee0bae52118d6823873417046f9efe
treeb09cd73c6d3abcda3a97ce1bd9e3fc8fc02e5d67tree | snapshot
parent43bb842a08a6b772f1d76ff481d5555a8c871dcdcommit | diff
BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT.

When using early data, disable the OpenSSL anti-replay protection, and set
the max amount of early data we're ready to accept, based on the size of
buffers, or early data won't work with the released OpenSSL 1.1.1.

This should be backported to 1.8.
src/ssl_sock.c diff | blob | blame | history
Mirror of https://github.com/haproxy/haproxy.git