BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT.

When using early data, disable the OpenSSL anti-replay protection, and set
the max amount of early data we're ready to accept, based on the size of
buffers, or early data won't work with the released OpenSSL 1.1.1.

This should be backported to 1.8.

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 282b85ddd8273e81068b6a73208173dc94c57c1a..13ce2e5bb8c4bd422c8dc890a65c081671bb7470 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3869,6 +3869,10 @@ ssl_sock_initial_ctx(struct bind_conf *bind_conf)
        SSL_CTX_set_select_certificate_cb(ctx, ssl_sock_switchctx_cbk);
        SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
 #elif (OPENSSL_VERSION_NUMBER >= 0x10101000L)
+       if (bind_conf->ssl_conf.early_data) {
+               SSL_CTX_set_options(ctx, SSL_OP_NO_ANTI_REPLAY);
+               SSL_CTX_set_max_early_data(ctx, global.tune.bufsize - global.tune.maxrewrite);
+       }
        SSL_CTX_set_client_hello_cb(ctx, ssl_sock_switchctx_cbk, NULL);
        SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
 #else