BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT. When using early data, disable the OpenSSL anti-replay protection, and set the max amount of early data we're ready to accept, based on the size of buffers, or early data won't work with the released OpenSSL 1.1.1. This should be backported to 1.8.

commit: 51088ce68fee0bae52118d6823873417046f9efe [log] [tgz]
author: Olivier Houchard <ohouchard@haproxy.com> Wed Jan 02 18:46:41 2019 +0100
committer: Willy Tarreau <w@1wt.eu> Wed Jan 09 16:26:28 2019 +0100
tree: b09cd73c6d3abcda3a97ce1bd9e3fc8fc02e5d67
parent: 43bb842a08a6b772f1d76ff481d5555a8c871dcd [diff]
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 282b85d..13ce2e5 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c

@@ -3869,6 +3869,10 @@
 	SSL_CTX_set_select_certificate_cb(ctx, ssl_sock_switchctx_cbk);
 	SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
 #elif (OPENSSL_VERSION_NUMBER >= 0x10101000L)
+	if (bind_conf->ssl_conf.early_data) {
+		SSL_CTX_set_options(ctx, SSL_OP_NO_ANTI_REPLAY);
+		SSL_CTX_set_max_early_data(ctx, global.tune.bufsize - global.tune.maxrewrite);
+	}
 	SSL_CTX_set_client_hello_cb(ctx, ssl_sock_switchctx_cbk, NULL);
 	SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
 #else
commit	51088ce68fee0bae52118d6823873417046f9efe	[log] [tgz]
author	Olivier Houchard <ohouchard@haproxy.com>	Wed Jan 02 18:46:41 2019 +0100
committer	Willy Tarreau <w@1wt.eu>	Wed Jan 09 16:26:28 2019 +0100
tree	b09cd73c6d3abcda3a97ce1bd9e3fc8fc02e5d67
parent	43bb842a08a6b772f1d76ff481d5555a8c871dcd [diff]