Hi Olivier, Great to see a version of more ‘secure’ 0-RTT implementation.
> Le 2 oct. 2017 à 17:18, Olivier Houchard <[email protected]> a écrit : > > Hi, > > The attached patches add experimental support for 0-RTT with OpenSSL 1.1.1 > They are based on Emmanuel's previous patches, so I'm submitting them again, > updated to reflect the changes in OpenSSL API, and with a few fixes. > To allow the use of early data, one has to explicitely add "allow-0rtt" to > its bind line. If early data are provided by the client, a > "Early-Data: 1" header will be added, to let the origin server know that. > > Because early data have security implications, a new sample fetch was added, > "ssl_fc_has_early", a boolean that will be evaluated to true if early data > were provided, as well as new action, "wait-for-handshake", which will make > haproxy wait for the completion of the SSL handshake before processing the > request. After the handshake, early data are considered as normal data, and > they won't be reported to the origin server. > > As usual, bugs are to be expected, and any review and/or test will be > appreciated. > I have tested the experimental version of 0-RTT few months ago with BoringSSL and the option it’s a great candidate to per-certificat parameter. I attach the patch to show howto set it (without BC_SSL_O_* flag). I hope to be able to review your work in more detail. ++ Manu
early_data.diff
Description: Binary data
