>> In HAProxy, this flag is currently statically disabled by default in
>> src/ssl_sock.c line 2539. Thus, when used with older OpenSSL versions
>> than 1.0.1r or 1.0.2f, users could be vulnerable.
>
> I don't see it. Can you please elaborate what exact commit ID your are
> refering to?
You are probably refering to the github fork, which is as always outdated,
and where line 2539 points to the local definition of SSL_OP_SINGLE_DH_USE:
#ifndef SSL_OP_SINGLE_ECDH_USE
#define SSL_OP_SINGLE_ECDH_USE 0
#endif
You are misunderstanding this code. We define SSL_OP_SINGLE_ECDH_USE when
the openssl headers don't define it (which is when the openssl release
doesn't support SSL_OP_SINGLE_ECDH_USE - older than 1.0.0), to avoid
#ifdef hell in the ssl_sock_prepare_ctx function.
So when OpenSSL supports SSL_OP_SINGLE_ECDH_USE, we *do* set it.
Lukas
