Hello, I fixed the build for USE_QUIC=1 and AWSLC which is limited like Ilya mentionned.
For now: - 0RTT was disabled. - TLS1_3_CK_CHACHA20_POLY1305_SHA256, TLS1_3_CK_AES_128_CCM_SHA256 were disabled - clienthello callback is missing, certificate selection could be limited (RSA + ECDSA at the same time) I could made some tests with curl --http3 and firefox which seems to be working, no chance with chrome yet. At least we activated the build so I'll check the next steps: > чт, 7 сент. 2023 г. в 00:05, Hopkins, Andrew <and...@amazon.com>: > > 1. AWS-LC plumbs these two algorithms through the EVP_CIPHER API. This is > > useful for HAProxy and other AWS-LC customers, but is the most work That would be the best from a maintainance point of view. > > 2. HAProxy adopts AWS-LC’s (and BoringSSL’s) AEAD API > > Well, since it exists in awslc, libressl and boringssl, maybe we could spend some time on this, I'll check if this is complicated to integrate in our current code. > > 3. HAProxy turns off ChaCha Poly and AES CCM support in quic when built > > with AWS-LC That's the current status for now. -- William Lallemand
