On 1/15/24 17:16, Yaacov Akiba Slama wrote:
> On 04/10/2023 18:38, William Lallemand wrote:
>> Hello,
>>
>> I fixed the build for USE_QUIC=1 and AWSLC which is limited like Ilya
>> mentionned.
>>
>> For now:
>>
>> - 0RTT was disabled.
>> - TLS1_3_CK_CHACHA20_POLY1305_SHA256, TLS1_3_CK_AES_128_CCM_SHA256
>> were disabled
>
> https://github.com/aws/aws-lc/commit/bc9b35c4f5a34edcc7ed5ae86f24116198f61456
> and
> https://github.com/aws/aws-lc/commit/f7798b764b95692d865fa0e067558deb8be3926a
> were merged, so perhaps this can be revisited.
>
> What is missing to have 0RTT support?
>
>> - clienthello callback is missing, certificate selection could be
>> limited (RSA + ECDSA at the same time)
>
>
About TLS_AES_128_CCM_SHA256 and *quictls*, this haproxy setting is
required:
ssl-default-bind-ciphersuites
TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256
because the TLS stack disables TLS_AES_128_CCM_SHA256 by default.
About *aws-lc*, even with this patch to reactivate
TLS_AES_128_CCM_SHA256 and the setting above the connection are closed
with NO_SHARED_CIPHER as OpenSSL internal error :
diff --git a/include/haproxy/quic_tls.h b/include/haproxy/quic_tls.h
index 86b8c1ee32..742118a82e 100644
--- a/include/haproxy/quic_tls.h
+++ b/include/haproxy/quic_tls.h
@@ -144,7 +144,7 @@ static inline const EVP_CIPHER *tls_aead(const
SSL_CIPHER *cipher)
case TLS1_3_CK_CHACHA20_POLY1305_SHA256:
return EVP_chacha20_poly1305();
#endif
-#if !defined(USE_OPENSSL_WOLFSSL) && !defined(OPENSSL_IS_AWSLC)
+#if !defined(USE_OPENSSL_WOLFSSL)
case TLS1_3_CK_AES_128_CCM_SHA256:
return EVP_aes_128_ccm();
#endif
