From d2be9d4c48b71b2132938dbfac36142cc7b8f7c4 Mon Sep 17 00:00:00 2001
From: William Lallemand <wlallemand@haproxy.org>
Date: Fri, 2 Sep 2022 15:35:09 +0200
Subject: [PATCH] BUILD: quic: temporarly ignore chacha20_poly1305 for libressl

LibreSSL does not implement EVP_chacha20_poly1305() with EVP_CIPHER but
uses the EVP_AEAD API instead:

https://man.openbsd.org/EVP_AEAD_CTX_init

This patch disables this cipher for libreSSL for now.
---
 include/haproxy/quic_tls.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/include/haproxy/quic_tls.h b/include/haproxy/quic_tls.h
index c326ce9e8..02e155d00 100644
--- a/include/haproxy/quic_tls.h
+++ b/include/haproxy/quic_tls.h
@@ -135,8 +135,10 @@ static inline const EVP_CIPHER *tls_aead(const SSL_CIPHER *cipher)
 		return EVP_aes_128_gcm();
 	case TLS1_3_CK_AES_256_GCM_SHA384:
 		return EVP_aes_256_gcm();
+#if !defined(LIBRESSL_VERSION_NUMBER)
 	case TLS1_3_CK_CHACHA20_POLY1305_SHA256:
 		return EVP_chacha20_poly1305();
+#endif
 	case TLS1_3_CK_AES_128_CCM_SHA256:
 		return EVP_aes_128_ccm();
 	default: