diff -Nru haproxy-1.8.8/debian/changelog haproxy-1.8.8/debian/changelog
--- haproxy-1.8.8/debian/changelog	2019-09-03 10:14:43.000000000 +0000
+++ haproxy-1.8.8/debian/changelog	2019-10-23 09:37:53.000000000 +0000
@@ -1,3 +1,12 @@
+haproxy (1.8.8-1ubuntu0.6) bionic; urgency=medium
+
+  * Fix issues around dh_params when building against openssl 1.1.1
+    to avoid regressing the minimal key size (LP: 1841936)
+    - d/p/lp-1841936-BUG-MEDIUM-ssl-tune.ssl.default-dh-param-value-ignor.patch
+    - d/p/lp-1841936-CLEANUP-ssl-make-ssl_sock_load_dh_params-handle-errc.patch
+
+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 23 Oct 2019 11:37:53 +0200
+
 haproxy (1.8.8-1ubuntu0.5) bionic; urgency=medium
 
   * no change rebuild to pick up openssl 1.1.1 and via that
diff -Nru haproxy-1.8.8/debian/patches/lp-1841936-BUG-MEDIUM-ssl-tune.ssl.default-dh-param-value-ignor.patch haproxy-1.8.8/debian/patches/lp-1841936-BUG-MEDIUM-ssl-tune.ssl.default-dh-param-value-ignor.patch
--- haproxy-1.8.8/debian/patches/lp-1841936-BUG-MEDIUM-ssl-tune.ssl.default-dh-param-value-ignor.patch	1970-01-01 00:00:00.000000000 +0000
+++ haproxy-1.8.8/debian/patches/lp-1841936-BUG-MEDIUM-ssl-tune.ssl.default-dh-param-value-ignor.patch	2019-10-23 09:37:53.000000000 +0000
@@ -0,0 +1,134 @@
+From 19dd0431b06019d5cbd253662822b15412f67144 Mon Sep 17 00:00:00 2001
+From: Emeric Brun <ebrun@haproxy.com>
+Date: Thu, 17 Oct 2019 14:53:03 +0200
+Subject: [PATCH] BUG/MEDIUM: ssl: 'tune.ssl.default-dh-param' value ignored
+ with openssl > 1.1.1
+
+If openssl 1.1.1 is used, c2aae74f0 commit mistakenly enables DH automatic
+feature from openssl instead of ECDH automatic feature. There is no impact for
+the ECDH one because the feature is always enabled for that version. But doing
+this, the 'tune.ssl.default-dh-param' was completely ignored for DH parameters.
+
+This patch fix the bug calling 'SSL_CTX_set_ecdh_auto' instead of
+'SSL_CTX_set_dh_auto'.
+
+Currently some users may use a 2048 DH bits parameter, thinking they're using a
+1024 bits one. Doing this, they may experience performance issue on light hardware.
+
+This patch warns the user if haproxy fails to configure the given DH parameter.
+In this case and if openssl version is > 1.1.0, haproxy will let openssl to
+automatically choose a default DH parameter. For other openssl versions, the DH
+ciphers won't be usable.
+
+A commonly case of failure is due to the security level of openssl.cnf
+which could refuse a 1024 bits DH parameter for a 2048 bits key:
+
+ $ cat /etc/ssl/openssl.cnf
+ ...
+
+ [system_default_sect]
+ MinProtocol = TLSv1
+ CipherString = DEFAULT@SECLEVEL=2
+
+This should be backport into any branch containing the commit c2aae74f0.
+It requires all or part of the previous CLEANUP series.
+
+This addresses github issue #324.
+
+(cherry picked from commit 6624a90a9ac2edb947a8c70fa6a8a283449750c6)
+Signed-off-by: Emeric Brun <ebrun@haproxy.com>
+(cherry picked from commit d6de151248603b357565ae52fe92440e66c1177c)
+Signed-off-by: Willy Tarreau <w@1wt.eu>
+(cherry picked from commit 89e61b9ad4db1097a3d53b83d914f6b0b8edc4ee)
+Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+Origin: upstream, http://git.haproxy.org/?p=haproxy-1.8.git;a=commit;h=19dd0431b06019d5cbd253662822b15412f67144
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1841936
+Last-Update: 2019-10-23
+
+---
+ src/ssl_sock.c | 47 +++++++++++++++++++++++++++++++++++++++++++----
+ 1 file changed, 43 insertions(+), 4 deletions(-)
+
+diff --git a/src/ssl_sock.c b/src/ssl_sock.c
+index 296e93864..773464043 100644
+--- a/src/ssl_sock.c
++++ b/src/ssl_sock.c
+@@ -2651,7 +2651,20 @@ static int ssl_sock_load_dh_params(SSL_CTX *ctx, const char *file, char **err)
+ 	DH *dh = ssl_sock_get_dh_from_file(file);
+ 
+ 	if (dh) {
+-		SSL_CTX_set_tmp_dh(ctx, dh);
++		if (!SSL_CTX_set_tmp_dh(ctx, dh)) {
++			memprintf(err, "%sunable to load the DH parameter specified in '%s'",
++				  err && *err ? *err : "", file);
++#if defined(SSL_CTX_set_dh_auto)
++			SSL_CTX_set_dh_auto(ctx, 1);
++			memprintf(err, "%s, SSL library will use an automatically generated DH parameter.\n",
++				  err && *err ? *err : "");
++#else
++			memprintf(err, "%s, DH ciphers won't be available.\n",
++				  err && *err ? *err : "");
++#endif
++			ret |= ERR_WARN;
++			goto end;
++		}
+ 
+ 		if (ssl_dh_ptr_index >= 0) {
+ 			/* store a pointer to the DH params to avoid complaining about
+@@ -2660,7 +2673,20 @@ static int ssl_sock_load_dh_params(SSL_CTX *ctx, const char *file, char **err)
+ 		}
+ 	}
+ 	else if (global_dh) {
+-		SSL_CTX_set_tmp_dh(ctx, global_dh);
++		if (!SSL_CTX_set_tmp_dh(ctx, global_dh)) {
++			memprintf(err, "%sunable to use the global DH parameter for certificate '%s'",
++				  err && *err ? *err : "", file);
++#if defined(SSL_CTX_set_dh_auto)
++			SSL_CTX_set_dh_auto(ctx, 1);
++			memprintf(err, "%s, SSL library will use an automatically generated DH parameter.\n",
++				  err && *err ? *err : "");
++#else
++			memprintf(err, "%s, DH ciphers won't be available.\n",
++				  err && *err ? *err : "");
++#endif
++			ret |= ERR_WARN;
++			goto end;
++		}
+ 	}
+ 	else {
+ 		/* Clear openssl global errors stack */
+@@ -2678,7 +2704,20 @@ static int ssl_sock_load_dh_params(SSL_CTX *ctx, const char *file, char **err)
+ 				goto end;
+ 			}
+ 
+-			SSL_CTX_set_tmp_dh(ctx, local_dh_1024);
++			if (!SSL_CTX_set_tmp_dh(ctx, local_dh_1024)) {
++				memprintf(err, "%sunable to load default 1024 bits DH parameter for certificate '%s'.\n",
++					  err && *err ? *err : "", file);
++#if defined(SSL_CTX_set_dh_auto)
++				SSL_CTX_set_dh_auto(ctx, 1);
++				memprintf(err, "%s, SSL library will use an automatically generated DH parameter.\n",
++					  err && *err ? *err : "");
++#else
++				memprintf(err, "%s, DH ciphers won't be available.\n",
++					  err && *err ? *err : "");
++#endif
++				ret |= ERR_WARN;
++				goto end;
++			}
+ 		}
+ 		else {
+ 			SSL_CTX_set_tmp_dh_callback(ctx, ssl_get_tmp_dh);
+@@ -4381,7 +4420,7 @@ int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, struct ssl_bind_conf *ssl_
+ 			 NULL);
+ 
+ 		if (ecdhe == NULL) {
+-			SSL_CTX_set_dh_auto(ctx, 1);
++			SSL_CTX_set_ecdh_auto(ctx, 1);
+ 			return cfgerr;
+ 		}
+ #else
+-- 
+2.23.0
+
diff -Nru haproxy-1.8.8/debian/patches/lp-1841936-CLEANUP-ssl-make-ssl_sock_load_dh_params-handle-errc.patch haproxy-1.8.8/debian/patches/lp-1841936-CLEANUP-ssl-make-ssl_sock_load_dh_params-handle-errc.patch
--- haproxy-1.8.8/debian/patches/lp-1841936-CLEANUP-ssl-make-ssl_sock_load_dh_params-handle-errc.patch	1970-01-01 00:00:00.000000000 +0000
+++ haproxy-1.8.8/debian/patches/lp-1841936-CLEANUP-ssl-make-ssl_sock_load_dh_params-handle-errc.patch	2019-10-23 09:37:53.000000000 +0000
@@ -0,0 +1,118 @@
+From b1e3ee6f214d82ebe98140f577777b4c47d88084 Mon Sep 17 00:00:00 2001
+From: Emeric Brun <ebrun@haproxy.com>
+Date: Thu, 17 Oct 2019 13:27:40 +0200
+Subject: [PATCH] CLEANUP: ssl: make ssl_sock_load_dh_params handle
+ errcode/warn
+
+ssl_sock_load_dh_params used to return >0 or -1 to indicate success
+or failure. Make it return a set of ERR_* instead so that its callers
+can transparently report its status. Given that its callers only used
+to know about ERR_ALERT | ERR_FATAL, this is the only code returned
+for now. An error message was added in the case of failure and the
+comment was updated.
+
+(cherry picked from commit 7a88336cf83cd1592fb8e7bc456d72c00c2934e4)
+Signed-off-by: Emeric Brun <ebrun@haproxy.com>
+(cherry picked from commit cfc1afe9f21ec27612ed4ad84c4a066c68ca24af)
+Signed-off-by: Willy Tarreau <w@1wt.eu>
+(cherry picked from commit e740508a0dd5e30433a86333b874a0833f989e17)
+[wt: context adjustments]
+Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+Backport-Note: context changes as we didn't backport further changes and
+cleanups. Those affect the retval handling of a bunch of functions that
+had to be adapted. We change ret of ssl_sock_load_dh_params as declared
+by the patch but not the further one of ssl_sock_load_cert_file.
+
+Origin: backport, http://git.haproxy.org/?p=haproxy-1.8.git;a=commit;h=b1e3ee6f214d82ebe98140f577777b4c47d88084
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1841936
+Last-Update: 2019-10-23
+
+---
+ src/ssl_sock.c | 41 ++++++++++++++++++++++++++---------------
+ 1 file changed, 26 insertions(+), 15 deletions(-)
+
+--- a/src/ssl_sock.c
++++ b/src/ssl_sock.c
+@@ -2610,15 +2610,24 @@ int ssl_sock_load_global_dh_param_from_f
+ 	return -1;
+ }
+ 
+-/* Loads Diffie-Hellman parameter from a file. Returns 1 if loaded, else -1
+-   if an error occured, and 0 if parameter not found. */
+-int ssl_sock_load_dh_params(SSL_CTX *ctx, const char *file)
++/* Loads Diffie-Hellman parameter from a ckchs to an SSL_CTX.
++ *  If there is no DH paramater availaible in the ckchs, the global
++ *  DH parameter is loaded into the SSL_CTX and if there is no
++ *  DH parameter available in ckchs nor in global, the default
++ *  DH parameters are applied on the SSL_CTX.
++ * Returns a bitfield containing the flags:
++ *     ERR_FATAL in any fatal error case
++ *     ERR_ALERT if a reason of the error is availabine in err
++ *     ERR_WARN if a warning is available into err
++ * The value 0 means there is no error nor warning and
++ * the operation succeed.
++ */
++static int ssl_sock_load_dh_params(SSL_CTX *ctx, const char *file, char **err)
+ {
+-	int ret = -1;
++	int ret = 0;
+ 	DH *dh = ssl_sock_get_dh_from_file(file);
+ 
+ 	if (dh) {
+-		ret = 1;
+ 		SSL_CTX_set_tmp_dh(ctx, dh);
+ 
+ 		if (ssl_dh_ptr_index >= 0) {
+@@ -2629,7 +2638,6 @@ int ssl_sock_load_dh_params(SSL_CTX *ctx
+ 	}
+ 	else if (global_dh) {
+ 		SSL_CTX_set_tmp_dh(ctx, global_dh);
+-		ret = 0; /* DH params not found */
+ 	}
+ 	else {
+ 		/* Clear openssl global errors stack */
+@@ -2640,16 +2648,18 @@ int ssl_sock_load_dh_params(SSL_CTX *ctx
+ 			if (local_dh_1024 == NULL)
+ 				local_dh_1024 = ssl_get_dh_1024();
+ 
+-			if (local_dh_1024 == NULL)
++			if (local_dh_1024 == NULL) {
++				memprintf(err, "%sunable to load default 1024 bits DH parameter for certificate '%s'.\n",
++					  err && *err ? *err : "", file);
++				ret |= ERR_ALERT | ERR_FATAL;
+ 				goto end;
++			}
+ 
+ 			SSL_CTX_set_tmp_dh(ctx, local_dh_1024);
+ 		}
+ 		else {
+ 			SSL_CTX_set_tmp_dh_callback(ctx, ssl_get_tmp_dh);
+ 		}
+-
+-		ret = 0; /* DH params not found */
+ 	}
+ 
+ end:
+@@ -3122,8 +3132,8 @@ static int ssl_sock_load_multi_cert(cons
+ 			if (ssl_dh_ptr_index >= 0)
+ 				SSL_CTX_set_ex_data(cur_ctx, ssl_dh_ptr_index, NULL);
+ 
+-			rv = ssl_sock_load_dh_params(cur_ctx, NULL);
+-			if (rv < 0) {
++			rv = ssl_sock_load_dh_params(cur_ctx, NULL, err);
++			if (rv & ERR_CODE) {
+ 				if (err)
+ 					memprintf(err, "%sunable to load DH parameters from file '%s'.\n",
+ 							*err ? *err : "", path);
+@@ -3349,8 +3359,8 @@ static int ssl_sock_load_cert_file(const
+ 		SSL_CTX_set_ex_data(ctx, ssl_dh_ptr_index, NULL);
+ 	}
+ 
+-	ret = ssl_sock_load_dh_params(ctx, path);
+-	if (ret < 0) {
++	ret = ssl_sock_load_dh_params(ctx, path, err);
++	if (ret & ERR_CODE) {
+ 		if (err)
+ 			memprintf(err, "%sunable to load DH parameters from file '%s'.\n",
+ 				  *err ? *err : "", path);
diff -Nru haproxy-1.8.8/debian/patches/series haproxy-1.8.8/debian/patches/series
--- haproxy-1.8.8/debian/patches/series	2019-09-03 10:13:57.000000000 +0000
+++ haproxy-1.8.8/debian/patches/series	2019-10-23 09:37:53.000000000 +0000
@@ -11,3 +11,5 @@
 CVE-2018-20103.patch
 CVE-2018-20615.patch
 stksess-align.patch
+lp-1841936-CLEANUP-ssl-make-ssl_sock_load_dh_params-handle-errc.patch
+lp-1841936-BUG-MEDIUM-ssl-tune.ssl.default-dh-param-value-ignor.patch