On 1/31/21 10:41 AM, Guido Falsi wrote:
On 28/01/21 19:25, John Baldwin wrote:
The branch main has been updated by jhb:
URL:
https://cgit.FreeBSD.org/src/commit/?id=aa906e2a4957db700d9e6cc60857e1afe1aecc85
commit aa906e2a4957db700d9e6cc60857e1afe1aecc85
Author: John Baldwin <[email protected]>
AuthorDate: 2021-01-16 00:17:31 +0000
Commit: John Baldwin <[email protected]>
CommitDate: 2021-01-28 18:24:13 +0000
OpenSSL: Support for kernel TLS offload (KTLS)
This merges upstream patches from OpenSSL's master branch to add
KTLS infrastructure for TLS 1.0-1.3 including both RX and TX
offload and SSL_sendfile support on both Linux and FreeBSD.
Note that TLS 1.3 only supports TX offload.
A new WITH/WITHOUT_OPENSSL_KTLS determines if OpenSSL is built with
KTLS support. It defaults to enabled on amd64 and disabled on all
other architectures.
Reviewed by: jkim (earlier version)
Approved by: secteam
Obtained from: OpenSSL (patches from master)
MFC after: 1 week
Relnotes: yes
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D28273
---
This commit causes a strange interaction/regression with subverison
client when using https protocol.
I filed a bug report about this:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253135
Workarounds:
- Compiling system defining WITHOUT_OPENSSL_KTLS
- using the svn:// scheme
Hmm, that is certainly odd. I did reproduce it locally and it wasn't
even trying to use KTLS (didn't invoke the socket option in the ktrace
I had). I will work on debugging this more tomorrow.
--
John Baldwin
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all
To unsubscribe, send any mail to "[email protected]"
