Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 1 Feb 2021 16:36:24 -0800
From:      John Baldwin <jhb@FreeBSD.org>
To:        Guido Falsi <madpilot@FreeBSD.org>, src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   Re: git: aa906e2a4957 - main - OpenSSL: Support for kernel TLS offload (KTLS)
Message-ID:  <07c2a98a-e6cc-5241-c75e-9a635d282e18@FreeBSD.org>
In-Reply-To: <8257bc17-3a2d-f348-a0d5-fbd0f637629f@FreeBSD.org>
References:  <202101281825.10SIPTGJ021104@gitrepo.freebsd.org> <8257bc17-3a2d-f348-a0d5-fbd0f637629f@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 1/31/21 10:41 AM, Guido Falsi wrote:
> On 28/01/21 19:25, John Baldwin wrote:
>> The branch main has been updated by jhb:
>>
>> URL: https://cgit.FreeBSD.org/src/commit/?id=aa906e2a4957db700d9e6cc60857e1afe1aecc85
>>
>> commit aa906e2a4957db700d9e6cc60857e1afe1aecc85
>> Author:     John Baldwin <jhb@FreeBSD.org>
>> AuthorDate: 2021-01-16 00:17:31 +0000
>> Commit:     John Baldwin <jhb@FreeBSD.org>
>> CommitDate: 2021-01-28 18:24:13 +0000
>>
>>       OpenSSL: Support for kernel TLS offload (KTLS)
>>       
>>       This merges upstream patches from OpenSSL's master branch to add
>>       KTLS infrastructure for TLS 1.0-1.3 including both RX and TX
>>       offload and SSL_sendfile support on both Linux and FreeBSD.
>>       
>>       Note that TLS 1.3 only supports TX offload.
>>       
>>       A new WITH/WITHOUT_OPENSSL_KTLS determines if OpenSSL is built with
>>       KTLS support.  It defaults to enabled on amd64 and disabled on all
>>       other architectures.
>>       
>>       Reviewed by:    jkim (earlier version)
>>       Approved by:    secteam
>>       Obtained from:  OpenSSL (patches from master)
>>       MFC after:      1 week
>>       Relnotes:       yes
>>       Sponsored by:   Netflix
>>       Differential Revision:  https://reviews.freebsd.org/D28273
>> ---
> 
> This commit causes a strange interaction/regression with subverison
> client when using https protocol.
> 
> I filed a bug report about this:
> 
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253135
> 
> Workarounds:
> 
> - Compiling system defining WITHOUT_OPENSSL_KTLS
> - using the svn:// scheme

Hmm, that is certainly odd.  I did reproduce it locally and it wasn't
even trying to use KTLS (didn't invoke the socket option in the ktrace
I had).  I will work on debugging this more tomorrow.

-- 
John Baldwin

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?07c2a98a-e6cc-5241-c75e-9a635d282e18>