274544 – OpenSSL 3 in base missing backported KTLS patches

Bug 274544 - OpenSSL 3 in base missing backported KTLS patches

Summary: OpenSSL 3 in base missing backported KTLS patches

Status:	Closed FIXED

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	bin (show other bugs)
Version:	CURRENT
Hardware:	Any Any

Importance:	--- Affects Many People
Assignee:	John Baldwin

URL:	https://github.com/bsdjhb/freebsd/tre...
Keywords:

Depends on:
Blocks:	14.0r
	Show dependency tree / graph

Reported:	2023-10-17 18:33 UTC by John Baldwin
Modified:	2023-10-26 16:08 UTC (History)
CC List:	5 users (show)

See Also:

Flags:	grahamperrin: mfc-stable14?

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Baldwin freebsd_committer

2023-10-17 18:33:49 UTC

The import of OpenSSL 3 into base dropped some locally backported patches from OpenSSL master to enable support for KTLS with Chacha20-Poly1305 as well as support for KTLS 1.3 RX.  The latter patches in particular are key for NFS over TLS.

I have uploaded a branch with the backported patches to https://github.com/bsdjhb/freebsd/tree/openssl3_ktls for Rick to test.  Assuming Rick can confirm it fixes his tests with NFS over TLS I will merge to main and then back to stable/14 + releng/14.0.

Comment 1 John Baldwin freebsd_committer

2023-10-17 18:35:05 UTC

To be clear, this bug is just to track this issue against the 14.0 blocker bug.

Comment 2 John Baldwin freebsd_committer

2023-10-19 20:47:25 UTC

Fixes merged to main today.

Comment 3 John Baldwin freebsd_committer

2023-10-25 00:42:23 UTC

Fixes merged to both stable/14 and releng/14.0.