The import of OpenSSL 3 into base dropped some locally backported patches from OpenSSL master to enable support for KTLS with Chacha20-Poly1305 as well as support for KTLS 1.3 RX. The latter patches in particular are key for NFS over TLS. I have uploaded a branch with the backported patches to https://github.com/bsdjhb/freebsd/tree/openssl3_ktls for Rick to test. Assuming Rick can confirm it fixes his tests with NFS over TLS I will merge to main and then back to stable/14 + releng/14.0.
To be clear, this bug is just to track this issue against the 14.0 blocker bug.
Fixes merged to main today.
Fixes merged to both stable/14 and releng/14.0.