On 10/01/2019 11:49, vishwas k.n. wrote: > Hello All, > > I had a question regarding supporting sendfile with OpenSSL. Is there a branch > which supports SSL version of the sendfile() ?. No, this doesn't exist. > I wasnt able to locate it in master branch. > If yes, could you please point me to it ?. > If no, could you please let me know the reason behind not having it in OpenSSL. > I find there are references where there is a SSL_sendfile which is committed to > freebsd and is available publicly. Hence the question. Well, the purpose of sendfile is to read data from one fd and write it to another *but without going through user space*, i.e. it is a kernel level operation. In this way it is much more efficient. OpenSSL on the other hand is a user space library. All of its SSL/TLS processing happens within user space - so the optimisation of doing it all in the kernel is not an option(*). I suppose you could envisage an optimisation which is effectively a combination of SSL_read()/SSL_write() but copying directly from the internal OpenSSL buffers of one SSL object, into the internal OpenSSL buffers of another SSL object. This would all still happen in user space, but would avoid copying to a user application buffer in the middle. I'm not aware of anyone asking for that capability before, but if someone wanted to produce a pull request for it, it would be discussed and considered. Matt * Actually in the master branch there is current ongoing work to integrate Kernel TLS support. This (optionally) moves encryption/decryption of records into the kernel which might make a "real" sendfile possible at some point in the future. See: https://github.com/openssl/openssl/pull/7848 -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
