Re: KTLS with openssl 3.0 fail with error ENOTCONN(Transport endpoint is not connected)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 1/4/22 11:49 PM, Gaurav Jain wrote:
Hello Boris/John

I am from NXP and currently working on enabling KTLS on NXP platforms via openssl.
I see that you enabled KTLS support in openssl 3.0(https://www.openssl.org/news/changelog.html#openssl-30).

when I configure openssl 3.0 or 3.1.0 with enable-ktls and and try to run the s_server, s_client application.
I observe that connection is successfully established - but it didn't use KTLS.

Then I added additional log in kernel(file net/tls/tls_main.c) and see that kernel is returning error -ENOTCONN
when (sk->sk_state != TCP_ESTABLISHED) in function static int tls_init(struct sock *sk)

To be clear, I have worked on KTLS support for FreeBSD, not for Linux.

However, I think the error you are seeing is a red herring.  I think you are
seeing the setsockopt() call from ktls_enable() fail because it is invoked
on the listen socket since ktls_enable() is called when sockets are created
by libssl.

For KTLS to work on the server side on Linux what you need to find out is when
ktls_enable() is invoked on the socket returned by accept() and why that is
failing.

--
John Baldwin



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux