I'd like to use OpenSSL with KTLS for websocket protocol, mainly for receiving but also transmit. I'm using the latest version of OpenSSL from source, with Ubuntu 20.04 and 22.04.
I saw an Issue on the Github page discussing KTLS:
https://github.com/openssl/openssl/issues/14595
In particular:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
KTLS will be used if................You are using a suitable KTLS aware BIO (BIO_s_connect(), or BIO_s_socket())
You don't need to do anything special in your code. SSL_write will just do the right thing if the above conditions are met.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The last part suggests SSL_write() will work out-of-the-box, so long as we have a BIO interface.
1) Will SSL_read() work with KTLS too?
2) If we can still call SSL_read() and SSL_write() with KTLS, what is the purpose/requirement for the BIO interface?
3) If we cannot use SSL_read() and SSL_write() I assume we have to use BIO_read() and BIO_write(). I read somewhere to receive a packet I must read bytes from the BIO and pass to the SSL layer. For KTLS this seems odd, the whole idea is we want all processing performed in the kernel. Have I misunderstood this?
4) Are there any significant performance differences (between Linux distributions) for KTLS + OpenSSL?
Thank you in advance,
