On Thu, Mar 11, 2021 at 03:42:55PM +0000, Rick Macklem wrote:
I'm going to cheat and top post (the discussion looks pretty convoluted).- The kernel must be built with "options KERN_TLS" - OpenSSL must be built with KTLS enabled - These two sysctls need to be set to 1 kern.ipc.tls.enable kern.ipc.mb_use_ext_pgs
Hello, I'd like to try ktls but have found the following:On AMD64 (stable/13) this option is present in the GENERIC kernel of world built about a month ago: stable/13-n244496-618dee60231 and openssl version is 1.1.1i-freebsd
On ARM64 (stable/13) it's *not* present in a world built earlier today from stable/13-n244876-0b45290603b. Here, the openssl version is 1.1.1j-freebsd
On another ARM64 (main/14) it *is* present in main-n245445-07564e17620 built with sources from the 11th March. openssl is 1.1.1j-freebsd here as well.
I'd like to have it (ktls) available on the ARM64 stable/13-n244876-0b45290603b. Is it just a matter of adding the option, and then the sysctls become available? Is it "better" with openssl[-devel] in ports or openssl in base?
thanks, -- J.
signature.asc
Description: PGP signature