I'd like to use OpenSSL with KTLS for websocket protocol, mainly for receiving but also transmit. I'm using the latest version of OpenSSL from source, with Ubuntu 20.04 and 22.04.
I currently use the regular SSL_read() and SSL_write() functions to receive and transmit bytes. I have not used BIO interfaces before and do not currently have one. I saw an Issue on the Github page discussing KTLS: https://github.com/openssl/openssl/issues/14595 In particular: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - *KTLS will be used if................You are using a suitable KTLS aware BIO (BIO_s_connect(), or BIO_s_socket())You don't need to do anything special in your code. SSL_write will just do the right thing if the above conditions are met. * - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The last part suggests SSL_write() will work out-of-the-box, so long as we have a BIO interface. 1) Will SSL_read() work with KTLS too? 2) If we can still call SSL_read() and SSL_write() with KTLS, what is the purpose/requirement for the BIO interface? 3) If we cannot use SSL_read() and SSL_write() I assume we have to use BIO_read() and BIO_write(). I read somewhere to receive a packet I must read bytes from the BIO and pass to the SSL layer. For KTLS this seems odd, the whole idea is we want all processing performed in the kernel. Have I misunderstood this? 4) Are there any significant performance differences (between Linux distributions) for KTLS + OpenSSL? Thank you in advance,