Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 19 Aug 2021 14:05:05 GMT
From:      Bernard Spil <brnrd@FreeBSD.org>
To:        ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org
Subject:   git: 214d5852d425 - main - security/openssl: Update KTLS patches for Chacha20-Poly1305
Message-ID:  <202108191405.17JE55Ov050232@gitrepo.freebsd.org>

next in thread | raw e-mail | index | archive | help
The branch main has been updated by brnrd:

URL: https://cgit.FreeBSD.org/ports/commit/?id=214d5852d425659f89f6de1834b8bc662d7a29a7

commit 214d5852d425659f89f6de1834b8bc662d7a29a7
Author:     Bernard Spil <brnrd@FreeBSD.org>
AuthorDate: 2021-08-19 14:01:53 +0000
Commit:     Bernard Spil <brnrd@FreeBSD.org>
CommitDate: 2021-08-19 14:01:53 +0000

    security/openssl: Update KTLS patches for Chacha20-Poly1305
    
    This pulls in several upstream KTLS patches from OpenSSL master:
    
     * A fix to the return values of BIO_get_ktls_*().
     * Support for Chacha20-Poly1305.
     * Replacing the SSL_MODE_NO_KTLS_* modes which opted-out of KTLS with
       an opt-in SSL_OP_ENABLE_KTLS. Note that this means that KTLS is not
       enabled by default. Users can enable KTLS via a custom OpenSSL config
       file that enables the KTLS option.
    
    Reported by:    jhb
    Sponsored by:   Netflix
    Differential Revision:  https://reviews.freebsd.org/D31430
---
 security/openssl/Makefile               |   2 +-
 security/openssl/files/extra-patch-ktls | 683 ++++++++++++++++++--------------
 2 files changed, 389 insertions(+), 296 deletions(-)

diff --git a/security/openssl/Makefile b/security/openssl/Makefile
index ab678c4087b1..ec3e8a967d0f 100644
--- a/security/openssl/Makefile
+++ b/security/openssl/Makefile
@@ -2,7 +2,7 @@
 
 PORTNAME=	openssl
 PORTVERSION=	1.1.1k
-PORTREVISION=	1
+PORTREVISION=	2
 PORTEPOCH=	1
 CATEGORIES=	security devel
 MASTER_SITES=	https://www.openssl.org/source/ \
diff --git a/security/openssl/files/extra-patch-ktls b/security/openssl/files/extra-patch-ktls
index 3df11e5b80ba..ce1f6242fd58 100644
--- a/security/openssl/files/extra-patch-ktls
+++ b/security/openssl/files/extra-patch-ktls
@@ -1,8 +1,8 @@
 diff --git CHANGES CHANGES
-index 1ab64b35c9..a4a63a9bea 100644
+index 7d0129e687..7f8057bb6f 100644
 --- CHANGES
 +++ CHANGES
-@@ -427,6 +427,11 @@
+@@ -471,6 +471,11 @@
       necessary to configure just to create a source distribution.
       [Richard Levitte]
  
@@ -153,7 +153,7 @@ index 335dfabc61..80ef348d92 100644
      return sock;
  }
 diff --git crypto/bio/bss_conn.c crypto/bio/bss_conn.c
-index 807a82b23b..d478644280 100644
+index 807a82b23b..10cf20871c 100644
 --- crypto/bio/bss_conn.c
 +++ crypto/bio/bss_conn.c
 @@ -11,6 +11,7 @@
@@ -216,9 +216,12 @@ index 807a82b23b..d478644280 100644
  
      data = (BIO_CONNECT *)b->ptr;
  
-@@ -520,6 +541,27 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
+@@ -518,8 +539,29 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
+         }
+         break;
      case BIO_CTRL_EOF:
-         ret = (b->flags & BIO_FLAGS_IN_EOF) != 0 ? 1 : 0;
+-        ret = (b->flags & BIO_FLAGS_IN_EOF) != 0 ? 1 : 0;
++        ret = (b->flags & BIO_FLAGS_IN_EOF) != 0;
          break;
 +# ifndef OPENSSL_NO_KTLS
 +    case BIO_CTRL_SET_KTLS:
@@ -228,9 +231,9 @@ index 807a82b23b..d478644280 100644
 +            BIO_set_ktls_flag(b, num);
 +        break;
 +    case BIO_CTRL_GET_KTLS_SEND:
-+        return BIO_should_ktls_flag(b, 1);
++        return BIO_should_ktls_flag(b, 1) != 0;
 +    case BIO_CTRL_GET_KTLS_RECV:
-+        return BIO_should_ktls_flag(b, 0);
++        return BIO_should_ktls_flag(b, 0) != 0;
 +    case BIO_CTRL_SET_KTLS_TX_SEND_CTRL_MSG:
 +        BIO_set_ktls_ctrl_msg_flag(b);
 +        data->record_type = num;
@@ -244,8 +247,21 @@ index 807a82b23b..d478644280 100644
      default:
          ret = 0;
          break;
+diff --git crypto/bio/bss_fd.c crypto/bio/bss_fd.c
+index ccbe1626ba..8d03e48ce9 100644
+--- crypto/bio/bss_fd.c
++++ crypto/bio/bss_fd.c
+@@ -189,7 +189,7 @@ static long fd_ctrl(BIO *b, int cmd, long num, void *ptr)
+         ret = 1;
+         break;
+     case BIO_CTRL_EOF:
+-        ret = (b->flags & BIO_FLAGS_IN_EOF) != 0 ? 1 : 0;
++        ret = (b->flags & BIO_FLAGS_IN_EOF) != 0;
+         break;
+     default:
+         ret = 0;
 diff --git crypto/bio/bss_sock.c crypto/bio/bss_sock.c
-index 6251f3d46a..a1fc23c7c9 100644
+index 6251f3d46a..8de1f58292 100644
 --- crypto/bio/bss_sock.c
 +++ crypto/bio/bss_sock.c
 @@ -11,6 +11,7 @@
@@ -321,7 +337,7 @@ index 6251f3d46a..a1fc23c7c9 100644
  
      switch (cmd) {
      case BIO_C_SET_FD:
-@@ -153,6 +183,27 @@ static long sock_ctrl(BIO *b, int cmd, long num, void *ptr)
+@@ -153,8 +183,29 @@ static long sock_ctrl(BIO *b, int cmd, long num, void *ptr)
      case BIO_CTRL_FLUSH:
          ret = 1;
          break;
@@ -333,9 +349,9 @@ index 6251f3d46a..a1fc23c7c9 100644
 +            BIO_set_ktls_flag(b, num);
 +        break;
 +    case BIO_CTRL_GET_KTLS_SEND:
-+        return BIO_should_ktls_flag(b, 1);
++        return BIO_should_ktls_flag(b, 1) != 0;
 +    case BIO_CTRL_GET_KTLS_RECV:
-+        return BIO_should_ktls_flag(b, 0);
++        return BIO_should_ktls_flag(b, 0) != 0;
 +    case BIO_CTRL_SET_KTLS_TX_SEND_CTRL_MSG:
 +        BIO_set_ktls_ctrl_msg_flag(b);
 +        b->ptr = (void *)num;
@@ -347,8 +363,11 @@ index 6251f3d46a..a1fc23c7c9 100644
 +        break;
 +# endif
      case BIO_CTRL_EOF:
-         ret = (b->flags & BIO_FLAGS_IN_EOF) != 0 ? 1 : 0;
+-        ret = (b->flags & BIO_FLAGS_IN_EOF) != 0 ? 1 : 0;
++        ret = (b->flags & BIO_FLAGS_IN_EOF) != 0;
          break;
+     default:
+         ret = 0;
 diff --git crypto/err/openssl.txt crypto/err/openssl.txt
 index 7e1776375d..b22e8a735c 100644
 --- crypto/err/openssl.txt
@@ -440,41 +459,55 @@ index 2e438c3ce9..31b18b2879 100644
  =head1 COPYRIGHT
  
  Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
-diff --git doc/man3/SSL_CTX_set_mode.pod doc/man3/SSL_CTX_set_mode.pod
-index 85e3353e0e..27eaebad1e 100644
---- doc/man3/SSL_CTX_set_mode.pod
-+++ doc/man3/SSL_CTX_set_mode.pod
-@@ -114,6 +114,22 @@ enables this behaviour to allow interoperability with such broken
- implementations. Please note that setting this option breaks interoperability
- with correct implementations. This option only applies to DTLS over SCTP.
- 
-+=item SSL_MODE_NO_KTLS_TX
-+
-+Disable the use of the kernel TLS egress data-path.
-+By default kernel TLS is enabled if it is supported by the negotiated ciphersuites
-+and extensions and OpenSSL has been compiled with support for it.
-+The kernel TLS data-path implements the record layer,
-+and the crypto algorithm. The kernel will utilize the best hardware
-+available for crypto. Using the kernel data-path should reduce the memory
+diff --git doc/man3/SSL_CONF_cmd.pod doc/man3/SSL_CONF_cmd.pod
+index 900c4f3a56..a3f447a986 100644
+--- doc/man3/SSL_CONF_cmd.pod
++++ doc/man3/SSL_CONF_cmd.pod
+@@ -495,6 +495,10 @@ specification. Some applications may be able to mitigate the replay risks in
+ other ways and in such cases the built-in OpenSSL functionality is not required.
+ Disabling anti-replay is equivalent to setting B<SSL_OP_NO_ANTI_REPLAY>.
+ 
++B<KTLS>: Enables kernel TLS if support has been compiled in, and it is supported
++by the negotiated ciphersuites and extensions. Equivalent to
++B<SSL_OP_ENABLE_KTLS>.
++
+ =item B<VerifyMode>
+ 
+ The B<value> argument is a comma separated list of flags to set.
+diff --git doc/man3/SSL_CTX_set_options.pod doc/man3/SSL_CTX_set_options.pod
+index 969e0366c4..231fe92d8e 100644
+--- doc/man3/SSL_CTX_set_options.pod
++++ doc/man3/SSL_CTX_set_options.pod
+@@ -237,6 +237,29 @@ functionality is not required. Those applications can turn this feature off by
+ setting this option. This is a server-side opton only. It is ignored by
+ clients.
+ 
++=item SSL_OP_ENABLE_KTLS
++
++Enable the use of kernel TLS. In order to benefit from kernel TLS OpenSSL must
++have been compiled with support for it, and it must be supported by the
++negotiated ciphersuites and extensions. The specific ciphersuites and extensions
++that are supported may vary by platform and kernel version.
++
++The kernel TLS data-path implements the record layer, and the encryption
++algorithm. The kernel will utilize the best hardware
++available for encryption. Using the kernel data-path should reduce the memory
 +footprint of OpenSSL because no buffering is required. Also, the throughput
 +should improve because data copy is avoided when user data is encrypted into
-+kernel memory instead of the usual encrypt than copy to kernel.
++kernel memory instead of the usual encrypt then copy to kernel.
 +
 +Kernel TLS might not support all the features of OpenSSL. For instance,
 +renegotiation, and setting the maximum fragment size is not possible as of
 +Linux 4.20.
++
++Note that with kernel TLS enabled some cryptographic operations are performed
++by the kernel directly and not via any available OpenSSL Providers. This might
++be undesirable if, for example, the application requires all cryptographic
++operations to be performed by the FIPS provider.
 +
  =back
  
- All modes are off by default except for SSL_MODE_AUTO_RETRY which is on by
-@@ -134,6 +150,7 @@ L<SSL_write(3)>, L<SSL_get_error(3)>
- =head1 HISTORY
- 
- SSL_MODE_ASYNC was added in OpenSSL 1.1.0.
-+SSL_MODE_NO_KTLS_TX was first added to OpenSSL 3.0.0.
- 
- =head1 COPYRIGHT
- 
+ The following options no longer have any effect but their identifiers are
 diff --git doc/man3/SSL_CTX_set_record_padding_callback.pod doc/man3/SSL_CTX_set_record_padding_callback.pod
 index 13e56f0c57..247a39fc03 100644
 --- doc/man3/SSL_CTX_set_record_padding_callback.pod
@@ -666,10 +699,10 @@ index c343b27629..521b5fa219 100644
 +#endif
 diff --git include/internal/ktls.h include/internal/ktls.h
 new file mode 100644
-index 0000000000..622d7be76d
+index 0000000000..5f9e3f91ed
 --- /dev/null
 +++ include/internal/ktls.h
-@@ -0,0 +1,400 @@
+@@ -0,0 +1,407 @@
 +/*
 + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
 + *
@@ -710,12 +743,11 @@ index 0000000000..622d7be76d
 +#   define OPENSSL_KTLS_AES_GCM_128
 +#   define OPENSSL_KTLS_AES_GCM_256
 +#   define OPENSSL_KTLS_TLS13
-+
-+/*
-+ * Only used by the tests in sslapitest.c.
-+ */
-+#   define TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE             8
-+#   define TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE             8
++#   ifdef TLS_CHACHA20_IV_LEN
++#    ifndef OPENSSL_NO_CHACHA
++#     define OPENSSL_KTLS_CHACHA20_POLY1305
++#    endif
++#   endif
 +
 +typedef struct tls_enable ktls_crypto_info_t;
 +
@@ -891,6 +923,11 @@ index 0000000000..622d7be76d
 +#    define OPENSSL_KTLS_TLS13
 +#    if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 2, 0)
 +#     define OPENSSL_KTLS_AES_CCM_128
++#     if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 11, 0)
++#      ifndef OPENSSL_NO_CHACHA
++#       define OPENSSL_KTLS_CHACHA20_POLY1305
++#      endif
++#     endif
 +#    endif
 +#   endif
 +
@@ -924,6 +961,9 @@ index 0000000000..622d7be76d
 +#   ifdef OPENSSL_KTLS_AES_CCM_128
 +        struct tls12_crypto_info_aes_ccm_128 ccm128;
 +#   endif
++#   ifdef OPENSSL_KTLS_CHACHA20_POLY1305
++        struct tls12_crypto_info_chacha20_poly1305 chacha20poly1305;
++#   endif
 +    };
 +    size_t tls_crypto_info_len;
 +};
@@ -1127,32 +1167,21 @@ index a411f3f2f9..60103707d2 100644
  /* Padding modes */
  #define EVP_PADDING_PKCS7       1
 diff --git include/openssl/ssl.h include/openssl/ssl.h
-index fd0c5a9996..09620489bc 100644
+index fd0c5a9996..cfb87e6322 100644
 --- include/openssl/ssl.h
 +++ include/openssl/ssl.h
-@@ -493,6 +493,10 @@ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
-  * Support Asynchronous operation
-  */
- # define SSL_MODE_ASYNC 0x00000100U
-+/*
-+ * Don't use the kernel TLS data-path for sending.
-+ */
-+# define SSL_MODE_NO_KTLS_TX 0x00000200U
- 
- /*
-  * When using DTLS/SCTP, include the terminating zero in the label
-@@ -506,6 +510,10 @@ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
-  * - OpenSSL 1.1.1 and 1.1.1a
-  */
- # define SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG 0x00000400U
-+/*
-+ * Don't use the kernel TLS data-path for receiving.
-+ */
-+# define SSL_MODE_NO_KTLS_RX 0x00000800U
- 
- /* Cert related flags */
- /*
-@@ -1837,6 +1845,8 @@ __owur int SSL_read_early_data(SSL *s, void *buf, size_t num,
+@@ -303,7 +303,9 @@ typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
+ /* Allow initial connection to servers that don't support RI */
+ # define SSL_OP_LEGACY_SERVER_CONNECT                    0x00000004U
+ 
+-/* Reserved value (until OpenSSL 1.2.0)                  0x00000008U */
++/* Enable support for Kernel TLS */
++# define SSL_OP_ENABLE_KTLS                              0x00000008U
++
+ # define SSL_OP_TLSEXT_PADDING                           0x00000010U
+ /* Reserved value (until OpenSSL 1.2.0)                  0x00000020U */
+ # define SSL_OP_SAFARI_ECDHE_ECDSA_BUG                   0x00000040U
+@@ -1837,6 +1839,8 @@ __owur int SSL_read_early_data(SSL *s, void *buf, size_t num,
                                 size_t *readbytes);
  __owur int SSL_peek(SSL *ssl, void *buf, int num);
  __owur int SSL_peek_ex(SSL *ssl, void *buf, size_t num, size_t *readbytes);
@@ -1161,7 +1190,7 @@ index fd0c5a9996..09620489bc 100644
  __owur int SSL_write(SSL *ssl, const void *buf, int num);
  __owur int SSL_write_ex(SSL *s, const void *buf, size_t num, size_t *written);
  __owur int SSL_write_early_data(SSL *s, const void *buf, size_t num,
-@@ -2123,7 +2133,7 @@ void SSL_CTX_set_record_padding_callback_arg(SSL_CTX *ctx, void *arg);
+@@ -2123,7 +2127,7 @@ void SSL_CTX_set_record_padding_callback_arg(SSL_CTX *ctx, void *arg);
  void *SSL_CTX_get_record_padding_callback_arg(const SSL_CTX *ctx);
  int SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size);
  
@@ -1202,10 +1231,10 @@ index bb2f1deb53..1c49ac9aee 100644
 +ENDIF
 diff --git ssl/ktls.c ssl/ktls.c
 new file mode 100644
-index 0000000000..7123ecac00
+index 0000000000..c7a440b79b
 --- /dev/null
 +++ ssl/ktls.c
-@@ -0,0 +1,221 @@
+@@ -0,0 +1,251 @@
 +/*
 + * Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved.
 + *
@@ -1245,6 +1274,10 @@ index 0000000000..7123ecac00
 +    case SSL_AES128GCM:
 +    case SSL_AES256GCM:
 +        return 1;
++# ifdef OPENSSL_KTLS_CHACHA20_POLY1305
++    case SSL_CHACHA20POLY1305:
++        return 1;
++# endif
 +    case SSL_AES128:
 +    case SSL_AES256:
 +        if (s->ext.use_etm)
@@ -1279,6 +1312,12 @@ index 0000000000..7123ecac00
 +        else
 +            crypto_info->iv_len = EVP_GCM_TLS_FIXED_IV_LEN;
 +        break;
++# ifdef OPENSSL_KTLS_CHACHA20_POLY1305
++    case SSL_CHACHA20POLY1305:
++        crypto_info->cipher_algorithm = CRYPTO_CHACHA20_POLY1305;
++        crypto_info->iv_len = EVP_CIPHER_CTX_iv_length(dd);
++        break;
++# endif
 +    case SSL_AES128:
 +    case SSL_AES256:
 +        switch (s->s3->tmp.new_cipher->algorithm_mac) {
@@ -1334,7 +1373,9 @@ index 0000000000..7123ecac00
 +        return 0;
 +    }
 +
-+    /* check that cipher is AES_GCM_128, AES_GCM_256, AES_CCM_128 */
++    /* check that cipher is AES_GCM_128, AES_GCM_256, AES_CCM_128 
++     * or Chacha20-Poly1305
++     */
 +    switch (EVP_CIPHER_nid(c))
 +    {
 +# ifdef OPENSSL_KTLS_AES_CCM_128
@@ -1343,11 +1384,15 @@ index 0000000000..7123ecac00
 +          return 0;
 +# endif
 +# ifdef OPENSSL_KTLS_AES_GCM_128
++        /* Fall through */
 +    case NID_aes_128_gcm:
 +# endif
 +# ifdef OPENSSL_KTLS_AES_GCM_256
 +    case NID_aes_256_gcm:
 +# endif
++# ifdef OPENSSL_KTLS_CHACHA20_POLY1305
++    case NID_chacha20_poly1305:
++# endif
 +        return 1;
 +    default:
 +        return 0;
@@ -1420,6 +1465,20 @@ index 0000000000..7123ecac00
 +            *rec_seq = crypto_info->ccm128.rec_seq;
 +        return 1;
 +# endif
++# ifdef OPENSSL_KTLS_CHACHA20_POLY1305
++    case NID_chacha20_poly1305:
++        crypto_info->chacha20poly1305.info.cipher_type = TLS_CIPHER_CHACHA20_POLY1305;
++        crypto_info->chacha20poly1305.info.version = s->version;
++        crypto_info->tls_crypto_info_len = sizeof(crypto_info->chacha20poly1305);
++        memcpy(crypto_info->chacha20poly1305.iv, iiv,
++		TLS_CIPHER_CHACHA20_POLY1305_IV_SIZE);
++        memcpy(crypto_info->chacha20poly1305.key, key, EVP_CIPHER_key_length(c));
++        memcpy(crypto_info->chacha20poly1305.rec_seq, rl_sequence,
++                TLS_CIPHER_CHACHA20_POLY1305_REC_SEQ_SIZE);
++        if (rec_seq != NULL)
++            *rec_seq = crypto_info->chacha20poly1305.rec_seq;
++        return 1;
++# endif
 +    default:
 +        return 0;
 +    }
@@ -1567,21 +1626,21 @@ index b2a7a47eb0..f53c402006 100644
              SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_SSL3_WRITE,
                       ERR_R_INTERNAL_ERROR);
              goto err;
--        }
--
--        /* Get a pointer to the start of this record excluding header */
--        recordstart = WPACKET_get_curr(thispkt) - len;
 +            }
- 
--        SSL3_RECORD_set_data(thiswr, recordstart);
--        SSL3_RECORD_reset_input(thiswr);
--        SSL3_RECORD_set_length(thiswr, len);
++
 +            /* Get a pointer to the start of this record excluding header */
 +            recordstart = WPACKET_get_curr(thispkt) - len;
 +            SSL3_RECORD_set_data(thiswr, recordstart);
 +            SSL3_RECORD_reset_input(thiswr);
 +            SSL3_RECORD_set_length(thiswr, len);
-+        }
+         }
+-
+-        /* Get a pointer to the start of this record excluding header */
+-        recordstart = WPACKET_get_curr(thispkt) - len;
+-
+-        SSL3_RECORD_set_data(thiswr, recordstart);
+-        SSL3_RECORD_reset_input(thiswr);
+-        SSL3_RECORD_set_length(thiswr, len);
      }
  
      if (s->statem.enc_write_state == ENC_WRITE_STATE_WRITE_PLAIN_ALERTS) {
@@ -1890,6 +1949,20 @@ index ab5d22aa10..3d747db64b 100644
              SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_F_SSL3_GET_RECORD,
                       SSL_R_DATA_LENGTH_TOO_LONG);
              return -1;
+diff --git ssl/ssl_conf.c ssl/ssl_conf.c
+index 0a3fef7c8c..8013c62f07 100644
+--- ssl/ssl_conf.c
++++ ssl/ssl_conf.c
+@@ -391,7 +391,8 @@ static int cmd_Options(SSL_CONF_CTX *cctx, const char *value)
+         SSL_FLAG_TBL("AllowNoDHEKEX", SSL_OP_ALLOW_NO_DHE_KEX),
+         SSL_FLAG_TBL("PrioritizeChaCha", SSL_OP_PRIORITIZE_CHACHA),
+         SSL_FLAG_TBL("MiddleboxCompat", SSL_OP_ENABLE_MIDDLEBOX_COMPAT),
+-        SSL_FLAG_TBL_INV("AntiReplay", SSL_OP_NO_ANTI_REPLAY)
++        SSL_FLAG_TBL_INV("AntiReplay", SSL_OP_NO_ANTI_REPLAY),
++        SSL_FLAG_TBL("KTLS", SSL_OP_ENABLE_KTLS)
+     };
+     if (value == NULL)
+         return -3;
 diff --git ssl/ssl_err.c ssl/ssl_err.c
 index 4b12ed1485..0561678c33 100644
 --- ssl/ssl_err.c
@@ -1903,7 +1976,7 @@ index 4b12ed1485..0561678c33 100644
      {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SESSION_NEW, 0), "SSL_SESSION_new"},
      {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SESSION_PRINT_FP, 0),
 diff --git ssl/ssl_lib.c ssl/ssl_lib.c
-index 98057921f8..382f4b6d7b 100644
+index 58f8f3c14c..3fc6549c80 100644
 --- ssl/ssl_lib.c
 +++ ssl/ssl_lib.c
 @@ -11,6 +11,7 @@
@@ -1922,7 +1995,7 @@ index 98057921f8..382f4b6d7b 100644
  
  const char SSL_version_str[] = OPENSSL_VERSION_TEXT;
  
-@@ -1153,11 +1155,15 @@ void SSL_free(SSL *s)
+@@ -1159,11 +1161,15 @@ void SSL_free(SSL *s)
      dane_final(&s->dane);
      CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
  
@@ -1938,7 +2011,7 @@ index 98057921f8..382f4b6d7b 100644
  
      BUF_MEM_free(s->init_buf);
  
-@@ -1214,8 +1220,6 @@ void SSL_free(SSL *s)
+@@ -1220,8 +1226,6 @@ void SSL_free(SSL *s)
      if (s->method != NULL)
          s->method->ssl_free(s);
  
@@ -1947,7 +2020,7 @@ index 98057921f8..382f4b6d7b 100644
      SSL_CTX_free(s->ctx);
  
      ASYNC_WAIT_CTX_free(s->waitctx);
-@@ -1355,6 +1359,15 @@ int SSL_set_fd(SSL *s, int fd)
+@@ -1361,6 +1365,15 @@ int SSL_set_fd(SSL *s, int fd)
      }
      BIO_set_fd(bio, fd, BIO_NOCLOSE);
      SSL_set_bio(s, bio, bio);
@@ -1963,7 +2036,7 @@ index 98057921f8..382f4b6d7b 100644
      ret = 1;
   err:
      return ret;
-@@ -1374,6 +1387,15 @@ int SSL_set_wfd(SSL *s, int fd)
+@@ -1380,6 +1393,15 @@ int SSL_set_wfd(SSL *s, int fd)
          }
          BIO_set_fd(bio, fd, BIO_NOCLOSE);
          SSL_set0_wbio(s, bio);
@@ -1979,7 +2052,7 @@ index 98057921f8..382f4b6d7b 100644
      } else {
          BIO_up_ref(rbio);
          SSL_set0_wbio(s, rbio);
-@@ -1955,6 +1977,69 @@ int ssl_write_internal(SSL *s, const void *buf, size_t num, size_t *written)
+@@ -1961,6 +1983,69 @@ int ssl_write_internal(SSL *s, const void *buf, size_t num, size_t *written)
      }
  }
  
@@ -2049,7 +2122,7 @@ index 98057921f8..382f4b6d7b 100644
  int SSL_write(SSL *s, const void *buf, int num)
  {
      int ret;
-@@ -2199,6 +2284,10 @@ long SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
+@@ -2205,6 +2290,10 @@ long SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
      case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
          if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
              return 0;
@@ -2060,7 +2133,7 @@ index 98057921f8..382f4b6d7b 100644
          s->max_send_fragment = larg;
          if (s->max_send_fragment < s->split_send_fragment)
              s->split_send_fragment = s->max_send_fragment;
-@@ -4417,11 +4506,18 @@ int SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size)
+@@ -4425,11 +4514,18 @@ int SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size)
      return 1;
  }
  
@@ -2113,7 +2186,7 @@ index 8c3542a542..c10e7d52ce 100644
  __owur char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
  __owur int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
 diff --git ssl/t1_enc.c ssl/t1_enc.c
-index c85c0b0310..d461421068 100644
+index c85c0b0310..7d2eb381af 100644
 --- ssl/t1_enc.c
 +++ ssl/t1_enc.c
 @@ -10,10 +10,14 @@
@@ -2190,16 +2263,12 @@ index c85c0b0310..d461421068 100644
  
      c = s->s3->tmp.new_sym_enc;
      m = s->s3->tmp.new_hash;
-@@ -312,6 +361,85 @@ int tls1_change_cipher_state(SSL *s, int which)
+@@ -312,6 +361,81 @@ int tls1_change_cipher_state(SSL *s, int which)
                   ERR_R_INTERNAL_ERROR);
          goto err;
      }
 +#ifndef OPENSSL_NO_KTLS
-+    if (s->compress)
-+        goto skip_ktls;
-+
-+    if (((which & SSL3_CC_READ) && (s->mode & SSL_MODE_NO_KTLS_RX))
-+        || ((which & SSL3_CC_WRITE) && (s->mode & SSL_MODE_NO_KTLS_TX)))
++    if (s->compress || (s->options & SSL_OP_ENABLE_KTLS) == 0)
 +        goto skip_ktls;
 +
 +    /* ktls supports only the maximum fragment size */
@@ -2277,7 +2346,7 @@ index c85c0b0310..d461421068 100644
  
  #ifdef SSL_DEBUG
 diff --git ssl/tls13_enc.c ssl/tls13_enc.c
-index b8fb07f210..d9f050ee34 100644
+index b8fb07f210..39530237d8 100644
 --- ssl/tls13_enc.c
 +++ ssl/tls13_enc.c
 @@ -9,6 +9,8 @@
@@ -2386,14 +2455,15 @@ index b8fb07f210..d9f050ee34 100644
          /* SSLfatal() already called */
          goto err;
      }
-@@ -714,8 +722,51 @@ int tls13_change_cipher_state(SSL *s, int which)
+@@ -714,8 +722,52 @@ int tls13_change_cipher_state(SSL *s, int which)
          s->statem.enc_write_state = ENC_WRITE_STATE_WRITE_PLAIN_ALERTS;
      else
          s->statem.enc_write_state = ENC_WRITE_STATE_VALID;
 +#ifndef OPENSSL_NO_KTLS
 +# if defined(OPENSSL_KTLS_TLS13)
-+    if (!(which & SSL3_CC_WRITE) || !(which & SSL3_CC_APPLICATION)
-+        || ((which & SSL3_CC_WRITE) && (s->mode & SSL_MODE_NO_KTLS_TX)))
++    if (!(which & SSL3_CC_WRITE)
++            || !(which & SSL3_CC_APPLICATION)
++            || (s->options & SSL_OP_ENABLE_KTLS) == 0)
 +        goto skip_ktls;
 +
 +    /* ktls supports only the maximum fragment size */
@@ -2438,7 +2508,7 @@ index b8fb07f210..d9f050ee34 100644
      OPENSSL_cleanse(secret, sizeof(secret));
      return ret;
  }
-@@ -729,6 +780,7 @@ int tls13_update_key(SSL *s, int sending)
+@@ -729,6 +781,7 @@ int tls13_update_key(SSL *s, int sending)
  #endif
      const EVP_MD *md = ssl_handshake_md(s);
      size_t hashlen = EVP_MD_size(md);
@@ -2446,7 +2516,7 @@ index b8fb07f210..d9f050ee34 100644
      unsigned char *insecret, *iv;
      unsigned char secret[EVP_MAX_MD_SIZE];
      EVP_CIPHER_CTX *ciph_ctx;
-@@ -753,8 +805,8 @@ int tls13_update_key(SSL *s, int sending)
+@@ -753,8 +806,8 @@ int tls13_update_key(SSL *s, int sending)
      if (!derive_secret_key_and_iv(s, sending, ssl_handshake_md(s),
                                    s->s3->tmp.new_sym_enc, insecret, NULL,
                                    application_traffic,
@@ -2457,7 +2527,7 @@ index b8fb07f210..d9f050ee34 100644
          /* SSLfatal() already called */
          goto err;
      }
-@@ -764,6 +816,7 @@ int tls13_update_key(SSL *s, int sending)
+@@ -764,6 +817,7 @@ int tls13_update_key(SSL *s, int sending)
      s->statem.enc_write_state = ENC_WRITE_STATE_VALID;
      ret = 1;
   err:
@@ -2492,7 +2562,7 @@ index 5490885309..3478e540ed 100644
  plan tests => 1;
  
 diff --git test/sslapitest.c test/sslapitest.c
-index 4a27ee1ba2..f846bcb4ee 100644
+index 4a27ee1ba2..1388219551 100644
 --- test/sslapitest.c
 +++ test/sslapitest.c
 @@ -7,6 +7,7 @@
@@ -2517,13 +2587,12 @@ index 4a27ee1ba2..f846bcb4ee 100644
  #include "../ssl/ssl_local.h"
  
  #ifndef OPENSSL_NO_TLS1_3
-@@ -779,6 +782,409 @@ static int execute_test_large_message(const SSL_METHOD *smeth,
+@@ -779,6 +782,433 @@ static int execute_test_large_message(const SSL_METHOD *smeth,
      return testresult;
  }
  
 +#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_KTLS) && \
 +    !(defined(OPENSSL_NO_TLS1_3) && defined(OPENSSL_NO_TLS1_2))
-+#define TLS_CIPHER_MAX_REC_SEQ_SIZE 8
 +/* sock must be connected */
 +static int ktls_chk_platform(int sock)
 +{
@@ -2532,26 +2601,26 @@ index 4a27ee1ba2..f846bcb4ee 100644
 +    return 1;
 +}
 +
-+static int ping_pong_query(SSL *clientssl, SSL *serverssl, int cfd, int sfd, int rec_seq_size)
++static int ping_pong_query(SSL *clientssl, SSL *serverssl)
 +{
 +    static char count = 1;
 +    unsigned char cbuf[16000] = {0};
 +    unsigned char sbuf[16000];
 +    size_t err = 0;
-+    char crec_wseq_before[TLS_CIPHER_MAX_REC_SEQ_SIZE];
-+    char crec_wseq_after[TLS_CIPHER_MAX_REC_SEQ_SIZE];
-+    char crec_rseq_before[TLS_CIPHER_MAX_REC_SEQ_SIZE];
-+    char crec_rseq_after[TLS_CIPHER_MAX_REC_SEQ_SIZE];
-+    char srec_wseq_before[TLS_CIPHER_MAX_REC_SEQ_SIZE];
-+    char srec_wseq_after[TLS_CIPHER_MAX_REC_SEQ_SIZE];
-+    char srec_rseq_before[TLS_CIPHER_MAX_REC_SEQ_SIZE];
-+    char srec_rseq_after[TLS_CIPHER_MAX_REC_SEQ_SIZE];
++    char crec_wseq_before[SEQ_NUM_SIZE];
++    char crec_wseq_after[SEQ_NUM_SIZE];
++    char crec_rseq_before[SEQ_NUM_SIZE];
++    char crec_rseq_after[SEQ_NUM_SIZE];
++    char srec_wseq_before[SEQ_NUM_SIZE];
++    char srec_wseq_after[SEQ_NUM_SIZE];
++    char srec_rseq_before[SEQ_NUM_SIZE];
++    char srec_rseq_after[SEQ_NUM_SIZE];
 +
 +    cbuf[0] = count++;
-+    memcpy(crec_wseq_before, &clientssl->rlayer.write_sequence, rec_seq_size);
-+    memcpy(crec_rseq_before, &clientssl->rlayer.read_sequence, rec_seq_size);
-+    memcpy(srec_wseq_before, &serverssl->rlayer.write_sequence, rec_seq_size);
-+    memcpy(srec_rseq_before, &serverssl->rlayer.read_sequence, rec_seq_size);
++    memcpy(crec_wseq_before, &clientssl->rlayer.write_sequence, SEQ_NUM_SIZE);
++    memcpy(crec_rseq_before, &clientssl->rlayer.read_sequence, SEQ_NUM_SIZE);
++    memcpy(srec_wseq_before, &serverssl->rlayer.write_sequence, SEQ_NUM_SIZE);
++    memcpy(srec_rseq_before, &serverssl->rlayer.read_sequence, SEQ_NUM_SIZE);
 +
 +    if (!TEST_true(SSL_write(clientssl, cbuf, sizeof(cbuf)) == sizeof(cbuf)))
 +        goto end;
@@ -2571,53 +2640,56 @@ index 4a27ee1ba2..f846bcb4ee 100644
 +        }
 +    }
 +
-+    memcpy(crec_wseq_after, &clientssl->rlayer.write_sequence, rec_seq_size);
-+    memcpy(crec_rseq_after, &clientssl->rlayer.read_sequence, rec_seq_size);
-+    memcpy(srec_wseq_after, &serverssl->rlayer.write_sequence, rec_seq_size);
-+    memcpy(srec_rseq_after, &serverssl->rlayer.read_sequence, rec_seq_size);
++    memcpy(crec_wseq_after, &clientssl->rlayer.write_sequence, SEQ_NUM_SIZE);
++    memcpy(crec_rseq_after, &clientssl->rlayer.read_sequence, SEQ_NUM_SIZE);
++    memcpy(srec_wseq_after, &serverssl->rlayer.write_sequence, SEQ_NUM_SIZE);
++    memcpy(srec_rseq_after, &serverssl->rlayer.read_sequence, SEQ_NUM_SIZE);
 +
 +    /* verify the payload */
 +    if (!TEST_mem_eq(cbuf, sizeof(cbuf), sbuf, sizeof(sbuf)))
 +        goto end;
 +
-+    /* ktls is used then kernel sequences are used instead of OpenSSL sequences */
-+    if (clientssl->mode & SSL_MODE_NO_KTLS_TX) {
-+        if (!TEST_mem_ne(crec_wseq_before, rec_seq_size,
-+                         crec_wseq_after, rec_seq_size))
++    /*
++     * If ktls is used then kernel sequences are used instead of
++     * OpenSSL sequences
++     */
++    if (!BIO_get_ktls_send(clientssl->wbio)) {
++        if (!TEST_mem_ne(crec_wseq_before, SEQ_NUM_SIZE,
++                         crec_wseq_after, SEQ_NUM_SIZE))
 +            goto end;
 +    } else {
-+        if (!TEST_mem_eq(crec_wseq_before, rec_seq_size,
-+                         crec_wseq_after, rec_seq_size))
++        if (!TEST_mem_eq(crec_wseq_before, SEQ_NUM_SIZE,
++                         crec_wseq_after, SEQ_NUM_SIZE))
 +            goto end;
 +    }
 +
-+    if (serverssl->mode & SSL_MODE_NO_KTLS_TX) {
-+        if (!TEST_mem_ne(srec_wseq_before, rec_seq_size,
-+                         srec_wseq_after, rec_seq_size))
++    if (!BIO_get_ktls_send(serverssl->wbio)) {
++        if (!TEST_mem_ne(srec_wseq_before, SEQ_NUM_SIZE,
++                         srec_wseq_after, SEQ_NUM_SIZE))
 +            goto end;
 +    } else {
-+        if (!TEST_mem_eq(srec_wseq_before, rec_seq_size,
-+                         srec_wseq_after, rec_seq_size))
++        if (!TEST_mem_eq(srec_wseq_before, SEQ_NUM_SIZE,
++                         srec_wseq_after, SEQ_NUM_SIZE))
 +            goto end;
 +    }
 +
-+    if (clientssl->mode & SSL_MODE_NO_KTLS_RX) {
-+        if (!TEST_mem_ne(crec_rseq_before, rec_seq_size,
-+                         crec_rseq_after, rec_seq_size))
++    if (!BIO_get_ktls_recv(clientssl->wbio)) {
++        if (!TEST_mem_ne(crec_rseq_before, SEQ_NUM_SIZE,
++                         crec_rseq_after, SEQ_NUM_SIZE))
 +            goto end;
 +    } else {
-+        if (!TEST_mem_eq(crec_rseq_before, rec_seq_size,
-+                         crec_rseq_after, rec_seq_size))
++        if (!TEST_mem_eq(crec_rseq_before, SEQ_NUM_SIZE,
++                         crec_rseq_after, SEQ_NUM_SIZE))
 +            goto end;
 +    }
 +
-+    if (serverssl->mode & SSL_MODE_NO_KTLS_RX) {
-+        if (!TEST_mem_ne(srec_rseq_before, rec_seq_size,
-+                         srec_rseq_after, rec_seq_size))
++    if (!BIO_get_ktls_recv(serverssl->wbio)) {
++        if (!TEST_mem_ne(srec_rseq_before, SEQ_NUM_SIZE,
++                         srec_rseq_after, SEQ_NUM_SIZE))
 +            goto end;
 +    } else {
-+        if (!TEST_mem_eq(srec_rseq_before, rec_seq_size,
-+                         srec_rseq_after, rec_seq_size))
++        if (!TEST_mem_eq(srec_rseq_before, SEQ_NUM_SIZE,
++                         srec_rseq_after, SEQ_NUM_SIZE))
 +            goto end;
 +    }
 +
@@ -2626,92 +2698,110 @@ index 4a27ee1ba2..f846bcb4ee 100644
 +    return 0;
 +}
 +
-+static int execute_test_ktls(int cis_ktls_tx, int cis_ktls_rx,
-+                             int sis_ktls_tx, int sis_ktls_rx,
-+                             int tls_version, const char *cipher,
-+                             int rec_seq_size)
++static int execute_test_ktls(int cis_ktls, int sis_ktls,
++                             int tls_version, const char *cipher)
 +{
 +    SSL_CTX *cctx = NULL, *sctx = NULL;
 +    SSL *clientssl = NULL, *serverssl = NULL;
-+    int testresult = 0;
-+    int cfd, sfd;
++    int ktls_used = 0, testresult = 0;
++    int cfd = -1, sfd = -1;
++    int rx_supported;
 +
 +    if (!TEST_true(create_test_sockets(&cfd, &sfd)))
 +        goto end;
 +
 +    /* Skip this test if the platform does not support ktls */
-+    if (!ktls_chk_platform(cfd))
-+        return 1;
++    if (!ktls_chk_platform(cfd)) {
++        TEST_info("Kernel does not support KTLS");
++        testresult = 1;
++        goto end;
++    }
 +
 +    /* Create a session based on SHA-256 */
 +    if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(),
 +                                       TLS_client_method(),
 +                                       tls_version, tls_version,
-+                                       &sctx, &cctx, cert, privkey))
-+            || !TEST_true(SSL_CTX_set_cipher_list(cctx, cipher))
-+            || !TEST_true(SSL_CTX_set_cipher_list(sctx, cipher))
-+            || !TEST_true(create_ssl_objects2(sctx, cctx, &serverssl,
-+                                          &clientssl, sfd, cfd)))
++                                       &sctx, &cctx, cert, privkey)))
 +        goto end;
 +
-+    if (!cis_ktls_tx) {
-+        if (!TEST_true(SSL_set_mode(clientssl, SSL_MODE_NO_KTLS_TX)))
++    if (tls_version == TLS1_3_VERSION) {
++        if (!TEST_true(SSL_CTX_set_ciphersuites(cctx, cipher))
++            || !TEST_true(SSL_CTX_set_ciphersuites(sctx, cipher)))
 +            goto end;
-+    }
-+
-+    if (!sis_ktls_tx) {
-+        if (!TEST_true(SSL_set_mode(serverssl, SSL_MODE_NO_KTLS_TX)))
++    } else {
++        if (!TEST_true(SSL_CTX_set_cipher_list(cctx, cipher))
++            || !TEST_true(SSL_CTX_set_cipher_list(sctx, cipher)))
 +            goto end;
 +    }
 +
-+    if (!cis_ktls_rx) {
-+        if (!TEST_true(SSL_set_mode(clientssl, SSL_MODE_NO_KTLS_RX)))
++    if (!TEST_true(create_ssl_objects2(sctx, cctx, &serverssl,
++                                       &clientssl, sfd, cfd)))
++        goto end;
++
++    if (cis_ktls) {
++        if (!TEST_true(SSL_set_options(clientssl, SSL_OP_ENABLE_KTLS)))
 +            goto end;
 +    }
 +
-+    if (!sis_ktls_rx) {
-+        if (!TEST_true(SSL_set_mode(serverssl, SSL_MODE_NO_KTLS_RX)))
++    if (sis_ktls) {
++        if (!TEST_true(SSL_set_options(serverssl, SSL_OP_ENABLE_KTLS)))
 +            goto end;
 +    }
 +
-+    if (!TEST_true(create_ssl_connection(serverssl, clientssl,
-+                                                SSL_ERROR_NONE)))
++    if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)))
 +        goto end;
 +
-+    if (!cis_ktls_tx) {
++    /*
++     * The running kernel may not support a given cipher suite
++     * or direction, so just check that KTLS isn't used when it
++     * isn't enabled.
++     */
++    if (!cis_ktls) {
 +        if (!TEST_false(BIO_get_ktls_send(clientssl->wbio)))
 +            goto end;
 +    } else {
-+        if (!TEST_true(BIO_get_ktls_send(clientssl->wbio)))
-+            goto end;
++        if (BIO_get_ktls_send(clientssl->wbio))
++            ktls_used = 1;
 +    }
 +
-+    if (!sis_ktls_tx) {
++    if (!sis_ktls) {
 +        if (!TEST_false(BIO_get_ktls_send(serverssl->wbio)))
 +            goto end;
 +    } else {
-+        if (!TEST_true(BIO_get_ktls_send(serverssl->wbio)))
-+            goto end;
++        if (BIO_get_ktls_send(serverssl->wbio))
++            ktls_used = 1;
 +    }
 +
-+    if (!cis_ktls_rx) {
++#if defined(OPENSSL_NO_KTLS_RX)
++    rx_supported = 0;
++#else
++    rx_supported = (tls_version != TLS1_3_VERSION);
++#endif
++    if (!cis_ktls || !rx_supported) {
 +        if (!TEST_false(BIO_get_ktls_recv(clientssl->rbio)))
 +            goto end;
 +    } else {
-+        if (!TEST_true(BIO_get_ktls_recv(clientssl->rbio)))
-+            goto end;
++        if (BIO_get_ktls_send(clientssl->rbio))
++            ktls_used = 1;
 +    }
 +
-+    if (!sis_ktls_rx) {
++    if (!sis_ktls || !rx_supported) {
 +        if (!TEST_false(BIO_get_ktls_recv(serverssl->rbio)))
 +            goto end;
 +    } else {
-+        if (!TEST_true(BIO_get_ktls_recv(serverssl->rbio)))
-+            goto end;
++        if (BIO_get_ktls_send(serverssl->rbio))
++            ktls_used = 1;
 +    }
 +
-+    if (!TEST_true(ping_pong_query(clientssl, serverssl, cfd, sfd,
-+				   rec_seq_size)))
++    if ((cis_ktls || sis_ktls) && !ktls_used) {
++        TEST_info("KTLS not supported for %s cipher %s",
++                  tls_version == TLS1_3_VERSION ? "TLS 1.3" :
++                  "TLS 1.2", cipher);
++        testresult = 1;
++        goto end;
++    }
++
++    if (!TEST_true(ping_pong_query(clientssl, serverssl)))
 +        goto end;
 +
 +    testresult = 1;
@@ -2727,6 +2817,10 @@ index 4a27ee1ba2..f846bcb4ee 100644
 +    SSL_CTX_free(sctx);
 +    SSL_CTX_free(cctx);
 +    serverssl = clientssl = NULL;
++    if (cfd != -1)
++        close(cfd);
++    if (sfd != -1)
++        close(sfd);
 +    return testresult;
 +}
 +
@@ -2734,13 +2828,13 @@ index 4a27ee1ba2..f846bcb4ee 100644
 +#define SENDFILE_CHUNK                  (4 * 4096)
 +#define min(a,b)                        ((a) > (b) ? (b) : (a))
 +
-+static int test_ktls_sendfile(int tls_version, const char *cipher)
++static int execute_test_ktls_sendfile(int tls_version, const char *cipher)
 +{
 +    SSL_CTX *cctx = NULL, *sctx = NULL;
 +    SSL *clientssl = NULL, *serverssl = NULL;
 +    unsigned char *buf, *buf_dst;
 +    BIO *out = NULL, *in = NULL;
-+    int cfd, sfd, ffd, err;
++    int cfd = -1, sfd = -1, ffd, err;
 +    ssize_t chunk_size = 0;
 +    off_t chunk_off = 0;
 +    int testresult = 0;
@@ -2754,6 +2848,7 @@ index 4a27ee1ba2..f846bcb4ee 100644
 +
 +    /* Skip this test if the platform does not support ktls */
 +    if (!ktls_chk_platform(sfd)) {
++        TEST_info("Kernel does not support KTLS");
 +        testresult = 1;
 +        goto end;
 +    }
@@ -2762,19 +2857,40 @@ index 4a27ee1ba2..f846bcb4ee 100644
 +    if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(),
 +                                       TLS_client_method(),
 +                                       tls_version, tls_version,
-+                                       &sctx, &cctx, cert, privkey))
-+        || !TEST_true(SSL_CTX_set_cipher_list(cctx, cipher))
-+        || !TEST_true(SSL_CTX_set_cipher_list(sctx, cipher))
-+        || !TEST_true(create_ssl_objects2(sctx, cctx, &serverssl,
-+                                          &clientssl, sfd, cfd)))
++                                       &sctx, &cctx, cert, privkey)))
++        goto end;
++
++    if (tls_version == TLS1_3_VERSION) {
++        if (!TEST_true(SSL_CTX_set_ciphersuites(cctx, cipher))
++            || !TEST_true(SSL_CTX_set_ciphersuites(sctx, cipher)))
++            goto end;
++    } else {
++        if (!TEST_true(SSL_CTX_set_cipher_list(cctx, cipher))
++            || !TEST_true(SSL_CTX_set_cipher_list(sctx, cipher)))
++            goto end;
++    }
++
++    if (!TEST_true(create_ssl_objects2(sctx, cctx, &serverssl,
++                                       &clientssl, sfd, cfd)))
*** 284 LINES SKIPPED ***



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202108191405.17JE55Ov050232>