Date: Sun, 14 Mar 2021 10:14:37 -0700 From: Benjamin Kaduk <kaduk@mit.edu> To: FreeBSD CURRENT <freebsd-current@freebsd.org> Subject: Re: Getting started with ktls Message-ID: <20210314171437.GA79563@kduck.mit.edu> In-Reply-To: <CAOtMX2gNMw2%2BYcKT9cY35SqASmnvMMH9GDK66VjQvhA85Rj_kQ@mail.gmail.com> References: <CAOtMX2ggNtsEQz7TinyHciqsgzUSjcdvMDb1oORKHtMBnzTELw@mail.gmail.com> <20210311003136.GM56617@kduck.mit.edu> <CAOtMX2iKtBAQWRzY1K9twAFrtdH=S559J6Zd%2Bm5D-YHHPVYf7g@mail.gmail.com> <20210311031501.GP56617@kduck.mit.edu> <CAOtMX2hApCJuTe8OqEJmjrj9vffLB%2BM%2Bc5qR=iPrhRnbeZf=jQ@mail.gmail.com> <YQXPR0101MB096899D3D2241D0D6D830227DD909@YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM> <YE4kM3euujJw9saZ@ceres.zyxst.net> <CAOtMX2gNMw2%2BYcKT9cY35SqASmnvMMH9GDK66VjQvhA85Rj_kQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Mar 14, 2021 at 09:54:33AM -0600, Alan Somers wrote: > On Sun, Mar 14, 2021 at 8:57 AM tech-lists <tech-lists@zyxst.net> wrote: > > > I'd like to have it (ktls) available on the ARM64 > > stable/13-n244876-0b45290603b. Is it just a matter of adding the option, > > and then the sysctls become available? Is it "better" with openssl[-devel] > > in ports or openssl in base? > > > > thanks, > > -- > > J.\ > > > It's present in current kernels for both 13 and 14, amd64 and aarch64. > However, it's not present in 13's openssl. To use it, you must either > rebuild world with WITH_OPENSSL_KTLS=YES in /etc/src.conf, install > security/openssl-devel from pkg, or built security/openssl from ports with > the KTLS option enabled. I don't know if any version of openssl is > "better" than another. The sysctls should be available in any case. security/openssl-devel is alpha-quality software; I don't recommend running it in production. -Ben
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20210314171437.GA79563>