[PATCH 0 of 2] KTLS / SSL_sendfile() support

Maxim Dounin mdounin at mdounin.ru
Mon Sep 27 13:18:06 UTC 2021


This patch series add kernel TLS / SSL_sendfile() support.
Works on FreeBSD 13.0+ and Linux with kernel 4.13+ (at least 5.2
is recommended, tested with 5.11).

The following questions need additional testing/attention:

- What about EINTR?  Looks like it simply results in SSL_ERROR_WANT_WRITE,
  so might need extra checking to make sure there will be another write

- What about SSL_sendfile(), early data and write blocking?
  Ref. c->ssl->write_blocked, 7431:294162223c7c by pluknet at .
  Looks like it is not a problem with SSL_sendfile(), but needs
  further checking.

- What about FreeBSD aio sendfile (aka SF_NODISKIO)?  Might be
  easy enough to support.

Review and testing appreciated.

Maxim Dounin

More information about the nginx-devel mailing list