FS#76800 - [nginx][nginx-mainline] Enable use of kTLS
Attached to Project:
Arch Linux
Opened by Daenney (daenney) - Sunday, 11 December 2022, 13:44 GMT
Last edited by Toolybird (Toolybird) - Monday, 12 December 2022, 20:13 GMT
Opened by Daenney (daenney) - Sunday, 11 December 2022, 13:44 GMT
Last edited by Toolybird (Toolybird) - Monday, 12 December 2022, 20:13 GMT
|
Details
Description:
Since nginx 1.21.4 kTLS is supported by nginx if running with OpenSSL 3+. Now that OpenSSL 3 is available in Arch and nginx has been rebuilt with it, it would be nice to enable kTLS too. It should be a matter of adding `--with-openssl-opt=enable-ktls` to the `configure` step. |
This task depends upon
Closed by Toolybird (Toolybird)
Monday, 12 December 2022, 20:13 GMT
Reason for closing: None
Additional comments about closing: Already working. See comments
Monday, 12 December 2022, 20:13 GMT
Reason for closing: None
Additional comments about closing: Already working. See comments
If you move to the configure step of [1] what is the result?
[1] https://www.nginx.com/blog/improving-nginx-performance-with-kernel-tls/
#ifdef BIO_get_ktls_send
and that define is present in our `/usr/include/openssl/bio.h'.
You should be able to verify using the link @loqs provided in the section "Verifying kTLS is Enabled".
2022/12/12 18:53:31 [emerg] 1805148#1805148: SSL_CONF_cmd("Options", "KTLS") failed (SSL: error:1414E180:SSL routines:SSL_CONF_cmd:bad value:cmd=Options, value=KTLS)
$ pacman -Q nginx
nginx 1.22.1-1