nhorman
commented
1 month ago Marking as inactive, to be closed at the end of 3.4 dev barring further input
Open gaojunhao opened 3 years ago
nhorman
commented
1 month ago Marking as inactive, to be closed at the end of 3.4 dev barring further input
hi I'm using the latest version of openssl to enable ktls recv, but failed. Then I analyze the code, found the sequence of handshake and key agreement process for ktls recv is different from kernel. In openssl: 1)client->server: client hello 2)server->client: server hello, certificate, server key exchange, server hello done 3)client->server: client key exchange, change chiper spec, encrypted handshake message 4)server->client: change chiper spec, encrypted handshake message Then openssl will set ktls recv in 3)change chiper spec, then handshake, but in kernel client will handshake with server firstly, then client and server set their chiper spec. So I want to know the sequence is as I say, then any changes will happen on the sequence? Or how coud ktls recv could work under original code. Best Regards, Junhao