git.ipfire.org Git - thirdparty/openssl.git/commit

author	Ulrich Weber <ulrich.weber@gmail.com>
	Thu, 26 Jun 2025 14:16:06 +0000 (16:16 +0200)
committer	Tomas Mraz <tomas@openssl.org>
	Tue, 14 Oct 2025 14:47:27 +0000 (16:47 +0200)
commit	f23f706a26f2e7cd5dd5221d57e2d0db28530f4e
tree	781ce1cb39cf9e94dd700dbf76ad53b48b9ea108	tree \| snapshot
parent	1a56dae03b3464cb870e77ab438b324d82f92803	commit \| diff

ktls: move ktls_enable() within ktls_start()

On linux ktls can only be enabled on established TCP sockets.
When SSL_set_fd() is called before the connection is established
ktls_enable() fails and ktls is not setup.

This moves ktls_enable() call within then ktls_start() function.
Multiple calls to ktls_start() will trigger additional ktls_enable()
calls which fail with EEXIST, but do not affect the ktls socket.

CLA: trivial

Signed-off-by: Ulrich Weber <ulrich.weber@gmail.com>
Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27908)

crypto/bio/bio_sock2.c		diff \| blob \| blame \| history
crypto/bio/bss_conn.c		diff \| blob \| blame \| history
crypto/bio/bss_sock.c		diff \| blob \| blame \| history
include/internal/ktls.h		diff \| blob \| blame \| history
ssl/ssl_lib.c		diff \| blob \| blame \| history