[Bug 254643] security/openssl 1.1.1k and SSL webservers do not work when cryptodev.ko is loaded

[bugzilla-noreply at freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254643

            Bug ID: 254643
           Summary: security/openssl 1.1.1k and SSL webservers do not work
                    when cryptodev.ko is loaded
           Product: Ports & Packages
           Version: Latest
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: brnrd at freebsd.org
          Reporter: cryx-freebsd at h3q.com
             Flags: maintainer-feedback?(brnrd at freebsd.org)
          Assignee: brnrd at freebsd.org

I've seen this happening on FreeBSD 11.4 and 12.2 that when cryptodev.ko module
is loaded and openssl with version 1.1.1k from ports is installed, both nginx
and apache24 are unable to establish an SSL session.

nginx error message is like this:

[crit] 5569#100511: *27523 SSL_do_handshake() failed (SSL:
error:0201502D:system library:ioctl:Operation not supported error:1427D044:SSL
routines:construct_stateless_ticket:internal error error:0201502D:system
library:ioctl:Operation not supported) (45: Operation not supported) while SSL
handshaking

When unloading the cryptodev.ko and restarting the webserver, everything works
okay, reloading cryptodev.ko again and restarting the webserver brings back the
issue.

This did not happen with previously installed 1.1.1j version.

-- 
You are receiving this mail because:
You are the assignee for the bug.