From 54f30cb57c78e5390d951e4a0c4d0bf2ce0d86a1 Mon Sep 17 00:00:00 2001
From: Andrew Gallatin <gallatin@gmail.com>
Date: Wed, 31 Oct 2018 15:01:47 -0400
Subject: [PATCH] Bypass multiblock and send individual records when using
 KTLS.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10045)
---
 ssl/record/rec_layer_s3.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 876e738a44..a34f9df1df 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -426,6 +426,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, size_t len,
         len >= 4 * (max_send_fragment = ssl_get_max_send_fragment(s)) &&
         s->compress == NULL && s->msg_callback == NULL &&
         !SSL_WRITE_ETM(s) && SSL_USE_EXPLICIT_IV(s) &&
+        (BIO_get_ktls_send(s->wbio) == 0) &&
         EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(s->enc_write_ctx)) &
         EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK) {
         unsigned char aad[13];
-- 
2.25.1