[gnutls-devel] GnuTLS | ktls: basic implementation of SW mode (!1451)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Mon Sep 20 19:17:16 CEST 2021

Daniel P_ Berrangé started a new discussion on lib/includes/gnutls/socket.h: https://gitlab.com/gnutls/gnutls/-/merge_requests/1451#note_682335583

>  #endif
>  /* *INDENT-ON* */
> +
> +
>  void gnutls_transport_set_fastopen(gnutls_session_t session,
>                                     int fd,
>                                     struct sockaddr *connect_addr,
>                                     socklen_t connect_addrlen,
>                                     unsigned int flags);
> +int gnutls_transport_set_ktls(gnutls_session_t session,
> +		int sockin, int sockout);

Does this actually need to have the socket FDs passed in ?

IIUC, there are two common ways to use gnutls.

* Use gnutls_transport_set_{push,pull}_function to install callbacks to handle I/O
* Use gnutls_transport_set_int2 (or its variants) to set the file descriptor for gnutls to use directly

For apps using the latter case, there's no need to pass the same FDs into gnutls again to enable KTLS

For apps using the former case with custom callbacks, it is unlikely they'll want to pass FDs in for KTLS, unless they can refactor their code to use gnutls_transport_set_int2 instead.

IOW can this method for enabling KTLS simply take the session object and nothing more and it simply be an error to use it if gnutls_transport_set_int2 was not used ?

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1451#note_682335583
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210920/4330bc39/attachment.html>

More information about the Gnutls-devel mailing list