[gnutls-devel] GnuTLS | session: Allow packing and restoring an entire session (!2021)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Mon Sep 29 05:12:13 CEST 2025 


Alistair Francis created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/2021

Project:Branches: alistair23/gnutls:alistair/session-pack to gnutls/gnutls:master
Author:   Alistair Francis




As part of the work to support KeyUpdate in ktls-utils and the Linux kernel we need to be able to [save and restore the gnutls session](https://lore.kernel.org/kernel-tls-handshake/49a61a63-db9a-42cd-afa9-3f177400bd86@suse.de/T/#ma9fb251a756fe427bc474f113572abc5fbe8ddab) in the kernel keyring.

Basically ktls-utils will use gnutls for the handshake then hand the keys and connection information off to the kernel for the kernel to take over. At this point gnutls needs to be able to save it's state in a buffer for use later. This series allows that by saving the gnutls state in a buffer and then allowing us to restore that state and then update keys later on.

This requires saving a lot more information then gnutls currently does, including security_parameters, TLS keys and record_parameters. We also need to save the information even if a handshake hasn't completed yet.

This requires https://gitlab.com/gnutls/gnutls/-/merge_requests/1968

## Checklist
 * [X] Commits have `Signed-off-by:` with name/author being identical to the commit author
 * [X] Code modified for feature
 * [X] Test suite updated with functionality tests
 * [ ] Test suite updated with negative tests
 * [X] Documentation updated / NEWS entry present (for non-trivial changes)

## Reviewer's checklist:
 * [ ] Any issues marked for closing are addressed
 * [ ] There is a test suite reasonably covering new functionality or modifications
 * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md`
 * [ ] This feature/change has adequate documentation added
 * [ ] No obvious mistakes in the code

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/2021
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250929/d72bb0fc/attachment.html>

More information about the Gnutls-devel mailing list