diff options
author | Frantisek Krenzelok <krenzelok.frantisek@gmail.com> | 2022-08-02 15:00:50 +0200 |
---|---|---|
committer | Frantisek Krenzelok <krenzelok.frantisek@gmail.com> | 2022-10-05 14:19:46 +0200 |
commit | c83b9ecbe8e7e5442867281236d8c9e1bd227204 (patch) | |
tree | e6a6dc562ba465479d799ca6279312379de9477a /lib/system | |
parent | 08be2c563e29a846e5a1cae25caa010430dc0ecd (diff) | |
download | gnutls-c83b9ecbe8e7e5442867281236d8c9e1bd227204.tar.gz |
KTLS: set key on specific interfaces
It is now possible to set key on specific interface.
If interface given is not ktls enabled then it will be ignored.
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Diffstat (limited to 'lib/system')
-rw-r--r-- | lib/system/ktls.c | 12 | ||||
-rw-r--r-- | lib/system/ktls.h | 7 |
2 files changed, 13 insertions, 6 deletions
diff --git a/lib/system/ktls.c b/lib/system/ktls.c index ddf27fac76..70b9b9b3ac 100644 --- a/lib/system/ktls.c +++ b/lib/system/ktls.c @@ -80,7 +80,7 @@ void _gnutls_ktls_enable(gnutls_session_t session) } } -int _gnutls_ktls_set_keys(gnutls_session_t session) +int _gnutls_ktls_set_keys(gnutls_session_t session, gnutls_transport_ktls_enable_flags_t in) { gnutls_cipher_algorithm_t cipher = gnutls_cipher_get(session); gnutls_datum_t mac_key; @@ -107,7 +107,9 @@ int _gnutls_ktls_set_keys(gnutls_session_t session) return ret; } - if(session->internals.ktls_enabled & GNUTLS_KTLS_RECV){ + in &= session->internals.ktls_enabled; + + if(in & GNUTLS_KTLS_RECV){ switch (cipher) { case GNUTLS_CIPHER_AES_128_GCM: { @@ -191,7 +193,7 @@ int _gnutls_ktls_set_keys(gnutls_session_t session) return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); } - if(session->internals.ktls_enabled & GNUTLS_KTLS_SEND){ + if(in & GNUTLS_KTLS_SEND){ switch (cipher) { case GNUTLS_CIPHER_AES_128_GCM: { @@ -269,7 +271,7 @@ int _gnutls_ktls_set_keys(gnutls_session_t session) } } - return 0; + return in; } ssize_t _gnutls_ktls_send_file(gnutls_session_t session, int fd, @@ -465,7 +467,7 @@ gnutls_transport_is_ktls_enabled(gnutls_session_t session) { void _gnutls_ktls_enable(gnutls_session_t session) { } -int _gnutls_ktls_set_keys(gnutls_session_t session) { +int _gnutls_ktls_set_keys(gnutls_session_t sessioni, gnutls_transport_ktls_enable_flags_t in) { return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE); } diff --git a/lib/system/ktls.h b/lib/system/ktls.h index 8a98a8eb8f..c8059092d0 100644 --- a/lib/system/ktls.h +++ b/lib/system/ktls.h @@ -4,14 +4,19 @@ #include "gnutls_int.h" void _gnutls_ktls_enable(gnutls_session_t session); -int _gnutls_ktls_set_keys(gnutls_session_t session); + +int _gnutls_ktls_set_keys(gnutls_session_t session, gnutls_transport_ktls_enable_flags_t in); + ssize_t _gnutls_ktls_send_file(gnutls_session_t session, int fd, off_t *offset, size_t count); + int _gnutls_ktls_send_control_msg(gnutls_session_t session, unsigned char record_type, const void *data, size_t data_size); #define _gnutls_ktls_send(x, y, z) _gnutls_ktls_send_control_msg(x, GNUTLS_APPLICATION_DATA, y, z); + int _gnutls_ktls_recv_control_msg(gnutls_session_t session, unsigned char *record_type, void *data, size_t data_size); + int _gnutls_ktls_recv_int(gnutls_session_t session, content_type_t type, void *data, size_t data_size); #define _gnutls_ktls_recv(x, y, z) _gnutls_ktls_recv_int(x, GNUTLS_APPLICATION_DATA, y, z) |