diff options
| author | Hedgehog5040 <krenzelok.frantisek@gmail.com> | 2021-05-14 15:56:06 +0200 |
|---|---|---|
| committer | Frantisek Krenzelok <krenzelok.frantisek@gmail.com> | 2021-10-19 15:17:45 +0200 |
| commit | 6462916d2f6810409d5da1e13c4a0720f412c166 (patch) | |
| tree | 0a99301f57c2dd8d2b477b15cd068378751e9be9 /m4/hooks.m4 | |
| parent | 17f76888e27c822776166636e28c492d1f0a60ed (diff) | |
| download | gnutls-6462916d2f6810409d5da1e13c4a0720f412c166.tar.gz | |
ktls: basic implementation of SW mode
ktls enables us to offload encryption/decryption to the kernel
prerequisites:
- configured with `--enable-ktls`
- tls module `modprobe tls` check with 'lsmod | grep tls'
- per connection:
gnutls_transport_set_int{2} must be set
When prerequisities are met then ktls is used by default.
If GnuTLS encounters a error during KTLS initialization, it will
not use ktls and fallback to userspace.
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
Diffstat (limited to 'm4/hooks.m4')
| -rw-r--r-- | m4/hooks.m4 | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/m4/hooks.m4 b/m4/hooks.m4 index 4d3d22107d..f0efe52cf6 100644 --- a/m4/hooks.m4 +++ b/m4/hooks.m4 @@ -359,6 +359,24 @@ LIBTASN1_MINIMUM=4.9 fi AM_CONDITIONAL(ENABLE_AFALG, test "$enable_afalg" != "no") + # For KTLS + AC_MSG_CHECKING([whether to add KTLS support]) + AC_ARG_ENABLE(ktls, + AS_HELP_STRING([--enable-ktls], [enable KTLS support]), + enable_ktls=$enableval,enable_ktls=no) + AC_MSG_RESULT($enable_ktls) + + if test "$enable_ktls" = "yes"; then + AC_CHECK_HEADERS([linux/tls.h], [ + AC_DEFINE([HAVE_KTLS],[1],[KTLS headers found at compile time]) + ], [ + AC_MSG_ERROR([<linux/tls.h> not found]) + ]) + AC_DEFINE([ENABLE_KTLS], 1, [Enable KTLS support]) + fi + AM_CONDITIONAL(ENABLE_KTLS, test "$enable_ktls" != "no") + + # For OCSP AC_MSG_CHECKING([whether to disable OCSP support]) AC_ARG_ENABLE(ocsp, AS_HELP_STRING([--disable-ocsp], |