D24451.id70660.diff
No OneTemporary
Actions

Size

2 KB

Referenced Files

None

Subscribers

None

D24451.id70660.diff
View Options

	Index: sys/kern/uipc_ktls.c
	===================================================================
	--- sys/kern/uipc_ktls.c
	+++ sys/kern/uipc_ktls.c
	@@ -954,6 +954,7 @@
	}

	SOCKBUF_LOCK(&so->so_snd);
	+ so->so_snd.sb_tls_seqno = be64dec(en->rec_seq);
	so->so_snd.sb_tls_info = tls;
	if (tls->mode != TCP_TLS_MODE_SW)
	so->so_snd.sb_flags \|= SB_TLS_IFNET;
	Index: sys/netinet/tcp_usrreq.c
	===================================================================
	--- sys/netinet/tcp_usrreq.c
	+++ sys/netinet/tcp_usrreq.c
	@@ -1823,6 +1823,37 @@
	CTASSERT(TCP_LOG_REASON_LEN <= TCP_LOG_ID_LEN);
	#endif

	+#ifdef KERN_TLS
	+static int
	+copyin_tls_enable(struct sockopt sopt, struct tls_enable tls)
	+{
	+ struct tls_enable_v0 tls_v0;
	+ int error;
	+
	+ if (sopt->sopt_valsize == sizeof(tls_v0)) {
	+ error = sooptcopyin(sopt, &tls_v0, sizeof(tls_v0),
	+ sizeof(tls_v0));
	+ if (error)
	+ return (error);
	+ memset(tls, 0, sizeof(*tls));
	+ tls->cipher_key = tls_v0.cipher_key;
	+ tls->iv = tls_v0.iv;
	+ tls->auth_key = tls_v0.auth_key;
	+ tls->cipher_algorithm = tls_v0.cipher_algorithm;
	+ tls->cipher_key_len = tls_v0.cipher_key_len;
	+ tls->iv_len = tls_v0.iv_len;
	+ tls->auth_algorithm = tls_v0.auth_algorithm;
	+ tls->auth_key_len = tls_v0.auth_key_len;
	+ tls->flags = tls_v0.flags;
	+ tls->tls_vmajor = tls_v0.tls_vmajor;
	+ tls->tls_vminor = tls_v0.tls_vminor;
	+ return (0);
	+ }
	+
	+ return (sooptcopyin(sopt, tls, sizeof(tls), sizeof(tls)));
	+}
	+#endif
	+
	int
	tcp_default_ctloutput(struct socket so, struct sockopt sopt, struct inpcb inp, struct tcpcb tp)
	{
	@@ -2034,8 +2065,7 @@
	#ifdef KERN_TLS
	case TCP_TXTLS_ENABLE:
	INP_WUNLOCK(inp);
	- error = sooptcopyin(sopt, &tls, sizeof(tls),
	- sizeof(tls));
	+ error = copyin_tls_enable(sopt, &tls);
	if (error)
	break;
	error = ktls_enable_tx(so, &tls);
	Index: sys/sys/ktls.h
	===================================================================
	--- sys/sys/ktls.h
	+++ sys/sys/ktls.h
	@@ -99,6 +99,22 @@
	#define TLS_MINOR_VER_THREE 4 /* 3, 4 */

	/* For TCP_TXTLS_ENABLE */
	+#ifdef _KERNEL
	+struct tls_enable_v0 {
	+ const uint8_t *cipher_key;
	+ const uint8_t iv; / Implicit IV. */
	+ const uint8_t *auth_key;
	+ int cipher_algorithm; /* e.g. CRYPTO_AES_CBC */
	+ int cipher_key_len;
	+ int iv_len;
	+ int auth_algorithm; /* e.g. CRYPTO_SHA2_256_HMAC */
	+ int auth_key_len;
	+ int flags;
	+ uint8_t tls_vmajor;
	+ uint8_t tls_vminor;
	+};
	+#endif
	+
	struct tls_enable {
	const uint8_t *cipher_key;
	const uint8_t iv; / Implicit IV. */
	@@ -111,6 +127,7 @@
	int flags;
	uint8_t tls_vmajor;
	uint8_t tls_vminor;
	+ uint8_t rec_seq[8];
	};

	struct tls_session_params {

File Metadata

Mime Type: text/plain
Expires: Wed, Nov 27, 5:37 AM (20 h, 2 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 14879327
Default Alt Text: D24451.id70660.diff (2 KB)

D24451.id70660.diffNo OneTemporaryActions

D24451.id70660.diffView Options

File Metadata

Event Timeline

D24451.id70660.diff
No OneTemporary
Actions

D24451.id70660.diff
View Options