| Series |
In-kernel support for the TLS Alert protocol
|
expand
-
[net-next,v2,0/7] In-kernel support for the TLS Alert protocol
-
[net-next,v2,1/7] net/tls: Move TLS protocol elements to a separate header
-
[net-next,v2,2/7] net/tls: Add TLS Alert definitions
-
[net-next,v2,3/7] net/handshake: Add API for sending TLS Closure alerts
-
[net-next,v2,4/7] SUNRPC: Send TLS Closure alerts before closing a TCP socket
-
[net-next,v2,5/7] net/handshake: Add helpers for parsing incoming TLS Alerts
-
[net-next,v2,6/7] SUNRPC: Use new helpers to handle TLS Alerts
-
[net-next,v2,7/7] net/handshake: Trace events for TLS Alert helpers
|
IMO the kernel doesn't need user space (ie, tlshd) to handle the TLS Alert protocol. Instead, a set of small helper functions can be used to handle sending and receiving TLS Alerts for in-kernel TLS consumers. Changes since v1: * Address review comments from Hannes --- Chuck Lever (7): net/tls: Move TLS protocol elements to a separate header net/tls: Add TLS Alert definitions net/handshake: Add API for sending TLS Closure alerts SUNRPC: Send TLS Closure alerts before closing a TCP socket net/handshake: Add helpers for parsing incoming TLS Alerts SUNRPC: Use new helpers to handle TLS Alerts net/handshake: Trace events for TLS Alert helpers include/net/handshake.h | 5 + include/net/tls.h | 5 +- include/net/tls_prot.h | 68 +++++++++++++ include/trace/events/handshake.h | 160 +++++++++++++++++++++++++++++++ net/handshake/Makefile | 2 +- net/handshake/alert.c | 111 +++++++++++++++++++++ net/handshake/handshake.h | 4 + net/handshake/tlshd.c | 23 +++++ net/handshake/trace.c | 2 + net/sunrpc/svcsock.c | 50 +++++----- net/sunrpc/xprtsock.c | 45 +++++---- 11 files changed, 429 insertions(+), 46 deletions(-) create mode 100644 include/net/tls_prot.h create mode 100644 net/handshake/alert.c -- Chuck Lever