blob: a49b46b80e1650385e17d6c5ab382dd0f5f67301 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
# SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause)
#
# Author: Chuck Lever <chuck.lever@oracle.com>
#
# Copyright (c) 2023, Oracle and/or its affiliates.
#
name: handshake
protocol: genetlink
doc: Netlink protocol to request a transport layer security handshake.
definitions:
-
type: enum
name: handler-class
value-start: 0
entries: [ none, tlshd, max ]
-
type: enum
name: msg-type
value-start: 0
entries: [ unspec, clienthello, serverhello ]
-
type: enum
name: auth
value-start: 0
entries: [ unspec, unauth, psk, x509 ]
attribute-sets:
-
name: x509
attributes:
-
name: cert
type: u32
-
name: privkey
type: u32
-
name: accept
attributes:
-
name: sockfd
type: s32
-
name: handler-class
type: u32
enum: handler-class
-
name: message-type
type: u32
enum: msg-type
-
name: timeout
type: u32
-
name: auth-mode
type: u32
enum: auth
-
name: peer-identity
type: u32
multi-attr: true
-
name: certificate
type: nest
nested-attributes: x509
multi-attr: true
-
name: peername
type: string
-
name: done
attributes:
-
name: status
type: u32
-
name: sockfd
type: s32
-
name: remote-auth
type: u32
multi-attr: true
operations:
list:
-
name: ready
doc: Notify handlers that a new handshake request is waiting
notify: accept
-
name: accept
doc: Handler retrieves next queued handshake request
attribute-set: accept
flags: [ admin-perm ]
do:
request:
attributes:
- handler-class
reply:
attributes:
- sockfd
- message-type
- timeout
- auth-mode
- peer-identity
- certificate
- peername
-
name: done
doc: Handler reports handshake completion
attribute-set: done
do:
request:
attributes:
- status
- sockfd
- remote-auth
mcast-groups:
list:
-
name: none
-
name: tlshd
|