#endif
/* *INDENT-ON* */
+/**
+ * gnutls_transport_ktls_enable_flags_t:
+ * @GNUTLS_KTLS_RECV: ktls enabled for recv function.
+ * @GNUTLS_KTLS_SEND: ktls enabled for send function.
+ * @GNUTLS_KTLS_DUPLEX: ktls enabled for both recv and send functions.
+ *
+ * Flag enumeration of ktls enable status for recv and send functions.
+ * This is used by gnutls_transport_is_ktls_enabled().
+ *
+ * Since: 3.7.3
+ */
+typedef enum {
+ GNUTLS_KTLS_RECV = 1 << 0,
+ GNUTLS_KTLS_SEND = 1 << 1,
+ GNUTLS_KTLS_DUPLEX = GNUTLS_KTLS_RECV | GNUTLS_KTLS_SEND,
+} gnutls_transport_ktls_enable_flags_t;
+
+gnutls_transport_ktls_enable_flags_t
+gnutls_transport_is_ktls_enabled(gnutls_session_t session);
+
void gnutls_transport_set_fastopen(gnutls_session_t session,
int fd,
struct sockaddr *connect_addr,
socklen_t connect_addrlen,
unsigned int flags);
-int gnutls_transport_is_ktls_enabled(gnutls_session_t session);
-
/* *INDENT-OFF* */
#ifdef __cplusplus
}
switch (BYE_STATE) {
case BYE_STATE0:
- if (!IS_KTLS_ENABLED(session, KTLS_SEND))
+ if (!IS_KTLS_ENABLED(session, GNUTLS_KTLS_SEND))
ret = _gnutls_io_write_flush(session);
BYE_STATE = BYE_STATE0;
if (ret < 0) {
case BYE_STATE2:
BYE_STATE = BYE_STATE2;
if (how == GNUTLS_SHUT_RDWR) {
- if (IS_KTLS_ENABLED(session, KTLS_SEND)){
+ if (IS_KTLS_ENABLED(session, GNUTLS_KTLS_SEND)){
do {
ret = _gnutls_ktls_recv_int(session,
GNUTLS_ALERT, NULL, 0);
switch(session->internals.rsend_state) {
case RECORD_SEND_NORMAL:
- if (IS_KTLS_ENABLED(session, KTLS_SEND)) {
+ if (IS_KTLS_ENABLED(session, GNUTLS_KTLS_SEND)) {
return _gnutls_ktls_send(session, data, data_size);
} else {
return _gnutls_send_tlen_int(session, GNUTLS_APPLICATION_DATA,
return gnutls_assert_val(GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE);
}
- if (IS_KTLS_ENABLED(session, KTLS_RECV)) {
+ if (IS_KTLS_ENABLED(session, GNUTLS_KTLS_RECV)) {
return _gnutls_ktls_recv(session, data, data_size);
} else {
return _gnutls_recv_int(session, GNUTLS_APPLICATION_DATA,
*
* Checks if KTLS is now enabled and was properly inicialized.
*
- * Returns: 1 for enabled, 0 otherwise
+ * Returns: %GNUTLS_KTLS_RECV, %GNUTLS_KTLS_SEND, %GNUTLS_KTLS_DUPLEX, otherwise 0
*
- * Since: 3.7.2
+ * Since: 3.7.3
**/
-int gnutls_transport_is_ktls_enabled(gnutls_session_t session){
- if (unlikely(!session->internals.initial_negotiation_completed))
- return gnutls_assert_val(GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE);
+gnutls_transport_ktls_enable_flags_t
+gnutls_transport_is_ktls_enabled(gnutls_session_t session){
+ if (unlikely(!session->internals.initial_negotiation_completed)){
+ _gnutls_debug_log("Initial negotiation is not yet complete");
+ return 0;
+ }
return session->internals.ktls_enabled;
}
-int _gnutls_ktls_enable(gnutls_session_t session)
+void _gnutls_ktls_enable(gnutls_session_t session)
{
int sockin, sockout;
session->internals.ktls_enabled = 0;
gnutls_transport_get_int2(session, &sockin, &sockout);
if (setsockopt(sockin, SOL_TCP, TCP_ULP, "tls", sizeof ("tls")) == 0)
- session->internals.ktls_enabled |= KTLS_RECV;
+ session->internals.ktls_enabled |= GNUTLS_KTLS_RECV;
if (sockin != sockout) {
if (setsockopt(sockout, SOL_TCP, TCP_ULP, "tls", sizeof ("tls")) == 0)
- session->internals.ktls_enabled |= KTLS_SEND;
+ session->internals.ktls_enabled |= GNUTLS_KTLS_SEND;
} else
- session->internals.ktls_enabled |= KTLS_SEND;
-
- return 0;
+ session->internals.ktls_enabled |= GNUTLS_KTLS_SEND;
}
int _gnutls_ktls_set_keys(gnutls_session_t session)
return ret;
}
- if(session->internals.ktls_enabled & KTLS_RECV){
+ if(session->internals.ktls_enabled & GNUTLS_KTLS_RECV){
switch (cipher) {
case GNUTLS_CIPHER_AES_128_GCM:
{
if (setsockopt (sockin, SOL_TLS, TLS_RX,
&crypto_info, sizeof (crypto_info))) {
- session->internals.ktls_enabled ^= KTLS_RECV;
+ session->internals.ktls_enabled &= ~GNUTLS_KTLS_RECV;
return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
}
}
if (setsockopt (sockin, SOL_TLS, TLS_RX,
&crypto_info, sizeof (crypto_info))) {
- session->internals.ktls_enabled ^= KTLS_RECV;
+ session->internals.ktls_enabled &= ~GNUTLS_KTLS_RECV;
return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
}
}
return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
}
- if(session->internals.ktls_enabled & KTLS_SEND){
+ if(session->internals.ktls_enabled & GNUTLS_KTLS_SEND){
switch (cipher) {
case GNUTLS_CIPHER_AES_128_GCM:
{
if (setsockopt (sockout, SOL_TLS, TLS_TX,
&crypto_info, sizeof (crypto_info))) {
- session->internals.ktls_enabled ^= KTLS_SEND;
+ session->internals.ktls_enabled &= ~GNUTLS_KTLS_SEND;
return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
}
}
if (setsockopt (sockout, SOL_TLS, TLS_TX,
&crypto_info, sizeof (crypto_info))) {
- session->internals.ktls_enabled ^= KTLS_SEND;
+ session->internals.ktls_enabled &= ~GNUTLS_KTLS_SEND;
return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
}
}
}
#else //ENABLE_KTLS
-int gnutls_transport_is_ktls_enabled(gnutls_session_t session){
+gnutls_transport_ktls_enable_flags_t
+gnutls_transport_is_ktls_enabled(gnutls_session_t session){
return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
}
-int _gnutls_ktls_enable(gnutls_session_t session){
- return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+void _gnutls_ktls_enable(gnutls_session_t session){
+ return;
}
int _gnutls_ktls_set_keys(gnutls_session_t session) {
return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
}
-int _gnutls_ktls_recv_int(gnutls_session_t session, content_type_t type, void *data, size_t data_size) {
+int _gnutls_ktls_recv_int(gnutls_session_t session, content_type_t type,
+ void *data, size_t data_size) {
return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
}
projects / thirdparty / gnutls.git / commitdiff
