1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
#pragma once
#include <sys/socket.h>
#include "api/unstable/ktls.h"
#include "tls/s2n_connection.h"
/* Define headers needed to enable and use kTLS.
*
* The inline header definitions are required to compile kTLS specific code.
* kTLS has been tested on linux. For all other platforms, kTLS is marked as
* unsupported, and will return an unsupported error.
*/
#include "tls/s2n_ktls_parameters.h"
/* A set of kTLS configurations representing the combination of sending
* and receiving.
*/
typedef enum {
/* Enable kTLS for the send socket. */
S2N_KTLS_MODE_SEND,
/* Enable kTLS for the receive socket. */
S2N_KTLS_MODE_RECV,
} s2n_ktls_mode;
bool s2n_ktls_is_supported_on_platform();
S2N_RESULT s2n_ktls_get_file_descriptor(struct s2n_connection *conn, s2n_ktls_mode ktls_mode, int *fd);
int s2n_ktls_send_cb(void *io_context, const uint8_t *buf, uint32_t len);
S2N_RESULT s2n_ktls_sendmsg(void *io_context, uint8_t record_type, const struct iovec *msg_iov,
size_t msg_iovlen, s2n_blocked_status *blocked, size_t *bytes_written);
S2N_RESULT s2n_ktls_recvmsg(void *io_context, uint8_t *record_type, uint8_t *buf,
size_t buf_len, s2n_blocked_status *blocked, size_t *bytes_read);
ssize_t s2n_ktls_sendv_with_offset(struct s2n_connection *conn, const struct iovec *bufs,
ssize_t count, ssize_t offs, s2n_blocked_status *blocked);
int s2n_ktls_record_writev(struct s2n_connection *conn, uint8_t content_type,
const struct iovec *in, int in_count, size_t offs, size_t to_write);
int s2n_ktls_read_full_record(struct s2n_connection *conn, uint8_t *record_type);
/* Testing */
typedef int (*s2n_setsockopt_fn)(int socket, int level, int option_name, const void *option_value,
socklen_t option_len);
S2N_RESULT s2n_ktls_set_setsockopt_cb(s2n_setsockopt_fn cb);
typedef ssize_t (*s2n_ktls_sendmsg_fn)(void *io_context, const struct msghdr *msg);
typedef ssize_t (*s2n_ktls_recvmsg_fn)(void *io_context, struct msghdr *msg);
S2N_RESULT s2n_ktls_set_sendmsg_cb(struct s2n_connection *conn, s2n_ktls_sendmsg_fn send_cb,
void *send_ctx);
S2N_RESULT s2n_ktls_set_recvmsg_cb(struct s2n_connection *conn, s2n_ktls_recvmsg_fn recv_cb,
void *recv_ctx);
void s2n_ktls_configure_connection(struct s2n_connection *conn, s2n_ktls_mode ktls_mode);
/* These functions will be part of the public API. */
int s2n_connection_ktls_enable_send(struct s2n_connection *conn);
int s2n_connection_ktls_enable_recv(struct s2n_connection *conn);
int s2n_sendfile(struct s2n_connection *conn, int in_fd, off_t offset, size_t count,
size_t *bytes_written, s2n_blocked_status *blocked);
|
