1. Forum
  2. Usenet
  3. LINUX.DEBIAN.DEVEL.RELEAS

  • Bug#1106788: marked as done (unblock: ktls-utils/1.0.0-1) (3/3)

    From Debian Bug Tracking System@21:1/5 to All on Fri May 30 00:40:01 2025
    [continued from previous message]

    +void tlshd_quic_serverhello_handshake(struct tlshd_handshake_parms *parms)
    +{
    + struct tlshd_quic_conn *conn;
    + int ret;
    +
    + ret = tlshd_quic_conn_create(&conn, parms);
    + if (ret) {
    + parms->session_status = ret;
    + return gnutls_global_deinit();
    + }

    switch (parms->auth_mode) {
    case HANDSHAKE_AUTH_X509:
    - tlshd_server_x509_handshake(parms);
    + ret = tlshd_quic_server_set_x509_session(conn);
    break;
    case HANDSHAKE_AUTH_PSK:
    - tlshd_server_psk_handshake(parms);
    + ret = tlshd_quic_server_set_psk_session(conn);
    break;
    default:
    - tlshd_log_debug("Unrecognized auth mode (%d)",
    - parms->auth_mode);
    + ret = -EINVAL;
    + tlshd_log_debug("Unrecognized auth mode (%d)", parms->auth_mode);
    + }
    + if (ret) {
    + conn->errcode = -ret;
    + goto out;
    }

    - gnutls_global_deinit();
    + tlshd_quic_start_handshake(conn);
    +out:
    + parms->session_status = conn->errcode;
    + tlshd_quic_conn_destroy(conn);
    }
    +#else
    +void tlshd_quic_serverhello_handshake(struct tlshd_handshake_parms *parms)
    +{
    + tlshd_log_debug("QUIC handshake is not enabled (%d)", parms->auth_mode);
    + parms->session_status = EOPNOTSUPP;
    +}
    +#endif
    diff -Nru ktls-utils-0.11/src/tlshd/tlshd.conf.man ktls-utils-1.0.0/src/tlshd/tlshd.conf.man
    --- ktls-utils-0.11/src/tlshd/tlshd.conf.man 2024-06-14 16:54:21.000000000 +0200
    +++ ktls-utils-1.0.0/src/tlshd/tlshd.conf.man 2025-05-05 19:58:55.000000000 +0200
    @@ -112,10 +112,6 @@
    .B x509.private_key
    This option specifies the pathname of a file containing
    a PEM-encoded private key associated with the above certificate.
    -.SH NOTES
    -This software is a prototype.
    -It's purpose is for demonstration and as a proof-of-concept.
    -USE THIS SOFTWARE AT YOUR OWN RISK.
    .SH SEE ALSO
    .BR tlshd (8)
    .SH AUTHOR
    diff -Nru ktls-utils-0.11/src/tlshd/tlshd.h ktls-utils-1.0.0/src/tlshd/tlshd.h --- ktls-utils-0.11/src/tlshd/tlshd.h 2024-06-14 16:54:21.000000000 +0200
    +++ ktls-utils-1.0.0/src/tlshd/tlshd.h 2025-05-05 19:58:55.000000000 +0200
    @@ -32,6 +32,7 @@
    struct sockaddr *peeraddr;
    socklen_t peeraddr_len;
    int sockfd;
    + int ip_proto;
    uint32_t handshake_type;
    unsigned int timeout_ms;
    uint32_t auth_mode;
    @@ -48,7 +49,8 @@
    };

    /* client.c */
    -extern void tlshd_clienthello_handsha