[continued from previous message]
AC_CHECK_LIB([gnutls], [gnutls_get_system_config_file],
[AC_DEFINE([HAVE_GNUTLS_GET_SYSTEM_CONFIG_FILE], [1],
[Define to 1 if you have the gnutls_get_system_config_file function.])])
+AC_CHECK_LIB([gnutls], [gnutls_psk_allocate_client_credentials2],
+ [AC_DEFINE([HAVE_GNUTLS_PSK_ALLOCATE_CREDENTIALS2], [1],
+ [Define to 1 if you have the gnutls_psk_allocate_client_credentials2 function.])])
AC_SUBST([AM_CPPFLAGS])
AC_CONFIG_FILES([Makefile src/Makefile src/tlshd/Makefile systemd/Makefile]) diff -Nru ktls-utils-0.11/debian/README.debian ktls-utils-1.0.0/debian/README.debian
--- ktls-utils-0.11/debian/README.debian 2023-07-24 01:53:26.000000000 +0200
+++ ktls-utils-1.0.0/debian/README.debian 2025-05-25 17:33:19.000000000 +0200
@@ -3,11 +3,14 @@
ktls-utils currently includes the tlshd daemon, which is used by
"in-kernel TLS consumers" to establish TLS connections including
-certificate validation. The current in-kernel users of TLS are the
-NFS server (from Linux 6.4) and the NFS client (from Linux 6.5).
+certificate validation. The current in-kernel users of TLS are:
-WARNING: tlshd is currently experimental and probably does not
-implement all of the certificate validation that you want.
+* NFS server (from Linux 6.4)
+* NFS client (from Linux 6.5)
+* NVMe host and target (from Linux 6.7)
+
+WARNING: tlshd may not implement all of the certificate validation
+that you want; see <
https://github.com/oracle/ktls-utils/issues/21>.
To enable TLS on an NFS server:
@@ -40,4 +43,4 @@
3. If the client should verify the server's certificate, use a domain