Branch data     Line data    Source code

       1                 :            : /*
       2                 :            :  * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
       3                 :            :  *
       4                 :            :  * Licensed under the Apache License, Version 2.0 (the "License").
       5                 :            :  * You may not use this file except in compliance with the License.
       6                 :            :  * A copy of the License is located at
       7                 :            :  *
       8                 :            :  *  http://aws.amazon.com/apache2.0
       9                 :            :  *
      10                 :            :  * or in the "license" file accompanying this file. This file is distributed
      11                 :            :  * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
      12                 :            :  * express or implied. See the License for the specific language governing
      13                 :            :  * permissions and limitations under the License.
      14                 :            :  */
      15                 :            : 
      16                 :            : #pragma once
      17                 :            : 
      18                 :            : /*
      19                 :            :  * Linux doesn't expose kTLS headers in its uapi. Its possible to get these headers
      20                 :            :  * via glibc but support can vary depending on the version of glibc on the host.
      21                 :            :  * Instead we define linux specific values inline.
      22                 :            :  *
      23                 :            :  * - https://elixir.bootlin.com/linux/v6.3.8/A/ident/TCP_ULP
      24                 :            :  * - https://elixir.bootlin.com/linux/v6.3.8/A/ident/SOL_TCP
      25                 :            :  */
      26                 :            : 
      27                 :            : #if defined(S2N_KTLS_SUPPORTED)
      28                 :            :     #include <linux/tls.h>
      29                 :            : 
      30                 :            :     /* socket definitions */
      31                 :         22 :     #define S2N_TCP_ULP 31 /* Attach a ULP to a TCP connection.  */
      32                 :         22 :     #define S2N_SOL_TCP 6  /* TCP level */
      33                 :      82449 :     #define S2N_SOL_TLS 282
      34                 :            : 
      35                 :            :     /* We typically only define values not available in the linux uapi. However,
      36                 :            :      * only TLS_TX is defined in the first version of kTLS. Since calling setsockopt
      37                 :            :      * with TLS_RX fails and is non destructive, define both TX and RX to keep the
      38                 :            :      * definitions co-located and avoid extra ifdefs.
      39                 :            :      * https://github.com/torvalds/linux/blob/3c4d7559159bfe1e3b94df3a657b2cda3a34e218/include/uapi/linux/tls.h#L43
      40                 :            :      */
      41                 :         10 :     #define S2N_TLS_TX 1
      42                 :         12 :     #define S2N_TLS_RX 2
      43                 :            : 
      44                 :            :     #define S2N_TLS_SET_RECORD_TYPE TLS_SET_RECORD_TYPE
      45                 :            :     #define S2N_TLS_GET_RECORD_TYPE TLS_GET_RECORD_TYPE
      46                 :            : #else
      47                 :            :     /* For unsupported platforms 0-init (array of size 1) all values. */
      48                 :            : 
      49                 :            :     /* socket definitions */
      50                 :            :     #define S2N_TCP_ULP 0
      51                 :            :     #define S2N_SOL_TCP 0
      52                 :            :     #define S2N_SOL_TLS 0
      53                 :            : 
      54                 :            :     #define S2N_TLS_TX 0
      55                 :            :     #define S2N_TLS_RX 0
      56                 :            : 
      57                 :            :     #define S2N_TLS_SET_RECORD_TYPE 0
      58                 :            :     #define S2N_TLS_GET_RECORD_TYPE 0
      59                 :            : #endif
      60                 :            : 
      61                 :            : /* Common */
      62                 :         44 : #define S2N_TLS_ULP_NAME      "tls"
      63                 :         22 : #define S2N_TLS_ULP_NAME_SIZE sizeof(S2N_TLS_ULP_NAME)