<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<p style="color: #777777;">

<a href="https://gitlab.com/berrange">Daniel P. Berrangé</a>

started a new

discussion on <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1477#note_708918978">lib/system/ktls.c</a>:

</p>

<table>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="48" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

48

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC48" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;"> * Since: 3.7.2</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="49" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

49

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC49" class="line" lang="c"><span class="cm" style="color: #998; font-style: italic;"> **/</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="50" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

50

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC50" class="line" lang="c"><span class="kt" style="color: #458; font-weight: 600;">int</span> <span class="nf" style="color: #900; font-weight: 600;">gnutls_ktls_enable</span><span class="p">(</span><span class="n" style="color: #333;">gnutls_session_t</span> <span class="n" style="color: #333;">session</span><span class="p">,</span> <span class="kt" style="color: #458; font-weight: 600;">int</span> <span class="n" style="color: #333;">sockin</span><span class="p">,</span> <span class="kt" style="color: #458; font-weight: 600;">int</span> <span class="n" style="color: #333;">sockout</span><span class="p">)</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="51" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

51

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC51" class="line" lang="c"><span class="p">{</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="52" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

52

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC52" class="line" lang="c">     <span class="k" style="font-weight: 600;">if</span> <span class="p">(</span><span class="n" style="color: #333;">setsockopt</span> <span class="p">(</span><span class="n" style="color: #333;">sockin</span><span class="p">,</span> <span class="n" style="color: #333;">SOL_TCP</span><span class="p">,</span> <span class="n" style="color: #333;">TCP_ULP</span><span class="p">,</span> <span class="s" style="color: #d14;">"tls"</span><span class="p">,</span> <span class="k" style="font-weight: 600;">sizeof</span> <span class="p">(</span><span class="s" style="color: #d14;">"tls"</span><span class="p">))</span> <span class="o" style="font-weight: 600;"><</span> <span class="mi" style="color: #099;">0</span><span class="p">)</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="53" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

53

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC53" class="line" lang="c">             <span class="k" style="font-weight: 600;">return</span> <span class="n" style="color: #333;">gnutls_assert_val</span><span class="p">(</span><span class="n" style="color: #333;">GNUTLS_E_INTERNAL_ERROR</span><span class="p">);</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="54" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

54

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC54" class="line" lang="c"></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="55" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

55

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC55" class="line" lang="c">     <span class="n" style="color: #333;">session</span><span class="o" style="font-weight: 600;">-></span><span class="n" style="color: #333;">internals</span><span class="p">.</span><span class="n" style="color: #333;">recv_fd</span> <span class="o" style="font-weight: 600;">=</span> <span class="n" style="color: #333;">sockin</span><span class="p">;</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="56" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

56

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC56" class="line" lang="c">     <span class="n" style="color: #333;">session</span><span class="o" style="font-weight: 600;">-></span><span class="n" style="color: #333;">internals</span><span class="p">.</span><span class="n" style="color: #333;">send_fd</span> <span class="o" style="font-weight: 600;">=</span> <span class="n" style="color: #333;">sockin</span><span class="p">;</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="57" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

57

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC57" class="line" lang="c"></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="58" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

58

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC58" class="line" lang="c">     <span class="k" style="font-weight: 600;">if</span> <span class="p">(</span><span class="n" style="color: #333;">sockin</span> <span class="o" style="font-weight: 600;">!=</span> <span class="n" style="color: #333;">sockout</span><span class="p">){</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="59" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

59

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC59" class="line" lang="c">             <span class="k" style="font-weight: 600;">if</span> <span class="p">(</span><span class="n" style="color: #333;">setsockopt</span> <span class="p">(</span><span class="n" style="color: #333;">sockout</span><span class="p">,</span> <span class="n" style="color: #333;">SOL_TCP</span><span class="p">,</span> <span class="n" style="color: #333;">TCP_ULP</span><span class="p">,</span> <span class="s" style="color: #d14;">"tls"</span><span class="p">,</span> <span class="k" style="font-weight: 600;">sizeof</span> <span class="p">(</span><span class="s" style="color: #d14;">"tls"</span><span class="p">))</span> <span class="o" style="font-weight: 600;"><</span> <span class="mi" style="color: #099;">0</span><span class="p">)</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="60" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

60

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC60" class="line" lang="c">                     <span class="k" style="font-weight: 600;">return</span> <span class="n" style="color: #333;">gnutls_assert_val</span><span class="p">(</span><span class="n" style="color: #333;">GNUTLS_E_INTERNAL_ERROR</span><span class="p">);</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="61" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

61

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC61" class="line" lang="c">             <span class="n" style="color: #333;">session</span><span class="o" style="font-weight: 600;">-></span><span class="n" style="color: #333;">internals</span><span class="p">.</span><span class="n" style="color: #333;">send_fd</span> <span class="o" style="font-weight: 600;">=</span> <span class="n" style="color: #333;">sockout</span><span class="p">;</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="62" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

62

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC62" class="line" lang="c">     <span class="p">}</span></span>

</pre>

</td>

</tr>

<tr class="line_holder new" id="">

<td class="old_line diff-line-num new" data-linenumber="1" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

</td>

<td class="new_line diff-line-num new" data-linenumber="63" style="width: 35px; color: rgba(0,0,0,0.3); border-right-width: 1px; border-right-color: #c7f0d2; border-right-style: solid; padding: 0 5px;" align="right" bgcolor="#ddfbe6">

63

</td>

<td class="line_content new" style="padding-left: 0.5em; padding-right: 0.5em;" bgcolor="#ecfdf0">

<pre style="margin: 0;">+<span id="LC63" class="line" lang="c"></span>

</pre>

</td>

</tr>

</table>

<div style="">

<p dir="auto">The caller of this method ignores the error return value and carries on with the intent to doing userspace TLS.</p>

<p dir="auto">In the 2 file descriptor case, the code here allows for the scenario that the first FD gets kTLS enabled, but the second FD fails to get it enabled. So the caller could end up carrying on with usrspace TLS, despite 1 of the 2 FDs having kTLS enabled. Admittedly it is pretty unlikely that we'd get into this situation, but from a code robustness POV, I think we ought to handle that, by disabling kTLS on the first FD again if the second fails to enable it.</p>

</div>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #666;">

—

<br>

Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/-/merge_requests/1477#note_708918978">view it on GitLab</a>.

<br>

You're receiving this email because of your account on gitlab.com.

If you'd like to receive fewer emails, you can

<a href="https://gitlab.com/-/sent_notifications/4b9074e57dbfaff63e692aec9132e01b/unsubscribe">unsubscribe</a>

from this thread or

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Merge request","url":"https://gitlab.com/gnutls/gnutls/-/merge_requests/1477#note_708918978"}}</script>

</p>

</div>

</body>

</html>