Re: [openssl-dev] [RFC 0/4] Kernel TLS socket API

2017-06-07 Thread Salz, Rich via openssl-dev
A couple of comments. First, until this shows up in the kernel adopted by major distributions, it is a bit premature to include in OpenSSL. Including netinet/tcp.h is seriously wrong to be part of openssl :) And finally, as I said before, the best way to get things in OpenSSL is to do pull

[openssl-dev] test

2017-06-07 Thread Boris Pismenny
Test123 -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] test

2017-06-07 Thread Boris Pismenny
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [RFC 3/4] evp/e_aes: Expose GCM IV

2017-06-07 Thread Boris Pismenny
This commit exposes the generated GCM IV to applications. Change-Id: If058f9d55c101e3efb6c988c26071145ebcbf0e8 Signed-off-by: Boris Pismenny --- crypto/evp/e_aes.c| 8 include/openssl/evp.h | 1 + 2 files changed, 9 insertions(+) diff --git

[openssl-dev] [RFC 1/4] e_os: hack! TLS offload

2017-06-07 Thread Boris Pismenny
This workaround adds netinet/tcp.h modifications for TLS offload to the include directory of TLS. In the future it wouldn't be needed since netinet/tcp.h would have these changes. Change-Id: I1698a46d9f7cd6f1e63e30969d595475775a5072 Signed-off-by: Boris Pismenny --- e_os.h

[openssl-dev] [RFC 2/4] bio: Linux TLS Offload

2017-06-07 Thread Boris Pismenny
Add support for Linux TLS offload in the BIO layer and specifically in bss_sock.c. Change-Id: I64e08da83c595a9067a3c7de80f73408010fcde6 Signed-off-by: Boris Pismenny --- crypto/bio/bss_sock.c | 93 ++- include/openssl/bio.h |

[openssl-dev] [RFC 4/4] ssl: Linux TLS Tx Offload

2017-06-07 Thread Boris Pismenny
This patch adds support for Linux TLS Tx offload. The data-path of the TLS socket is offloaded to the kernel after CCS is complete. Change-Id: Ia966192a6704d1a57b74b2640ac04d55fb74c1c7 Signed-off-by: Boris Pismenny --- ssl/record/rec_layer_s3.c | 95

[openssl-dev] [RFC 0/4] Kernel TLS socket API

2017-06-07 Thread Boris Pismenny
Hello all, I would like to introduce you to the new kernel API for TLS transmit-side data-path, and open a discussion regarding its support in OpenSSL. This is currently a V2 patch series in Linux net-next, and it is stabilizing. Dave has been working on this for a while [1][2], and Aviad, Ilya