Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add kTLS options and SSL_sendfile #2203

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add kTLS options and SSL_sendfile #2203

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
8 changes: 8 additions & 0 deletions openssl-sys/src/handwritten/ssl.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -674,6 +674,14 @@ extern "C" {
num: size_t,
written: *mut size_t,
) -> c_int;
#[cfg(ossl300)]
pub fn SSL_sendfile(
ssl: *mut SSL,
fd: c_int,
offset: off_t,
size: size_t,
flags: c_int,
) -> ssize_t;
#[cfg(any(ossl111, libressl340))]
pub fn SSL_write_early_data(
s: *mut SSL,
Expand Down
5 changes: 5 additions & 0 deletions openssl-sys/src/ssl.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,8 @@ cfg_if! {
}

pub const SSL_OP_LEGACY_SERVER_CONNECT: ssl_op_type!() = 0x00000004;
#[cfg(ossl300)]
pub const SSL_OP_ENABLE_KTLS: ssl_op_type!() = 0x00000008;
cfg_if! {
if #[cfg(libressl261)] {
pub const SSL_OP_TLSEXT_PADDING: ssl_op_type!() = 0x0;
Expand Down Expand Up @@ -169,6 +171,9 @@ cfg_if! {
}
}

#[cfg(ossl320)]
pub const SSL_OP_ENABLE_KTLS_TX_ZEROCOPY_SENDFILE: ssl_op_type!() = 0x400000000;

cfg_if! {
if #[cfg(ossl300)] {
pub const SSL_OP_ALL: ssl_op_type!() = SSL_OP_CRYPTOPRO_TLSEXT_BUG
Expand Down
20 changes: 20 additions & 0 deletions openssl/src/ssl/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -281,6 +281,26 @@ bitflags! {
/// [`SslOptions::CIPHER_SERVER_PREFERENCE`]: struct.SslOptions.html#associatedconstant.CIPHER_SERVER_PREFERENCE
#[cfg(ossl111)]
const PRIORITIZE_CHACHA = ffi::SSL_OP_PRIORITIZE_CHACHA as SslOptionsRepr;

/// Enable the use of kernel TLS.
///
/// In order to benefit from kernel TLS OpenSSL must have been compiled with support for it,
/// and it must be supported by the negotiated ciphersuites and extensions.
/// The specific ciphersuites and extensions that are supported may vary by platform and kernel version.
///
/// Requires OpenSSL 3.0.0 or newer.
#[cfg(ossl300)]
const ENABLE_KTLS = ffi::SSL_OP_ENABLE_KTLS as SslOptionsRepr;

/// With this option, sendfile() will use the zerocopy mode, which gives a performance boost when used with KTLS hardware offload.
/// Note that invalid TLS records might be transmitted if the file is changed while being sent.
///
/// Requires enable [`SslOptions::ENABLE_KTLS`].
/// Requires OpenSSL 3.2.0 or newer.
///
/// [`SslOptions::ENABLE_KTLS`]: struct.SslOptions.html#associatedconstant.ENABLE_KTLS
#[cfg(ossl320)]
const ENABLE_KTLS_ZEROCOPY_SENDFILE = ffi::SSL_OP_ENABLE_KTLS_TX_ZEROCOPY_SENDFILE as SslOptionsRepr;
}
}

Expand Down