Family handshake netlink specification

Contents

• Family handshake netlink specification

  • Summary

  • Operations

    • ready

    • accept

    • done

  • Multicast groups

  • Definitions

    • handler-class

    • msg-type

    • auth

  • Attribute sets

    • x509

      • cert (s32)

      • privkey (s32)

    • accept

      • sockfd (s32)

      • handler-class (u32)

      • message-type (u32)

      • timeout (u32)

      • auth-mode (u32)

      • peer-identity (u32)

      • certificate (nest)

      • peername (string)

    • done

      • status (u32)

      • sockfd (s32)

      • remote-auth (u32)

Summary

Netlink protocol to request a transport layer security handshake.

Operations

ready

Notify handlers that a new handshake request is waiting

notify

accept

accept

Handler retrieves next queued handshake request

attribute-set

accept

flags

['admin-perm']

do

request

attributes

[handler-class]

reply

attributes

[sockfd, message-type, timeout, auth-mode, peer-identity, certificate, peername]

done

Handler reports handshake completion

attribute-set

done

do

request

attributes

[status, sockfd, remote-auth]

Multicast groups

• none

• tlshd

Definitions

handler-class

type

enum

value-start

0

entries

• none

• tlshd

• max

msg-type

type

enum

value-start

0

entries

• unspec

• clienthello

• serverhello

auth

type

enum

value-start

0

entries

• unspec

• unauth

• psk

• x509

Attribute sets

x509

cert (s32)

privkey (s32)

accept

sockfd (s32)

handler-class (u32)

enum

handler-class

message-type (u32)

enum

msg-type

timeout (u32)

auth-mode (u32)

enum

auth

peer-identity (u32)

multi-attr

True

certificate (nest)

nested-attributes

x509

multi-attr

True

peername (string)

done

status (u32)

sockfd (s32)

remote-auth (u32)

multi-attr

True