diff options
author | Andrew Gallatin <gallatin@gmail.com> | 2018-10-22 11:02:19 -0400 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2019-10-31 10:24:32 +0000 |
commit | 2111f5c2834a838c4fc1ca981fddf80cbc589dfc (patch) | |
tree | f818b3f6a402ec5948107eea9ce7a691db00789f /Configure | |
parent | 181ea366f67f46cab093d6a7bbb1b2f35125b9f2 (diff) |
Add support for in-kernel TLS (KTLS) on FreeBSD.
- Check for the <sys/ktls.h> header to determine if KTLS support
is available.
- Populate a tls_enable structure with session key material for
supported algorithms. At present, AES-GCM128/256 and AES-CBC128/256
with SHA1 and SHA2-256 HMACs are supported. For AES-CBC, only MtE
is supported.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10045)
Diffstat (limited to 'Configure')
-rwxr-xr-x | Configure | 8 |
1 files changed, 7 insertions, 1 deletions
@@ -1586,8 +1586,14 @@ unless ($disabled{ktls}) { if ($verstr[2] < $minver) { disable('too-old-kernel', 'ktls'); } + } elsif ($target =~ m/^BSD/) { + my $cc = $config{CROSS_COMPILE}.$config{CC}; + system("printf '#include <sys/types.h>\n#include <sys/ktls.h>' | $cc -E - >/dev/null 2>&1"); + if ($? != 0) { + disable('too-old-freebsd', 'ktls'); + } } else { - disable('not-linux', 'ktls'); + disable('not-linux-or-freebsd', 'ktls'); } } |