Documentation/networking/tls-handshake.rst

31 kernel consumer might require a TLS handshake. Handshake agents listen
46 A kernel TLS consumer initiates a client-side TLS handshake on an open
65 The @ta_sock field references an open and connected socket. The consumer
67 while the handshake is in progress. The consumer must also have
75 The consumer can provide a NUL-terminated hostname in the @ta_peername
79 The consumer can fill in the @ta_timeout_ms field to force the servicing
86 that are instantiated by the consumer before making the handshake
87 request. The consumer can provide a private keyring that is linked into
91 To request an x.509-authenticated TLS session, the consumer fills in
113 However, in this case, the consumer fills in the @ta_my_peerids array
146 If the consumer needs to cancel the handshake request, say, due to a ^C
147 or other exigent event, the consumer can invoke:
154 @sock has been canceled. The consumer's handshake completion callback
155 will not be invoked. If this function returns false, then the consumer's
163 kernel that the socket may be used by the consumer again. At this point,
164 the consumer's handshake completion callback, provided in the @ta_done
174 The consumer provides a cookie in the @ta_data field of the
176 this callback. The consumer uses the cookie to match the callback to the
192 |  -EINVAL   |  Consumer provided an invalid argument       |
210 While a handshake is under way, the kernel consumer must alter the
215 Once a TLS session is established, the consumer must provide a buffer
220 See tls.rst for details on how a kTLS consumer recognizes incoming