.. SPDX-License-Identifier: GPL-2.0
.. NOTE: This document was auto-generated.


==========================================
Family ``handshake`` netlink specification
==========================================


.. contents:: :depth: 3


-------
Summary
-------


Netlink protocol to request a transport layer security handshake.

----------
Operations
----------


.. _handshake-operation-ready:

ready
=====
Notify handlers that a new handshake request is waiting

:notify: accept


.. _handshake-operation-accept:

accept
======
Handler retrieves next queued handshake request

:attribute-set: :ref:`handshake-attribute-set-accept`
:flags: [``admin-perm``]
:do:
    **request**
        :attributes: [``handler-class``]

    **reply**
        :attributes: [``sockfd``, ``message-type``, ``timeout``, ``auth-mode``, ``peer-identity``, ``certificate``, ``peername``]



.. _handshake-operation-done:

done
====
Handler reports handshake completion

:attribute-set: :ref:`handshake-attribute-set-done`
:do:
    **request**
        :attributes: [``status``, ``sockfd``, ``remote-auth``]




----------------
Multicast groups
----------------


- none
- tlshd

-----------
Definitions
-----------


.. _handshake-definition-handler-class:

handler-class
=============
:type: enum
:value-start: 0


:entries:
    - ``none``
    - ``tlshd``
    - ``max``


.. _handshake-definition-msg-type:

msg-type
========
:type: enum
:value-start: 0


:entries:
    - ``unspec``
    - ``clienthello``
    - ``serverhello``


.. _handshake-definition-auth:

auth
====
:type: enum
:value-start: 0


:entries:
    - ``unspec``
    - ``unauth``
    - ``psk``
    - ``x509``



--------------
Attribute sets
--------------


.. _handshake-attribute-set-x509:

x509
====
cert (``s32``)
~~~~~~~~~~~~~~


privkey (``s32``)
~~~~~~~~~~~~~~~~~


.. _handshake-attribute-set-accept:

accept
======
sockfd (``s32``)
~~~~~~~~~~~~~~~~


handler-class (``u32``)
~~~~~~~~~~~~~~~~~~~~~~~
:enum: :ref:`handshake-definition-handler-class`


message-type (``u32``)
~~~~~~~~~~~~~~~~~~~~~~
:enum: :ref:`handshake-definition-msg-type`


timeout (``u32``)
~~~~~~~~~~~~~~~~~


auth-mode (``u32``)
~~~~~~~~~~~~~~~~~~~
:enum: :ref:`handshake-definition-auth`


peer-identity (``u32``)
~~~~~~~~~~~~~~~~~~~~~~~
:multi-attr: True


certificate (``nest``)
~~~~~~~~~~~~~~~~~~~~~~
:nested-attributes: :ref:`handshake-attribute-set-x509`
:multi-attr: True


peername (``string``)
~~~~~~~~~~~~~~~~~~~~~


.. _handshake-attribute-set-done:

done
====
status (``u32``)
~~~~~~~~~~~~~~~~


sockfd (``s32``)
~~~~~~~~~~~~~~~~


remote-auth (``u32``)
~~~~~~~~~~~~~~~~~~~~~
:multi-attr: True