<div dir="ltr"><div>From the toybox point of view, wouldn't this introduce direct link dependency on ssl/tls libraries?</div><div><br></div><div>If that's acceptable, the ktls stuff looks like a simple addition (on top of base in-toybox tls) with potential performance improvements, once the code settles down.</div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Sun, Sep 3, 2017 at 11:12 PM, Rob Landley <span dir="ltr"><<a href="mailto:rob@landley.net" target="_blank">rob@landley.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">The kernel just merged "ssl renamed after thread local storage" support:<br>
<br>
  vpaper: <a href="https://netdevconf.org/1.2/papers/ktls.pdf" rel="noreferrer" target="_blank">https://netdevconf.org/1.2/<wbr>papers/ktls.pdf</a><br>
  sample code: <a href="https://github.com/ktls/af_ktls" rel="noreferrer" target="_blank">https://github.com/ktls/af_<wbr>ktls</a><br>
<br>
It's basic https plumbing in the kernel, but doesn't do the handshake or<br>
renegotiation. What I'm wondering is would this be a better thing to try<br>
to plug into than the openssl command line utility?<br>
<br>
Worth bothering with?<br>
<br>
Rob<br>
______________________________<wbr>_________________<br>
Toybox mailing list<br>
<a href="mailto:Toybox@lists.landley.net">Toybox@lists.landley.net</a><br>
<a href="http://lists.landley.net/listinfo.cgi/toybox-landley.net" rel="noreferrer" target="_blank">http://lists.landley.net/<wbr>listinfo.cgi/toybox-landley.<wbr>net</a><br>
</blockquote></div><br></div>