.. SPDX-License-Identifier: GPL-2.0
.. NOTE: This document was auto-generated.


==========================================
Family ``handshake`` netlink specification
==========================================


.. contents::


-------
Summary
-------


Netlink protocol to request a transport layer security handshake.

----------
Operations
----------



ready
=====
Notify handlers that a new handshake request is waiting

:notify: accept



accept
======
Handler retrieves next queued handshake request

:attribute-set: accept
:flags: ['admin-perm']
:do:
    **request**
        :attributes: [``handler-class``]

    **reply**
        :attributes: [``sockfd``, ``message-type``, ``timeout``, ``auth-mode``, ``peer-identity``, ``certificate``, ``peername``]




done
====
Handler reports handshake completion

:attribute-set: done
:do:
    **request**
        :attributes: [``status``, ``sockfd``, ``remote-auth``]




----------------
Multicast groups
----------------


- none
- tlshd

-----------
Definitions
-----------



handler-class
=============
:type: enum
:value-start: 0


:entries:
    - ``none``
    - ``tlshd``
    - ``max``



msg-type
========
:type: enum
:value-start: 0


:entries:
    - ``unspec``
    - ``clienthello``
    - ``serverhello``



auth
====
:type: enum
:value-start: 0


:entries:
    - ``unspec``
    - ``unauth``
    - ``psk``
    - ``x509``



--------------
Attribute sets
--------------



x509
====
cert (``s32``)
~~~~~~~~~~~~~~


privkey (``s32``)
~~~~~~~~~~~~~~~~~



accept
======
sockfd (``s32``)
~~~~~~~~~~~~~~~~


handler-class (``u32``)
~~~~~~~~~~~~~~~~~~~~~~~
:enum: handler-class


message-type (``u32``)
~~~~~~~~~~~~~~~~~~~~~~
:enum: msg-type


timeout (``u32``)
~~~~~~~~~~~~~~~~~


auth-mode (``u32``)
~~~~~~~~~~~~~~~~~~~
:enum: auth


peer-identity (``u32``)
~~~~~~~~~~~~~~~~~~~~~~~
:multi-attr: True


certificate (``nest``)
~~~~~~~~~~~~~~~~~~~~~~
:nested-attributes: x509
:multi-attr: True


peername (``string``)
~~~~~~~~~~~~~~~~~~~~~



done
====
status (``u32``)
~~~~~~~~~~~~~~~~


sockfd (``s32``)
~~~~~~~~~~~~~~~~


remote-auth (``u32``)
~~~~~~~~~~~~~~~~~~~~~
:multi-attr: True

