d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8eb2bee6c0
freebsd-dev/sys/rpc
History
Rick Macklem 0b4f2ab0e9 krpc: Fix NFS-over-TLS for KTLS1.3 
When NFS-over-TLS uses KTLS1.3, the client can receive
post-handshake handshake records.  These records can be
safely thown away, but are not handled correctly via the
rpctls_ct_handlerecord() upcall to the daemon.

Commit 373511338d changed soreceive_generic() so that it
will only return ENXIO for Alert records when MSG_TLSAPPDATA
is specified.  As such, the post-handshake handshake
records will be returned to the krpc.

This patch modifies the krpc so that it will throw
these records away, which seems sufficient to make
NFS-over-TLS work with KTLS1.3.  This change has
no effect on the use of KTLS1.2, since it does not
generate post-handshake handshake records.

MFC after:	2 weeks
2022-05-15 11:51:56 -07:00
..
rpcsec_gss sys/rpc: Use C99 fixed-width integer types. 2021-12-28 09:43:15 -08:00
rpcsec_tls mbuf: Only allow extpg mbufs if the system has a direct map 2021-11-16 13:31:04 -05:00
auth_none.c rpc: Make function tables const 2021-08-14 11:26:12 -04:00
auth_unix.c rpc: Make function tables const 2021-08-14 11:26:12 -04:00
auth.h rpc: Delete AUTH_NEEDS_TLS(_MUTUAL_HOST) auth_stat values 2021-12-23 14:31:53 -08:00
authunix_prot.c
clnt_bck.c sockets: use socket buffer mutexes in struct socket directly 2022-05-12 13:22:12 -07:00
clnt_dg.c rpc: Make function tables const 2021-08-14 11:26:12 -04:00
clnt_rc.c rpc: Make function tables const 2021-08-14 11:26:12 -04:00
clnt_stat.h
clnt_vc.c krpc: Fix NFS-over-TLS for KTLS1.3 2022-05-15 11:51:56 -07:00
clnt.h rpc: Make function tables const 2021-08-14 11:26:12 -04:00
getnetconfig.c
krpc.h nfsv4 client: do the BindConnectionToSession as required 2021-04-11 14:34:57 -07:00
netconfig.h
nettype.h
pmap_prot.h
replay.c
replay.h
rpc_callmsg.c
rpc_com.h
rpc_generic.c sys/rpc: Use C99 fixed-width integer types. 2021-12-28 09:43:15 -08:00
rpc_msg.h
rpc_prot.c
rpc.h
rpcb_clnt.c
rpcb_clnt.h
rpcb_prot.c
rpcb_prot.h
rpcm_subs.h
rpcsec_gss.h
rpcsec_tls.h Add a new "tlscertname" NFS mount option. 2020-12-23 13:42:55 -08:00
svc_auth_unix.c
svc_auth.c rpc(3): Fix two typos in source code comments 2022-04-02 09:33:24 +02:00
svc_auth.h
svc_dg.c rpc: Make function tables const 2021-08-14 11:26:12 -04:00
svc_generic.c
svc_vc.c krpc: Fix NFS-over-TLS for KTLS1.3 2022-05-15 11:51:56 -07:00
svc.c nfsd: fix a NFSv4.1 Linux client mount stuck in CLOSE_WAIT 2021-04-27 15:32:35 -07:00
svc.h sys/rpc: Use C99 fixed-width integer types. 2021-12-28 09:43:15 -08:00
types.h
xdr.h