Rick Macklem b9cbc85d72 nfs-over-tls: add user space daemons rpc.tlsclntd and rpc.tlsservd
The kernel changes needed for nfs-over-tls have been committed to main.
However, nfs-over-tls requires user space daemons to handle the
TLS handshake and other non-application data TLS records.
There is one daemon (rpc.tlsclntd) for the client side and one daemon
(rpc.tlsservd) for the server side, although they share a fair amount
of code found in rpc.tlscommon.c and rpc.tlscommon.h.
They use a KTLS enabled OpenSSL to perform the actual work and, as such,
are only built when MK_OPENSSL_KTLS is set.
Communication with the kernel is done via upcall RPCs done on AF_LOCAL
sockets and the custom system call rpctls_syscall.

Reviewed by:	gbe (man pages only), jhb (usr.sbin/Makefile only)
Comments by:	jhb
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D28430
Relnotes:	yes
2021-02-18 14:15:03 -08:00

30 lines
614 B
Makefile

# $FreeBSD$
.include <src.opts.mk>
PROG= rpc.tlsservd
MAN= rpc.tlsservd.8
SRCS= rpc.tlsservd.c rpc.tlscommon.c rpctlssd.h rpctlssd_svc.c rpctlssd_xdr.c
CFLAGS+= -I.
LIBADD= ssl crypto util
CLEANFILES= rpctlssd_svc.c rpctlssd_xdr.c rpctlssd.h
RPCSRC= ${SRCTOP}/sys/rpc/rpcsec_tls/rpctlssd.x
RPCGEN= RPCGEN_CPP=${CPP:Q} rpcgen -L -C -M
rpctlssd_svc.c: ${RPCSRC} rpctlssd.h
${RPCGEN} -m -o ${.TARGET} ${RPCSRC}
rpctlssd_xdr.c: ${RPCSRC} rpctlssd.h
${RPCGEN} -c -o ${.TARGET} ${RPCSRC}
rpctlssd.h: ${RPCSRC}
${RPCGEN} -h -o ${.TARGET} ${RPCSRC}
.PATH: ${SRCTOP}/sys/rpc/rpcsec_tls
.include <bsd.prog.mk>