Rick Macklem b9cbc85d72 nfs-over-tls: add user space daemons rpc.tlsclntd and rpc.tlsservd
The kernel changes needed for nfs-over-tls have been committed to main.
However, nfs-over-tls requires user space daemons to handle the
TLS handshake and other non-application data TLS records.
There is one daemon (rpc.tlsclntd) for the client side and one daemon
(rpc.tlsservd) for the server side, although they share a fair amount
of code found in rpc.tlscommon.c and rpc.tlscommon.h.
They use a KTLS enabled OpenSSL to perform the actual work and, as such,
are only built when MK_OPENSSL_KTLS is set.
Communication with the kernel is done via upcall RPCs done on AF_LOCAL
sockets and the custom system call rpctls_syscall.

Reviewed by:	gbe (man pages only), jhb (usr.sbin/Makefile only)
Comments by:	jhb
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D28430
Relnotes:	yes
2021-02-18 14:15:03 -08:00

30 lines
680 B
Makefile

# $FreeBSD$
.include <src.opts.mk>
PROG= rpc.tlsclntd
MAN= rpc.tlsclntd.8
SRCS= rpc.tlsclntd.c rpc.tlscommon.c rpctlscd.h rpctlscd_svc.c rpctlscd_xdr.c
CFLAGS+= -I. -I${SRCTOP}/usr.sbin/rpc.tlsservd
LIBADD= ssl crypto util
CLEANFILES= rpctlscd_svc.c rpctlscd_xdr.c rpctlscd.h
RPCSRC= ${SRCTOP}/sys/rpc/rpcsec_tls/rpctlscd.x
RPCGEN= RPCGEN_CPP=${CPP:Q} rpcgen -L -C -M
rpctlscd_svc.c: ${RPCSRC} rpctlscd.h
${RPCGEN} -m -o ${.TARGET} ${RPCSRC}
rpctlscd_xdr.c: ${RPCSRC} rpctlscd.h
${RPCGEN} -c -o ${.TARGET} ${RPCSRC}
rpctlscd.h: ${RPCSRC}
${RPCGEN} -h -o ${.TARGET} ${RPCSRC}
.PATH: ${SRCTOP}/sys/rpc/rpcsec_tls ${SRCTOP}/usr.sbin/rpc.tlsservd
.include <bsd.prog.mk>