From nobody Sat Feb 01 09:02:22 2025 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YlRbg0phnz5mbFD; Sat, 01 Feb 2025 09:02:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YlRbf3YLJz41dc; Sat, 01 Feb 2025 09:02:22 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1738400542; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0jwmV9mSPeP1HNLLaopcwJLncVZOMyb7VOobw56+8cY=; b=DGLytqlbcQrBYeqwZQwo2DNH+W+F6wPz1MbIX2d5yVF6m/wdZci5orbBOpGr59CXb4iwTq GvAoiibwJ0xDB/zrJPtI4o3x4qVL3dDuR/SOj9uUM2F5dGN9EXAMGzF/5ioWTp54SRqRdu qjQ0lvbFKLEdQCXnBg3hxUFShEvlC31GnvFc1NBK2y299mNcCmxhSutrrKIwAm7Yt6Zo8S pniCr/LjS2UjA3DopASrZvsn5CWo4fqqONPBQuTEnIHCAdj3jkCat3z/6X7nuUhIj4mUp4 M5/teI8z72hHDtd+nqCq8BMKc/m87djzEonNXBLsYjWZKi8Su8MCU7Emhd19BA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1738400542; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0jwmV9mSPeP1HNLLaopcwJLncVZOMyb7VOobw56+8cY=; b=KtYIAkJOGQckr+sQoNrntovn/OSCrfRbeWeRk/c9iQw24TjMmtVB54gKtPj/ZyIx6itfIt wzOasCiPH0REuErN0rrhEig9QWPZZ4S+DOU3mcZo1PloFhsQqRxG90dmnsF47EAuqbFVNo BazYWG+/SV5ooSSUyK3xifOV/M2N2Mb4ONcmdiXXBQZOdqq8I2aj5TbhnTuMGpkK27dAct LFcDoX/hvA6Dbd3CjDd65aSpD1JFylXLv/WmZrSaBIUhJPueahrspE8qTisekRPpyDq2A6 5kJqMBaLXLKScC2M68HISsi/CLIZo01Z1B1xV17MFVbtQjwgzXJNiuUUaJJW1Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1738400542; a=rsa-sha256; cv=none; b=DQR9Hp+gMXm5zWMS8SMV/jC9vCsDtqWUrjLsGaAom7gQbvYygr8NSinJnsQ39wS4d+OaCL 1ZtCrjH/HliaIGi4itRceCqhvLbEmzlGd4Zm92KStcoVjcXWtQxEH+Ncsd9AuvJgGFYT80 qBHO1Mke5KuYu+3z84ea3lJpbBbgMe4JOZ9VQKqYyAhQK3Zlsr/LwgFN8wCi/OgnuGfrH4 dxhjfZJdq1fK8//C8JoirKqwxRrQiowC0d61gYjfldlf3KLlnEbi8ozYCOePfBYcXLgRS0 tmRA4JXea70TuEdhnp/W2dktQ6ruijsnJX0aKm34BkqBOwgQKGhEeWhnxigpbQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4YlRbf38nTzxt2; Sat, 01 Feb 2025 09:02:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 51192MmK048317; Sat, 1 Feb 2025 09:02:22 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 51192MkH048314; Sat, 1 Feb 2025 09:02:22 GMT (envelope-from git) Date: Sat, 1 Feb 2025 09:02:22 GMT Message-Id: <202502010902.51192MkH048314@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Gleb Smirnoff Subject: git: e1b723d5fe44 - main - rpc.tlsclntd: followup of API refactoring in the previous commit List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: glebius X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: e1b723d5fe44122a3fa534aeeb241008f5e3666a Auto-Submitted: auto-generated The branch main has been updated by glebius: URL: https://cgit.FreeBSD.org/src/commit/?id=e1b723d5fe44122a3fa534aeeb241008f5e3666a commit e1b723d5fe44122a3fa534aeeb241008f5e3666a Author: Gleb Smirnoff AuthorDate: 2025-02-01 01:02:54 +0000 Commit: Gleb Smirnoff CommitDate: 2025-02-01 09:00:27 +0000 rpc.tlsclntd: followup of API refactoring in the previous commit Userland counterpart of the previous commit. Reviewed by: rmacklem Differential Revision: https://reviews.freebsd.org/D48565 --- usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c | 62 ++++++++++-------------------------- 1 file changed, 16 insertions(+), 46 deletions(-) diff --git a/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c b/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c index ad4b635f0a89..fb8ad4a8f83f 100644 --- a/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c +++ b/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c @@ -87,9 +87,6 @@ struct ssl_list rpctls_ssllist; static struct pidfh *rpctls_pfh = NULL; static const char *rpctls_certdir = _PATH_CERTANDKEY; static const char *rpctls_ciphers = NULL; -static uint64_t rpctls_ssl_refno = 0; -static uint64_t rpctls_ssl_sec = 0; -static uint64_t rpctls_ssl_usec = 0; static int rpctls_tlsvers = TLS1_3_VERSION; static void rpctlscd_terminate(int); @@ -98,7 +95,7 @@ static SSL *rpctls_connect(SSL_CTX *ctx, int s, char *certname, u_int certlen, X509 **certp); static void rpctls_huphandler(int sig __unused); -extern void rpctlscd_1(struct svc_req *rqstp, SVCXPRT *transp); +extern void rpctlscd_2(struct svc_req *rqstp, SVCXPRT *transp); static struct option longopts[] = { { "usetls1_2", no_argument, NULL, '2' }, @@ -119,8 +116,6 @@ main(int argc, char **argv) int ch; SVCXPRT *xprt; bool tls_enable; - struct timeval tm; - struct timezone tz; pid_t otherpid; size_t tls_enable_len; @@ -138,11 +133,6 @@ main(int argc, char **argv) NULL, 0) != 0 || !tls_enable) errx(1, "Kernel TLS not enabled"); - /* Get the time when this daemon is started. */ - gettimeofday(&tm, &tz); - rpctls_ssl_sec = tm.tv_sec; - rpctls_ssl_usec = tm.tv_usec; - rpctls_verbose = false; while ((ch = getopt_long(argc, argv, "2C:D:dl:mp:r:v", longopts, NULL)) != -1) { @@ -233,7 +223,7 @@ main(int argc, char **argv) } err(1, "Can't create transport for local rpctlscd socket"); } - if (!svc_reg(xprt, RPCTLSCD, RPCTLSCDVERS, rpctlscd_1, NULL)) { + if (!svc_reg(xprt, RPCTLSCD, RPCTLSCDVERS, rpctlscd_2, NULL)) { if (rpctls_debug_level == 0) { syslog(LOG_ERR, "Can't register service for local rpctlscd socket"); @@ -249,7 +239,7 @@ main(int argc, char **argv) } bool_t -rpctlscd_null_1_svc(__unused void *argp, __unused void *result, +rpctlscd_null_2_svc(__unused void *argp, __unused void *result, __unused struct svc_req *rqstp) { @@ -258,7 +248,7 @@ rpctlscd_null_1_svc(__unused void *argp, __unused void *result, } bool_t -rpctlscd_connect_1_svc(struct rpctlscd_connect_arg *argp, +rpctlscd_connect_2_svc(struct rpctlscd_connect_arg *argp, struct rpctlscd_connect_res *result, __unused struct svc_req *rqstp) { int s; @@ -281,28 +271,18 @@ rpctlscd_connect_1_svc(struct rpctlscd_connect_arg *argp, rpctls_verbose_out("rpctlsd_connect: can't do TLS " "handshake\n"); result->reterr = RPCTLSERR_NOSSL; - } else { - result->reterr = RPCTLSERR_OK; - result->sec = rpctls_ssl_sec; - result->usec = rpctls_ssl_usec; - result->ssl = ++rpctls_ssl_refno; - /* Hard to believe this will ever wrap around.. */ - if (rpctls_ssl_refno == 0) - result->ssl = ++rpctls_ssl_refno; - } - - if (ssl == NULL) { /* * For RPC-over-TLS, this upcall is expected * to close off the socket. */ close(s); return (TRUE); - } + } else + result->reterr = RPCTLSERR_OK; /* Maintain list of all current SSL *'s */ newslp = malloc(sizeof(*newslp)); - newslp->refno = rpctls_ssl_refno; + newslp->refno = argp->socookie; newslp->s = s; newslp->shutoff = false; newslp->ssl = ssl; @@ -312,21 +292,16 @@ rpctlscd_connect_1_svc(struct rpctlscd_connect_arg *argp, } bool_t -rpctlscd_handlerecord_1_svc(struct rpctlscd_handlerecord_arg *argp, +rpctlscd_handlerecord_2_svc(struct rpctlscd_handlerecord_arg *argp, struct rpctlscd_handlerecord_res *result, __unused struct svc_req *rqstp) { struct ssl_entry *slp; int ret; char junk; - slp = NULL; - if (argp->sec == rpctls_ssl_sec && argp->usec == - rpctls_ssl_usec) { - LIST_FOREACH(slp, &rpctls_ssllist, next) { - if (slp->refno == argp->ssl) - break; - } - } + LIST_FOREACH(slp, &rpctls_ssllist, next) + if (slp->refno == argp->socookie) + break; if (slp != NULL) { rpctls_verbose_out("rpctlscd_handlerecord fd=%d\n", @@ -355,20 +330,15 @@ rpctlscd_handlerecord_1_svc(struct rpctlscd_handlerecord_arg *argp, } bool_t -rpctlscd_disconnect_1_svc(struct rpctlscd_disconnect_arg *argp, +rpctlscd_disconnect_2_svc(struct rpctlscd_disconnect_arg *argp, struct rpctlscd_disconnect_res *result, __unused struct svc_req *rqstp) { struct ssl_entry *slp; int ret; - slp = NULL; - if (argp->sec == rpctls_ssl_sec && argp->usec == - rpctls_ssl_usec) { - LIST_FOREACH(slp, &rpctls_ssllist, next) { - if (slp->refno == argp->ssl) - break; - } - } + LIST_FOREACH(slp, &rpctls_ssllist, next) + if (slp->refno == argp->socookie) + break; if (slp != NULL) { rpctls_verbose_out("rpctlscd_disconnect: fd=%d closed\n", @@ -401,7 +371,7 @@ rpctlscd_disconnect_1_svc(struct rpctlscd_disconnect_arg *argp, } int -rpctlscd_1_freeresult(__unused SVCXPRT *transp, __unused xdrproc_t xdr_result, +rpctlscd_2_freeresult(__unused SVCXPRT *transp, __unused xdrproc_t xdr_result, __unused caddr_t result) {