svn commit: r363119 - projects/nfs-over-tls/usr.sbin/rpctlssd
Rick Macklem
rmacklem at FreeBSD.org
Sun Jul 12 04:29:40 UTC 2020
Author: rmacklem
Date: Sun Jul 12 04:29:39 2020
New Revision: 363119
URL: https://svnweb.freebsd.org/changeset/base/363119
Log:
Add code that does a shutdown() on all sockets during termination.
I am not sure if this is required, since the sockets will be closed during
exit(), but it seems safe to do to ensure that sockets no longer work in
the kernel RPC.
Modified:
projects/nfs-over-tls/usr.sbin/rpctlssd/rpctlssd.c
Modified: projects/nfs-over-tls/usr.sbin/rpctlssd/rpctlssd.c
==============================================================================
--- projects/nfs-over-tls/usr.sbin/rpctlssd/rpctlssd.c Sun Jul 12 04:26:19 2020 (r363118)
+++ projects/nfs-over-tls/usr.sbin/rpctlssd/rpctlssd.c Sun Jul 12 04:29:39 2020 (r363119)
@@ -518,9 +518,17 @@ rpctlssd_1_freeresult(SVCXPRT *transp, xdrproc_t xdr_r
static void
rpctlssd_terminate(int sig __unused)
{
+ struct ssl_entry *slp;
rpctls_syscall(RPCTLS_SYSC_SRVSHUTDOWN, "");
pidfile_remove(rpctls_pfh);
+
+ /*
+ * Shut down all TCP connections, so that any compromised TLS
+ * connection is no longer usable.
+ */
+ LIST_FOREACH(slp, &rpctls_ssllist, next)
+ shutdown(slp->s, SHUT_RD);
exit(0);
}
More information about the svn-src-projects
mailing list