svn commit: r367193 - in projects/nfs-over-tls/usr.sbin: rpc.tlsclntd rpc.tlsservd
Rick Macklem
rmacklem at FreeBSD.org
Sat Oct 31 02:53:16 UTC 2020
Author: rmacklem
Date: Sat Oct 31 02:53:15 2020
New Revision: 367193
URL: https://svnweb.freebsd.org/changeset/base/367193
Log:
Delete the code that loads modules and just check to see if the kernel
supported KERN_TLS. The module loading is now handled by rc.d/ktls.
Modified:
projects/nfs-over-tls/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
projects/nfs-over-tls/usr.sbin/rpc.tlsservd/rpc.tlsservd.c
Modified: projects/nfs-over-tls/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
==============================================================================
--- projects/nfs-over-tls/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c Sat Oct 31 02:49:02 2020 (r367192)
+++ projects/nfs-over-tls/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c Sat Oct 31 02:53:15 2020 (r367193)
@@ -38,6 +38,7 @@ __FBSDID("$FreeBSD$");
#include <sys/linker.h>
#include <sys/module.h>
#include <sys/stat.h>
+#include <sys/sysctl.h>
#include <sys/syslog.h>
#include <sys/time.h>
#include <err.h>
@@ -124,10 +125,11 @@ main(int argc, char **argv)
struct sockaddr_un sun;
int ch, fd, oldmask;
SVCXPRT *xprt;
- bool cert;
+ bool cert, tls_enable;
struct timeval tm;
struct timezone tz;
pid_t otherpid;
+ size_t tls_enable_len;
/* Check that another rpctlscd isn't already running. */
rpctls_pfh = pidfile_open(_PATH_RPCTLSCDPID, 0600, &otherpid);
@@ -137,15 +139,11 @@ main(int argc, char **argv)
warn("cannot open or create pidfile");
}
- if (modfind("ktls_ocf") < 0) {
- /* Not present in kernel, try loading it */
- if (kldload("ktls_ocf") < 0 || modfind("ktls_ocf") < 0)
- errx(1, "Cannot load ktls_ocf");
- }
- if (modfind("aesni") < 0) {
- /* Not present in kernel, try loading it */
- kldload("aesni");
- }
+ /* Check to see that the ktls is enabled. */
+ tls_enable_len = sizeof(tls_enable);
+ if (sysctlbyname("kern.ipc.tls.enable", &tls_enable, &tls_enable_len,
+ NULL, 0) != 0 || !tls_enable)
+ errx(1, "Kernel TLS not enabled");
/* Get the time when this daemon is started. */
gettimeofday(&tm, &tz);
Modified: projects/nfs-over-tls/usr.sbin/rpc.tlsservd/rpc.tlsservd.c
==============================================================================
--- projects/nfs-over-tls/usr.sbin/rpc.tlsservd/rpc.tlsservd.c Sat Oct 31 02:49:02 2020 (r367192)
+++ projects/nfs-over-tls/usr.sbin/rpc.tlsservd/rpc.tlsservd.c Sat Oct 31 02:53:15 2020 (r367193)
@@ -38,6 +38,7 @@ __FBSDID("$FreeBSD$");
#include <sys/module.h>
#include <sys/queue.h>
#include <sys/stat.h>
+#include <sys/sysctl.h>
#include <sys/syslog.h>
#include <sys/time.h>
#include <err.h>
@@ -144,6 +145,8 @@ main(int argc, char **argv)
struct timezone tz;
char hostname[MAXHOSTNAMELEN + 2];
pid_t otherpid;
+ bool tls_enable;
+ size_t tls_enable_len;
/* Check that another rpctlssd isn't already running. */
rpctls_pfh = pidfile_open(_PATH_RPCTLSSDPID, 0600, &otherpid);
@@ -153,15 +156,11 @@ main(int argc, char **argv)
warn("cannot open or create pidfile");
}
- if (modfind("ktls_ocf") < 0) {
- /* Not present in kernel, try loading it */
- if (kldload("ktls_ocf") < 0 || modfind("ktls_ocf") < 0)
- errx(1, "Cannot load ktls_ocf");
- }
- if (modfind("aesni") < 0) {
- /* Not present in kernel, try loading it */
- kldload("aesni");
- }
+ /* Check to see that the ktls is enabled. */
+ tls_enable_len = sizeof(tls_enable);
+ if (sysctlbyname("kern.ipc.tls.enable", &tls_enable, &tls_enable_len,
+ NULL, 0) != 0 || !tls_enable)
+ errx(1, "Kernel TLS not enabled");
/* Get the time when this daemon is started. */
gettimeofday(&tm, &tz);
More information about the svn-src-projects
mailing list