HomeFreeBSD
Diffusion FreeBSD src repository 8908c590e365

krpc: Fix NFS-over-TLS for KTLS1.3
8908c590e365
Actions

Description

krpc: Fix NFS-over-TLS for KTLS1.3

When NFS-over-TLS uses KTLS1.3, the client can receive
post-handshake handshake records. These records can be
safely thown away, but are not handled correctly via the
rpctls_ct_handlerecord() upcall to the daemon.

Commit 373511338d95 changed soreceive_generic() so that it
will only return ENXIO for Alert records when MSG_TLSAPPDATA
is specified. As such, the post-handshake handshake
records will be returned to the krpc.

This patch modifies the krpc so that it will throw
these records away, which seems sufficient to make
NFS-over-TLS work with KTLS1.3. This change has
no effect on the use of KTLS1.2, since it does not
generate post-handshake handshake records.

(cherry picked from commit 0b4f2ab0e91307bd1fa6e884b0fccef9d10d5a2d)

Details

Provenance
rmacklemAuthored on May 15 2022, 6:51 PM
Parents
rG2390e2073f12: Apply clang fix for assertion failure building putty 0.77 on i386
Branches
Unknown
Tags
Unknown

Changes (2)

PathSize
sys/
rpc/

rG8908c590e365

View Options

sys/rpc/clnt_vc.c

Loading...
View Options

sys/rpc/svc_vc.c

Loading...