The branch main has been updated by glebius:
URL:
https://cgit.FreeBSD.org/src/commit/?id=e1b723d5fe44122a3fa534aeeb241008f5e3666a
commit e1b723d5fe44122a3fa534aeeb241008f5e3666a
Author: Gleb Smirnoff <gleb...@freebsd.org>
AuthorDate: 2025-02-01 01:02:54 +0000
Commit: Gleb Smirnoff <gleb...@freebsd.org>
CommitDate: 2025-02-01 09:00:27 +0000
rpc.tlsclntd: followup of API refactoring in the previous commit
Userland counterpart of the previous commit.
Reviewed by: rmacklem
Differential Revision: https://reviews.freebsd.org/D48565
---
usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c | 62 ++++++++++--------------------------
1 file changed, 16 insertions(+), 46 deletions(-)
diff --git a/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
b/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
index ad4b635f0a89..fb8ad4a8f83f 100644
--- a/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
+++ b/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c
@@ -87,9 +87,6 @@ struct ssl_list rpctls_ssllist;
static struct pidfh *rpctls_pfh = NULL;
static const char *rpctls_certdir = _PATH_CERTANDKEY;
static const char *rpctls_ciphers = NULL;
-static uint64_t rpctls_ssl_refno = 0;
-static uint64_t rpctls_ssl_sec = 0;
-static uint64_t rpctls_ssl_usec = 0;
static int rpctls_tlsvers = TLS1_3_VERSION;
static void rpctlscd_terminate(int);
@@ -98,7 +95,7 @@ static SSL *rpctls_connect(SSL_CTX *ctx, int s,
char *certname,
u_int certlen, X509 **certp);
static void rpctls_huphandler(int sig __unused);
-extern void rpctlscd_1(struct svc_req *rqstp, SVCXPRT *transp);
+extern void rpctlscd_2(struct svc_req *rqstp, SVCXPRT *transp);
static struct option longopts[] = {
{ "usetls1_2", no_argument, NULL, '2' },
@@ -119,8 +116,6 @@ main(int argc, char **argv)
int ch;
SVCXPRT *xprt;
bool tls_enable;
- struct timeval tm;
- struct timezone tz;
pid_t otherpid;
size_t tls_enable_len;
@@ -138,11 +133,6 @@ main(int argc, char **argv)
NULL, 0) != 0 || !tls_enable)
errx(1, "Kernel TLS not enabled");
- /* Get the time when this daemon is started. */
- gettimeofday(&tm, &tz);
- rpctls_ssl_sec = tm.tv_sec;
- rpctls_ssl_usec = tm.tv_usec;
-
rpctls_verbose = false;
while ((ch = getopt_long(argc, argv, "2C:D:dl:mp:r:v", longopts,
NULL)) != -1) {
@@ -233,7 +223,7 @@ main(int argc, char **argv)
}
err(1, "Can't create transport for local rpctlscd socket");
}
- if (!svc_reg(xprt, RPCTLSCD, RPCTLSCDVERS, rpctlscd_1, NULL)) {
+ if (!svc_reg(xprt, RPCTLSCD, RPCTLSCDVERS, rpctlscd_2, NULL)) {
if (rpctls_debug_level == 0) {
syslog(LOG_ERR,
"Can't register service for local rpctlscd socket");
@@ -249,7 +239,7 @@ main(int argc, char **argv)
}
bool_t
-rpctlscd_null_1_svc(__unused void *argp, __unused void *result,
+rpctlscd_null_2_svc(__unused void *argp, __unused void *result,
__unused struct svc_req *rqstp)
{
@@ -258,7 +248,7 @@ rpctlscd_null_1_svc(__unused void *argp, __unused void
*result,
}
bool_t
-rpctlscd_connect_1_svc(struct rpctlscd_connect_arg *argp,
+rpctlscd_connect_2_svc(struct rpctlscd_connect_arg *argp,
struct rpctlscd_connect_res *result, __unused struct svc_req *rqstp)
{
int s;
@@ -281,28 +271,18 @@ rpctlscd_connect_1_svc(struct rpctlscd_connect_arg *argp,
rpctls_verbose_out("rpctlsd_connect: can't do TLS "
"handshake\n");
result->reterr = RPCTLSERR_NOSSL;
- } else {
- result->reterr = RPCTLSERR_OK;
- result->sec = rpctls_ssl_sec;
- result->usec = rpctls_ssl_usec;
- result->ssl = ++rpctls_ssl_refno;
- /* Hard to believe this will ever wrap around.. */
- if (rpctls_ssl_refno == 0)
- result->ssl = ++rpctls_ssl_refno;
- }
-
- if (ssl == NULL) {
/*
* For RPC-over-TLS, this upcall is expected
* to close off the socket.
*/
close(s);
return (TRUE);
- }
+ } else
+ result->reterr = RPCTLSERR_OK;
/* Maintain list of all current SSL *'s */
newslp = malloc(sizeof(*newslp));
- newslp->refno = rpctls_ssl_refno;
+ newslp->refno = argp->socookie;
newslp->s = s;
newslp->shutoff = false;
newslp->ssl = ssl;
@@ -312,21 +292,16 @@ rpctlscd_connect_1_svc(struct rpctlscd_connect_arg *argp,
}
bool_t
-rpctlscd_handlerecord_1_svc(struct rpctlscd_handlerecord_arg *argp,
+rpctlscd_handlerecord_2_svc(struct rpctlscd_handlerecord_arg *argp,
struct rpctlscd_handlerecord_res *result, __unused struct svc_req *rqstp)
{
struct ssl_entry *slp;
int ret;
char junk;
- slp = NULL;
- if (argp->sec == rpctls_ssl_sec && argp->usec ==
- rpctls_ssl_usec) {
- LIST_FOREACH(slp, &rpctls_ssllist, next) {
- if (slp->refno == argp->ssl)
- break;
- }
- }
+ LIST_FOREACH(slp, &rpctls_ssllist, next)
+ if (slp->refno == argp->socookie)
+ break;
if (slp != NULL) {
rpctls_verbose_out("rpctlscd_handlerecord fd=%d\n",
@@ -355,20 +330,15 @@ rpctlscd_handlerecord_1_svc(struct
rpctlscd_handlerecord_arg *argp,
}
bool_t
-rpctlscd_disconnect_1_svc(struct rpctlscd_disconnect_arg *argp,
+rpctlscd_disconnect_2_svc(struct rpctlscd_disconnect_arg *argp,
struct rpctlscd_disconnect_res *result, __unused struct svc_req *rqstp)
{
struct ssl_entry *slp;
int ret;
- slp = NULL;
- if (argp->sec == rpctls_ssl_sec && argp->usec ==
- rpctls_ssl_usec) {
- LIST_FOREACH(slp, &rpctls_ssllist, next) {
- if (slp->refno == argp->ssl)
- break;
- }
- }
+ LIST_FOREACH(slp, &rpctls_ssllist, next)
+ if (slp->refno == argp->socookie)
+ break;
if (slp != NULL) {
rpctls_verbose_out("rpctlscd_disconnect: fd=%d closed\n",
@@ -401,7 +371,7 @@ rpctlscd_disconnect_1_svc(struct rpctlscd_disconnect_arg
*argp,
}
int
-rpctlscd_1_freeresult(__unused SVCXPRT *transp, __unused xdrproc_t xdr_result,
+rpctlscd_2_freeresult(__unused SVCXPRT *transp, __unused xdrproc_t xdr_result,
__unused caddr_t result)
{
