Hi, Now that I've completed NFSv4.2 I'm on to the next project, which is making NFS work over TLS. Of course, I know absolutely nothing about TLS, which will make this an interesting exercise for me. I did find simple server code in the OpenSSL doc. which at least gives me a starting point for the initialization stuff. As I understand it, this initialization must be done in userspace?
Then somehow, the ktls takes over and does the encryption of the data being sent on the socket via sosend_generic(). Does that sound right? So, how does the kernel know the stuff that the initialization phase (handshake) figures out, or is it magic I don't have to worry about? Don't waste much time replying to this. A few quick hints will keep me going for now. (From what I've seen sofar, this TLS stuff isn't simple. And I thought Kerberos was a pain.;-) Thanks in advance for any hints, rick _______________________________________________ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
