Date: Sat, 31 Oct 2020 02:53:15 +0000 (UTC) From: Rick Macklem <rmacklem@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r367193 - in projects/nfs-over-tls/usr.sbin: rpc.tlsclntd rpc.tlsservd Message-ID: <202010310253.09V2rFrX034714@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rmacklem Date: Sat Oct 31 02:53:15 2020 New Revision: 367193 URL: https://svnweb.freebsd.org/changeset/base/367193 Log: Delete the code that loads modules and just check to see if the kernel supported KERN_TLS. The module loading is now handled by rc.d/ktls. Modified: projects/nfs-over-tls/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c projects/nfs-over-tls/usr.sbin/rpc.tlsservd/rpc.tlsservd.c Modified: projects/nfs-over-tls/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c ============================================================================== --- projects/nfs-over-tls/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c Sat Oct 31 02:49:02 2020 (r367192) +++ projects/nfs-over-tls/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c Sat Oct 31 02:53:15 2020 (r367193) @@ -38,6 +38,7 @@ __FBSDID("$FreeBSD$"); #include <sys/linker.h> #include <sys/module.h> #include <sys/stat.h> +#include <sys/sysctl.h> #include <sys/syslog.h> #include <sys/time.h> #include <err.h> @@ -124,10 +125,11 @@ main(int argc, char **argv) struct sockaddr_un sun; int ch, fd, oldmask; SVCXPRT *xprt; - bool cert; + bool cert, tls_enable; struct timeval tm; struct timezone tz; pid_t otherpid; + size_t tls_enable_len; /* Check that another rpctlscd isn't already running. */ rpctls_pfh = pidfile_open(_PATH_RPCTLSCDPID, 0600, &otherpid); @@ -137,15 +139,11 @@ main(int argc, char **argv) warn("cannot open or create pidfile"); } - if (modfind("ktls_ocf") < 0) { - /* Not present in kernel, try loading it */ - if (kldload("ktls_ocf") < 0 || modfind("ktls_ocf") < 0) - errx(1, "Cannot load ktls_ocf"); - } - if (modfind("aesni") < 0) { - /* Not present in kernel, try loading it */ - kldload("aesni"); - } + /* Check to see that the ktls is enabled. */ + tls_enable_len = sizeof(tls_enable); + if (sysctlbyname("kern.ipc.tls.enable", &tls_enable, &tls_enable_len, + NULL, 0) != 0 || !tls_enable) + errx(1, "Kernel TLS not enabled"); /* Get the time when this daemon is started. */ gettimeofday(&tm, &tz); Modified: projects/nfs-over-tls/usr.sbin/rpc.tlsservd/rpc.tlsservd.c ============================================================================== --- projects/nfs-over-tls/usr.sbin/rpc.tlsservd/rpc.tlsservd.c Sat Oct 31 02:49:02 2020 (r367192) +++ projects/nfs-over-tls/usr.sbin/rpc.tlsservd/rpc.tlsservd.c Sat Oct 31 02:53:15 2020 (r367193) @@ -38,6 +38,7 @@ __FBSDID("$FreeBSD$"); #include <sys/module.h> #include <sys/queue.h> #include <sys/stat.h> +#include <sys/sysctl.h> #include <sys/syslog.h> #include <sys/time.h> #include <err.h> @@ -144,6 +145,8 @@ main(int argc, char **argv) struct timezone tz; char hostname[MAXHOSTNAMELEN + 2]; pid_t otherpid; + bool tls_enable; + size_t tls_enable_len; /* Check that another rpctlssd isn't already running. */ rpctls_pfh = pidfile_open(_PATH_RPCTLSSDPID, 0600, &otherpid); @@ -153,15 +156,11 @@ main(int argc, char **argv) warn("cannot open or create pidfile"); } - if (modfind("ktls_ocf") < 0) { - /* Not present in kernel, try loading it */ - if (kldload("ktls_ocf") < 0 || modfind("ktls_ocf") < 0) - errx(1, "Cannot load ktls_ocf"); - } - if (modfind("aesni") < 0) { - /* Not present in kernel, try loading it */ - kldload("aesni"); - } + /* Check to see that the ktls is enabled. */ + tls_enable_len = sizeof(tls_enable); + if (sysctlbyname("kern.ipc.tls.enable", &tls_enable, &tls_enable_len, + NULL, 0) != 0 || !tls_enable) + errx(1, "Kernel TLS not enabled"); /* Get the time when this daemon is started. */ gettimeofday(&tm, &tz);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202010310253.09V2rFrX034714>