Date: Sat, 13 Jun 2020 20:54:18 +0000 (UTC) From: Rick Macklem <rmacklem@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r362154 - projects/nfs-over-tls/sys/rpc Message-ID: <202006132054.05DKsIvg048466@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rmacklem Date: Sat Jun 13 20:54:18 2020 New Revision: 362154 URL: https://svnweb.freebsd.org/changeset/base/362154 Log: Fix clnt_vc_soupcall() for the case where a server uses multiple TCP record fragments. In practice, I do not believe that any extant NFS servers generate an RPC reply message in multiple TCP record fragments. The code in head is broken for this case, too. However, the patch fixes this case. It also changes the code to force a TCP reconnect when a bogus RPC message record is received, since the data in the TCP stream must be corrupted. Modified: projects/nfs-over-tls/sys/rpc/clnt_vc.c Modified: projects/nfs-over-tls/sys/rpc/clnt_vc.c ============================================================================== --- projects/nfs-over-tls/sys/rpc/clnt_vc.c Sat Jun 13 18:38:59 2020 (r362153) +++ projects/nfs-over-tls/sys/rpc/clnt_vc.c Sat Jun 13 20:54:18 2020 (r362154) @@ -1091,7 +1091,6 @@ printf("Got weird type=%d\n", tgr.tls_type); m_copydata(ct->ct_raw, 0, sizeof(uint32_t), (char *)&header); header = ntohl(header); - ct->ct_record = NULL; ct->ct_record_resid = header & 0x7fffffff; ct->ct_record_eor = ((header & 0x80000000) != 0); if (ct->ct_record_resid < 20 || @@ -1140,7 +1139,7 @@ printf("soup m_split returned NULL\n"); * connection and allow * clnt_reconnect_XXX() to try * and establish a new one. - * If we just return and there are + * If we just return and there is * no more data received, the * connection will be hung. */ @@ -1173,9 +1172,21 @@ printf("soup m_split returned NULL\n"); sizeof(xid_plus_direction) && m_length(ct->ct_record, NULL) < sizeof(xid_plus_direction)) { - m_freem(ct->ct_record); - ct->ct_record = NULL; - break; + /* + * What to do now? + * The TCP stream is messed up. + * I think it best to close this + * connection and allow + * clnt_reconnect_XXX() to try + * and establish a new one. + * If we just return and there is + * no more data received, the + * connection will be hung. + */ + printf("clnt_vc_soupcall: " + "connection data corrupted\n"); + error = ECONNRESET; + goto wakeup_all; } m_copydata(ct->ct_record, 0, sizeof(xid_plus_direction),
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202006132054.05DKsIvg048466>