From nobody Sat Feb 1 09:02:16 2025 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YlRbY5MsSz5mbcp; Sat, 01 Feb 2025 09:02:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YlRbX6bgPz41HK; Sat, 01 Feb 2025 09:02:16 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1738400536; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=pcxIYyniRiObnx4AhAdnF1w3+lrYNMEW3Bd0KQ60S10=; b=ah5TpC/sbFLRXfDkQOYrD4JSXW6EM5u1VCVEAQSbj3GoaCNqkwWPeyT8n4gRauNiD4pPms Z2iVI7NuvC3jw1f0KVkUly9EiLXJMfF6gC+a58a84pjr78MvJLXivaQuhVPEQcYQJr0Rkl 9m8sLYkUFKNTat4wzlL+pO9EH9cBXO/LF3g68e3415W8d4tao0ZTOLn5AQCeeAl45uTe8T SNqyjTc6EMkwrdYAd2FLUjUomMA9DTjiHDLeH9/VRHXWZa4sL60s19REoBe/WYQCw35V5L j53ZNHQLSOyOKETOAWVCbCSu77Rq3SoiX3UfsoBAlp76y/GR2pbwBnRqUxMxQg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1738400536; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=pcxIYyniRiObnx4AhAdnF1w3+lrYNMEW3Bd0KQ60S10=; b=njNQbW1+9HVQRMefP1r/BVTBJe1P4D4+sOaAEnrV/D+gQ977oeAJbg6Qb4yAYV3SbcA1Dd +/LILN0cUN13wqw06bNXegungTK3g9Mq/EzpZioI/0lqYBNx5b7OR4CDNNfG1KBvF3vk6A ifFSBtN63QlGCjVuYd5n17bn17H+vJoDmF+hi029g8uFPna1sZ+IKQmSFVu0zWs6AsPrLN Pn3J6tq6si7xBDbNpZ/L6FasDzBx72k71yyXv4i+7928jX8vSSsekoVE36Fl8HxkfTK6wq sVPswEJYcUxjAVGxF3H4DcRErVQ718ndZzkb7/cRg5Il9jv1AB7zwjGnl68kaw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1738400536; a=rsa-sha256; cv=none; b=RLH5iobpXI46D622adJ9RBGuSLcSgiUrvF560frhBsnNh/0VOhBQGOriPcL35nFUEvMa7N VtDsH3Bsn6QA8Y2z+0THAPhzHL4FIRfLb1r9w+ZWhx/Di5Bqe9NSKi3a34gZclNn35Yyu1 +Er1hpRGBP6UjftytwH8EWYpKsfi62NbCsc7B5xVOwl0GhhM1xn2bFZAuVOXe+sm1Xna8n 383OHmar4gTV1Ef1reAb9iRiF6qBIpb30wkRYAFJD/DOr1OozSZKT/Oy7m32qa2YW5zdL1 mgqAoC2AkwAAjgqoyiX2bXb5eYphdsK16hxLkOBidB5JJzhfb/O9JkYa1guVAA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4YlRbX65jJzxt1; Sat, 01 Feb 2025 09:02:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 51192G7g048154; Sat, 1 Feb 2025 09:02:16 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 51192GYY048150; Sat, 1 Feb 2025 09:02:16 GMT (envelope-from git) Date: Sat, 1 Feb 2025 09:02:16 GMT Message-Id: <202502010902.51192GYY048150@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Gleb Smirnoff Subject: git: 88b0afe64c3d - main - rpc.tlsclntd: run netlink(4) service and use new API to get sockets List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: glebius X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 88b0afe64c3d0552cd1ba6c4f1ce908d19f2d126 Auto-Submitted: auto-generated The branch main has been updated by glebius: URL: https://cgit.FreeBSD.org/src/commit/?id=88b0afe64c3d0552cd1ba6c4f1ce908d19f2d126 commit 88b0afe64c3d0552cd1ba6c4f1ce908d19f2d126 Author: Gleb Smirnoff AuthorDate: 2025-02-01 01:02:36 +0000 Commit: Gleb Smirnoff CommitDate: 2025-02-01 09:00:26 +0000 rpc.tlsclntd: run netlink(4) service and use new API to get sockets Userland counterpart of the previous commit. Reviewed by: rmacklem Differential Revision: https://reviews.freebsd.org/D48560 --- usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c | 58 ++---------------------------------- 1 file changed, 3 insertions(+), 55 deletions(-) diff --git a/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c b/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c index 9c50e4b48cb7..ad4b635f0a89 100644 --- a/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c +++ b/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.c @@ -66,9 +66,6 @@ #include "rpctlscd.h" #include "rpc.tlscommon.h" -#ifndef _PATH_RPCTLSCDSOCK -#define _PATH_RPCTLSCDSOCK "/var/run/rpc.tlsclntd.sock" -#endif #ifndef _PATH_CERTANDKEY #define _PATH_CERTANDKEY "/etc/rpc.tlsclntd/" #endif @@ -119,13 +116,7 @@ static struct option longopts[] = { int main(int argc, char **argv) { - /* - * We provide an RPC service on a local-domain socket. The - * kernel rpctls code will upcall to this daemon to do the initial - * TLS handshake. - */ - struct sockaddr_un sun; - int ch, fd, oldmask; + int ch; SVCXPRT *xprt; bool tls_enable; struct timeval tm; @@ -234,38 +225,7 @@ main(int argc, char **argv) pidfile_write(rpctls_pfh); - memset(&sun, 0, sizeof sun); - sun.sun_family = AF_LOCAL; - unlink(_PATH_RPCTLSCDSOCK); - strcpy(sun.sun_path, _PATH_RPCTLSCDSOCK); - sun.sun_len = SUN_LEN(&sun); - fd = socket(AF_LOCAL, SOCK_STREAM, 0); - if (fd < 0) { - if (rpctls_debug_level == 0) { - syslog(LOG_ERR, "Can't create local rpctlscd socket"); - exit(1); - } - err(1, "Can't create local rpctlscd socket"); - } - oldmask = umask(S_IXUSR|S_IRWXG|S_IRWXO); - if (bind(fd, (struct sockaddr *)&sun, sun.sun_len) < 0) { - if (rpctls_debug_level == 0) { - syslog(LOG_ERR, "Can't bind local rpctlscd socket"); - exit(1); - } - err(1, "Can't bind local rpctlscd socket"); - } - umask(oldmask); - if (listen(fd, SOMAXCONN) < 0) { - if (rpctls_debug_level == 0) { - syslog(LOG_ERR, - "Can't listen on local rpctlscd socket"); - exit(1); - } - err(1, "Can't listen on local rpctlscd socket"); - } - xprt = svc_vc_create(fd, RPC_MAXDATASIZE, RPC_MAXDATASIZE); - if (!xprt) { + if ((xprt = svc_nl_create("tlsclnt")) == NULL) { if (rpctls_debug_level == 0) { syslog(LOG_ERR, "Can't create transport for local rpctlscd socket"); @@ -282,19 +242,8 @@ main(int argc, char **argv) err(1, "Can't register service for local rpctlscd socket"); } - if (rpctls_syscall(RPCTLS_SYSC_CLSETPATH, _PATH_RPCTLSCDSOCK) < 0) { - if (rpctls_debug_level == 0) { - syslog(LOG_ERR, - "Can't set upcall socket path errno=%d", errno); - exit(1); - } - err(1, "Can't set upcall socket path"); - } - rpctls_svc_run(); - rpctls_syscall(RPCTLS_SYSC_CLSHUTDOWN, ""); - SSL_CTX_free(rpctls_ctx); return (0); } @@ -319,7 +268,7 @@ rpctlscd_connect_1_svc(struct rpctlscd_connect_arg *argp, rpctls_verbose_out("rpctlsd_connect: started\n"); /* Get the socket fd from the kernel. */ - s = rpctls_syscall(RPCTLS_SYSC_CLSOCKET, ""); + s = rpctls_syscall(RPCTLS_SYSC_CLSOCKET, (char *)argp->socookie); if (s < 0) { result->reterr = RPCTLSERR_NOSOCKET; return (TRUE); @@ -463,7 +412,6 @@ static void rpctlscd_terminate(int sig __unused) { - rpctls_syscall(RPCTLS_SYSC_CLSHUTDOWN, ""); pidfile_remove(rpctls_pfh); exit(0); }