From owner-svn-src-projects@freebsd.org Wed May 20 14:58:48 2020 Return-Path: Delivered-To: svn-src-projects@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B85962DBFD2 for ; Wed, 20 May 2020 14:58:48 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) Received: from CAN01-TO1-obe.outbound.protection.outlook.com (mail-eopbgr670048.outbound.protection.outlook.com [40.107.67.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "GlobalSign Organization Validation CA - SHA256 - G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 49Rwqq4hQ2z4Jtl; Wed, 20 May 2020 14:58:47 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=f13U7VEvISL2NGDSX/iblA10ZBufrIB0NxuQUzsl70akZRX6hQj5ZAL+B0NcCbUth/TDx9WGiB84WWCdUi6O7yZwtCX3LCTlI7aRc8djRc2PioS3qHa4Fek7IIaSj4Pvv+GD79NbX6WZVoagz1wEhcKvi6OCaqC7t68/Y+OluWpLI7k7BmagPmT0ZAroaAhywEoN2ofg1aWM0hlyCDcECp7ATfYDchoA5nQdAT5Kh4l9aTGUD5VYjGZPPpDirZPq2SMDp8UhYLugn4YSEljJ6w55t9Ia8OZUeSAp0p72NcGYiyydpZKMYt+eTOfQmjiTWhu4gCZ1+6O81jGqZWNp3g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1/XnNneCp9OV8MV3FPCkAvuR6U036wGW7e4ivG/WUYA=; b=lfLP9a0ajiPF4ZD5fLWtTlbLKDM0jidFgRiy9nELR5OzLKGk50dsoyDAQDE6rCzaO0PQoexLmtxV38LVZ1FMJVJcB1w48tKNG4WIWb0o7kT5wjbpsuAwi8BWmC7YFxyPm8lYwZj9ooTyuhCPVlEJvT/pTcdf8HWIagBJXtQXgZFh6Tk2k73WJAqjmr8oMgXdr1Kf/xZNZeHLnd6LMKFjUy5+rVujR5GSml1Bp20HGjpPs+ibcrT8QynqVFCwc92j0GSvyljROf9nSyggyTtYQC5yethq/3h3mQ8XeFQJdghfkbb6zbBzDVkqnwgwnx/HSUafHK5RbnFUgG7mwqpoHQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=uoguelph.ca; dmarc=pass action=none header.from=uoguelph.ca; dkim=pass header.d=uoguelph.ca; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=uoguelph.ca; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1/XnNneCp9OV8MV3FPCkAvuR6U036wGW7e4ivG/WUYA=; b=WdNtczUQfZF9Fi1sjuQ628q2X1058QPtGrMS+BEoG6a8yt7Hvk4mKuccIAaZTLwqhzqNKWavyoZnVHq00Eb3+mFvYAp0BveLZ7Gs5Ysbmq+5N4MytMpahnV16ka8jbdd76H7LFqPgAyFDkws744vz6M+E75WZJy6/HiVLfNAEi68ipvtpn7ChZms9pjp/OB+UzKq+Ul/vf/pE2FuOqoJLEHin+lMXymYWZdcCwfOYgIad5yy/eP13tiSXm7lA16IZidS3gLfQcuYF3cDxOJqcTcWb7eO9ezT4C8yxUe87OCZuJuCYkkUd4xFVv54bniUXnr27X2tt/y/UGMaFJmXvQ== Received: from QB1PR01MB3649.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:c00:32::26) by QB1PR01MB2564.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:c00:34::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3000.26; Wed, 20 May 2020 14:58:46 +0000 Received: from QB1PR01MB3649.CANPRD01.PROD.OUTLOOK.COM ([fe80::dd96:945c:b6ee:ffa2]) by QB1PR01MB3649.CANPRD01.PROD.OUTLOOK.COM ([fe80::dd96:945c:b6ee:ffa2%6]) with mapi id 15.20.3000.034; Wed, 20 May 2020 14:58:37 +0000 From: Rick Macklem To: Benjamin Kaduk CC: Benjamin Kaduk , John Baldwin , Rick Macklem , "src-committers@freebsd.org" , "svn-src-projects@freebsd.org" Subject: Re: svn commit: r360859 - projects/nfs-over-tls/sys/rpc Thread-Topic: svn commit: r360859 - projects/nfs-over-tls/sys/rpc Thread-Index: AQHWJ9HZ1BQ89BXo/ki0EXCO1Y+2cKijtTOsgAAIx/+AABDwDYAAF9MAgACaLemAC/ZqgIAApYC/ Date: Wed, 20 May 2020 14:58:37 +0000 Message-ID: References: <202005100017.04A0Hd7I058863@repo.freebsd.org> <6739df0b-e621-2ca5-8f92-821822733772@FreeBSD.org> , <20200520045947.GX58497@kduck.mit.edu> In-Reply-To: <20200520045947.GX58497@kduck.mit.edu> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: a43e9b6e-0cea-4240-3fba-08d7fcce46e8 x-ms-traffictypediagnostic: QB1PR01MB2564: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-forefront-prvs: 04097B7F7F x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: ywwta+vwK/INOs0NZhuuvnQCYMI7Fr4H2SmuVk3yw/D8WiNXnDLmKSfITRKsUuTa6Sc/MiPdlZ+XugqGl+kszNrD1bYYPHzGBvl4cPNbzeWfazCpqG37MS7FzC6b+eCJ+GPrJYpSHMrm2qvGcbLPDoBLEh39QYEBObE4TEQiq4UtuE4aHlui/895pMPtbYmI4CgZ6q7jb2dnrylCQcbmb8Y5jqjEvW5TYJw6WZe8xOUkalxMNw70jy0lpqx5X2rtwPsKM+UDgJEniP/dT/KBN/XaMO1DcaMyccvwg2FnItMGr+97QGu5hw/ufSRp9YONhoTU5Jqb8bKsj9DB2qMVX/cKGWt1naCJYt49yfdNpwofEPS9DGJVLIQKudxtD8ZFe91gzS+gh0pUvnNfhn+AvTnF0QvwqYV+TuQQfOcDrvkmERh7LF0ghoI/2Ix8H/9j x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:QB1PR01MB3649.CANPRD01.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFTY:; SFS:(346002)(366004)(376002)(136003)(396003)(39860400002)(4326008)(2906002)(55016002)(9686003)(71200400001)(86362001)(33656002)(52536014)(7696005)(8936002)(66446008)(8676002)(76116006)(66946007)(6916009)(66476007)(54906003)(64756008)(66556008)(786003)(186003)(6506007)(316002)(478600001)(5660300002); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: BI7EQoSo/lAtSnq4bEHgyyNVORCXqvuhAlMl2O1o5jUJqq/DDxSKkHXAdbyRpCF//1DAJ5ZdolHX0LmeKUmOlgZO9eaaEcZZDKrtHJUOT4e1KY57ApVIT21XYm/N8Bxk2+Zng46yJE1TuGDMSfQGB0PA/332kGxVHV5i0LAsJ2OJ2IYC5V6tvgteuv/naciqQFwtK6c3H1GKFBrNcLU5EoxM1yOWyo536lAwfzmapuiH3Vx8CfICVRwnaf1lcOpjP5FY/rkYVbYtFPd4KxHpzlrBBVubSnL3qhwItPAhZzdg/lSy+5TXVcfn/rq835fnLB56e5wNYIAdO2ZvLg3VsWSwQ7bGHLxisU74qCnG+Hlz6K80YAupaGbEttW26y4JyTCETWr3+SoN48pgaJ4WXYtbVhZQdr8uW9Y6QuUtR7Ib+l+b7sobYUpAVxznb+P7tm8DP6OOndJ1Papnnw+8evZhLOKbvpBH8TTZ/tN91iJXULt0OnIdnKBjqzyYrKCOCayiHXRsPIZMamPR9rb7xyZNJAPIxbCYCtze/oPqynw= x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: uoguelph.ca X-MS-Exchange-CrossTenant-Network-Message-Id: a43e9b6e-0cea-4240-3fba-08d7fcce46e8 X-MS-Exchange-CrossTenant-originalarrivaltime: 20 May 2020 14:58:37.8473 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: be62a12b-2cad-49a1-a5fa-85f4f3156a7d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: mU3lNH/lb9nAOgNW7A7w6UfNmkm3BjFODfVPiSF73fFYMdSbToTzWPNSfTvEeQDTtV/+4B+HwttOmEefLg7u2A== X-MS-Exchange-Transport-CrossTenantHeadersStamped: QB1PR01MB2564 X-Rspamd-Queue-Id: 49Rwqq4hQ2z4Jtl X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=uoguelph.ca header.s=selector1 header.b=WdNtczUQ; dmarc=none; spf=pass (mx1.freebsd.org: domain of rmacklem@uoguelph.ca designates 40.107.67.48 as permitted sender) smtp.mailfrom=rmacklem@uoguelph.ca X-Spamd-Result: default: False [-5.96 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.004]; R_DKIM_ALLOW(-0.20)[uoguelph.ca:s=selector1]; RWL_MAILSPIKE_POSSIBLE(0.00)[40.107.67.48:from]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:40.107.0.0/16]; NEURAL_HAM_LONG(-1.04)[-1.045]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[uoguelph.ca]; ARC_ALLOW(-1.00)[microsoft.com:s=arcselector9901:i=1]; RCPT_COUNT_FIVE(0.00)[6]; DWL_DNSWL_LOW(-1.00)[uoguelph.ca:dkim]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[uoguelph.ca:+]; NEURAL_HAM_SHORT(-1.31)[-1.315]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:8075, ipnet:40.64.0.0/10, country:US]; FREEMAIL_CC(0.00)[gmail.com,FreeBSD.org,freebsd.org]; RCVD_IN_DNSWL_LOW(-0.10)[40.107.67.48:from] X-BeenThere: svn-src-projects@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: "SVN commit messages for the src " projects" tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 May 2020 14:58:48 -0000 Benjamin Kaduk wrote:=0A= >On Tue, May 12, 2020 at 02:32:29PM +0000, Rick Macklem wrote:=0A= >> Benjamin Kaduk wrote:=0A= >> [stuff snipped]=0A= >> >You can avoid having to play games with putting stuff back on the socke= t=0A= >> >receive buffer by using a custom BIO implementation in userspace that k= nows=0A= >> >how to inject the received message.=0A= >> >Rick Macklem wrote:=0A= >> >>Actually, what might work for the krpc code is a new MSG_TLSAPPDATA=0A= >> >>flag for soreceive_generic(), which says "if the record is not applica= tion=0A= >> >>data, return an error". (Sort of the opposite of what you said above, = but=0A= >> >>would perform the same thing.)=0A= >> >>This could be used for the krpc soreceive() calls, so that the non-app= lication=0A= >> >>data record remains on the socket's receive buffer.=0A= >> Well, I'd find it a lot easier to implement MSG_TLSAPPDATA, since I've b= een=0A= >> looking at soreceive_generic() recently.=0A= >> I'm guessing that a custom BIO would need to be written and the upstream= ed=0A= >> to openssl?=0A= >=0A= >It doesn't have to be upstreamed; the idea of the API is that it's modular= =0A= >and anyone can slot in their own implementation for their particular=0A= >communication needs.=0A= Well, I've already done MSG_TLSAPPDATA (a kernel only flag for soreceive())= and=0A= it seems to work fine. It makes soreceive() return an error instead of the= =0A= non-application data record, when that is what is at the head of the receiv= e queue.=0A= It is pretty straightforward, so unless someone has a problem with putting = that=0A= in head someday, I'm happy with it.=0A= =0A= I now seem to have upcalls for non-application data records working ok=0A= for both client and server.=0A= When the upcalls happen, the daemon just does a SSL_read(..,0), which seems= =0A= to work fine sofar. (Thanks go to Ben for that hint.)=0A= =0A= Thanks everyone, for your helpful comments, rick=0A= =0A= -Ben=0A= =0A=