From owner-svn-src-projects@freebsd.org Fri Aug 28 01:55:36 2020 Return-Path: Delivered-To: svn-src-projects@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 89D783C9AD4 for ; Fri, 28 Aug 2020 01:55:36 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Bd2k0383pz3YGB; Fri, 28 Aug 2020 01:55:36 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4F3C1D2E9; Fri, 28 Aug 2020 01:55:36 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 07S1taUk015140; Fri, 28 Aug 2020 01:55:36 GMT (envelope-from rmacklem@FreeBSD.org) Received: (from rmacklem@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 07S1tZRH015137; Fri, 28 Aug 2020 01:55:35 GMT (envelope-from rmacklem@FreeBSD.org) Message-Id: <202008280155.07S1tZRH015137@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: rmacklem set sender to rmacklem@FreeBSD.org using -f From: Rick Macklem Date: Fri, 28 Aug 2020 01:55:35 +0000 (UTC) To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r364898 - in projects/nfs-over-tls: rc.d usr.sbin/rpctlscd usr.sbin/rpctlssd X-SVN-Group: projects X-SVN-Commit-Author: rmacklem X-SVN-Commit-Paths: in projects/nfs-over-tls: rc.d usr.sbin/rpctlscd usr.sbin/rpctlssd X-SVN-Commit-Revision: 364898 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-projects@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: "SVN commit messages for the src " projects" tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Aug 2020 01:55:36 -0000 Author: rmacklem Date: Fri Aug 28 01:55:35 2020 New Revision: 364898 URL: https://svnweb.freebsd.org/changeset/base/364898 Log: Add code to rpctlscd.c and rpctlssd.c to load "aesni". This replaces the code in the rc.d scripts, which caused the scripts to fail if "aesni" could not be loaded. Loading "aesni" may not be necessary for the cases where TLS has net interface hardware support, but I do not know how to check for that and loading aesni.ko seems harmless. Modified: projects/nfs-over-tls/rc.d/rpctlscd projects/nfs-over-tls/rc.d/rpctlssd projects/nfs-over-tls/usr.sbin/rpctlscd/rpctlscd.c projects/nfs-over-tls/usr.sbin/rpctlssd/rpctlssd.c Modified: projects/nfs-over-tls/rc.d/rpctlscd ============================================================================== --- projects/nfs-over-tls/rc.d/rpctlscd Fri Aug 28 00:00:37 2020 (r364897) +++ projects/nfs-over-tls/rc.d/rpctlscd Fri Aug 28 01:55:35 2020 (r364898) @@ -14,13 +14,6 @@ desc="NFS over TLS client side daemon" rcvar="rpctlscd_enable" command="/usr/sbin/${name}" pidfile="/var/run/${name}.pid" -start_precmd="rpctlscd_precmd" - -rpctlscd_precmd() -{ - # If this load fails, TLS should still work, just more slowly. - kldload -n -q aesni.ko -} load_rc_config $name Modified: projects/nfs-over-tls/rc.d/rpctlssd ============================================================================== --- projects/nfs-over-tls/rc.d/rpctlssd Fri Aug 28 00:00:37 2020 (r364897) +++ projects/nfs-over-tls/rc.d/rpctlssd Fri Aug 28 01:55:35 2020 (r364898) @@ -16,13 +16,6 @@ command="/usr/sbin/${name}" pidfile="/var/run/${name}.pid" required_files="/etc/rpctlssd/cert.pem /etc/rpctlssd/key.pem" extra_commands="reload" -start_precmd="rpctlssd_precmd" - -rpctlssd_precmd() -{ - # If this load fails, TLS should still work, just more slowly. - kldload -n -q aesni.ko -} load_rc_config $name Modified: projects/nfs-over-tls/usr.sbin/rpctlscd/rpctlscd.c ============================================================================== --- projects/nfs-over-tls/usr.sbin/rpctlscd/rpctlscd.c Fri Aug 28 00:00:37 2020 (r364897) +++ projects/nfs-over-tls/usr.sbin/rpctlscd/rpctlscd.c Fri Aug 28 01:55:35 2020 (r364898) @@ -144,6 +144,10 @@ main(int argc, char **argv) if (kldload("ktls_ocf") < 0 || modfind("ktls_ocf") < 0) errx(1, "Cannot load ktls_ocf"); } + if (modfind("aesni") < 0) { + /* Not present in kernel, try loading it */ + kldload("aesni"); + } /* Get the time when this daemon is started. */ gettimeofday(&tm, &tz); Modified: projects/nfs-over-tls/usr.sbin/rpctlssd/rpctlssd.c ============================================================================== --- projects/nfs-over-tls/usr.sbin/rpctlssd/rpctlssd.c Fri Aug 28 00:00:37 2020 (r364897) +++ projects/nfs-over-tls/usr.sbin/rpctlssd/rpctlssd.c Fri Aug 28 01:55:35 2020 (r364898) @@ -156,6 +156,10 @@ main(int argc, char **argv) if (kldload("ktls_ocf") < 0 || modfind("ktls_ocf") < 0) errx(1, "Cannot load ktls_ocf"); } + if (modfind("aesni") < 0) { + /* Not present in kernel, try loading it */ + kldload("aesni"); + } /* Get the time when this daemon is started. */ gettimeofday(&tm, &tz);