Date: Mon, 11 May 2020 13:22:05 -0700 From: John Baldwin <jhb@FreeBSD.org> To: Rick Macklem <rmacklem@FreeBSD.org>, src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: Re: svn commit: r360859 - projects/nfs-over-tls/sys/rpc Message-ID: <6739df0b-e621-2ca5-8f92-821822733772@FreeBSD.org> In-Reply-To: <202005100017.04A0Hd7I058863@repo.freebsd.org> References: <202005100017.04A0Hd7I058863@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/9/20 5:17 PM, Rick Macklem wrote: > Author: rmacklem > Date: Sun May 10 00:17:39 2020 > New Revision: 360859 > URL: https://svnweb.freebsd.org/changeset/base/360859 > > Log: > Add some very basic handling of TLS_GET_RECORD control mbufs. > > For now, it just throws away any that are non-application data. > In the future, this will need to change, but not until TLS1.3, I think? Ideally you'd keep an nfsd thread in userland that you could pass these records onto. One possible option is the thread just keeps calling SSL_read() but you do create a new flag on the socket buffer that causes soreceive() to only pass non-application data datagrams to userland reads() and have the in-kernel read requests block if they see a non-application data record as the next record until the user thread wakes up and reads it (or EAGAIN or whatever you need it to do). -- John Baldwin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6739df0b-e621-2ca5-8f92-821822733772>