Fix downgrading of TOE TLS sockets to plain TOE.
ClosedPublic
Actions

Authored by jhb on Dec 3 2020, 9:31 PM.

Details

Reviewers

Commits

rS368311: Fix downgrading of TOE TLS sockets to plain TOE.

Summary

If a TOE TLS socket ends up using an unsupported TLS version or
ciphersuite, it must be downgraded to a "plain" TOE socket with
TLS encryption/decryption performed on the host. The previous
implementation of this fallback was incomplete and resulted in
hung connections.

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

jhb created this revision.Dec 3 2020, 9:31 PM

Herald added a subscriber: ae. · View Herald TranscriptDec 3 2020, 9:31 PM

jhb requested review of this revision.Dec 3 2020, 9:31 PM

Harbormaster completed remote builds in B35176: Diff 80281.Dec 3 2020, 9:31 PM

np accepted this revision.Dec 3 2020, 9:32 PM

This revision is now accepted and ready to land.Dec 3 2020, 9:32 PM

Closed by commit rS368311: Fix downgrading of TOE TLS sockets to plain TOE. (authored by jhb). · Explain WhyDec 3 2020, 9:49 PM

This revision was automatically updated to reflect the committed changes.

jhb added a commit: rS368311: Fix downgrading of TOE TLS sockets to plain TOE..

Herald added a subscriber: imp. · View Herald TranscriptDec 3 2020, 9:49 PM

Revision Contents
Changeset List

Path

Size

head/

sys/

dev/

cxgbe/

t4_main.c

19 lines

tom/

t4_tls.c

14 lines

Diff 80285

View Options

head/sys/dev/cxgbe/t4_main.c

	# Created by: Jean-Sébastien Pédron <dumbbell@FreeBSD.org>			# Created by: Jean-Sébastien Pédron <dumbbell@FreeBSD.org>
	# $FreeBSD$			# $FreeBSD$

	PORTNAME= waffle			PORTNAME= waffle
	PORTVERSION= 1.5.1			PORTVERSION= 1.5.2
	CATEGORIES= graphics			CATEGORIES= graphics
	MASTER_SITES= http://www.waffle-gl.org/files/release/waffle-${PORTVERSION}/			MASTER_SITES= http://www.waffle-gl.org/files/release/waffle-${PORTVERSION}/

	MAINTAINER= x11@FreeBSD.org			MAINTAINER= x11@FreeBSD.org
	COMMENT= Library that allows to defer selection of an OpenGL API until runtime			COMMENT= Library that allows to defer selection of an OpenGL API until runtime

	LICENSE= BSD2CLAUSE			LICENSE= BSD2CLAUSE

	USES= cmake:outsource compiler:c11 ninja pkgconfig tar:xz			USES= cmake:outsource compiler:c11 localbase ninja pkgconfig tar:xz
				USE_GL= egl gl
	USE_LDCONFIG= yes			USE_LDCONFIG= yes
				USE_XORG= x11 xcb

	DOCSDIR= ${PREFIX}/share/doc/waffle1			DOCSDIR= ${PREFIX}/share/doc/waffle1

	OPTIONS_DEFINE= DOCS			CMAKE_ARGS+= -Dwaffle_has_glx=ON \
				-Dwaffle_has_x11_egl=ON
	USE_XORG= x11 xcb
	USE_GL= gl egl
	CFLAGS+= -I${LOCALBASE}/include
	LIBS+= -L${LOCALBASE}/lib

	CMAKE_ARGS+= -Dwaffle_has_glx=ON
	#CMAKE_ARGS+= -Dwaffle_has_x11_egl=ON
	#CMAKE_ARGS+= -Dwaffle_has_gbm=ON # FIXME: Required udev			#CMAKE_ARGS+= -Dwaffle_has_gbm=ON # FIXME: Required udev

	PLIST_SUB+= PORTVERSION=${PORTVERSION}			PLIST_SUB+= PORTVERSION=${PORTVERSION}

	post-install-DOCS-off:			OPTIONS_DEFINE= DOCS
	${RM} -rf ${STAGEDIR}${DOCSDIR}

	.include <bsd.port.mk>			.include <bsd.port.mk>