Page MenuHomeFreeBSD

rpctls_impl.c: Fix handling of daemon failure
ClosedPublic

Authored by rmacklem on Jun 21 2025, 1:25 AM.
Tags
None
Referenced Files
Unknown Object (File)
Sep 12 2025, 3:33 AM
Unknown Object (File)
Sep 11 2025, 5:47 AM
Unknown Object (File)
Sep 10 2025, 8:45 AM
Unknown Object (File)
Sep 10 2025, 6:20 AM
Unknown Object (File)
Aug 11 2025, 5:27 AM
Unknown Object (File)
Jul 29 2025, 2:37 AM
Unknown Object (File)
Jul 28 2025, 4:21 PM
Unknown Object (File)
Jul 28 2025, 2:22 PM
Subscribers

Details

Summary

If the client side rpc.tlsclntd is not running when a
NFS-over-TLS connection attempt is made, the socket
is left open. This results in the rpc.tlsservd daemon on
the NFS server being stuck in SSL_accept() until the
daemon is restarted.

This patch fixes this by doing soclose() on the socket
for the cases where the daemon has not acquired the
socket.

It is still possible for a broken client to get the
rpc.tlsservd daemon stuck. This will be addressed
in a separate commit.

Test Plan

Tested by doing repeated NFS-over-TLS mount
attempts with both the daemon running and not
running.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

glebius added inline comments.
sys/rpc/rpcsec_tls/rpctls_impl.c
234

The comment contradicts the fact that we did RB_REMOVE() two lines above.

This revision is now accepted and ready to land.Jun 21 2025, 5:37 PM

I clicked on "Accept", trusting your expertise. The change looks correct, with small comment nit. But I didn't test it. And to be fair the gist of the code already washed out of my L3 brain cache :)