I lost the length descriptor prefix in the last change. I've put it back, and run cryptocheck with -A lengths of 0, 13, 16, 32, 192102, and 127091. (User-space can't test more than 256k unfortunately.)

Review feedback incorporated.

New diff coming right after this.

(I'll go through the rest of the comments this weekend.)

In D19298#425490, @cem wrote:

In this implementation, I'm not sure the 2-pass decrypt buys us anything. We already pre-allocate space (if input is non-contiguous) — checking the tag first doesn't save us from a DoS in terms of memory use. If the (unexpected case) tag verification fails, we'd need to do extra work to clobber anything we output, maybe? I might be forgetting something about CCM.

Per feedback from cem, remove aes_block_t. Note that I did use a uint8_t pointer for some of the work, rather than having annoying typecasts in function calls.

Changed the GMAC_DIGEST_LEN uses to be sizeof(tag).

Responses to cem; a new patch incoming.

Implement some (but not all, due to asking some questions) of the feedback from cem@.

Respond to cem. Updated diff to follow.

Ping anyone?

Ping?

In D19153#415697, @avg wrote:

Somewhat belated question, would it make sense to mark the client created in sys_gssd_syscall() as interruptible?

Feedback from jhb. (Just uploaded for completeness sake; I'll be checking it in after I update my svn source, apply the patch, and do a buildworld just to make sure I didn't do anything stupid again.)

Move the #includes around per cem.

mav pointed out that I'd missed the same changes to zfs_send_resume.

Ping?

Seems generally fine to me, although I haven't looked at the ZoL side for comparison.

In D19184#411245, @debdrup_gmail.com wrote:

This might be a dumb question, but does the process title change often enough that setproctitle_fast() added in rS335939 should be used?

Update the man page date.

Warn if the virtual hostname argument is too long. (Note that this is only a warning.)

In D19191#410843, @rmacklem wrote:

Thanks for adding the strlen() check. I am going to be nitpicky and suggest an
error message be printed (not sure if the nfsd should fail or just log an error?),
since silently ignoring the "-V" argument could cause confusion too, I think?

Fixed the date in the man page (although I guess it's already wrong :)), and don't set the virtual host if it's too long.

cem's feedback.

I was going to upload a new diff, but just got email that you've got more comments :).

Feedback from jhb.

Ping?

I diff'd the wrong source tree. I just made sure this one built, and produced the correct results, e.g.

In D19184#410338, @delphij wrote:

Ah I didn't realized that we haven't upstreamed it & thanks for forward-porting it for so many years...

Took Rick's advice and moved the retry setting to a more specific place.

Updating because I changed the CBC-MAC revision.

Feedback from cem (thanks!).

Ping? Is this one ok to go?

I changed my #ifdef CRYPT_DEBUG back to #if 0 in the parent branch/review, so this has the new version of that.

Per discussion in my other review, revert my change for the crypto debug macro ifdef.

Feedback from cem.

In D18592#408160, @jhb wrote:

I'm generally happy with this. The #if 0 -> #ifdef CRYPTO_DEBUG change still seems unrelated, but I don't care strongly about it either way.

In D18592#407488, @cem wrote:

I meant the second half of the sentence — are you still working on feedback or not?

In D18592#407486, @cem wrote:

In D18592#400076, @sef wrote:

NB: This is mostly tested simply by compilation, as I've still got some more feedback to incorporate.

Is this still the case or do you figure you've finished that? I was waiting for that to wrap up before I took another look.

! In D18592#407482, @cem wrote:
Thanks!

Switch to using a single type macro.

Ok, seems good to me then.

Hm, this will break the output. For the better, I think. Does it need a man page change as well?

Prod?