K 10
svn:author
V 8
rmacklem
K 8
svn:date
V 27
2020-07-18T01:57:20.373560Z
K 7
svn:log
V 1001
Add support for TLS for NFSv4.0 callback connections, plus disable ext_pgs
mbufs for write requests.

The first change simply modifies the code so that the server sets a flag
to tell the server to do server->client connects using TLS, if the client
is using TLS connections. This only affects NFSv4.0, since that is the
only version that does server->client TCP connections.

The second change is an interesting bugfix.
When the ext_pgs mbuf list is passed into sosend() and TLS is enabled, the
data in encrypted in the pages (at least for the software case).
As such, keeping a copy (m_copym() that refcounts the pages) to do a resend
does not work (the resent data may already be encrypted in the pages).
Disabling generating the data to be written in ext_pgs mbufs fixes the
problem, since the code generates a list of mbuf clusters and these are
"real copied" to the ext_pgs unmapped pages.

It may be possible to generate ext_pgs mbufs for the hardware offload
cases, but I do not know this yet?

END