From da58601d59ef721bd5e398df086e2c734644eaaa Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Mon, 11 Aug 2025 21:46:07 -0400 Subject: [PATCH 1/2] Revert "tlshd: Return a non-zero peerid" The problem was that CONFIG_KEYS_REQUEST_CACHE was disabled in my test kernels. Signed-off-by: Chuck Lever --- src/tlshd/server.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/tlshd/server.c b/src/tlshd/server.c index 56416dc..e80f2fd 100644 --- a/src/tlshd/server.c +++ b/src/tlshd/server.c @@ -224,8 +224,6 @@ static int tlshd_server_x509_verify_function(gnutls_session_t session, return GNUTLS_E_CERTIFICATE_ERROR; } peerid = tlshd_keyring_create_cert(cert, parms->peername); - if (peerid == TLS_NO_PEERID) - peerid = UINT_MAX; g_array_append_val(parms->remote_peerids, peerid); gnutls_x509_crt_deinit(cert); } From 0484520957ea5aedce3d8f8a292829b6a6a21504 Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Tue, 12 Aug 2025 11:31:03 -0400 Subject: [PATCH 2/2] README: Update dependency documentation Re-organize the documentation for dependencies, and add a mention of the kernel keyring options that need to be enabled. Signed-off-by: Chuck Lever --- README | 21 ++++++++++++++++++--- README.md | 21 ++++++++++++++++++--- 2 files changed, 36 insertions(+), 6 deletions(-) diff --git a/README b/README index a7b731a..dc28279 100644 --- a/README +++ b/README @@ -15,9 +15,24 @@ this package is released. ## Dependencies -* The local kernel must have net/handshake support and be built with - CONFIG_TLS enabled -* The local build environment requires GnuTLS and keyutils +### Run-time dependencies + +The kernel must have net/handshake support (v6.5 or later) and be +built with the following CONFIG options enabled: + +* CONFIG_TLS +* CONFIG_KEYS +* CONFIG_KEYS_REQUEST_CACHE + +### Build dependencies + +The build environment requires the development packages for the +following libraries to be installed: + +* GnuTLS +* keyutils +* GLib-2.0 +* libnl3 ## Installation diff --git a/README.md b/README.md index a7b731a..dc28279 100644 --- a/README.md +++ b/README.md @@ -15,9 +15,24 @@ this package is released. ## Dependencies -* The local kernel must have net/handshake support and be built with - CONFIG_TLS enabled -* The local build environment requires GnuTLS and keyutils +### Run-time dependencies + +The kernel must have net/handshake support (v6.5 or later) and be +built with the following CONFIG options enabled: + +* CONFIG_TLS +* CONFIG_KEYS +* CONFIG_KEYS_REQUEST_CACHE + +### Build dependencies + +The build environment requires the development packages for the +following libraries to be installed: + +* GnuTLS +* keyutils +* GLib-2.0 +* libnl3 ## Installation