From owner-svn-src-all@freebsd.org Fri Nov 20 22:29:39 2020 Return-Path: Delivered-To: svn-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6848646FEAB; Fri, 20 Nov 2020 22:29:39 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CdB77200vz4j9x; Fri, 20 Nov 2020 22:29:39 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 333031D456; Fri, 20 Nov 2020 22:29:39 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 0AKMTdlI098253; Fri, 20 Nov 2020 22:29:39 GMT (envelope-from rmacklem@FreeBSD.org) Received: (from rmacklem@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 0AKMTdpI098252; Fri, 20 Nov 2020 22:29:39 GMT (envelope-from rmacklem@FreeBSD.org) Message-Id: <202011202229.0AKMTdpI098252@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: rmacklem set sender to rmacklem@FreeBSD.org using -f From: Rick Macklem Date: Fri, 20 Nov 2020 22:29:39 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r367913 - head/sbin/mount_nfs X-SVN-Group: head X-SVN-Commit-Author: rmacklem X-SVN-Commit-Paths: head/sbin/mount_nfs X-SVN-Commit-Revision: 367913 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Nov 2020 22:29:39 -0000 Author: rmacklem Date: Fri Nov 20 22:29:38 2020 New Revision: 367913 URL: https://svnweb.freebsd.org/changeset/base/367913 Log: Document the new "tls" NFS mount option. Recent commits to head have added support for NFS over TLS to the FreeBSD kernel. To enable use of this for an NFS mount, the "tls" mount_nfs option has been added. Once the IETF has assigned an RFC number, I will replace "NNNN" with the number. This is a content change. Reviewed by: gbe Differential Revision: https://reviews.freebsd.org/D26262 Modified: head/sbin/mount_nfs/mount_nfs.8 Modified: head/sbin/mount_nfs/mount_nfs.8 ============================================================================== --- head/sbin/mount_nfs/mount_nfs.8 Fri Nov 20 22:14:51 2020 (r367912) +++ head/sbin/mount_nfs/mount_nfs.8 Fri Nov 20 22:29:38 2020 (r367913) @@ -28,7 +28,7 @@ .\" @(#)mount_nfs.8 8.3 (Berkeley) 3/29/95 .\" $FreeBSD$ .\" -.Dd December 14, 2019 +.Dd November 20, 2020 .Dt MOUNT_NFS 8 .Os .Sh NAME @@ -403,6 +403,12 @@ interval.) .It Cm timeo Ns = Ns Aq Ar value Alias for .Cm timeout . +.It Cm tls +This option specifies that the connection to the server must use TLS +per RFC NNNN. +TLS is only supported for TCP connections and the +.Xr rpc.tlsclntd 8 +daemon must be running for an NFS over TCP connection to use TLS. .It Cm udp Use UDP transport. .It Cm vers Ns = Ns Aq Ar vers_number @@ -537,6 +543,7 @@ Same as .Xr mount 8 , .Xr nfsd 8 , .Xr nfsiod 8 , +.Xr rpc.tlsclntd 8 , .Xr showmount 8 .Sh HISTORY A version of the