Date: Sun, 30 Aug 2020 21:21:58 +0000 (UTC) From: Rick Macklem <rmacklem@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r364979 - head/usr.sbin/mountd Message-ID: <202008302121.07ULLw2V043254@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rmacklem Date: Sun Aug 30 21:21:58 2020 New Revision: 364979 URL: https://svnweb.freebsd.org/changeset/base/364979 Log: Add support for the NFS over TLS exports to mountd. Three new export flags are added to mountd that will restrict exported file system mounts to use TLS. Without these flags, TLS is allowed, but not required. The exports(5) man page will be updated in a future commit. Modified: head/usr.sbin/mountd/mountd.c Modified: head/usr.sbin/mountd/mountd.c ============================================================================== --- head/usr.sbin/mountd/mountd.c Sun Aug 30 18:21:54 2020 (r364978) +++ head/usr.sbin/mountd/mountd.c Sun Aug 30 21:21:58 2020 (r364979) @@ -2795,6 +2795,13 @@ do_opt(char **cpp, char **endcpp, struct exportlist *e return (1); opt_flags |= OP_SEC; usedarg++; + } else if (!strcmp(cpopt, "tls")) { + *exflagsp |= MNT_EXTLS; + } else if (!strcmp(cpopt, "tlscert")) { + *exflagsp |= (MNT_EXTLS | MNT_EXTLSCERT); + } else if (!strcmp(cpopt, "tlscertuser")) { + *exflagsp |= (MNT_EXTLS | MNT_EXTLSCERT | + MNT_EXTLSCERTUSER); } else { syslog(LOG_ERR, "bad opt %s", cpopt); return (1);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202008302121.07ULLw2V043254>