Date: Sun, 30 Aug 2020 21:21:58 +0000 (UTC) From: Rick Macklem <rmacklem@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r364979 - head/usr.sbin/mountd Message-ID: <202008302121.07ULLw2V043254@repo.freebsd.org>
index | next in thread | raw e-mail
Author: rmacklem Date: Sun Aug 30 21:21:58 2020 New Revision: 364979 URL: https://svnweb.freebsd.org/changeset/base/364979 Log: Add support for the NFS over TLS exports to mountd. Three new export flags are added to mountd that will restrict exported file system mounts to use TLS. Without these flags, TLS is allowed, but not required. The exports(5) man page will be updated in a future commit. Modified: head/usr.sbin/mountd/mountd.c Modified: head/usr.sbin/mountd/mountd.c ============================================================================== --- head/usr.sbin/mountd/mountd.c Sun Aug 30 18:21:54 2020 (r364978) +++ head/usr.sbin/mountd/mountd.c Sun Aug 30 21:21:58 2020 (r364979) @@ -2795,6 +2795,13 @@ do_opt(char **cpp, char **endcpp, struct exportlist *e return (1); opt_flags |= OP_SEC; usedarg++; + } else if (!strcmp(cpopt, "tls")) { + *exflagsp |= MNT_EXTLS; + } else if (!strcmp(cpopt, "tlscert")) { + *exflagsp |= (MNT_EXTLS | MNT_EXTLSCERT); + } else if (!strcmp(cpopt, "tlscertuser")) { + *exflagsp |= (MNT_EXTLS | MNT_EXTLSCERT | + MNT_EXTLSCERTUSER); } else { syslog(LOG_ERR, "bad opt %s", cpopt); return (1);help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202008302121.07ULLw2V043254>