Date: Sun, 22 May 2022 21:21:22 GMT From: Rick Macklem <rmacklem@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 915fc1afe57e - main - rpc.tlsclntd: Add the -2 option to the man page Message-ID: <202205222121.24MLLMVS086000@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by rmacklem: URL: https://cgit.FreeBSD.org/src/commit/?id=915fc1afe57e89898c4edb0b19911e2a5b27976d commit 915fc1afe57e89898c4edb0b19911e2a5b27976d Author: Rick Macklem <rmacklem@FreeBSD.org> AuthorDate: 2022-05-22 21:20:14 +0000 Commit: Rick Macklem <rmacklem@FreeBSD.org> CommitDate: 2022-05-22 21:20:14 +0000 rpc.tlsclntd: Add the -2 option to the man page Since the KTLS now supports TLS1.3, the daemons default to version 1.3, since the draft (to be an RFC someday) requires TLS1.3. However, since FreeBSD 13,0, 13,1 uses TLS1.2 for NFS-over-TLS, the "-2" option is added to both daemons for compatibility with FreeBSD 13.0, 13.1. This patch updates the man pages for this. This is a content change. Reviewed by: pauamma_gundo.com MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D35290 --- usr.sbin/rpc.tlsclntd/rpc.tlsclntd.8 | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.8 b/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.8 index fa33a09411ac..d8e2d1cd140b 100644 --- a/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.8 +++ b/usr.sbin/rpc.tlsclntd/rpc.tlsclntd.8 @@ -26,7 +26,7 @@ .\" $FreeBSD$ .\" .\" Modified from gssd.8 for rpc.tlsclntd.8 by Rick Macklem. -.Dd May 18, 2022 +.Dd May 22, 2022 .Dt RPC.TLSCLNTD 8 .Os .Sh NAME @@ -34,6 +34,7 @@ .Nd "Sun RPC over TLS Client Daemon" .Sh SYNOPSIS .Nm +.Op Fl 2 .Op Fl C Ar available_ciphers .Op Fl D Ar certdir .Op Fl d @@ -92,6 +93,15 @@ option has been specified. .Pp The options are as follows: .Bl -tag -width indent +.It Fl 2 , Fl Fl usetls1_2 +Specify the use of TLS version 1.2. +By default, the client will +use TLS version 1.3, as required by the RFC. +However, early +.Fx +.Pq 13.0 and 13.1 +servers require +this option, since they only support TLS version 1.2. .It Fl C Ar available_ciphers , Fl Fl ciphers= Ns Ar available_ciphers Specify which ciphers are available during TLS handshake. If this option is specified,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202205222121.24MLLMVS086000>