d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add support for the NFS over TLS exports to mountd.

Browse Source 
Three new export flags are added to mountd that will restrict exported
file system mounts to use TLS.  Without these flags, TLS is allowed, but not
required.

The exports(5) man page will be updated in a future commit.
This commit is contained in:
Rick Macklem 2020-08-30 21:21:58 +00:00
parent 25641c7ccc
commit 813837bade
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=364979
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
usr.sbin/mountd/mountd.c
View File

@ -2795,6 +2795,13 @@ do_opt(char **cpp, char **endcpp, struct exportlist *ep, struct grouplist *grp,
return (1);
opt_flags |= OP_SEC;
usedarg++;
} else if (!strcmp(cpopt, "tls")) {
*exflagsp |= MNT_EXTLS;
} else if (!strcmp(cpopt, "tlscert")) {
*exflagsp |= (MNT_EXTLS | MNT_EXTLSCERT);
} else if (!strcmp(cpopt, "tlscertuser")) {
*exflagsp |= (MNT_EXTLS | MNT_EXTLSCERT |
MNT_EXTLSCERTUSER);
} else {
syslog(LOG_ERR, "bad opt %s", cpopt);
return (1);