freebsd-dev

History

Rick Macklem 9c4368e73c Add entries for the OID used for NFS-over-TLS "user@domain". The NFS-over-TLS server daemon (rpc.tlsservd) can optionally replace user credentials in the RPC header with ones derived from a username specified by the form "user@domain", if this exists in the client's X.509 v3 certificate. Specifically, "user@domain" needs to be in the "otherName" component of subjectjAltName, with a unique OID as assigned by this update. This patch adds a subtree for the "otherName" component of subjectAltName in X.509 v3 cerificates and a value for "user@domain" as used by NFS-over-TLS. Reviewed by: phk, gordon Differential Revision: https://reviews.freebsd.org/D26225	2020-09-03 20:42:30 +00:00
..
mibs	Add entries for the OID used for NFS-over-TLS "user@domain".	2020-09-03 20:42:30 +00:00
Makefile

Rick Macklem 9c4368e73c Add entries for the OID used for NFS-over-TLS "user@domain".

The NFS-over-TLS server daemon (rpc.tlsservd) can optionally replace user
credentials in the RPC header with ones derived from a username specified
by the form "user@domain", if this exists in the client's X.509 v3 certificate.
Specifically, "user@domain" needs to be in the "otherName" component of
subjectjAltName, with a unique OID as assigned by this update.

This patch adds a subtree for the "otherName" component of subjectAltName in
X.509 v3 cerificates and a value for "user@domain" as used by NFS-over-TLS.

Reviewed by:	phk, gordon
Differential Revision:	https://reviews.freebsd.org/D26225

2020-09-03 20:42:30 +00:00

mibs

Add entries for the OID used for NFS-over-TLS "user@domain".

2020-09-03 20:42:30 +00:00

Makefile