8f65b5afaf
The NFS-over-TLS server daemon (rpc.tlsservd) can optionally replace user credentials in the RPC header with ones derived from a username specified by the form "user@domain", if this exists in the client's X.509 v3 certificate. Specifically, "user@domain" needs to be in the "otherName" component of subjectjAltName, with a unique OID as assigned by this update. This patch adds a subtree for the "otherName" component of subjectAltName in X.509 v3 cerificates and a value for "user@domain" as used by NFS-over-TLS. Reviewed by: phk, gordon Differential Revision: https://reviews.freebsd.org/D26225 |
||
---|---|---|
.. | ||
FREEBSD-MIB.txt | ||
Makefile | ||
Makefile.depend |