1 .\" Copyright (c) 2008 Isilon Inc http://www.isilon.com/
2 .\" Authors: Doug Rabson <dfr@rabson.org>
3 .\" Developed with Red Inc: Alfred Perlstein <alfred@FreeBSD.org>
5 .\" Redistribution and use in source and binary forms, with or without
6 .\" modification, are permitted provided that the following conditions
8 .\" 1. Redistributions of source code must retain the above copyright
9 .\" notice, this list of conditions and the following disclaimer.
10 .\" 2. Redistributions in binary form must reproduce the above copyright
11 .\" notice, this list of conditions and the following disclaimer in the
12 .\" documentation and/or other materials provided with the distribution.
14 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 .\" Modified from gssd.8 for rpc.tlsservd.8 by Rick Macklem.
29 .Dd September 23, 2022
34 .Nd "Sun RPC over TLS Server Daemon"
38 .Op Fl C Ar available_ciphers
54 program provides support for the server side of the kernel Sun RPC over TLS
56 This daemon must be running to allow the kernel RPC to perform the TLS
57 handshake after a TCP client has sent the STARTTLS Null RPC request to
59 This daemon requires that the kernel be built with
60 .Dq options KERNEL_TLS
61 and be running on an architecture such as
63 that supports a direct map (not i386) with
70 file specifies that the client must use RPC over TLS.
75 file specifies that the client must provide a certificate
81 file specifies that the client must provide a certificate
82 that verifies and has a otherName:1.3.6.1.4.1.2238.1.1.1;UTF8: field of
83 subjectAltName of the form
87 matches the one for this server and
89 is a valid user name that maps to a <uid, gid_list>.
90 For the latter two cases, the
96 options must be specified.
99 option also requires that the
101 option on this daemon be specified.
103 Also, if the IP address used by the client cannot be trusted,
106 cannot be applied safely.
109 option can be used along with
115 options to require that the client certificate have the correct
116 Fully Qualified Domain Name (FQDN) in it.
118 A certificate and associated key must exist in /etc/rpc.tlsservd
129 If a SIGHUP signal is sent to the daemon it will reload the
131 and will shut down any extant connections that presented certificates
132 during TLS handshake that have been revoked.
135 option was not specified, the SIGHUP signal will be ignored.
137 The daemon will log failed certificate verifications via
139 using LOG_INFO | LOG_DAEMON when the
141 option has been specified.
143 The options are as follows:
144 .Bl -tag -width indent
145 .It Fl 2 , Fl Fl allowtls1_2
146 Permit clients to mount using TLS version 1.2.
147 By default, the daemon will only allow mounts
148 using TLS version 1.3, as required by the RFC.
153 this option, since they use TLS version 1.2.
154 .It Fl C Ar available_ciphers , Fl Fl ciphers= Ns Ar available_ciphers
155 Specify which ciphers are available during TLS handshake.
156 If this option is specified,
157 .Dq SSL_CTX_set_ciphersuites()
159 .Dq available_ciphers
161 If this option is not specified, the cipher will be chosen by
163 which should be adequate for most cases.
164 The format for the available ciphers is a simple
168 separated list, in order of preference.
170 .Dq openssl ciphers -s -tls1_3
171 lists available ciphers.
172 .It Fl D Ar certdir , Fl Fl certdir= Ns Ar certdir
175 instead of /etc/rpc.tlsservd as the location for the
176 certificate in a file called
178 and associated key in
180 .It Fl d , Fl Fl debuglevel
184 will not fork when it starts.
185 .It Fl h , Fl Fl checkhost
186 This option specifies that the client must provide a certificate
187 that both verifies and has a FQDN that matches the reverse
188 DNS name for the IP address that
189 the client uses to connect to the server.
191 in the DNS field of the subjectAltName, but is also allowed
192 to be in the CN field of the
193 subjectName in the certificate.
194 By default, a wildcard "*" in the FQDN is not allowed.
195 With this option, a failure to verify the client certificate
196 or match the FQDN will result in the
197 server sending AUTH_REJECTEDCRED replies to all client RPCs.
198 This option requires the
205 .It Fl l Ar CAfile , Fl Fl verifylocs= Ns Ar CAfile
206 This option specifies the path name of a CA certificate(s) file
207 in pem format, which is used to verify client certificates and to
208 set the list of CA(s) sent to the client so that it knows which
209 certificate to send to the server during the TLS handshake.
210 This path name is used in
211 .Dq SSL_CTX_load_verify_locations(ctx,CAfile,NULL)
213 .Dq SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile))
214 openssl library calls.
215 Note that this is a path name for the file and is not assumed to be
218 Either this option or the
220 option must be specified when the
222 option is specified so that the daemon can verify the client's
224 .It Fl m , Fl Fl mutualverf
225 This option specifies that the server is to request a certificate
226 from the client during the TLS handshake.
227 It does not require that the client provide a certificate.
228 It should be specified unless no client doing RPC over TLS is
229 required to have a certificate.
236 may be used to require a client to provide a certificate
240 .It Fl n Ar domain , Fl Fl domain= Ns Ar domain
241 This option specifies what the
245 option, overriding the domain taken from the
247 of the server this daemon is running on.
248 If you have specified the
250 command line option for
252 then you should specify this option with the same
254 that was specified for
256 This option is only meaningful when used with the
259 .It Fl p Ar CApath , Fl Fl verifydir= Ns Ar CApath
260 This option is similar to the
262 option, but specifies the path of a directory with CA
264 When this option is used,
265 .Dq SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file())
266 is not called, so a list of CA names might not be passed
267 to the client during the TLS handshake.
268 .It Fl r Ar CRLfile , Fl Fl crl= Ns Ar CRLfile
269 This option specifies a Certificate Revocation List (CRL) file
270 that is to be loaded into the verify certificate store and
271 checked during verification.
272 This option is only meaningful when either the
277 .It Fl u , Fl Fl certuser
278 This option specifies that if the client provides a certificate
279 that both verifies and has a subjectAltName with an otherName
280 component of the form
281 .Dq otherName:1.3.6.1.4.1.2238.1.1.1;UTF8:user@domain
284 matches the one for this server,
285 then the daemon will attempt to map
288 to a user credential <uid, gid_list>.
289 There should only be one of these otherName components for each
293 is a valid username in the password database,
294 then the <uid, gid_list> for
297 RPCs on the mount instead of the credentials in the RPC request
299 This option requires the
306 Use of this option might not conform to RFC-9289, which does
307 not allow certificates to be used for user authentication.
308 .It Fl v , Fl Fl verbose
312 will log activity messages to
314 using LOG_INFO | LOG_DAEMON or to
317 option has also been specified.
318 .It Fl W , Fl Fl multiwild
319 This option is used with the
321 option to allow use of a wildcard
323 that matches multiple
324 components of the reverse DNS name for the client's IP
326 For example, the FQDN
329 .Dq laptop21.uoguelph.ca
331 .Dq laptop3.cis.uoguelph.ca .
332 .It Fl w , Fl Fl singlewild
335 but allows the wildcard
337 to match a single component of the reverse DNS name.
338 For example, the FQDN
341 .Dq laptop21.uoguelph.ca
343 .Dq laptop3.cis.uoguelph.ca .
362 The implementation is based on the specification in
365 .%T "Towards Remote Procedure Call Encryption By Default"
370 manual page first appeared in
373 This daemon cannot be safely shut down and restarted if there are
374 any active RPC-over-TLS connections.
375 Doing so will orphan the KERNEL_TLS connections, so that they
376 can no longer do upcalls successfully, since the
378 structures in userspace have been lost.