Send kea-dev mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.isc.org/mailman/listinfo/kea-dev
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of kea-dev digest..."
Today's Topics:
1. Cassandra SSL support (peer verify + client cert auth)
(Dajka Tam?s)
2. Re: Is there still any interest for a hook embedding python?
(Dave Cole)
3. Re: Cassandra SSL support (peer verify + client cert auth)
(Dajka Tam?s)
----------------------------------------------------------------------
Message: 1
Date: Sat, 4 Jan 2020 21:34:12 +0100
From: Dajka Tam?s <[email protected]>
To: <[email protected]>
Subject: [kea-dev] Cassandra SSL support (peer verify + client cert
auth)
Message-ID: <[email protected]>
Content-Type: text/plain; charset="iso-8859-2"
Dear Devs,
I'm pretty new to KEA, but really interested :) (had been working with the
"old" dhcpd for a long time).
I'm trying to put together a KEA environment with Cassandra cluster backend,
where I'm using cert based auth. (cqlsh from kea server to remove server
with SSL auth works).
Is anyone working on something like this? The only thing I've seen is an ~2
years old PR from Razvan Becheriu (he did only peer verification).
I've checked the latest code and it does not seem impossible to implement.
I'm willing to do so - already did some starting steps - but the first thing
I bumped into is how to get the new keywords accepted by the config - put
into the dictionaries (dhcp6_parser.cc). If nobody is working on something
like this, I'll continue (but will need some help)
The things I'm planning to accomplish for database config:
- add new token support for"ssl" (bool), "ssl_ca", "ssl_cert",
"ssl_key", "ssl_password"
- implement datastex driver's possibilities into cql database
connection
- modify documentation/examples to reflect the changes
Thanks in advance!
Cheers,
Tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.isc.org/pipermail/kea-dev/attachments/20200104/f266f16d/attachment-0001.htm>
------------------------------
Message: 2
Date: Sun, 5 Jan 2020 11:00:20 +1100
From: Dave Cole <[email protected]>
To: Francis Dupont <[email protected]>
Cc: [email protected]
Subject: Re: [kea-dev] Is there still any interest for a hook
embedding python?
Message-ID:
<CANwCXGSRQMT3V6bnx5L8QTjqDB-YnpQ_0-YzdnA4=m=6jcg...@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
I remember you mentioning that code after I did my work at the nbn. I
should have another look.
https://lists.isc.org/pipermail/kea-dev/2018-January/000847.html
On Sat, Jan 4, 2020 at 10:57 PM Francis Dupont <[email protected]> wrote:
>
> I wrote a long time ago some hooks using scripting languages (vs C++)
> starting of course with Python. I exported it to github (no gitlab at
> that time) in the fdxhook branch. BTW if you can comment or complete
> the src/hooks/external/NOTES it will be great.
>
> Thanks
>
> Francis Dupont <[email protected]>
>
> PS: please note this is old and partial: the goal was to see if it is possible
> (answer is yes) and to find and solve major issues so it is more than
> experimental.
------------------------------
Message: 3
Date: Sun, 5 Jan 2020 10:41:29 +0100
From: Dajka Tam?s <[email protected]>
To: <[email protected]>
Subject: Re: [kea-dev] Cassandra SSL support (peer verify + client
cert auth)
Message-ID: <[email protected]>
Content-Type: text/plain; charset="iso-8859-2"
Sorry, failed to read the dev's manual properly. but my initial question
still stands: is anyone working on something like this?
However I've added the new keywords to the parser files I'm still getting
the following error upon testing:
DHCP6_PARSER_FAIL failed to create or run parser for configuration element
lease-database: invalid value type specified for parameter 'ssl'
(ssl is set as a BOOLEAN type in the parser just like tcp-nodelay, in the
conf its "ssl": true ) What did I overlook?
Thanks,
Tom
From: kea-dev [mailto:[email protected]] On Behalf Of Dajka
Tam?s
Sent: Saturday, January 4, 2020 9:34 PM
To: [email protected]
Subject: [kea-dev] Cassandra SSL support (peer verify + client cert auth)
Dear Devs,
I'm pretty new to KEA, but really interested :) (had been working with the
"old" dhcpd for a long time).
I'm trying to put together a KEA environment with Cassandra cluster backend,
where I'm using cert based auth. (cqlsh from kea server to remove server
with SSL auth works).
Is anyone working on something like this? The only thing I've seen is an ~2
years old PR from Razvan Becheriu (he did only peer verification).
I've checked the latest code and it does not seem impossible to implement.
I'm willing to do so - already did some starting steps - but the first thing
I bumped into is how to get the new keywords accepted by the config - put
into the dictionaries (dhcp6_parser.cc). If nobody is working on something
like this, I'll continue (but will need some help)
The things I'm planning to accomplish for database config:
- add new token support for"ssl" (bool), "ssl_ca", "ssl_cert",
"ssl_key", "ssl_password"
- implement datastex driver's possibilities into cql database
connection
- modify documentation/examples to reflect the changes
Thanks in advance!
Cheers,
Tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.isc.org/pipermail/kea-dev/attachments/20200105/0059e72d/attachment.htm>
------------------------------
Subject: Digest Footer
_______________________________________________
kea-dev mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/kea-dev
------------------------------
End of kea-dev Digest, Vol 66, Issue 3
**************************************
