Send kea-dev mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.isc.org/mailman/listinfo/kea-dev
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of kea-dev digest..."
Today's Topics:
1. Re: Cassandra SSL support (peer verify + client cert auth)
(Dajka Tam?s)
----------------------------------------------------------------------
Message: 1
Date: Wed, 15 Jan 2020 20:34:47 +0100
From: Dajka Tam?s <[email protected]>
To: <[email protected]>
Subject: Re: [kea-dev] Cassandra SSL support (peer verify + client
cert auth)
Message-ID: <[email protected]>
Content-Type: text/plain; charset="iso-8859-2"
I've finished the implementation and the testing, all looks good (builds
correctly). I've submitted the PR on github. Please be so kind and take a
look at it and let me know, if any change needed.
Cheers,
Tom
From: kea-dev [mailto:[email protected]] On Behalf Of Dajka
Tam?s
Sent: Sunday, January 5, 2020 10:41 AM
To: [email protected]
Subject: Re: [kea-dev] Cassandra SSL support (peer verify + client cert
auth)
Sorry, failed to read the dev's manual properly. but my initial question
still stands: is anyone working on something like this?
However I've added the new keywords to the parser files I'm still getting
the following error upon testing:
DHCP6_PARSER_FAIL failed to create or run parser for configuration element
lease-database: invalid value type specified for parameter 'ssl'
(ssl is set as a BOOLEAN type in the parser just like tcp-nodelay, in the
conf its "ssl": true ) What did I overlook?
Thanks,
Tom
From: kea-dev [mailto:[email protected]] On Behalf Of Dajka
Tam?s
Sent: Saturday, January 4, 2020 9:34 PM
To: [email protected] <mailto:[email protected]>
Subject: [kea-dev] Cassandra SSL support (peer verify + client cert auth)
Dear Devs,
I'm pretty new to KEA, but really interested :) (had been working with the
"old" dhcpd for a long time).
I'm trying to put together a KEA environment with Cassandra cluster backend,
where I'm using cert based auth. (cqlsh from kea server to remove server
with SSL auth works).
Is anyone working on something like this? The only thing I've seen is an ~2
years old PR from Razvan Becheriu (he did only peer verification).
I've checked the latest code and it does not seem impossible to implement.
I'm willing to do so - already did some starting steps - but the first thing
I bumped into is how to get the new keywords accepted by the config - put
into the dictionaries (dhcp6_parser.cc). If nobody is working on something
like this, I'll continue (but will need some help)
The things I'm planning to accomplish for database config:
- add new token support for"ssl" (bool), "ssl_ca", "ssl_cert",
"ssl_key", "ssl_password"
- implement datastex driver's possibilities into cql database
connection
- modify documentation/examples to reflect the changes
Thanks in advance!
Cheers,
Tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.isc.org/pipermail/kea-dev/attachments/20200115/e6f66adf/attachment-0001.htm>
------------------------------
Subject: Digest Footer
_______________________________________________
kea-dev mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/kea-dev
------------------------------
End of kea-dev Digest, Vol 66, Issue 5
**************************************
