pbtag
pcall
PCDNSSEC
-PCKS
PCmissing
pcomp
pcount
:tags: New Features, DNS over HTTPS, DNS over TLS
:pullreq: 11027
- Add support for password protected PCKS12 files for TLS configuration
+ Add support for password protected PKCS12 files for TLS configuration
.. change::
:tags: New Features
PKCS12 files are only supported by the ``openssl`` provider, password-protected or not.
- :param string pathToCert: Path to a file containing the certificate or a PCKS12 file containing both a certificate and a key.
+ :param string pathToCert: Path to a file containing the certificate or a PKCS12 file containing both a certificate and a key.
:param table options: A table with key: value pairs with additional options.
Options:
* ``key="path/to/key"``: string - Path to a file containing the key corresponding to the certificate.
- * ``password="pass"``: string - Password protecting the PCKS12 file if appropriate.
+ * ``password="pass"``: string - Password protecting the PKCS12 file if appropriate.
.. code-block:: lua
newTLSCertificate("path/to/pub.crt", {key="path/to/private.pem"})
- newTLSCertificate("path/to/domain.p12", {password="passphrase"}) -- use a password protected PCKS12 file
+ newTLSCertificate("path/to/domain.p12", {password="passphrase"}) -- use a password protected PKCS12 file
DOHFrontend
~~~~~~~~~~~
attr.push_back(P11KitAttribute(CKA_LABEL, d_label));
FindObjects2(*slot, attr, key, 1);
if (key.size() == 0) {
- g_log<<Logger::Warning<<"Cannot load PCKS#11 private key "<<d_label<<std::endl;;
+ g_log<<Logger::Warning<<"Cannot load PKCS#11 private key "<<d_label<<std::endl;;
return;
}
d_private_key = key[0];
attr.push_back(P11KitAttribute(CKA_LABEL, d_pub_label));
FindObjects2(*slot, attr, key, 1);
if (key.size() == 0) {
- g_log<<Logger::Warning<<"Cannot load PCKS#11 public key "<<d_pub_label<<std::endl;
+ g_log<<Logger::Warning<<"Cannot load PKCS#11 public key "<<d_pub_label<<std::endl;
return;
}
d_public_key = key[0];
d_exponent = attr[1].str();
d_bits = attr[2].ulong();
} else {
- throw PDNSException("Cannot load attributes for PCKS#11 public key " + d_pub_label);
+ throw PDNSException("Cannot load attributes for PKCS#11 public key " + d_pub_label);
}
} else if (d_key_type == CKK_EC || d_key_type == CKK_ECDSA) {
attr.clear();
if (attr[1].str().length() != (d_bits*2/8 + 3)) throw PDNSException("EC Point data invalid");
d_ec_point = attr[1].str().substr(3);
} else {
- throw PDNSException("Cannot load attributes for PCKS#11 public key " + d_pub_label);
+ throw PDNSException("Cannot load attributes for PKCS#11 public key " + d_pub_label);
}
} else {
- throw PDNSException("Cannot determine type for PCKS#11 public key " + d_pub_label);
+ throw PDNSException("Cannot determine type for PKCS#11 public key " + d_pub_label);
}
} else {
- throw PDNSException("Cannot load attributes for PCKS#11 public key " + d_pub_label);
+ throw PDNSException("Cannot load attributes for PKCS#11 public key " + d_pub_label);
}
d_loaded = true;
self.checkQueryEDNSWithoutECS(expectedQuery, receivedQuery)
self.assertEqual(response, receivedResponse)
-class TestDOHWithPCKS12Cert(DNSDistDOHTest):
+class TestDOHWithPKCS12Cert(DNSDistDOHTest):
_serverCert = 'server.p12'
_pkcs12Password = 'passw0rd'
_serverName = 'tls.tests.dnsdist.org'
def testProtocolDOH(self):
"""
- DoH: Test Simple DOH Query with a password protected PCKS12 file configured
+ DoH: Test Simple DOH Query with a password protected PKCS12 file configured
"""
name = 'simple.doh.tests.powerdns.com.'
query = dns.message.make_query(name, 'A', 'IN', use_edns=False)
projects / thirdparty / pdns.git / commitdiff
