From: Remi Gacogne Date: Sun, 29 Oct 2017 17:50:04 +0000 (+0100) Subject: DNSCrypt: Document certificates versions X-Git-Tag: dnsdist-1.3.0~37^2~3 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=433d64e3dab00d418e304c0667721413f94b35e1;p=thirdparty%2Fpdns.git DNSCrypt: Document certificates versions --- diff --git a/pdns/dnsdist-lua-vars.cc b/pdns/dnsdist-lua-vars.cc index 8c9ec6fce3..5699decb07 100644 --- a/pdns/dnsdist-lua-vars.cc +++ b/pdns/dnsdist-lua-vars.cc @@ -94,4 +94,11 @@ void setupLuaVars() for(const auto& n : rcodes) dd.push_back({n.first, n.second}); g_lua.writeVariable("dnsdist", dd); + +#ifdef HAVE_DNSCRYPT + g_lua.writeVariable("DNSCryptExchangeVersion", std::unordered_map{ + { "VERSION1", DNSCryptExchangeVersion::VERSION1 }, + { "VERSION2", DNSCryptExchangeVersion::VERSION2 }, + }); +#endif } diff --git a/pdns/dnsdistdist/docs/reference/dnscrypt.rst b/pdns/dnsdistdist/docs/reference/dnscrypt.rst index 75ef9f2fe5..f023e96a84 100644 --- a/pdns/dnsdistdist/docs/reference/dnscrypt.rst +++ b/pdns/dnsdistdist/docs/reference/dnscrypt.rst @@ -26,7 +26,7 @@ DNSCrypt objects and functions :param string publicKey: path to write the public key to :param string privateKey: path to write the private key to -.. function:: generateDNSCryptCertificate(privatekey, certificate, keyfile, serial, validFrom, validUntil) +.. function:: generateDNSCryptCertificate(privatekey, certificate, keyfile, serial, validFrom, validUntil, version) generate a new resolver private key and related certificate, valid from the ``validFrom`` UNIX timestamp until the ``validUntil`` one, signed with the provider private key. @@ -36,6 +36,7 @@ DNSCrypt objects and functions :param int serial: The certificate's serial number. :param int validFrom: Unix timestamp from when the certificate will be valid. :param int validUntil: Unix timestamp until when the certificate will be valid. + :param DNSCryptExchangeVersion version: The exchange version to use. Possible values are ``DNSCryptExchangeVersion::VERSION1`` (default, X25519-XSalsa20Poly1305) and ``DNSCryptExchangeVersion::VERSION2`` (X25519-XChacha20Poly1305). .. function:: printDNSCryptProviderFingerprint(keyfile)