From: Peter van Dijk Date: Tue, 11 Jun 2019 09:24:01 +0000 (+0200) Subject: document makeIPCipherKey and fix links to it X-Git-Tag: auth-4.2.0-rc2~1^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cd74f128ebeff8e493070c76162464f026942974;p=thirdparty%2Fpdns.git document makeIPCipherKey and fix links to it --- diff --git a/pdns/dnsdistdist/docs/reference/config.rst b/pdns/dnsdistdist/docs/reference/config.rst index 8dfba5fc7f..034d48f0e6 100644 --- a/pdns/dnsdistdist/docs/reference/config.rst +++ b/pdns/dnsdistdist/docs/reference/config.rst @@ -1094,6 +1094,12 @@ Other functions Set to true (defaults to false) to allow empty responses (qdcount=0) with a NoError or NXDomain rcode (default) from backends. dnsdist drops these responses by default because it can't match them against the initial query since they don't contain the qname, qtype and qclass, and therefore the risk of collision is much higher than with regular responses. +.. function:: makeIPCipherKey(password) -> string + + .. versionadded:: 1.4.0 + + Hashes the password to generate a 16-byte key that can be used to pseudonymize IP addresses with IP cipher. + DOHFrontend ~~~~~~~~~~~ diff --git a/pdns/dnsdistdist/docs/rules-actions.rst b/pdns/dnsdistdist/docs/rules-actions.rst index 73398baa67..58eff1c9c1 100644 --- a/pdns/dnsdistdist/docs/rules-actions.rst +++ b/pdns/dnsdistdist/docs/rules-actions.rst @@ -1019,7 +1019,7 @@ The following actions exist. Options: * ``serverID=""``: str - Set the Server Identity field. - * ``ipEncryptKey=""``: str - A key, that can be generated via the :ref:`makeIPCipherKey` function, to encrypt the IP address of the requestor for anonymization purposes. The encryption is done using ipcrypt for IPv4 and a 128-bit AES ECB operation for IPv6. + * ``ipEncryptKey=""``: str - A key, that can be generated via the :func:`makeIPCipherKey` function, to encrypt the IP address of the requestor for anonymization purposes. The encryption is done using ipcrypt for IPv4 and a 128-bit AES ECB operation for IPv6. .. function:: RemoteLogResponseAction(remoteLogger[, alterFunction[, includeCNAME [, options]]]) @@ -1042,7 +1042,7 @@ The following actions exist. Options: * ``serverID=""``: str - Set the Server Identity field. - * ``ipEncryptKey=""``: str - A key, that can be generated via the :ref:`makeIPCipherKey` function, to encrypt the IP address of the requestor for anonymization purposes. The encryption is done using ipcrypt for IPv4 and a 128-bit AES ECB operation for IPv6. + * ``ipEncryptKey=""``: str - A key, that can be generated via the :func:`makeIPCipherKey` function, to encrypt the IP address of the requestor for anonymization purposes. The encryption is done using ipcrypt for IPv4 and a 128-bit AES ECB operation for IPv6. .. function:: SetECSAction(v4 [, v6])