daemon/tls: use system CA with TLS_FORWARD policy (!586) · Merge requests · Knot projects / Knot Resolver · GitLab

Snippets Groups Projects

Self sign-up has been disabled due to increased spam activity. If you want to get access, please send an email to a project owner (preferred) or at gitlab(at)nic(dot)cz. We apologize for the inconvenience.

Merged Grigorii Demidov requested to merge tls-system-store into master 6 years ago

All threads resolved!

Should close #310 (closed)

when user want to use system CA it must omit ca_file parameter

policy.add(
   policy.all(
      policy.TLS_FORWARD({{ "127.0.0.1@53003", hostname='res.example.com' }})
   )
)

Edited 6 years ago by Grigorii Demidov

Activity

Grigorii Demidov marked as a Work In Progress 6 years ago

marked as a Work In Progress
Grigorii Demidov changed the description 6 years ago

changed the description
Petr Špaček @pspacek started a thread on an old version of the diff 6 years ago

Resolved 6 years ago by Petr Špaček
Last reply by Petr Špaček 6 years ago

Grigorii Demidov changed the description 6 years ago

changed the description

Grigorii Demidov changed the description 6 years ago

changed the description

Grigorii Demidov unmarked as a Work In Progress 6 years ago

unmarked as a Work In Progress

Grigorii Demidov assigned to @pspacek 6 years ago

assigned to @pspacek

Petr Špaček resolved all discussions 6 years ago

resolved all discussions

Petr Špaček added 35 commits 6 years ago

added 35 commits

e2e41b49...580a7ed4 - 33 commits from branch master
8c0d6dfb - daemon/tls: use system CA with TLS_FORWARD policy
8dae311e - daemon/tls: system CA's are used by default with TLS_FORWARD policy when ca_file…

Compare with previous version

Petr Špaček @pspacek started a thread on an old version of the diff 6 years ago

Resolved 6 years ago by Petr Špaček

Petr Špaček resolved all discussions 6 years ago

resolved all discussions

Petr Špaček added 6 commits 6 years ago

added 6 commits

c3627171...bba85538 - 3 commits from branch master
325f62b1 - daemon/tls: use system CA with TLS_FORWARD policy
966430d7 - daemon/tls: system CA's are used by default with TLS_FORWARD policy when ca_file…
bd3009ac - daemon/tls: document new behavior

Compare with previous version

Toggle commit list

Petr Špaček merged 6 years ago

merged

Petr Špaček mentioned in commit 6 years ago

mentioned in commit 01282a73

Please register or sign in to reply