... | ... | @@ -8,11 +8,11 @@ This release adds new features, improves existing features, clarifies documentat |
|
|
|
|
|
The TLS support is considered experimental and currently has a number of limitations:
|
|
|
|
|
|
- It is reasonably well tested with some versions of OpenSSL and Boost. Kea uses boost ASIO wrapper around OpenSSL. If your Boost or OpenSSL is too old, you may encounter problems. See new Section 23. Kea Security section in Kea ARM for details.
|
|
|
- It is reasonably well tested with some versions of OpenSSL and Boost. Kea uses Boost ASIO wrapper around OpenSSL. If your Boost or OpenSSL is too old, you may encounter problems. See new Section 23. Kea Security section in Kea ARM for details.
|
|
|
|
|
|
- Kea supports two cryptographic libraries: OpenSSL and Botan. The Kea code for Botan is not finished yet. The code will compile and unit tests will pass, but the TLS support may not work.
|
|
|
|
|
|
- The kea-shell tool is written in python. The primary implementation is using python 3, but we do have legacy code for python 2. However, since python 2 is now EOL, we are not going to update that legacy code with TLS support. This may affect CentOS 7 users. The recommendation is to install python 3 on your system or use any alternative clients, such as curl, to connect to CA.
|
|
|
- The kea-shell tool is written in Python. The primary implementation is using Python 3, but we do have legacy code for Python 2. However, since Python 2 is now EOL, we are not going to update that legacy code with TLS support. This may affect CentOS 7 users. The recommendation is to install Python 3 on your system or use any alternative clients, such as curl, to connect to CA.
|
|
|
|
|
|
- The TLS is not yet tested for HA and is likely broken.
|
|
|
|
... | ... | @@ -32,7 +32,7 @@ We do encourage people to test this and report their experience. We're particula |
|
|
|
|
|
**kea-admin can now use non-standard port** You may now run kea-admin commands on databases exposed through custom ports using `-P` or `--port`. #1674
|
|
|
|
|
|
**Bug fixes**. Fixed a problem where DHCP service would remain disabled after the HA hook was unloaded #1697. Distcheck was failing due to missing kea_conn python module #1775. There was a faulty locking system in DB_LOG logger, used in forensic logging #1719.
|
|
|
**Bug fixes**. Fixed a problem where DHCP service would remain disabled after the HA hook was unloaded #1697. Distcheck was failing due to missing kea_conn Python module #1775. There was a faulty locking system in DB_LOG logger, used in forensic logging #1719.
|
|
|
|
|
|
**Documentation updates**. A variety of doc updates has been completed #1717, #1726, #1696.
|
|
|
|
... | ... | |