To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to INSTALL
- Committer: Teddy Hogeborn
- Date: 2015-03-10 18:52:09 UTC
- mto: (237.7.304 trunk)
- mto: This revision was merged to the branch mainline in revision 325.
- Revision ID: teddy@recompile.se-20150310185209-lxuovbu09zwyk9bx
Automatically determine the number of DH bits in the TLS handshake.
Instead of using a default value of 1024, check the OpenPGP key and
determine an appropriate number of DH bits to use, (using GnuTLS
functions made for this). Document this new default behavior.
* plugins.d/mandos-client.c (safe_string): New function.
(init_gnutls_global): If not specified, determine the number of DH
bits to use, based on the OpenPGP key.
* plugins.d/mandos-client.xml (OPTIONS): Document this new default of
the --dh-bits option.
Thanks to Andreas Fischer <af@bantuX.org> for reporting this issue.
Instead of using a default value of 1024, check the OpenPGP key and
determine an appropriate number of DH bits to use, (using GnuTLS
functions made for this). Document this new default behavior.
* plugins.d/mandos-client.c (safe_string): New function.
(init_gnutls_global): If not specified, determine the number of DH
bits to use, based on the OpenPGP key.
* plugins.d/mandos-client.xml (OPTIONS): Document this new default of
the --dh-bits option.
Thanks to Andreas Fischer <af@bantuX.org> for reporting this issue.
added
removed
INSTALL
