/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to INSTALL

  • Committer: Teddy Hogeborn
  • Date: 2015-07-08 21:18:49 UTC
  • mto: (237.7.594 trunk)
  • mto: This revision was merged to the branch mainline in revision 325.
  • Revision ID: teddy@recompile.se-20150708211849-scisutuofnxumqc7
mandos-client: Add --dh-params FILE option.

* plugins.d/mandos-client.c: Added --dh-params FILE option.
  (init_gnutls_global): New "dhparamsfilename" argument.  All callers
                        changed.  Read and use Diffie-Hellman
                        parameters from it.  Bug fix:  check for error
                        when opening seckeyfile for the second time.
  (init_gnutls_session): Remove unnecessary call to
                         gnutls_dh_set_prime_bits();
  (main): New variable "dh_params_file".
  (main/argp_options): Added "--dh-params" option.
  (main/parse_opt): - '' -
* plugins.d/mandos-client.xml (SYNOPSIS): Add --dh-params option.
  (OPTIONS): Document --dh-params option and document that the
             --dh-bits options is potentially overridden by the
             --dh-params option.

Show diffs side-by-side

added added

removed removed

Lines of Context:
41
41
    + GnuTLS 2.4          http://www.gnutls.org/
42
42
      Note: GnuTLS 3 will only work with Python-GnuTLS 2
43
43
    + Avahi 0.6.16        http://www.avahi.org/
44
 
    + Python 2.6          https://www.python.org/
 
44
    + Python 2.7          https://www.python.org/
45
45
    + Python-GnuTLS 1.1.5 https://pypi.python.org/pypi/python-gnutls/
46
46
    + dbus-python 0.82.4  http://dbus.freedesktop.org/doc/dbus-python/
47
47
    + PyGObject 2.14.2    https://developer.gnome.org/pygobject/
48
48
    + pkg-config  http://www.freedesktop.org/wiki/Software/pkg-config/
49
 
    + Python-argparse     https://pypi.python.org/pypi/argparse
50
49
    + Urwid 1.0.1         http://urwid.org/
51
50
      (Only needed by the "mandos-monitor" tool.)
52
51
    
141
140
  If IPsec is not used and SSH is not installed, it is suggested that
142
141
  a more cryptographically secure checker program is used and
143
142
  configured, since, without IPsec, ping packets can be faked.
 
143
 
 
144
#+STARTUP: showall