/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to debian/mandos-client.postinst

  • Committer: Teddy Hogeborn
  • Date: 2015-07-09 20:32:52 UTC
  • mto: (237.7.594 trunk)
  • mto: This revision was merged to the branch mainline in revision 325.
  • Revision ID: teddy@recompile.se-20150709203252-u10p7trfsxc1a9yp
Install client Diffie-Hellman parameters into initramfs.

* debian/control (Package: mandos-client/Recommends): Added
  "gnutls-bin | openssl" (to generate DH parameters).
* debian/mandos-client.postinst (create_dh_params): New function
                                                    called on package
                                                    configure.
* plugins.d/mandos-client.c (main): Bug fix: Work around Debian bug
                                    #633582 also for the
                                    "client-dhparams.pem" file.

Show diffs side-by-side

added added

removed removed

Lines of Context:
20
20
# Update the initial RAM file system image
21
21
update_initramfs()
22
22
{
23
 
    update-initramfs -u -k all
 
23
    if [ -x /usr/sbin/update-initramfs ]; then
 
24
        update-initramfs -u -k all
 
25
    fi
24
26
    
25
27
    if dpkg --compare-versions "$2" lt-nl "1.0.10-1"; then
26
28
        # Make old initrd.img files unreadable too, in case they were
56
58
        -a -r /etc/keys/mandos/seckey.txt ]; then
57
59
        return 0
58
60
    fi
59
 
    mandos-keygen
 
61
    if [ -x /usr/sbin/mandos-keygen ]; then
 
62
        mandos-keygen
 
63
    fi
60
64
}
61
65
 
62
66
create_dh_params(){
63
 
    if [ -r /etc/keys/mandos/dhparams.pem ]; then
 
67
    if [ -r /etc/keys/mandos/client-dhparams.pem ]; then
64
68
        return 0
65
69
    fi
66
70
    # Create a Diffe-Hellman parameters file
80
84
        "$DHFILE"
81
85
    sed --in-place --expression='1i-----BEGIN DH PARAMETERS-----' \
82
86
            "$DHFILE"
83
 
    cp --archive "$DHFILE" /etc/keys/mandos/dhparams.pem
 
87
    cp --archive "$DHFILE" /etc/keys/mandos/client-dhparams.pem
84
88
    rm -- "$DHFILE"
85
89
}
86
90
 
90
94
        create_key "$@"
91
95
        create_dh_params "$@" || :
92
96
        update_initramfs "$@"
93
 
        if dpkg --compare-versions "$2" lt-nl "1.7.7-1"; then
94
 
            PLUGINHELPERDIR=/usr/lib/$(dpkg-architecture -qDEB_HOST_MULTIARCH 2>/dev/null)/mandos/plugin-helpers
95
 
            if ! dpkg-statoverride --list "$PLUGINHELPERDIR" \
96
 
                 >/dev/null 2>&1; then
97
 
                chmod u=rwx,go= -- "$PLUGINHELPERDIR"
98
 
            fi
99
 
            if ! dpkg-statoverride --list /etc/mandos/plugin-helpers \
100
 
                 >/dev/null 2>&1; then
101
 
                chmod u=rwx,go= -- /etc/mandos/plugin-helpers
102
 
            fi
103
 
        fi
104
97
        ;;
105
98
    abort-upgrade|abort-deconfigure|abort-remove)
106
99
        ;;