/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to debian/mandos-client.postinst

  • Committer: Teddy Hogeborn
  • Date: 2015-07-09 20:32:52 UTC
  • mto: (237.7.594 trunk)
  • mto: This revision was merged to the branch mainline in revision 325.
  • Revision ID: teddy@recompile.se-20150709203252-u10p7trfsxc1a9yp
Install client Diffie-Hellman parameters into initramfs.

* debian/control (Package: mandos-client/Recommends): Added
  "gnutls-bin | openssl" (to generate DH parameters).
* debian/mandos-client.postinst (create_dh_params): New function
                                                    called on package
                                                    configure.
* plugins.d/mandos-client.c (main): Bug fix: Work around Debian bug
                                    #633582 also for the
                                    "client-dhparams.pem" file.

Show diffs side-by-side

added added

removed removed

Lines of Context:
20
20
# Update the initial RAM file system image
21
21
update_initramfs()
22
22
{
23
 
    update-initramfs -u -k all
 
23
    if [ -x /usr/sbin/update-initramfs ]; then
 
24
        update-initramfs -u -k all
 
25
    fi
24
26
    
25
27
    if dpkg --compare-versions "$2" lt-nl "1.0.10-1"; then
26
28
        # Make old initrd.img files unreadable too, in case they were
56
58
        -a -r /etc/keys/mandos/seckey.txt ]; then
57
59
        return 0
58
60
    fi
59
 
    mandos-keygen
60
 
    gpg-connect-agent KILLAGENT /bye || :
 
61
    if [ -x /usr/sbin/mandos-keygen ]; then
 
62
        mandos-keygen
 
63
    fi
61
64
}
62
65
 
63
66
create_dh_params(){
64
 
    if [ -r /etc/keys/mandos/dhparams.pem ]; then
 
67
    if [ -r /etc/keys/mandos/client-dhparams.pem ]; then
65
68
        return 0
66
69
    fi
67
70
    # Create a Diffe-Hellman parameters file
81
84
        "$DHFILE"
82
85
    sed --in-place --expression='1i-----BEGIN DH PARAMETERS-----' \
83
86
            "$DHFILE"
84
 
    cp --archive "$DHFILE" /etc/keys/mandos/dhparams.pem
 
87
    cp --archive "$DHFILE" /etc/keys/mandos/client-dhparams.pem
85
88
    rm -- "$DHFILE"
86
89
}
87
90
 
91
94
        create_key "$@"
92
95
        create_dh_params "$@" || :
93
96
        update_initramfs "$@"
94
 
        if dpkg --compare-versions "$2" lt-nl "1.7.10-1"; then
95
 
            PLUGINHELPERDIR=/usr/lib/$(dpkg-architecture -qDEB_HOST_MULTIARCH 2>/dev/null)/mandos/plugin-helpers
96
 
            if ! dpkg-statoverride --list "$PLUGINHELPERDIR" \
97
 
                 >/dev/null 2>&1; then
98
 
                chmod u=rwx,go= -- "$PLUGINHELPERDIR"
99
 
            fi
100
 
            if ! dpkg-statoverride --list /etc/mandos/plugin-helpers \
101
 
                 >/dev/null 2>&1; then
102
 
                chmod u=rwx,go= -- /etc/mandos/plugin-helpers
103
 
            fi
104
 
        fi
105
97
        ;;
106
98
    abort-upgrade|abort-deconfigure|abort-remove)
107
99
        ;;