=== modified file 'INSTALL'
--- INSTALL 2011-03-08 19:09:03 +0000
+++ INSTALL 2013-06-23 15:13:06 +0000
@@ -12,7 +12,7 @@
server and client programs themselves *could* be run in other
distributions, but they *are* specific to GNU/Linux systems, and
are not written with portabillity to other Unixes in mind.
-
+
** Libraries
The following libraries and packages are needed. (It is possible
@@ -35,7 +35,7 @@
To build just the documentation, run the command "make doc". Then
the manual page "mandos.8", for example, can be read by running
"man -l mandos.8".
-
+
*** Mandos Server
+ GnuTLS 2.4 http://www.gnu.org/software/gnutls/
+ Avahi 0.6.16 http://www.avahi.org/
@@ -51,7 +51,7 @@
Package names:
python-gnutls avahi-daemon python python-avahi python-dbus
python-gobject python-urwid
-
+
*** Mandos Client
+ initramfs-tools 0.85i
http://packages.qa.debian.org/i/initramfs-tools.html
=== modified file 'TODO'
--- TODO 2012-10-24 19:34:13 +0000
+++ TODO 2013-06-23 15:13:06 +0000
@@ -96,6 +96,7 @@
Better view of client data in the listing
*** Properties popup
** Print a nice "We are sorry" message, save stack trace to log.
+** Rename module "gobject" to "GObject".
* mandos-keygen
** TODO "--secfile" option
=== modified file 'mandos'
--- mandos 2013-05-22 20:00:18 +0000
+++ mandos 2013-06-23 15:13:06 +0000
@@ -1991,7 +1991,7 @@
if self.address_family == socket.AF_INET6:
any_address = "::" # in6addr_any
else:
- any_address = socket.INADDR_ANY
+ any_address = "0.0.0.0" # INADDR_ANY
self.server_address = (any_address,
self.server_address[1])
elif not self.server_address[1]:
@@ -2302,7 +2302,7 @@
help="Run self-test")
parser.add_argument("--debug", action="store_true",
help="Debug mode; run in foreground and log"
- " to terminal")
+ " to terminal", default=None)
parser.add_argument("--debuglevel", metavar="LEVEL",
help="Debug level for stdout output")
parser.add_argument("--priority", help="GnuTLS"
@@ -2315,19 +2315,20 @@
" files")
parser.add_argument("--no-dbus", action="store_false",
dest="use_dbus", help="Do not provide D-Bus"
- " system bus interface")
+ " system bus interface", default=None)
parser.add_argument("--no-ipv6", action="store_false",
- dest="use_ipv6", help="Do not use IPv6")
+ dest="use_ipv6", help="Do not use IPv6",
+ default=None)
parser.add_argument("--no-restore", action="store_false",
dest="restore", help="Do not restore stored"
- " state")
+ " state", default=None)
parser.add_argument("--socket", type=int,
help="Specify a file descriptor to a network"
" socket to use instead of creating one")
parser.add_argument("--statedir", metavar="DIR",
help="Directory to save/restore state in")
parser.add_argument("--foreground", action="store_true",
- help="Run in foreground")
+ help="Run in foreground", default=None)
options = parser.parse_args()
@@ -2342,7 +2343,7 @@
"port": "",
"debug": "False",
"priority":
- "SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP",
+ "SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:+SIGN-RSA-SHA224",
"servicename": "Mandos",
"use_dbus": "True",
"use_ipv6": "True",
@@ -2392,6 +2393,10 @@
for option in server_settings.keys():
if type(server_settings[option]) is str:
server_settings[option] = unicode(server_settings[option])
+ # Force all boolean options to be boolean
+ for option in ("debug", "use_dbus", "use_ipv6", "restore",
+ "foreground"):
+ server_settings[option] = bool(server_settings[option])
# Debug implies foreground
if server_settings["debug"]:
server_settings["foreground"] = True
=== modified file 'mandos-options.xml'
--- mandos-options.xml 2012-06-17 14:55:31 +0000
+++ mandos-options.xml 2013-06-23 15:13:06 +0000
@@ -49,8 +49,9 @@
GnuTLS priority string for the TLS handshake.
The default is SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP
. See
- gnutls_priority_init
+ >SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:+SIGN-RSA-SHA224.
+ See gnutls_priority_init
3 for the syntax.
Warning: changing this may make the
TLS handshake fail, making server-client
=== modified file 'mandos.conf'
--- mandos.conf 2012-06-17 14:55:31 +0000
+++ mandos.conf 2013-06-23 15:13:06 +0000
@@ -23,7 +23,7 @@
;debug = False
# GnuTLS priority for the TLS handshake. See gnutls_priority_init(3).
-;priority = SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP
+;priority = SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:+SIGN-RSA-SHA224
# Zeroconf service name. You need to change this if you for some
# reason want to run more than one server on the same *host*.
=== modified file 'plugins.d/mandos-client.xml'
--- plugins.d/mandos-client.xml 2012-07-23 07:01:16 +0000
+++ plugins.d/mandos-client.xml 2013-06-23 15:13:06 +0000
@@ -2,7 +2,7 @@
-
+
%common;
]>
@@ -666,7 +666,7 @@
- Normal invocation needs no options, if the network interface
+ Normal invocation needs no options, if the network interfaces
can be automatically determined:
@@ -675,8 +675,8 @@
- Search for Mandos servers (and connect to them) using another
- interface:
+ Search for Mandos servers (and connect to them) using one
+ specific interface: