/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

  • Committer: Teddy Hogeborn
  • Date: 2015-07-20 03:03:33 UTC
  • Revision ID: teddy@recompile.se-20150720030333-203m2aeblypcsfte
Bug fix for GnuTLS 3: be compatible with old 2048-bit DSA keys.

The mandos-keygen program in Mandos version 1.6.0 and older generated
2048-bit DSA keys, and when GnuTLS uses these it has trouble
connecting using the Mandos default priority string.  This was
previously fixed in Mandos 1.6.2, but the bug reappeared when using
GnuTLS 3, so the default priority string has to change again; this
time also the Mandos client has to change its default, so now the
server and the client should use the same default priority string:

SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA:+SIGN-DSA-SHA256

* mandos (main/server_defaults): Changed default priority string.
* mandos-options.xml (/section/para[id="priority_compat"]): Removed.
  (/section/para[id="priority"]): Changed default priority string.
* mandos.conf ([DEFAULT]/priority): - '' -
* mandos.conf.xml (OPTIONS/priority): Refer to the id "priority"
                                      instead of "priority_compat".
* mandos.xml (OPTIONS/--priority): - '' -
* plugins.d/mandos-client.c (main): Changed default priority string.
Filename Latest Rev Last Changed Committer Comment Size
..
askpass-fifo.c 731 9 years ago Teddy Hogeborn askpass-fifo: Lower privileges after opening FIFO. 5.1 KB Diff Download File
askpass-fifo.xml 544 12 years ago Teddy Hogeborn Updated year in copyright notices. 4.9 KB Diff Download File
mandos-client.c 777 8 years ago Teddy Hogeborn Bug fix for GnuTLS 3: be compatible with old 2048- 79.3 KB Diff Download File
mandos-client.xml 762 8 years ago Teddy Hogeborn mandos-client: Add --dh-params FILE option. * plu 30.3 KB Diff Download File
password-prompt.c 679 10 years ago Teddy Hogeborn Update copyright year. * mandos-keygen: Update co 13.9 KB Diff Download File
password-prompt.xml 544 12 years ago Teddy Hogeborn Updated year in copyright notices. 9.5 KB Diff Download File
plymouth.c 679 10 years ago Teddy Hogeborn Update copyright year. * mandos-keygen: Update co 12.5 KB Diff Download File
plymouth.xml 544 12 years ago Teddy Hogeborn Updated year in copyright notices. 10.1 KB Diff Download File
splashy.c 679 10 years ago Teddy Hogeborn Update copyright year. * mandos-keygen: Update co 11.6 KB Diff Download File
splashy.xml 544 12 years ago Teddy Hogeborn Updated year in copyright notices. 10.2 KB Diff Download File
usplash.c 774 8 years ago Teddy Hogeborn Don't use TEMP_FAILURE_RETRY around close(). * pl 16.1 KB Diff Download File
usplash.xml 544 12 years ago Teddy Hogeborn Updated year in copyright notices. 10.8 KB Diff Download File