/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

  • Committer: Teddy Hogeborn
  • Date: 2015-07-20 03:03:33 UTC
  • Revision ID: teddy@recompile.se-20150720030333-203m2aeblypcsfte
Bug fix for GnuTLS 3: be compatible with old 2048-bit DSA keys.

The mandos-keygen program in Mandos version 1.6.0 and older generated
2048-bit DSA keys, and when GnuTLS uses these it has trouble
connecting using the Mandos default priority string.  This was
previously fixed in Mandos 1.6.2, but the bug reappeared when using
GnuTLS 3, so the default priority string has to change again; this
time also the Mandos client has to change its default, so now the
server and the client should use the same default priority string:

SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA:+SIGN-DSA-SHA256

* mandos (main/server_defaults): Changed default priority string.
* mandos-options.xml (/section/para[id="priority_compat"]): Removed.
  (/section/para[id="priority"]): Changed default priority string.
* mandos.conf ([DEFAULT]/priority): - '' -
* mandos.conf.xml (OPTIONS/priority): Refer to the id "priority"
                                      instead of "priority_compat".
* mandos.xml (OPTIONS/--priority): - '' -
* plugins.d/mandos-client.c (main): Changed default priority string.
Filename Latest Rev Last Changed Committer Comment Size
..
.bzr-builddeb 185 15 years ago Teddy Hogeborn * .bzr-builddeb/default.conf: New. * Makefile (in Diff
debian 185 15 years ago Teddy Hogeborn * .bzr-builddeb/default.conf: New. * Makefile (in Diff
network-hooks.d 505.3.10 12 years ago Teddy Hogeborn * network-hooks.d: New directory. * network-hooks. Diff
plugin-helpers 738.1.1 8 years ago Teddy Hogeborn Add a plugin helper directory, available to all pl Diff
plugins.d 13 15 years ago Björn Påhlsson Added following support: Pluginbased client handle Diff
.bzrignore 585 11 years ago Teddy Hogeborn * .bzrignore (statedir): Added. 188 bytes Diff Download File
clients.conf 609 11 years ago Teddy Hogeborn * clients.conf: Convert all time intervals to new 3.1 KB Diff Download File
common.ent 237.4.55 9 years ago Teddy Hogeborn * Makefile (version): Changed to "1.6.9". * NEWS ( 93 bytes Diff Download File
COPYING 24.1.51 15 years ago Björn Påhlsson Added configuration files support for mandos-clien 34.2 KB Diff Download File
DBUS-API 749.1.1 8 years ago Teddy Hogeborn mandos: Use multiprocessing module to run checkers 6.6 KB Diff Download File
dbus-mandos.conf 24.1.186 12 years ago Björn Påhlsson transitional stuff actually working documented cha 820 bytes Diff Download File
default-mandos 185 15 years ago Teddy Hogeborn * .bzr-builddeb/default.conf: New. * Makefile (in 174 bytes Diff Download File
init.d-mandos 648 10 years ago Teddy Hogeborn Update init script to modern standards. * init.d- 4.3 KB Diff Download File
File initramfs-tools-hook 766 8 years ago Teddy Hogeborn Rename the "client-dhparams.pem" file to simply "d 7.3 KB Diff Download File
initramfs-tools-hook-conf 237.2.19 14 years ago Teddy Hogeborn * initramfs-tools-hook-conf: Security bug fix: Add 407 bytes Diff Download File
File initramfs-tools-script 487 12 years ago Teddy Hogeborn * initramfs-tools-script: Abort if plugin-runner i 3.6 KB Diff Download File
File initramfs-unpack 624 10 years ago Teddy Hogeborn * initramfs-unpack: Bug fix: Made executable. 2.2 KB Diff Download File
INSTALL 723.1.1 9 years ago Teddy Hogeborn Require Python 2.7. This is in preparation for th 5.3 KB Diff Download File
intro.xml 742 9 years ago Teddy Hogeborn Add ":!RSA" to GnuTLS priority string, to disallow 15.9 KB Diff Download File
legalnotice.xml 174 15 years ago Teddy Hogeborn * legalnotice.xml: Copy DocBook 4.4-formatted text 1 KB Diff Download File
Makefile 772 8 years ago Teddy Hogeborn Assume the C11 language (ISO 9899:2011), when comp 16.8 KB Diff Download File
File mandos 777 8 years ago Teddy Hogeborn Bug fix for GnuTLS 3: be compatible with old 2048- 117 KB Diff Download File
mandos-clients.conf.xml 708 9 years ago Teddy Hogeborn mandos-keygen: Generate "checker" option to use SS 18.5 KB Diff Download File
File mandos-ctl 753 8 years ago Teddy Hogeborn mandos-ctl: Generate better messages in exceptions 18.2 KB Diff Download File
mandos-ctl.xml 608 11 years ago Teddy Hogeborn * Makefile (check): Also check mandos-ctl. * mando 16.3 KB Diff Download File
File mandos-keygen 748 8 years ago Teddy Hogeborn mandos-keygen: Update copyright year. 10.5 KB Diff Download File
mandos-keygen.xml 708 9 years ago Teddy Hogeborn mandos-keygen: Generate "checker" option to use SS 15.2 KB Diff Download File
File mandos-monitor 749.1.1 8 years ago Teddy Hogeborn mandos: Use multiprocessing module to run checkers 29.6 KB Diff Download File
mandos-monitor.xml 713 9 years ago Teddy Hogeborn mandos-monitor: New "verbose" mode to see less imp 6.1 KB Diff Download File
mandos-options.xml 777 8 years ago Teddy Hogeborn Bug fix for GnuTLS 3: be compatible with old 2048- 4.8 KB Diff Download File
mandos.conf 777 8 years ago Teddy Hogeborn Bug fix for GnuTLS 3: be compatible with old 2048- 1.6 KB Diff Download File
mandos.conf.xml 777 8 years ago Teddy Hogeborn Bug fix for GnuTLS 3: be compatible with old 2048- 8.7 KB Diff Download File
mandos.lsm 237.4.55 9 years ago Teddy Hogeborn * Makefile (version): Changed to "1.6.9". * NEWS ( 906 bytes Diff Download File
mandos.service 761 8 years ago Teddy Hogeborn mandos.service: Use Type=dbus (implicitly). mando 473 bytes Diff Download File
mandos.xml 777 8 years ago Teddy Hogeborn Bug fix for GnuTLS 3: be compatible with old 2048- 23.7 KB Diff Download File
NEWS 237.4.55 9 years ago Teddy Hogeborn * Makefile (version): Changed to "1.6.9". * NEWS ( 12.5 KB Diff Download File
overview.xml 183 15 years ago Teddy Hogeborn * Makefile (install-client-nokey): Do "&&" instead 926 bytes Diff Download File
plugin-runner.c 774 8 years ago Teddy Hogeborn Don't use TEMP_FAILURE_RETRY around close(). * pl 36.2 KB Diff Download File
plugin-runner.conf 342 14 years ago Teddy Hogeborn * initramfs-tools-hook: Bug fix: Add "--userid" an 380 bytes Diff Download File
plugin-runner.xml 759 8 years ago Teddy Hogeborn Merge change to add local route when network is "u 21.7 KB Diff Download File
README 550 12 years ago Teddy Hogeborn * README: Hint that the intro(8mandos) manual page 409 bytes Diff Download File
TODO 762 8 years ago Teddy Hogeborn mandos-client: Add --dh-params FILE option. * plu 5.5 KB Diff Download File