/mandos/trunk

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-keygen

Committer: Teddy Hogeborn
Date: 2019-08-05 21:14:05 UTC
Revision ID: teddy@recompile.se-20190805211405-9m6hecekaihpttz9

Override lintian warnings about upgrading from old versions

There are some really things which are imperative that we fix in case
someone were to upgrade from a really old version.  We want to keep
these fixes in the postinst maintainer scripts, even though lintian
complains about such old upgrades not being supported by Debian in
general.  We prefer the code being there, for the sake of the users.

* debian/mandos-client.lintian-overrides
  (maintainer-script-supports-ancient-package-version): New.
  debian/mandos.lintian-overrides
  (maintainer-script-supports-ancient-package-version): - '' -

files added:
debian/po/POTFILES.in

debian/po/en_US.po

debian/po/templates.pot

debian/source/lintian-overrides

debian/tests

debian/tests/control

debian/upstream/metadata

dracut-module

dracut-module/ask-password-mandos.path

dracut-module/ask-password-mandos.service

dracut-module/cmdline-mandos.sh

dracut-module/module-setup.sh

dracut-module/password-agent.c

dracut-module/password-agent.xml

initramfs-tools-conf-hook

files modified:
.bzrignore

INSTALL

Makefile

NEWS

TODO

common.ent

debian/changelog

debian/control

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos-client.templates

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.templates

debian/rules

debian/watch

initramfs-unpack

intro.xml

mandos

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-options.xml

mandos-to-cryptroot-unlock

mandos.conf.xml

mandos.lsm

mandos.xml

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.xml

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

23

23

# Contact the authors at <mandos@recompile.se>.

24

24

#

25

25

26

VERSION="1.8.1"

26

VERSION="1.8.6"

27

27

28

28

KEYDIR="/etc/keys/mandos"

29

29

KEYTYPE=RSA

252

252

# Backup any old key files

253

253

if cp --backup=numbered --force "$TLS_PRIVKEYFILE" "$TLS_PRIVKEYFILE" \

254

254

2>/dev/null; then

255

shred --remove "$TLS_PRIVKEYFILE"

255

shred --remove "$TLS_PRIVKEYFILE" 2>/dev/null || :

256

256

fi

257

257

if cp --backup=numbered --force "$TLS_PUBKEYFILE" "$TLS_PUBKEYFILE" \

258

258

2>/dev/null; then

259

259

rm --force "$TLS_PUBKEYFILE"

260

260

fi

261

261

cp --archive "$TLS_PRIVKEYTMP" "$TLS_PRIVKEYFILE"

262

shred --remove "$TLS_PRIVKEYTMP"

262

shred --remove "$TLS_PRIVKEYTMP" 2>/dev/null || :

263

263

264

264

## TLS public key

265

265

296

296

# Backup any old key files

297

297

if cp --backup=numbered --force "$SECKEYFILE" "$SECKEYFILE" \

298

298

2>/dev/null; then

299

shred --remove "$SECKEYFILE"

299

shred --remove "$SECKEYFILE" 2>/dev/null || :

300

300

fi

301

301

if cp --backup=numbered --force "$PUBKEYFILE" "$PUBKEYFILE" \

302

302

2>/dev/null; then

381

381

382

382

while [ ! -s "$SECFILE" ]; do

383

383

if [ -n "$PASSFILE" ]; then

384

cat "$PASSFILE"

384

cat -- "$PASSFILE"

385

385

else

386

386

tty --quiet && stty -echo

387

387

echo -n "Enter passphrase: " >/dev/tty

444

444

set +e

445

445

# Remove the password file, if any

446

446

if [ -n "$SECFILE" ]; then

447

shred --remove "$SECFILE"

447

shred --remove "$SECFILE" 2>/dev/null

448

448

fi

449

449

# Remove the key rings

450

450

shred --remove "$RINGDIR"/sec* 2>/dev/null

Older »