/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to initramfs-tools-hook

  • Committer: Teddy Hogeborn
  • Date: 2015-07-09 08:20:24 UTC
  • Revision ID: teddy@recompile.se-20150709082024-eitu9mav45lefl75
mandos-client: Add --dh-params FILE option.

* plugins.d/mandos-client.c: Added --dh-params FILE option.
  (init_gnutls_global): New "dhparamsfilename" argument.  All callers
                        changed.  Read and use Diffie-Hellman
                        parameters from it.  Bug fix:  check for error
                        when opening seckeyfile for the second time.
  (init_gnutls_session): Remove unnecessary call to
                         gnutls_dh_set_prime_bits();
  (main): New variable "dh_params_file".
  (main/argp_options): Added "--dh-params" option.
  (main/parse_opt): - '' -
* plugins.d/mandos-client.xml (SYNOPSIS): Add --dh-params option.
  (OPTIONS): Document --dh-params option and document that the
             --dh-bits options is potentially overridden by the
             --dh-params option.

Show diffs side-by-side

added added

removed removed

Lines of Context:
231
231
            ;;
232
232
    esac
233
233
done
234
 
# Use Diffie-Hellman parameters file if available
235
 
if [ -e "${DESTDIR}${CONFDIR}"/dhparams.pem ]; then
236
 
    sed --in-place \
237
 
        --expression="1i--options-for=mandos-client:--dh-params=${CONFDIR}/dhparams.pem" \
238
 
        "${DESTDIR}/${CONFDIR}/plugin-runner.conf"
239
 
fi
240
234
 
241
235
# /lib/mandos/plugin-runner will drop priviliges, but needs access to
242
236
# its plugin directory and its config file.  However, since almost all