/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos.xml

  • Committer: Teddy Hogeborn
  • Date: 2018-08-15 09:26:02 UTC
  • Revision ID: teddy@recompile.se-20180815092602-xoyb5s6gf8376i7u
http://bugs.debian.org/894495
mandos-client: Set system clock if necessary

* plugins.d/mandos-client.c (init_gpgme/import_key): If the system
  clock is not set, or set to january 1970, set the system clock to
  the more plausible value that is the mtime of the key file.  This is
  required by GnuPG to be able to import the keys.  (We can't pass the
  --ignore-time-conflict or the --ignore-valid-from options though
  GPGME.)

Show diffs side-by-side

added added

removed removed

Lines of Context:
mandos.xml
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "mandos">
5
 
<!ENTITY TIMESTAMP "2012-01-15">
 
5
<!ENTITY TIMESTAMP "2018-02-08">
6
6
<!ENTITY % common SYSTEM "common.ent">
7
7
%common;
8
8
]>
36
36
      <year>2010</year>
37
37
      <year>2011</year>
38
38
      <year>2012</year>
 
39
      <year>2013</year>
 
40
      <year>2014</year>
 
41
      <year>2015</year>
 
42
      <year>2016</year>
 
43
      <year>2017</year>
 
44
      <year>2018</year>
39
45
      <holder>Teddy Hogeborn</holder>
40
46
      <holder>Björn Påhlsson</holder>
41
47
    </copyright>
100
106
      <sbr/>
101
107
      <arg><option>--statedir
102
108
      <replaceable>DIRECTORY</replaceable></option></arg>
 
109
      <sbr/>
 
110
      <arg><option>--socket
 
111
      <replaceable>FD</replaceable></option></arg>
 
112
      <sbr/>
 
113
      <arg><option>--foreground</option></arg>
 
114
      <sbr/>
 
115
      <arg><option>--no-zeroconf</option></arg>
103
116
    </cmdsynopsis>
104
117
    <cmdsynopsis>
105
118
      <command>&COMMANDNAME;</command>
299
312
          <xi:include href="mandos-options.xml" xpointer="statedir"/>
300
313
        </listitem>
301
314
      </varlistentry>
 
315
      
 
316
      <varlistentry>
 
317
        <term><option>--socket
 
318
        <replaceable>FD</replaceable></option></term>
 
319
        <listitem>
 
320
          <xi:include href="mandos-options.xml" xpointer="socket"/>
 
321
        </listitem>
 
322
      </varlistentry>
 
323
      
 
324
      <varlistentry>
 
325
        <term><option>--foreground</option></term>
 
326
        <listitem>
 
327
          <xi:include href="mandos-options.xml"
 
328
                      xpointer="foreground"/>
 
329
        </listitem>
 
330
      </varlistentry>
 
331
      
 
332
      <varlistentry>
 
333
        <term><option>--no-zeroconf</option></term>
 
334
        <listitem>
 
335
          <xi:include href="mandos-options.xml" xpointer="zeroconf"/>
 
336
        </listitem>
 
337
      </varlistentry>
 
338
      
302
339
    </variablelist>
303
340
  </refsect1>
304
341
  
494
531
        </listitem>
495
532
      </varlistentry>
496
533
      <varlistentry>
497
 
        <term><filename>/var/run/mandos.pid</filename></term>
 
534
        <term><filename>/run/mandos.pid</filename></term>
498
535
        <listitem>
499
536
          <para>
500
537
            The file containing the process id of the
501
538
            <command>&COMMANDNAME;</command> process started last.
 
539
            <emphasis >Note:</emphasis> If the <filename
 
540
            class="directory">/run</filename> directory does not
 
541
            exist, <filename>/var/run/mandos.pid</filename> will be
 
542
            used instead.
502
543
          </para>
503
544
        </listitem>
504
545
      </varlistentry>
505
546
      <varlistentry>
506
 
        <term><filename class="devicefile">/dev/log</filename></term>
507
 
      </varlistentry>
508
 
      <varlistentry>
509
547
        <term><filename
510
548
        class="directory">/var/lib/mandos</filename></term>
511
549
        <listitem>
517
555
        </listitem>
518
556
      </varlistentry>
519
557
      <varlistentry>
520
 
        <term><filename>/dev/log</filename></term>
 
558
        <term><filename class="devicefile">/dev/log</filename></term>
521
559
        <listitem>
522
560
          <para>
523
561
            The Unix domain socket to where local syslog messages are
549
587
      There is no fine-grained control over logging and debug output.
550
588
    </para>
551
589
    <para>
552
 
      Debug mode is conflated with running in the foreground.
553
 
    </para>
554
 
    <para>
555
590
      This server does not check the expire time of clients’ OpenPGP
556
591
      keys.
557
592
    </para>
 
593
    <xi:include href="bugs.xml"/>
558
594
  </refsect1>
559
595
  
560
596
  <refsect1 id="example">
673
709
      </varlistentry>
674
710
      <varlistentry>
675
711
        <term>
676
 
          <ulink url="http://www.gnu.org/software/gnutls/"
677
 
          >GnuTLS</ulink>
 
712
          <ulink url="https://gnutls.org/">GnuTLS</ulink>
678
713
        </term>
679
714
      <listitem>
680
715
        <para>
718
753
      </varlistentry>
719
754
      <varlistentry>
720
755
        <term>
721
 
          RFC 4346: <citetitle>The Transport Layer Security (TLS)
722
 
          Protocol Version 1.1</citetitle>
 
756
          RFC 5246: <citetitle>The Transport Layer Security (TLS)
 
757
          Protocol Version 1.2</citetitle>
723
758
        </term>
724
759
      <listitem>
725
760
        <para>
726
 
          TLS 1.1 is the protocol implemented by GnuTLS.
 
761
          TLS 1.2 is the protocol implemented by GnuTLS.
727
762
        </para>
728
763
      </listitem>
729
764
      </varlistentry>
739
774
      </varlistentry>
740
775
      <varlistentry>
741
776
        <term>
742
 
          RFC 5081: <citetitle>Using OpenPGP Keys for Transport Layer
743
 
          Security</citetitle>
 
777
          RFC 6091: <citetitle>Using OpenPGP Keys for Transport Layer
 
778
          Security (TLS) Authentication</citetitle>
744
779
        </term>
745
780
      <listitem>
746
781
        <para>