/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-keygen

  • Committer: Teddy Hogeborn
  • Date: 2019-02-10 08:41:14 UTC
  • Revision ID: teddy@recompile.se-20190210084114-u91mijrxtifvzra5
Bug fix: Only create TLS key with certtool, and read correct key file

* debian/mandos-client.postinst (create_keys): Remove any bad keys
                                               created by 1.8.0-1.
                                               Only create TLS keys if
                                               certtool succeeds.
* debian/mandos.postinst (configure): Remove any bad keys from
                                      clients.conf, and inform the
                                      user if any were found.
* debian/mandos.templates (mandos/removed_bad_key_ids): New message.
* mandos (MandosServer.handle_ipc): Do not trust a key_id with a known
                                    bad key ID.
* mandos-keygen (keygen): Only create TLS keys if certtool succeeds.
  (password): Bug fix: Generate key_id correctly, and only output
              key_id if TLS key exists.

Show diffs side-by-side

added added

removed removed

Lines of Context:
23
23
# Contact the authors at <mandos@recompile.se>.
24
24
25
25
 
26
 
VERSION="1.8.15"
 
26
VERSION="1.8.0"
27
27
 
28
28
KEYDIR="/etc/keys/mandos"
29
29
KEYTYPE=RSA
252
252
        # Backup any old key files
253
253
        if cp --backup=numbered --force "$TLS_PRIVKEYFILE" "$TLS_PRIVKEYFILE" \
254
254
              2>/dev/null; then
255
 
            shred --remove "$TLS_PRIVKEYFILE" 2>/dev/null || :
 
255
            shred --remove "$TLS_PRIVKEYFILE"
256
256
        fi
257
257
        if cp --backup=numbered --force "$TLS_PUBKEYFILE" "$TLS_PUBKEYFILE" \
258
258
              2>/dev/null; then
259
259
            rm --force "$TLS_PUBKEYFILE"
260
260
        fi
261
261
        cp --archive "$TLS_PRIVKEYTMP" "$TLS_PRIVKEYFILE"
262
 
        shred --remove "$TLS_PRIVKEYTMP" 2>/dev/null || :
 
262
        shred --remove "$TLS_PRIVKEYTMP"
263
263
 
264
264
        ## TLS public key
265
265
 
296
296
    # Backup any old key files
297
297
    if cp --backup=numbered --force "$SECKEYFILE" "$SECKEYFILE" \
298
298
        2>/dev/null; then
299
 
        shred --remove "$SECKEYFILE" 2>/dev/null || :
 
299
        shred --remove "$SECKEYFILE"
300
300
    fi
301
301
    if cp --backup=numbered --force "$PUBKEYFILE" "$PUBKEYFILE" \
302
302
        2>/dev/null; then
381
381
    
382
382
    while [ ! -s "$SECFILE" ]; do
383
383
        if [ -n "$PASSFILE" ]; then
384
 
            cat -- "$PASSFILE"
 
384
            cat "$PASSFILE"
385
385
        else
386
386
            tty --quiet && stty -echo
387
387
            echo -n "Enter passphrase: " >/dev/tty
397
397
                echo "Passphrase mismatch" >&2
398
398
                touch "$RINGDIR"/mismatch
399
399
            else
400
 
                printf "%s" "$first"
 
400
                echo -n "$first"
401
401
            fi
402
402
        fi | gpg --quiet --batch --no-tty --no-options --enable-dsa2 \
403
403
            --homedir "$RINGDIR" --trust-model always --armor \
444
444
set +e
445
445
# Remove the password file, if any
446
446
if [ -n "$SECFILE" ]; then
447
 
    shred --remove "$SECFILE" 2>/dev/null
 
447
    shred --remove "$SECFILE"
448
448
fi
449
449
# Remove the key rings
450
450
shred --remove "$RINGDIR"/sec* 2>/dev/null