/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-options.xml

  • Committer: Teddy Hogeborn
  • Date: 2019-02-11 06:14:29 UTC
  • Revision ID: teddy@recompile.se-20190211061429-n6n5zk29iatshlb3
Fix Debian package dependencies

* debian/control (Build-Depends): Changed GnuTLS dependencies to
                                  "libgnutls30 (>= 3.3.0),
                                  libgnutls28-dev (>= 3.6.6) |
                                  libgnutls28-dev (<< 3.6.0)".  (We
                                  can't depend on the virtual package
                                  "gnutls-dev", since we need the
                                  version restrictions.)
  (Package: mandos/Depends): Remove dependency on libgnutls28-dev
                             package.
  (Package: mandos/Suggests): New; set to "libc6-dev,
                              c-compiler". (Used to find value of
                              "SO_BINDTODEVICE").
  (Package: mandos-client/Depends): Don't depend on openssl anymore;
                                    instead depend on either a
                                    gnutls-bin (>= 3.6.6) (in which
                                    case TLS key generation will
                                    work), or on libgnutls30 (<<
                                    3.6.0) (in which case TLS key
                                    generation will not be needed).

Show diffs side-by-side

added added

removed removed

Lines of Context:
48
48
  
49
49
  <para id="priority">
50
50
    GnuTLS priority string for the <acronym>TLS</acronym> handshake.
51
 
    The default is <quote><literal
52
 
    >SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA</literal>
53
 
    <literal>:+SIGN-DSA-SHA256</literal></quote>.
54
 
    See <citerefentry><refentrytitle
 
51
    The default is
 
52
    <quote><literal>SECURE128&#8203;:!CTYPE-X.509&#8203;:+CTYPE-RAWPK&#8203;:!RSA&#8203;:!VERS-ALL&#8203;:+VERS-TLS1.3&#8203;:%PROFILE_ULTRA</literal></quote>
 
53
    when using raw public keys in TLS, and
 
54
    <quote><literal>SECURE256&#8203;:!CTYPE-X.509&#8203;:+CTYPE-OPENPGP&#8203;:!RSA&#8203;:+SIGN-DSA-SHA256</literal></quote>
 
55
    when using OpenPGP keys in TLS,.  See <citerefentry><refentrytitle
55
56
    >gnutls_priority_init</refentrytitle>
56
57
    <manvolnum>3</manvolnum></citerefentry> for the syntax.
57
58
    <emphasis>Warning</emphasis>: changing this may make the