=== modified file 'mandos'
--- mandos 2013-10-20 23:27:38 +0000
+++ mandos 2013-10-22 19:24:01 +0000
@@ -2349,7 +2349,7 @@
"port": "",
"debug": "False",
"priority":
- "SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP",
+ "SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:+SIGN-RSA-SHA224:+SIGN-RSA-RMD160",
"servicename": "Mandos",
"use_dbus": "True",
"use_ipv6": "True",
=== modified file 'mandos-keygen'
--- mandos-keygen 2013-10-20 21:04:35 +0000
+++ mandos-keygen 2013-10-22 19:24:01 +0000
@@ -30,7 +30,7 @@
SUBKEYLENGTH=4096
KEYNAME="`hostname --fqdn 2>/dev/null || hostname`"
KEYEMAIL=""
-KEYCOMMENT="Mandos client key"
+KEYCOMMENT=""
KEYEXPIRE=0
FORCE=no
KEYCOMMENT_ORIG="$KEYCOMMENT"
@@ -71,8 +71,7 @@
-e ADDRESS, --email ADDRESS
Email address of key. Default is empty.
-c TEXT, --comment TEXT
- Comment field for key. The default value is
- "Mandos client key".
+ Comment field for key. The default is empty.
-x TIME, --expire TIME
Key expire time. Default is no expiration.
See gpg(1) for syntax.
=== modified file 'mandos-keygen.xml'
--- mandos-keygen.xml 2013-09-29 15:52:19 +0000
+++ mandos-keygen.xml 2013-10-22 19:24:01 +0000
@@ -2,7 +2,7 @@
-
+
%common;
]>
@@ -288,8 +288,7 @@
TEXT
- Comment field for key. The default value is
- Mandos client key
.
+ Comment field for key. Default is empty.
=== modified file 'mandos-options.xml'
--- mandos-options.xml 2013-10-20 21:04:35 +0000
+++ mandos-options.xml 2013-10-22 19:24:01 +0000
@@ -49,7 +49,7 @@
GnuTLS priority string for the TLS handshake.
The default is SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP
.
+ >SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:+SIGN-RSA-SHA224:+SIGN-RSA-RMD160.
See gnutls_priority_init
3 for the syntax.
=== modified file 'mandos.conf'
--- mandos.conf 2013-10-20 21:04:35 +0000
+++ mandos.conf 2013-10-22 19:24:01 +0000
@@ -23,7 +23,7 @@
;debug = False
# GnuTLS priority for the TLS handshake. See gnutls_priority_init(3).
-;priority = SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP
+;priority = SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:+SIGN-RSA-SHA224:+SIGN-RSA-RMD160
# Zeroconf service name. You need to change this if you for some
# reason want to run more than one server on the same *host*.