/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugin-runner.xml

  • Committer: Teddy Hogeborn
  • Date: 2015-07-20 03:03:33 UTC
  • Revision ID: teddy@recompile.se-20150720030333-203m2aeblypcsfte
Bug fix for GnuTLS 3: be compatible with old 2048-bit DSA keys.

The mandos-keygen program in Mandos version 1.6.0 and older generated
2048-bit DSA keys, and when GnuTLS uses these it has trouble
connecting using the Mandos default priority string.  This was
previously fixed in Mandos 1.6.2, but the bug reappeared when using
GnuTLS 3, so the default priority string has to change again; this
time also the Mandos client has to change its default, so now the
server and the client should use the same default priority string:

SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA:+SIGN-DSA-SHA256

* mandos (main/server_defaults): Changed default priority string.
* mandos-options.xml (/section/para[id="priority_compat"]): Removed.
  (/section/para[id="priority"]): Changed default priority string.
* mandos.conf ([DEFAULT]/priority): - '' -
* mandos.conf.xml (OPTIONS/priority): Refer to the id "priority"
                                      instead of "priority_compat".
* mandos.xml (OPTIONS/--priority): - '' -
* plugins.d/mandos-client.c (main): Changed default priority string.

Show diffs side-by-side

added added

removed removed

Lines of Context:
plugin-runner.xml
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "plugin-runner">
5
 
<!ENTITY TIMESTAMP "2016-03-17">
 
5
<!ENTITY TIMESTAMP "2015-06-28">
6
6
<!ENTITY % common SYSTEM "common.ent">
7
7
%common;
8
8
]>
33
33
    <copyright>
34
34
      <year>2008</year>
35
35
      <year>2009</year>
36
 
      <year>2010</year>
37
 
      <year>2011</year>
38
36
      <year>2012</year>
39
 
      <year>2013</year>
40
 
      <year>2014</year>
41
 
      <year>2015</year>
42
 
      <year>2016</year>
43
37
      <holder>Teddy Hogeborn</holder>
44
38
      <holder>Björn Påhlsson</holder>
45
39
    </copyright>
544
538
            </para>
545
539
          </listitem>
546
540
        </varlistentry>
547
 
        <varlistentry>
548
 
          <term><filename class="directory"
549
 
          >/lib/mandos/plugins.d</filename></term>
550
 
          <listitem>
551
 
            <para>
552
 
              The default plugin directory; can be changed by the
553
 
              <option>--plugin-dir</option> option.
554
 
            </para>
555
 
          </listitem>
556
 
        </varlistentry>
557
 
        <varlistentry>
558
 
          <term><filename class="directory"
559
 
          >/lib/mandos/plugin-helpers</filename></term>
560
 
          <listitem>
561
 
            <para>
562
 
              The default plugin helper directory; can be changed by
563
 
              the <option>--plugin-helper-dir</option> option.
564
 
            </para>
565
 
          </listitem>
566
 
        </varlistentry>
567
541
      </variablelist>
568
542
    </para>
569
543
  </refsect1>
574
548
      The <option>--config-file</option> option is ignored when
575
549
      specified from within a configuration file.
576
550
    </para>
577
 
    <xi:include href="bugs.xml"/>
578
551
  </refsect1>
579
552
  
580
553
  <refsect1 id="examples">