TclTLS
Check-in [b128e0d4e4]
Login
HomeTimelineBranchesTagsTicketsWiki
Bounty program for improvements to Tcl and certain Tcl packages.
Tcl 2019 Conference, Houston/TX, US, Nov 4-8
Send your abstracts to [email protected]
or submit via the online form by Sep 9.

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Updated gen_dh_params to support specifying a number of bits -- currently the only supported value is 2048
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: b128e0d4e4d93a53d4007806f5751b19450faa68
User & Date: rkeene 2017-04-18 14:39:04
Context
2017-04-18
18:17
Added pre-computed DH params for fallback values for 4096 and 8192 bit sizes, in addition to 2048 check-in: 6286921174 user: rkeene tags: trunk
14:39
Updated gen_dh_params to support specifying a number of bits -- currently the only supported value is 2048 check-in: b128e0d4e4 user: rkeene tags: trunk
14:29
Updated references to DH parameter bit sizes and ensure error messages are printed if generating fails entirely check-in: 83b1dea4d4 user: rkeene tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to gen_dh_params. 

1
2
3











4
5
6
7
8
9
10
..
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113

#! /usr/bin/env sh

bits='2048'












openssl_dhparam() {
	if [ -x "`which openssl 2>/dev/null`" ]; then
		o_output="`openssl dhparam -C "[email protected]" 2>/dev/null`" || return 1
		o_output="`echo "${o_output}" | sed 's/get_dh[0-9]\+/get_dhParams/'`" || return 1
		o_output="`echo "${o_output}" | sed '/^-----BEGIN DH PARAMETERS-----$/,/^-----END DH PARAMETERS-----$/ d;/^#/ d'`" || return 1

................................................................................
		return 0
	fi

	return 1
}

# Enable support for giving the same DH params each time
if [ "$1" = 'fallback' ]; then
	gen_dh_params_fallback && exit 0

	echo "Unable to generate fallback parameters for DH of ${bits} bits" >&2

	exit 1
fi




>
>
>
>
>
>
>
>
>
>
>







 







|








1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
...
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124

#! /usr/bin/env sh

bits='2048'
option_fallback='0'
for arg in "[email protected]"; do
	case "${arg}" in
		fallback)
			option_fallback='1'
			;;
		bits=*)
			bits="`echo "${arg}" | cut -f 2 -d =`"
			;;
	esac
done

openssl_dhparam() {
	if [ -x "`which openssl 2>/dev/null`" ]; then
		o_output="`openssl dhparam -C "[email protected]" 2>/dev/null`" || return 1
		o_output="`echo "${o_output}" | sed 's/get_dh[0-9]\+/get_dhParams/'`" || return 1
		o_output="`echo "${o_output}" | sed '/^-----BEGIN DH PARAMETERS-----$/,/^-----END DH PARAMETERS-----$/ d;/^#/ d'`" || return 1

................................................................................
		return 0
	fi

	return 1
}

# Enable support for giving the same DH params each time
if [ "${option_fallback}" = '1' ]; then
	gen_dh_params_fallback && exit 0

	echo "Unable to generate fallback parameters for DH of ${bits} bits" >&2

	exit 1
fi

Powered by Fossil · RSS