Overview
| Comment: | Updated gen_dh_params to support specifying a number of bits -- currently the only supported value is 2048 |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
b128e0d4e4d93a53d4007806f5751b19 |
| User & Date: | rkeene on 2017-04-18 14:39:04 |
| Other Links: | manifest | tags |
Context
|
2017-04-18
| ||
| 18:17 | Added pre-computed DH params for fallback values for 4096 and 8192 bit sizes, in addition to 2048 check-in: 6286921174 user: rkeene tags: trunk | |
| 14:39 | Updated gen_dh_params to support specifying a number of bits -- currently the only supported value is 2048 check-in: b128e0d4e4 user: rkeene tags: trunk | |
| 14:29 | Updated references to DH parameter bit sizes and ensure error messages are printed if generating fails entirely check-in: 83b1dea4d4 user: rkeene tags: trunk | |
Changes
Modified gen_dh_params from [045a249871] to [7228959737].
1 2 3 4 5 6 7 8 9 10 | #! /usr/bin/env sh
bits='2048'
openssl_dhparam() {
if [ -x "`which openssl 2>/dev/null`" ]; then
o_output="`openssl dhparam -C "[email protected]" 2>/dev/null`" || return 1
o_output="`echo "${o_output}" | sed 's/get_dh[0-9]\+/get_dhParams/'`" || return 1
o_output="`echo "${o_output}" | sed '/^-----BEGIN DH PARAMETERS-----$/,/^-----END DH PARAMETERS-----$/ d;/^#/ d'`" || return 1
| > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | #! /usr/bin/env sh bits='2048' option_fallback='0' for arg in "[email protected]"; do case "${arg}" in fallback) option_fallback='1' ;; bits=*) bits="`echo "${arg}" | cut -f 2 -d =`" ;; esac done openssl_dhparam() { if [ -x "`which openssl 2>/dev/null`" ]; then o_output="`openssl dhparam -C "[email protected]" 2>/dev/null`" || return 1 o_output="`echo "${o_output}" | sed 's/get_dh[0-9]\+/get_dhParams/'`" || return 1 o_output="`echo "${o_output}" | sed '/^-----BEGIN DH PARAMETERS-----$/,/^-----END DH PARAMETERS-----$/ d;/^#/ d'`" || return 1 |
| ︙ | ︙ | |||
99 100 101 102 103 104 105 | return 0 fi return 1 } # Enable support for giving the same DH params each time | | | 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 | return 0
fi
return 1
}
# Enable support for giving the same DH params each time
if [ "${option_fallback}" = '1' ]; then
gen_dh_params_fallback && exit 0
echo "Unable to generate fallback parameters for DH of ${bits} bits" >&2
exit 1
fi
|
| ︙ | ︙ |