Overview
Comment: | Updated gen_dh_params to support specifying a number of bits -- currently the only supported value is 2048 |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
b128e0d4e4d93a53d4007806f5751b19 |
User & Date: | rkeene on 2017-04-18 14:39:04 |
Other Links: | manifest | tags |
Context
2017-04-18
| ||
18:17 | Added pre-computed DH params for fallback values for 4096 and 8192 bit sizes, in addition to 2048 check-in: 6286921174 user: rkeene tags: trunk | |
14:39 | Updated gen_dh_params to support specifying a number of bits -- currently the only supported value is 2048 check-in: b128e0d4e4 user: rkeene tags: trunk | |
14:29 | Updated references to DH parameter bit sizes and ensure error messages are printed if generating fails entirely check-in: 83b1dea4d4 user: rkeene tags: trunk | |
Changes
Modified gen_dh_params from [045a249871] to [7228959737].
1
2
3
4
5
6
7
8
9
10
..
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
#! /usr/bin/env sh bits='2048' openssl_dhparam() { if [ -x "`which openssl 2>/dev/null`" ]; then o_output="`openssl dhparam -C "[email protected]" 2>/dev/null`" || return 1 o_output="`echo "${o_output}" | sed 's/get_dh[0-9]\+/get_dhParams/'`" || return 1 o_output="`echo "${o_output}" | sed '/^-----BEGIN DH PARAMETERS-----$/,/^-----END DH PARAMETERS-----$/ d;/^#/ d'`" || return 1 ................................................................................ return 0 fi return 1 } # Enable support for giving the same DH params each time if [ "$1" = 'fallback' ]; then gen_dh_params_fallback && exit 0 echo "Unable to generate fallback parameters for DH of ${bits} bits" >&2 exit 1 fi |
>
>
>
>
>
>
>
>
>
>
>
|
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
...
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
#! /usr/bin/env sh bits='2048' option_fallback='0' for arg in "[email protected]"; do case "${arg}" in fallback) option_fallback='1' ;; bits=*) bits="`echo "${arg}" | cut -f 2 -d =`" ;; esac done openssl_dhparam() { if [ -x "`which openssl 2>/dev/null`" ]; then o_output="`openssl dhparam -C "[email protected]" 2>/dev/null`" || return 1 o_output="`echo "${o_output}" | sed 's/get_dh[0-9]\+/get_dhParams/'`" || return 1 o_output="`echo "${o_output}" | sed '/^-----BEGIN DH PARAMETERS-----$/,/^-----END DH PARAMETERS-----$/ d;/^#/ d'`" || return 1 ................................................................................ return 0 fi return 1 } # Enable support for giving the same DH params each time if [ "${option_fallback}" = '1' ]; then gen_dh_params_fallback && exit 0 echo "Unable to generate fallback parameters for DH of ${bits} bits" >&2 exit 1 fi |