Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Updated gen_dh_params to support specifying a number of bits -- currently the only supported value is 2048 |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
b128e0d4e4d93a53d4007806f5751b19 |
| User & Date: | rkeene 2017-04-18 14:39:04 |
Context
|
2017-04-18
| ||
| 18:17 | Added pre-computed DH params for fallback values for 4096 and 8192 bit sizes, in addition to 2048 check-in: 6286921174 user: rkeene tags: trunk | |
| 14:39 | Updated gen_dh_params to support specifying a number of bits -- currently the only supported value is 2048 check-in: b128e0d4e4 user: rkeene tags: trunk | |
| 14:29 | Updated references to DH parameter bit sizes and ensure error messages are printed if generating fails entirely check-in: 83b1dea4d4 user: rkeene tags: trunk | |
Changes
Changes to gen_dh_params.
1 2 3 4 5 6 7 8 9 10 |
#! /usr/bin/env sh
bits='2048'
openssl_dhparam() {
if [ -x "`which openssl 2>/dev/null`" ]; then
o_output="`openssl dhparam -C "$@" 2>/dev/null`" || return 1
o_output="`echo "${o_output}" | sed 's/get_dh[0-9]\+/get_dhParams/'`" || return 1
o_output="`echo "${o_output}" | sed '/^-----BEGIN DH PARAMETERS-----$/,/^-----END DH PARAMETERS-----$/ d;/^#/ d'`" || return 1
| > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
#! /usr/bin/env sh
bits='2048'
option_fallback='0'
for arg in "$@"; do
case "${arg}" in
fallback)
option_fallback='1'
;;
bits=*)
bits="`echo "${arg}" | cut -f 2 -d =`"
;;
esac
done
openssl_dhparam() {
if [ -x "`which openssl 2>/dev/null`" ]; then
o_output="`openssl dhparam -C "$@" 2>/dev/null`" || return 1
o_output="`echo "${o_output}" | sed 's/get_dh[0-9]\+/get_dhParams/'`" || return 1
o_output="`echo "${o_output}" | sed '/^-----BEGIN DH PARAMETERS-----$/,/^-----END DH PARAMETERS-----$/ d;/^#/ d'`" || return 1
|
| ︙ | ︙ | |||
99 100 101 102 103 104 105 | return 0 fi return 1 } # Enable support for giving the same DH params each time | | | 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 |
return 0
fi
return 1
}
# Enable support for giving the same DH params each time
if [ "${option_fallback}" = '1' ]; then
gen_dh_params_fallback && exit 0
echo "Unable to generate fallback parameters for DH of ${bits} bits" >&2
exit 1
fi
|
| ︙ | ︙ |