[pkg-remote-commits] [xrdp] 02/03: Generate X509 keys in postinst.
Dominik George
natureshadow-guest at moszumanska.debian.org
Sun Jan 1 11:41:58 UTC 2017
This is an automated email from the git hooks/post-receive script.
natureshadow-guest pushed a commit to branch master
in repository xrdp.
commit 08617c7bdbc86797b2ca3856664fdda246713f03
Author: Dominik George <nik at naturalnet.de>
Date: Sun Jan 1 12:13:25 2017 +0100
Generate X509 keys in postinst.
---
debian/control | 1 +
debian/xrdp.postinst | 12 ++++++++++--
2 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/debian/control b/debian/control
index 85484ce..a67a636 100644
--- a/debian/control
+++ b/debian/control
@@ -38,6 +38,7 @@ Architecture: any
Depends:
adduser,
lsb-base (>= 3.0-6),
+ openssl,
${misc:Depends},
${shlibs:Depends},
Recommends:
diff --git a/debian/xrdp.postinst b/debian/xrdp.postinst
index cbfce10..b38c876 100644
--- a/debian/xrdp.postinst
+++ b/debian/xrdp.postinst
@@ -38,13 +38,21 @@ configure)
rm -f /etc/xrdp/rsakeys.ini
fi
- # generate a (512-bit, but that doesn't matter here
- # because the RDP4 crypto is MITMable anyway)
+ # Generate snakeoil RDP security keys
test -e /etc/xrdp/rsakeys.ini || (
umask 077
xrdp-keygen xrdp auto
chown xrdp /etc/xrdp/rsakeys.ini
)
+
+ # Generate snakeoil X509 certificate and key
+ test -e /etc/xrdp/cert.pem || (
+ umask 077
+ cd /etc/xrdp
+ openssl req -x509 -newkey rsa:2048 -nodes -keyout key.pem -out cert.pem -days 365
+ chown xrdp cert.pem key.pem
+ )
+
;;
abort-upgrade|abort-remove|abort-deconfigure)
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-remote/xrdp.git
More information about the pkg-remote-commits
mailing list