From 5c01edec270b55ab6ff113727b87eaf4e1203e3a Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 31 Dec 2021 09:38:33 +0100 Subject: Adding KEY_ALGO debconf handling in dehydrated-tools. Signed-off-by: Daniel Baumann --- debian/open-infrastructure-dehydrated-tools.config | 5 +++++ debian/open-infrastructure-dehydrated-tools.postinst | 9 +++++++++ debian/open-infrastructure-dehydrated-tools.templates | 9 +++++++++ 3 files changed, 23 insertions(+) diff --git a/debian/open-infrastructure-dehydrated-tools.config b/debian/open-infrastructure-dehydrated-tools.config index 8ff3177..c031c65 100644 --- a/debian/open-infrastructure-dehydrated-tools.config +++ b/debian/open-infrastructure-dehydrated-tools.config @@ -14,6 +14,7 @@ then db_set open-infrastructure-dehydrated-tools/ca "${CA}" db_set open-infrastructure-dehydrated-tools/challengetype "${CHALLENGETYPE}" db_set open-infrastructure-dehydrated-tools/contact-email "${CONTACT_EMAIL}" + db_set open-infrastructure-dehydrated-tools/key-algo "${KEY_ALGO}" db_set open-infrastructure-dehydrated-tools/ocsp-fetch "${OCSP_FETCH}" db_set open-infrastructure-dehydrated-tools/ocsp-must-staple "${OCSP_MUST_STAPLE}" fi @@ -34,6 +35,10 @@ db_settitle open-infrastructure-dehydrated-tools/title db_input low open-infrastructure-dehydrated-tools/contact-email "${CONTACT_EMAIL}" || true db_go +db_settitle open-infrastructure-dehydrated-tools/title +db_input low open-infrastructure-dehydrated-tools/key-algo "${KEY_ALGO}" || true +db_go + db_settitle open-infrastructure-dehydrated-tools/title db_input low open-infrastructure-dehydrated-tools/ocsp-fetch "${OCSP_FETCH}" || true db_go diff --git a/debian/open-infrastructure-dehydrated-tools.postinst b/debian/open-infrastructure-dehydrated-tools.postinst index 698016b..bd3ca57 100755 --- a/debian/open-infrastructure-dehydrated-tools.postinst +++ b/debian/open-infrastructure-dehydrated-tools.postinst @@ -66,6 +66,9 @@ case "${1}" in db_get open-infrastructure-dehydrated-tools/contact-email CONTACT_EMAIL="${RET}" # string (w/ empty) + db_get open-infrastructure-dehydrated-tools/key-algo + KEY_ALGO="${RET}" # select + db_get open-infrastructure-dehydrated-tools/ocsp-fetch OCSP_FETCH="${RET}" # boolean @@ -135,6 +138,7 @@ CA="${CA}" CHALLENGETYPE="${CHALLENGETYPE}" CONTACT_EMAIL="${CONTACT_EMAIL}" HOOK="${HOOK}" +KEY_ALGO="${KEY_ALGO}" OCSP_FETCH="${OCSP_FETCH}" OCSP_MUST_STAPLE="${OCSP_MUST_STAPLE}" EOF @@ -166,6 +170,10 @@ EOF grep -Eq '^ *HOOK=' "${CONFFILE}" || \ echo "HOOK=" >> "${CONFFILE}" + test -z "${KEY_ALGO}" || \ + grep -Eq '^ *KEY_ALGO=' "${CONFFILE}" || \ + echo "KEY_ALGO=" >> "${CONFFILE}" + test -z "${OCSP_FETCH}" || \ grep -Eq '^ *OCSP_FETCH=' "${CONFFILE}" || \ echo "OCSP_FETCH=" >> "${CONFFILE}" @@ -179,6 +187,7 @@ EOF -e "s|^ *CHALLENGETYPE=.*|CHALLENGETYPE=\"${CHALLENGETYPE}\"|" \ -e "s|^ *CONTACT_EMAIL=.*|CONTACT_EMAIL=\"${CONTACT_EMAIL}\"|" \ -e "s|^ *HOOK=.*|HOOK=\"${HOOK}\"|" \ + -e "s|^ *KEY_ALGO=.*|KEY_ALGO=\"${KEY_ALGO}\"|" \ -e "s|^ *OCSP_FETCH=.*|OCSP_FETCH=\"${OCSP_FETCH}\"|" \ -e "s|^ *OCSP_MUST_STAPLE=.*|OCSP_MUST_STAPLE=\"${OCSP_MUST_STAPLE}\"|" \ < "${CONFFILE}" > "${CONFFILE}.tmp" diff --git a/debian/open-infrastructure-dehydrated-tools.templates b/debian/open-infrastructure-dehydrated-tools.templates index 08c525e..e9b7295 100644 --- a/debian/open-infrastructure-dehydrated-tools.templates +++ b/debian/open-infrastructure-dehydrated-tools.templates @@ -36,6 +36,15 @@ Description: dehydrated Contact Email: . If unsure, leave empty (default). +Template: open-infrastructure-dehydrated-tools/key-algo +Type: select +Choices: prime256v1, rsa, secp384r1 +Default: secp384r1 +Description: dehydrated key algorithm: + Please select the key algorithm to use. + . + If unsure, use 'secp384r1' (default). + Template: open-infrastructure-dehydrated-tools/ocsp-fetch Type: boolean Default: false -- cgit v1.2.3