chiark
/
gitweb
/
~mdw
/
tripe
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
tripe-keys: Don't hard-code the `-l' flag when generating master keys.
[tripe]
/
keys
/
tripe-keys.in
diff --git
a/keys/tripe-keys.in
b/keys/tripe-keys.in
index 1167dea00df123bf0bb35f1231db4f55f9ba5656..531e7492bad0f401beb6d3cf6917ae6cecdf989e 100644
(file)
--- a/
keys/tripe-keys.in
+++ b/
keys/tripe-keys.in
@@
-136,6
+136,7
@@
def conf_defaults():
('kx-expire', 'now + 1 year'),
('cipher', 'blowfish-cbc'),
('hash', 'sha256'),
('kx-expire', 'now + 1 year'),
('cipher', 'blowfish-cbc'),
('hash', 'sha256'),
+ ('master-keygen-flags', '-l'),
('mgf', '${hash}-mgf'),
('mac', lambda: '%s-hmac/%d' %
(conf['hash'],
('mgf', '${hash}-mgf'),
('mac', lambda: '%s-hmac/%d' %
(conf['hash'],
@@
-219,7
+220,7
@@
def cmd_newmaster(args):
seq = max_master_sequence() + 1
run('''key -kmaster add
-a${sig-genalg} !${sig-param}
seq = max_master_sequence() + 1
run('''key -kmaster add
-a${sig-genalg} !${sig-param}
- -e${sig-expire}
-l
-tmaster-%d tripe-keys-master
+ -e${sig-expire}
!${master-keygen-flags}
-tmaster-%d tripe-keys-master
sig=${sig} hash=${sig-hash}''' % seq)
run('key -kmaster extract -f-secret repos/master.pub')
sig=${sig} hash=${sig-hash}''' % seq)
run('key -kmaster extract -f-secret repos/master.pub')