diff options
| author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2006-05-22 06:31:58 +0000 |
|---|---|---|
| committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2006-05-22 06:31:58 +0000 |
| commit | 4769e2f961d2930ffcc6cfa5b1561548e4ea552c (patch) | |
| tree | 09d7bf5ab7e542d4f909c26d57b657d3f53b5a52 /debian/openswan.config | |
| parent | 12843c61608dfbfdd27d67d67f321e6b5b1806da (diff) | |
| download | vyos-strongswan-4769e2f961d2930ffcc6cfa5b1561548e4ea552c.tar.gz vyos-strongswan-4769e2f961d2930ffcc6cfa5b1561548e4ea552c.zip | |
- Just copy the whole debian/ dir from my openswan packaging.
Diffstat (limited to 'debian/openswan.config')
| -rw-r--r-- | debian/openswan.config | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/debian/openswan.config b/debian/openswan.config new file mode 100644 index 000000000..e779a2ab1 --- /dev/null +++ b/debian/openswan.config @@ -0,0 +1,57 @@ +#!/bin/sh -e + +. /usr/share/debconf/confmodule + +db_input medium openswan/start_level || true + +db_input medium openswan/restart || true + +db_input high openswan/enable-oe || true + +db_input high openswan/create_rsa_key || true +db_go || true + +db_get openswan/create_rsa_key +if [ "$RET" = "true" ]; then + db_input high openswan/rsa_key_type || true + db_go || true + + db_get openswan/rsa_key_type + if [ "$RET" = "plain" ]; then + # create just a plain RSA keypair + db_input medium openswan/rsa_key_length || true + db_go || true + else + # extract the RSA keypair from a x509 certificate + db_input high openswan/existing_x509_certificate || true + db_go || true + + # create a new certificate + db_input medium openswan/rsa_key_length || true + db_input high openswan/x509_self_signed || true + # we can't allow the country code to be empty - openssl will + # refuse to create a certificate this way + countrycode="" + while [ -z "$countrycode" ]; do + db_input medium openswan/x509_country_code || true + db_go || true + db_get openswan/x509_country_code + countrycode="$RET" + done + db_input medium openswan/x509_state_name || true + db_input medium openswan/x509_locality_name || true + db_input medium openswan/x509_organization_name || true + db_input medium openswan/x509_organizational_unit || true + db_input medium openswan/x509_common_name || true + db_input medium openswan/x509_email_address || true + db_go || true + fi +else + db_get openswan/existing_x509_certificate + if [ "$RET" = "true" ]; then + # existing certificate - use it + db_input critical openswan/existing_x509_certificate_filename || true + db_input critical openswan/existing_x509_key_filename || true + db_go || true + fi +fi |