Репозиторий Sisyphus
Последнее обновление: 1 октября 2023 | Пакетов: 18631 | Посещений: 37588283
en ru br
Репозитории ALT
S:4.2.8p15-alt4
5.1: 4.2.4-alt5.p7
4.1: 4.2.4-alt3.p4.M41.2
4.0: 4.2.2-alt1.p4.3
3.0: 4.1.2-alt3
+backports:4.2.4-alt0.M30.3.p4
www.altlinux.org/Changes

Группа :: Система/Настройка/Прочее
Пакет: ntp

 Главная   Изменения   Спек   Патчи   Sources   Загрузить   Gear   Bugs and FR  Repocop 

Патч: ntp-4.2.8p14-MD5-to-SHA1-default.patch
Скачать

https://bugzilla.altlinux.org/38300
ntp-keygen-opts.def isn't patched, attempt caused the autogen's problem:
 
 Error in template /usr/share/autogen/cmd-doc.tlib, line 219
         DEFINITIONS ERROR in /usr/share/autogen/cmd-doc.tlib line 219 for ntp-keygen-opts.mdoc:
         Cannot locate converter for mdoc
 Failing Guile command:  = = = = =
 (define sec-type (string-upcase (get "ds-type")))
     (define sec-name (name-to-fname sec-type))
     (define cvt-fn (find-file (string-append
          (get "ds-format" "man") "2mdoc")))
     (if (not (defined? 'cvt-fn))
         (error (sprintf "Cannot locate converter for %s"
                (get "ds-format" "man"))))
 
     (define sec-file (string-append tmp-dir "/SEC/" sec-name))
     (access? sec-file R_OK)
diff --git a/ntp/html/keygen.html b/ntp/html/keygen.html
index 51577e3..f39e6c7 100644
--- a/ntp/html/keygen.html
+++ b/ntp/html/keygen.html
@@ -95,7 +95,7 @@
       run for the first time, or if all files with names
       beginning <tt>ntpkey</tt> have been removed, use
       the <tt>ntp-keygen</tt> command without arguments to generate a
-      default RSA host key and matching RSA-MD5 certificate with expiration
+      default RSA host key and matching RSA-SHA1 certificate with expiration
       date one year hence.  If run again without options, the program uses
       the existing keys and parameters and generates only a new certificate
       with new expiration date one year hence.</p>
@@ -138,7 +138,7 @@
       <dd>Select certificate digital signature and message digest scheme.
 	Note that RSA schemes must be used with an RSA sign key and DSA
 	schemes must be used with a DSA sign key.  The default without this
-	option is <tt>RSA-MD5</tt>.  If compatibility with FIPS 140-2 is
+	option is <tt>RSA-SHA1</tt>.  If compatibility with FIPS 140-2 is
 	required, either the <tt>DSA-SHA</tt> or <tt>DSA-SHA1</tt> scheme
 	must be used.</dd>
       <dt><tt>-C <i>cipher</i></tt></dt>
diff --git a/ntp/util/invoke-ntp-keygen.texi b/ntp/util/invoke-ntp-keygen.texi
index d835637..85b9431 100644
--- a/ntp/util/invoke-ntp-keygen.texi
+++ b/ntp/util/invoke-ntp-keygen.texi
@@ -143,7 +143,7 @@ have been removed, use the
 command without arguments to generate a default
 @code{RSA}
 host key and matching
-@code{RSA-MD5}
+@code{RSA-SHA1}
 certificate file with expiration date one year hence,
 which is all that is necessary in many cases.
 The program also generates soft links from the generic names
@@ -478,7 +478,7 @@ On trusted host alice run
 to generate the host key file
 @file{ntpkey}_ @code{RSA} @file{key_alice.} @kbd{filestamp}
 and trusted private certificate file
-@file{ntpkey}_ @code{RSA-MD5} @code{_} @file{cert_alice.} @kbd{filestamp},
+@file{ntpkey}_ @code{RSA-SHA1} @code{_} @file{cert_alice.} @kbd{filestamp},
 and soft links.
 Copy both files to all group hosts;
 they replace the files which would be generated in other schemes.
@@ -642,7 +642,7 @@ schemes must be used with a
 @code{DSA}
 sign key.
 The default without this option is
-@code{RSA-MD5}.
+@code{RSA-SHA1}.
 If compatibility with FIPS 140-2 is required, either the
 @code{DSA-SHA}
 or
@@ -1143,7 +1143,7 @@ DSA-SHA, or DSA-SHA1.
 Select the certificate signature encryption/message digest scheme.
 Note that RSA schemes must be used with a RSA sign key and DSA
 schemes must be used with a DSA sign key.  The default without
-this option is RSA-MD5.
+this option is RSA-SHA1.
 @node ntp-keygen cipher
 @subsection cipher option (-C)
 @cindex ntp-keygen-cipher
diff --git a/ntp/util/ntp-keygen.1ntp-keygenman b/ntp/util/ntp-keygen.1ntp-keygenman
index 4b97854..cdc2af7 100644
--- a/ntp/util/ntp-keygen.1ntp-keygenman
+++ b/ntp/util/ntp-keygen.1ntp-keygenman
@@ -179,7 +179,7 @@ have been removed, use the
 command without arguments to generate a default
 \f\*[B-Font]RSA\f[]
 host key and matching
-\f\*[B-Font]RSA-MD5\f[]
+\f\*[B-Font]RSA-SHA1\f[]
 certificate file with expiration date one year hence,
 which is all that is necessary in many cases.
 The program also generates soft links from the generic names
@@ -548,7 +548,7 @@ On trusted host alice run
 to generate the host key file
 \fIntpkey\f[]_ \f\*[B-Font]RSA\f[] \fIkey_alice.\f[] \f\*[I-Font]filestamp\f[]
 and trusted private certificate file
-\fIntpkey\f[]_ \f\*[B-Font]RSA-MD5\f[] \f\*[B-Font]_\f[] \fIcert_alice.\f[] \f\*[I-Font]filestamp\f[],
+\fIntpkey\f[]_ \f\*[B-Font]RSA-SHA1\f[] \f\*[B-Font]_\f[] \fIcert_alice.\f[] \f\*[I-Font]filestamp\f[],
 and soft links.
 Copy both files to all group hosts;
 they replace the files which would be generated in other schemes.
@@ -720,7 +720,7 @@ schemes must be used with a
 \f\*[B-Font]DSA\f[]
 sign key.
 The default without this option is
-\f\*[B-Font]RSA-MD5\f[].
+\f\*[B-Font]RSA-SHA1\f[].
 If compatibility with FIPS 140-2 is required, either the
 \f\*[B-Font]DSA-SHA\f[]
 or
@@ -1144,7 +1144,7 @@ DSA-SHA, or DSA-SHA1.
 Select the certificate signature encryption/message digest scheme.
 Note that RSA schemes must be used with a RSA sign key and DSA
 schemes must be used with a DSA sign key.  The default without
-this option is RSA-MD5.
+this option is RSA-SHA1.
 .TP
 .NOP \f\*[B-Font]\-C\f[] \f\*[I-Font]cipher\f[], \f\*[B-Font]\-\-cipher\f[]=\f\*[I-Font]cipher\f[]
 privatekey cipher.
diff --git a/ntp/util/ntp-keygen.c b/ntp/util/ntp-keygen.c
index eb2cb34..18cb116 100644
--- a/ntp/util/ntp-keygen.c
+++ b/ntp/util/ntp-keygen.c
@@ -564,7 +564,7 @@ main(
 		}
 	}
 	if (scheme == NULL)
-		scheme = "RSA-MD5";
+		scheme = "RSA-SHA1";
 	if (ciphername == NULL)
 		ciphername = "des-ede3-cbc";
 	cipher = EVP_get_cipherbyname(ciphername);
diff --git a/ntp/util/ntp-keygen.html b/ntp/util/ntp-keygen.html
index 38d5345..eb13a58 100644
--- a/ntp/util/ntp-keygen.html
+++ b/ntp/util/ntp-keygen.html
@@ -202,7 +202,7 @@ change to the keys directory, usually <code>/usr/local/etc</code>.
 When run for the
 first time, or if all files with names beginning <code>ntpkey</code>] have been
 removed, use the <code>ntp-keygen</code> command without arguments to generate a
-default RSA host key and matching RSA-MD5 certificate with expiration
+default RSA host key and matching RSA-SHA1 certificate with expiration
 date one year hence.
 If run again without options, the program uses the
 existing keys and parameters and generates only a new certificate with
@@ -439,7 +439,7 @@ have been removed, use the
 command without arguments to generate a default
 <code>RSA</code>
 host key and matching
-<code>RSA-MD5</code>
+<code>RSA-SHA1</code>
 certificate file with expiration date one year hence,
 which is all that is necessary in many cases.
 The program also generates soft links from the generic names
@@ -776,7 +776,7 @@ On trusted host alice run
 to generate the host key file
 <samp>ntpkey</samp>_ <code>RSA</code> <samp>key_alice.</samp> <kbd>filestamp</kbd>
 and trusted private certificate file
-<samp>ntpkey</samp>_ <code>RSA-MD5</code> <code>_</code> <samp>cert_alice.</samp> <kbd>filestamp</kbd>,
+<samp>ntpkey</samp>_ <code>RSA-SHA1</code> <code>_</code> <samp>cert_alice.</samp> <kbd>filestamp</kbd>,
 and soft links.
 Copy both files to all group hosts;
 they replace the files which would be generated in other schemes.
@@ -942,7 +942,7 @@ schemes must be used with a
 <code>DSA</code>
 sign key.
 The default without this option is
-<code>RSA-MD5</code>.
+<code>RSA-SHA1</code>.
 If compatibility with FIPS 140-2 is required, either the
 <code>DSA-SHA</code>
 or
@@ -1499,7 +1499,7 @@ DSA-SHA, or DSA-SHA1.
 <p>Select the certificate signature encryption/message digest scheme.
 Note that RSA schemes must be used with a RSA sign key and DSA
 schemes must be used with a DSA sign key.  The default without
-this option is RSA-MD5.
+this option is RSA-SHA1.
 </p><hr>
 <a name="ntp_002dkeygen-cipher"></a>
 <div class="header">
diff --git a/ntp/util/ntp-keygen.man.in b/ntp/util/ntp-keygen.man.in
index b5939b7..58a8e60 100644
--- a/ntp/util/ntp-keygen.man.in
+++ b/ntp/util/ntp-keygen.man.in
@@ -720,7 +720,7 @@ schemes must be used with a
 \f\*[B-Font]DSA\f[]
 sign key.
 The default without this option is
-\f\*[B-Font]RSA-MD5\f[].
+\f\*[B-Font]RSA-SHA1\f[].
 If compatibility with FIPS 140-2 is required, either the
 \f\*[B-Font]DSA-SHA\f[]
 or
diff --git a/ntp/util/ntp-keygen.texi b/ntp/util/ntp-keygen.texi
index 34e6aaa..7519fcc 100644
--- a/ntp/util/ntp-keygen.texi
+++ b/ntp/util/ntp-keygen.texi
@@ -132,7 +132,7 @@ change to the keys directory, usually @code{/usr/local/etc}.
 When run for the
 first time, or if all files with names beginning @code{ntpkey}] have been
 removed, use the @code{ntp-keygen} command without arguments to generate a
-default RSA host key and matching RSA-MD5 certificate with expiration
+default RSA host key and matching RSA-SHA1 certificate with expiration
 date one year hence.
 If run again without options, the program uses the
 existing keys and parameters and generates only a new certificate with








 






	дизайн и разработка: Vladimir Lettiev aka crux © 2004-2005,
	Andrew Avramenko aka liks © 2007-2008

	текущий майнтейнер: Michael Shigorin