Merge branch 'debian' into hcoop_489

[hcoop/debian/exim4.git] / debian / exim4-daemon-light.postinst

diff --git a/debian/exim4-daemon-light.postinst b/debian/exim4-daemon-light.postinst
index 95578d7..1096ac8 100644 (file)
--- a/debian/exim4-daemon-light.postinst
+++ b/debian/exim4-daemon-light.postinst
@@ -29,6 +29,31 @@ case "$1" in
                        invoke-rc.d exim4 start
                fi
        fi
+
+       # set up DH-parameter file, update if older than 160 days
+       if test -e /var/spool/exim4/gnutls-params-2048 ; then
+               if [ `stat --format=%Y /var/spool/exim4/gnutls-params-2048` -le $(( `date +%s` - 13824000 )) ];
+                       then
+                       echo "Updating GnuTLS DH parameter file" 1>&2
+                       /usr/share/exim4/exim4_refresh_gnutls-params
+               fi
+       else
+               echo "Initializing GnuTLS DH parameter file" 1>&2
+               tempgnutls=$(tempfile --directory /var/spool/exim4 --mode 644 --prefix  "gnutp")
+               chown Debian-exim:Debian-exim $tempgnutls
+               if [ -x /usr/bin/certtool ] && \
+                       timeout --preserve-status --kill-after=15 120 \
+                       certtool --generate-dh-params --bits 2048 > $tempgnutls ; then
+                               mv $tempgnutls /var/spool/exim4/gnutls-params-2048
+               else
+                       rm -f $tempgnutls
+                       install -m 644 -o Debian-exim -g Debian-exim \
+                               /usr/share/exim4/gnutls-params-2048 \
+                               /var/spool/exim4/gnutls-params-2048
+               fi
+       fi
+
+
        ;;
 esac