X-Git-Url: http://git.hcoop.net/hcoop/debian/exim4.git/blobdiff_plain/493d55f6840d04ef186778724fc67530b1600113..0baa7b9df9e8d0188307c635776394b0db691e7d:/debian/exim4-daemon-light.postinst

diff --git a/debian/exim4-daemon-light.postinst b/debian/exim4-daemon-light.postinst
index 95578d7..1096ac8 100644
--- a/debian/exim4-daemon-light.postinst
+++ b/debian/exim4-daemon-light.postinst
@@ -29,6 +29,31 @@ case "$1" in
 			invoke-rc.d exim4 start
 		fi
 	fi
+
+	# set up DH-parameter file, update if older than 160 days
+	if test -e /var/spool/exim4/gnutls-params-2048 ; then
+		if [ `stat --format=%Y /var/spool/exim4/gnutls-params-2048` -le $(( `date +%s` - 13824000 )) ];
+			then
+			echo "Updating GnuTLS DH parameter file" 1>&2
+			/usr/share/exim4/exim4_refresh_gnutls-params
+		fi
+	else
+		echo "Initializing GnuTLS DH parameter file" 1>&2
+		tempgnutls=$(tempfile --directory /var/spool/exim4 --mode 644 --prefix  "gnutp")
+		chown Debian-exim:Debian-exim $tempgnutls
+		if [ -x /usr/bin/certtool ] && \
+			timeout --preserve-status --kill-after=15 120 \
+			certtool --generate-dh-params --bits 2048 > $tempgnutls ; then
+				mv $tempgnutls /var/spool/exim4/gnutls-params-2048
+		else
+			rm -f $tempgnutls
+			install -m 644 -o Debian-exim -g Debian-exim \
+				/usr/share/exim4/gnutls-params-2048 \
+				/var/spool/exim4/gnutls-params-2048
+		fi
+	fi
+
+
 	;;
 esac