system: custom dh parameter creation for #2466

2026-03-18 18:44:44 +00:00 · 2018-06-17 21:20:43 +02:00 · 2018-06-17 21:20:43 +02:00 · a20aacb4ae
commit a20aacb4ae
parent f4e7d2dc2a
2 changed files with 14 additions and 7 deletions
--- a/src/opnsense/scripts/system/dh_parameters.sh
+++ b/src/opnsense/scripts/system/dh_parameters.sh
@ -29,11 +29,18 @@ TMPFILE="/tmp/dh-parameters.${$}"
 FLOCK="/usr/local/bin/flock"
 OPENSSL="/usr/local/bin/openssl"

+# XXX we could extrapolate from the files available in the system
+WANTBITS="1024 2048 4096"
+
+if [ -n "${1}" ]; then
+	WANTBITS=${1}
+fi
+
 touch ${LOCKFILE}

 (
 	if ${FLOCK} -n 9; then
-		for BITS in 1024 2048 4096; do
+		for BITS in ${WANTBITS}; do
 			${OPENSSL} dhparam -out ${TMPFILE} ${BITS}
 			mv ${TMPFILE} /usr/local/etc/dh-parameters.${BITS}
 		done
--- a/src/opnsense/service/conf/actions.d/actions_system.conf
+++ b/src/opnsense/service/conf/actions.d/actions_system.conf
@ -2,23 +2,23 @@
 command:/usr/local/opnsense/scripts/systemhealth/activity.py
 parameters:%s
 type:script_output
-message:show system activity
+message:Show system activity

 [list.interrupts]
 command:/usr/local/opnsense/scripts/system/list_interrupts.py
-parameters: %s
+parameters:%s
 type:script_output
-message:request vmstat interrupt counters
+message:Request vmstat interrupt counters

 [ssl.ciphers]
 command:/usr/local/opnsense/scripts/system/ssl_ciphers.py
 parameters:
 type:script_output
-message:list ssl ciphers
+message:List SSL ciphers

 [ssl.dhparam]
 command:daemon -f /usr/local/opnsense/scripts/system/dh_parameters.sh
-parameters:
+parameters:%s
 type:script
-message:regenerate DH parameters
+message:regenerate DH parameters %s
 description:Regenerate DH parameters