config is in openswan 1:2.6.37-1.
This file is a maintainer script. It is executed when installing (*inst) or removing (*rm) the package.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 | #!/bin/sh -e
set -e
. /usr/share/debconf/confmodule
db_input medium openswan/restart || true
db_input high openswan/install_x509_certificate || true
db_go || true
db_get openswan/install_x509_certificate
if [ "$RET" = "true" ]; then
db_input high openswan/how_to_get_x509_certificate || true
db_go || true
db_get openswan/how_to_get_x509_certificate
if [ "$RET" = "create" ]; then
# create a new certificate
db_input medium openswan/rsa_key_length || true
db_input high openswan/x509_self_signed || true
# we can't allow the country code to be empty - openssl will
# refuse to create a certificate this way
countrycode=""
while [ -z "$countrycode" ]; do
db_input medium openswan/x509_country_code || true
db_go || true
db_get openswan/x509_country_code
countrycode="$RET"
done
db_input medium openswan/x509_state_name || true
db_input medium openswan/x509_locality_name || true
db_input medium openswan/x509_organization_name || true
db_input medium openswan/x509_organizational_unit || true
db_input medium openswan/x509_common_name || true
db_input medium openswan/x509_email_address || true
db_go || true
elif [ "$RET" = "import" ]; then
# existing certificate - use it
db_input critical openswan/existing_x509_certificate_filename || true
db_input critical openswan/existing_x509_key_filename || true
db_input critical openswan/existing_x509_rootca_filename || true
db_go || true
fi
fi
|