From: Felix Fietkau Date: Mon, 25 Jan 2016 17:42:25 +0000 (+0000) Subject: package/uhttpd: generate 2048 bit RSA key X-Git-Tag: reboot~639 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=565570cfd5dcd11bacd0e7a36d2abb0d6ea670b5;p=oweals%2Fopenwrt.git package/uhttpd: generate 2048 bit RSA key RSA keys should be generated with sufficient length. Using 1024 bits is considered unsafe. In other packages the used key length is 2048 bits. Signed-off-by: Heinrich Schuchardt SVN-Revision: 48494 --- diff --git a/package/network/services/uhttpd/files/uhttpd.config b/package/network/services/uhttpd/files/uhttpd.config index 059987c446..e14b9fefd7 100644 --- a/package/network/services/uhttpd/files/uhttpd.config +++ b/package/network/services/uhttpd/files/uhttpd.config @@ -111,7 +111,7 @@ config cert px5g option days 730 # RSA key size - option bits 1024 + option bits 2048 # Location option country ZZ diff --git a/package/network/services/uhttpd/files/uhttpd.init b/package/network/services/uhttpd/files/uhttpd.init index add09243ec..4ca6c8d626 100755 --- a/package/network/services/uhttpd/files/uhttpd.init +++ b/package/network/services/uhttpd/files/uhttpd.init @@ -45,7 +45,7 @@ generate_keys() { [ -x "$PX5G_BIN" ] && { $PX5G_BIN selfsigned -der \ - -days ${days:-730} -newkey rsa:${bits:-1024} -keyout "${UHTTPD_KEY}.new" -out "${UHTTPD_CERT}.new" \ + -days ${days:-730} -newkey rsa:${bits:-2048} -keyout "${UHTTPD_KEY}.new" -out "${UHTTPD_CERT}.new" \ -subj /C="${country:-DE}"/ST="${state:-Saxony}"/L="${location:-Leipzig}"/CN="${commonname:-OpenWrt}" sync mv "${UHTTPD_KEY}.new" "${UHTTPD_KEY}"