package/uhttpd: generate 2048 bit RSA key

RSA keys should be generated with sufficient length.
Using 1024 bits is considered unsafe.
In other packages the used key length is 2048 bits.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
SVN-Revision: 48494

diff --git a/package/network/services/uhttpd/files/uhttpd.config b/package/network/services/uhttpd/files/uhttpd.config
index 059987c446ea99dbae2c722352f10e2d4bb11b08..e14b9fefd74ebe88e6c9c12b92396993705532c0 100644 (file)
--- a/package/network/services/uhttpd/files/uhttpd.config
+++ b/package/network/services/uhttpd/files/uhttpd.config
@@ -111,7 +111,7 @@ config cert px5g
        option days             730
 
        # RSA key size
-       option bits             1024
+       option bits             2048
 
        # Location
        option country          ZZ

diff --git a/package/network/services/uhttpd/files/uhttpd.init b/package/network/services/uhttpd/files/uhttpd.init
index add09243ecd6c04a61fdf9e14de589938d0f8edd..4ca6c8d62655b0e54bf1e5931dc24812aff12370 100755 (executable)
--- a/package/network/services/uhttpd/files/uhttpd.init
+++ b/package/network/services/uhttpd/files/uhttpd.init
@@ -45,7 +45,7 @@ generate_keys() {
 
        [ -x "$PX5G_BIN" ] && {
                $PX5G_BIN selfsigned -der \
-                       -days ${days:-730} -newkey rsa:${bits:-1024} -keyout "${UHTTPD_KEY}.new" -out "${UHTTPD_CERT}.new" \
+                       -days ${days:-730} -newkey rsa:${bits:-2048} -keyout "${UHTTPD_KEY}.new" -out "${UHTTPD_CERT}.new" \
                        -subj /C="${country:-DE}"/ST="${state:-Saxony}"/L="${location:-Leipzig}"/CN="${commonname:-OpenWrt}"
                sync
                mv "${UHTTPD_KEY}.new" "${UHTTPD_KEY}"