From: nbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Date: Mon, 25 Jan 2016 17:42:25 +0000 (+0000)
Subject: package/uhttpd: generate 2048 bit RSA key
X-Git-Url: https://git.archive.openwrt.org/?p=openwrt.git;a=commitdiff_plain;h=c25c746a698dbe315c94b38c6f34fb88ca868aa6

package/uhttpd: generate 2048 bit RSA key

RSA keys should be generated with sufficient length.
Using 1024 bits is considered unsafe.
In other packages the used key length is 2048 bits.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@48494 3c298f89-4303-0410-b956-a3cf2f4a3e73
---

diff --git a/package/network/services/uhttpd/files/uhttpd.config b/package/network/services/uhttpd/files/uhttpd.config
index 059987c446..e14b9fefd7 100644
--- a/package/network/services/uhttpd/files/uhttpd.config
+++ b/package/network/services/uhttpd/files/uhttpd.config
@@ -111,7 +111,7 @@ config cert px5g
 	option days		730
 
 	# RSA key size
-	option bits		1024
+	option bits		2048
 
 	# Location
 	option country		ZZ
diff --git a/package/network/services/uhttpd/files/uhttpd.init b/package/network/services/uhttpd/files/uhttpd.init
index add09243ec..4ca6c8d626 100755
--- a/package/network/services/uhttpd/files/uhttpd.init
+++ b/package/network/services/uhttpd/files/uhttpd.init
@@ -45,7 +45,7 @@ generate_keys() {
 
 	[ -x "$PX5G_BIN" ] && {
 		$PX5G_BIN selfsigned -der \
-			-days ${days:-730} -newkey rsa:${bits:-1024} -keyout "${UHTTPD_KEY}.new" -out "${UHTTPD_CERT}.new" \
+			-days ${days:-730} -newkey rsa:${bits:-2048} -keyout "${UHTTPD_KEY}.new" -out "${UHTTPD_CERT}.new" \
 			-subj /C="${country:-DE}"/ST="${state:-Saxony}"/L="${location:-Leipzig}"/CN="${commonname:-OpenWrt}"
 		sync
 		mv "${UHTTPD_KEY}.new" "${UHTTPD_KEY}"