From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] OpenVPN: Delete 1024 bit DH-parameter from menu
Date: Tue, 19 Jun 2018 11:31:48 +0100
Message-ID: <7917d09491273b6d97bf13938dbd1518bece2f73.camel@ipfire.org>
In-Reply-To: <1529342196-12555-1-git-send-email-erik.kapfer@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============6224196417350584310=="
List-Id: <development.lists.ipfire.org>

--===============6224196417350584310==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hello,

this patch is fine, but what do we do with systems that already have a key
generated with that size?

-Michael

On Mon, 2018-06-18 at 19:16 +0200, Erik Kapfer wrote:
> Since OpenVPN-2.4.x do not accepts 1024 bit DH-parameter for security conce=
rns
> anymore,
>     it has been removed from the menu.
>=20
> Signed-off-by: Erik Kapfer <erik.kapfer(a)ipfire.org>
> ---
>  html/cgi-bin/ovpnmain.cgi | 2 --
>  1 file changed, 2 deletions(-)
>=20
> diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
> index 0bc28ce..4bc3473 100644
> --- a/html/cgi-bin/ovpnmain.cgi
> +++ b/html/cgi-bin/ovpnmain.cgi
> @@ -1291,7 +1291,6 @@ END
>  		<form method=3D'post'><input type=3D'hidden' name=3D'AREUSURE'
> value=3D'yes' />
>  		<input type=3D'hidden' name=3D'KEY' value=3D'$cgiparams{'KEY'}' />
>  			<select name=3D'DHLENGHT'>
> -				<option value=3D'1024'
> $selected{'DHLENGHT'}{'1024'}>1024 $Lang::tr{'bit'} ($Lang::tr{'vpn
> weak'})</option>
>  				<option value=3D'2048'
> $selected{'DHLENGHT'}{'2048'}>2048 $Lang::tr{'bit'}</option>
>  				<option value=3D'3072'
> $selected{'DHLENGHT'}{'3072'}>3072 $Lang::tr{'bit'}</option>
>  				<option value=3D'4096'
> $selected{'DHLENGHT'}{'4096'}>4096 $Lang::tr{'bit'}</option>
> @@ -1973,7 +1972,6 @@ END
>  	    </select></td>
>  	<tr><td class=3D'base'>$Lang::tr{'ovpn dh'}:</td>
>  		<td class=3D'base'><select name=3D'DHLENGHT'>
> -				<option value=3D'1024'
> $selected{'DHLENGHT'}{'1024'}>1024 $Lang::tr{'bit'} ($Lang::tr{'vpn
> weak'})</option>
>  				<option value=3D'2048'
> $selected{'DHLENGHT'}{'2048'}>2048 $Lang::tr{'bit'}</option>
>  				<option value=3D'3072'
> $selected{'DHLENGHT'}{'3072'}>3072 $Lang::tr{'bit'}</option>
>  				<option value=3D'4096'
> $selected{'DHLENGHT'}{'4096'}>4096 $Lang::tr{'bit'}</option>

--===============6224196417350584310==--