summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimon Rettberg2020-09-11 13:02:15 +0200
committerSimon Rettberg2020-09-11 13:02:15 +0200
commit0bf9d23a4725651521637b031ca4eaebf34fc260 (patch)
treea39cab9d0c9f60a0c4d652b9d216e38ab4f04000
parent[server] Periodically deactivate xscreensaver when clients are connected (diff)
downloadpvs2-0bf9d23a4725651521637b031ca4eaebf34fc260.tar.gz
pvs2-0bf9d23a4725651521637b031ca4eaebf34fc260.tar.xz
pvs2-0bf9d23a4725651521637b031ca4eaebf34fc260.zip
Newer versions of Qt do not accept 1024bit RSA keys
... and helpfully do not print any kind of warning or error. Instead, accepting SSL connections just silently fails. Isn't this wonderful?
-rw-r--r--src/server/net/certmanager.cpp4
-rw-r--r--src/server/net/sslserver.cpp2
2 files changed, 3 insertions, 3 deletions
diff --git a/src/server/net/certmanager.cpp b/src/server/net/certmanager.cpp
index a503088..5d8d824 100644
--- a/src/server/net/certmanager.cpp
+++ b/src/server/net/certmanager.cpp
@@ -99,8 +99,8 @@ static void generateFiles(QString& key, QString& cert)
remove(key.toLocal8Bit().data());
remove(cert.toLocal8Bit().data());
snprintf(tmp, 1000,
- "openssl req -x509 -nodes -days 3650 -newkey rsa:1024 -subj '/C=DE/ST=BaWue/L=Freiburg/CN=openslx.org' -keyout \"%s\" -out \"%s\"",
- key.toLocal8Bit().data(), cert.toLocal8Bit().data());
+ "openssl req -x509 -nodes -days 5000 -newkey rsa:4096 -subj '/C=DE/ST=BaWue/L=Freiburg/CN=openslx.org' -keyout \"%s\" -out \"%s\"",
+ key.toLocal8Bit().data(), cert.toLocal8Bit().data());
system(tmp);
snprintf(tmp, 1000, "chmod 0600 \"%s\" \"%s\"", key.toLocal8Bit().data(), cert.toLocal8Bit().data());
system(tmp);
diff --git a/src/server/net/sslserver.cpp b/src/server/net/sslserver.cpp
index d968834..b2da034 100644
--- a/src/server/net/sslserver.cpp
+++ b/src/server/net/sslserver.cpp
@@ -57,7 +57,7 @@ void SslServer::incomingConnection(qintptr socketDescriptor)
static int certFails = 0;
QSslKey key;
QSslCertificate cert;
- if (!CertManager::getPrivateKeyAndCert("manager", key, cert)) {
+ if (!CertManager::getPrivateKeyAndCert("manager2", key, cert)) {
if (++certFails > 5) {
CertManager::fatal();
}