diff mbox series

[1/3] vpnmain.cgi: Do not use a bad source for randomness

Message ID	20240130174544.3986725-1-michael.tremer@ipfire.org
State	Staged
Commit	182743310ce47d9a78d5fd6d32c510bcbb163762
Headers	From: Michael Tremer <michael.tremer@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH 1/3] vpnmain.cgi: Do not use a bad source for randomness Date: Tue, 30 Jan 2024 17:45:42 +0000 Message-Id: <20240130174544.3986725-1-michael.tremer@ipfire.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-ID-Hash: QR23L5JC3GQE6JBQ2AE56FLZLB3NF3FK CC: Michael Tremer <michael.tremer@ipfire.org> Precedence: list Archived-At: <https://lists.ipfire.org/hyperkitty/list/development@lists.ipfire.org/message/QR23L5JC3GQE6JBQ2AE56FLZLB3NF3FK/>
Series	[1/3] vpnmain.cgi: Do not use a bad source for randomness \| [1/3] vpnmain.cgi: Do not use a bad source for randomness [2/3] vpnmain.cgi: Return the entire error message if OpenSSL fails [3/3] vpnmain.cgi: Add option to regenerate the host certificate

Commit Message

Michael Tremer Jan. 30, 2024, 5:45 p.m. UTC

  Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 html/cgi-bin/vpnmain.cgi | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff mbox series

Patch

diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi
index 53507305f..8b05a0de7 100644
--- a/html/cgi-bin/vpnmain.cgi
+++ b/html/cgi-bin/vpnmain.cgi
@@ -2141,7 +2141,7 @@  END
 		&General::log("ipsec", "Creating a cert...");
 
 		if (open(STDIN, "-|")) {
-			my $opt = " req -nodes -rand /proc/interrupts:/proc/net/rt_cache";
+			my $opt = " req -nodes";
 			$opt .= " -newkey rsa:4096";
 			$opt .= " -keyout ${General::swroot}/certs/$cgiparams{'NAME'}key.pem";
 			$opt .= " -out ${General::swroot}/certs/$cgiparams{'NAME'}req.pem";