From 8411b218e6e656767ad9378f3b11e9110067e8a1 Mon Sep 17 00:00:00 2001
From: Matthew Grooms <mgrooms@pfsense.org>
Date: Thu, 4 Sep 2008 17:13:14 +0000
Subject: Bump the system dh-parameters file to 2048 per request on dev@.

---
 etc/inc/openvpn.inc | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'etc/inc/openvpn.inc')

diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc
index 12da61b..7ee3d5d 100644
--- a/etc/inc/openvpn.inc
+++ b/etc/inc/openvpn.inc
@@ -47,15 +47,15 @@ require_once('globals.inc');
 require_once('pfsense-utils.inc');
 require_once('util.inc');
 
-$openvpn_prots = array( "UDP", "TCP");
+$openvpn_prots = array("UDP", "TCP");
 
 $openvpn_auth_methods = array(
 	'pki' => "Public Key Infrastructure",
 	'shared_key' => "Pre Shared Key");
 
-function openvpn_create_dhparams() {
+function openvpn_create_dhparams($bits) {
 
-	$fp = popen("/usr/bin/openssl dhparam 1024", "r");
+	$fp = popen("/usr/bin/openssl dhparam {$bits}", "r");
 	if (!$fp)
 		return false;
 
@@ -529,7 +529,7 @@ function openvpn_resync_all() {
 
 	if (!$config['openvpn']['dh-parameters']) {
 		echo "Configuring OpenVPN Parameters ...\n";
-		$dh_parameters = openvpn_create_dhparams();
+		$dh_parameters = openvpn_create_dhparams(2048);
 		$dh_parameters = base64_encode($dh_parameters);
 		$config['openvpn']['dh-parameters'] = $dh_parameters;
 		write_config();
-- 
cgit v1.1