[FS#529] px5g-standalone only generates sha1 signature
LEDE Bugs
lede-bugs at lists.infradead.org
Sat Feb 18 06:46:37 PST 2017
A new Flyspray task has been opened. Details are below.
User who did this - alive4ever (alive4ever)
Attached to Project - LEDE Project
Summary - px5g-standalone only generates sha1 signature
Task Type - Bug Report
Category - Packages
Status - Unconfirmed
Assigned To -
Operating System - All
Severity - Low
Priority - Very Low
Reported Version - Trunk
Due in Version - Undecided
Due Date - Undecided
Details - This bug report is related to FS#512
On LEDE snapshot, one needs to install LUCI to access web interface. For encrypted web interface access, TLS is needed. There are two packages providing TLS protected web interface: luci-ssl and luci-ssl-openssl.
luci-ssl depends on px5g, which is provided by either px5g-mbedtls or px5g-standalone. Without mentioning px5g backend when installing luci-ssl, px5g-standalone is pulled to satisfy luci-ssl dependency.
Sadly, px5g-standalone only generates sha1-signed certificate, which has been obsolete on 2017.
px5g-standalone should generates sha256-signed certificate to continue providing px5g dependency. If this cannot be achieved, I suggest px5g-standalone package removal and just rely on px5g-mbedtls for px5g dependency.
More information can be found at the following URL:
https://bugs.lede-project.org/index.php?do=details&task_id=529
More information about the lede-bugs
mailing list