From 5a1f294667d40583a02170208ab0881c2ccb20c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Toke=20H=C3=B8iland-J=C3=B8rgensen?= Date: Tue, 8 Jan 2019 11:27:12 +0100 Subject: [PATCH] acme: Support selecting ECC certificates from Luci MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As pointed out by @andersk, acme.sh already supports ECC certificates, and they can be set manually in the uci file, just not in Luci. Fix this by changing the key size selector into a listbox, and adding ECC certs as options. Fixes #7825. Signed-off-by: Toke Høiland-Jørgensen --- net/acme/Makefile | 2 +- net/acme/files/acme-cbi.lua | 11 ++++++++--- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/net/acme/Makefile b/net/acme/Makefile index 7bf98cc06..112e56669 100644 --- a/net/acme/Makefile +++ b/net/acme/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=acme PKG_VERSION:=2.7.9 -PKG_RELEASE:=4 +PKG_RELEASE:=5 PKG_LICENSE:=GPLv3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz diff --git a/net/acme/files/acme-cbi.lua b/net/acme/files/acme-cbi.lua index 2b9727217..3b02f48ab 100644 --- a/net/acme/files/acme-cbi.lua +++ b/net/acme/files/acme-cbi.lua @@ -53,10 +53,15 @@ us = cs:option(Flag, "use_staging", translate("Use staging server"), "(use for testing; the certificate won't be valid).")) us.rmempty = false -kl = cs:option(Value, "keylength", translate("Key length"), - translate("Number of bits (minimum 2048).")) +kl = cs:option(ListValue, "keylength", translate("Key size"), + translate("Key size (and type) for the generated certificate.")) +kl:value("2048", "RSA 2048 bits") +kl:value("4096", "RSA 4096 bits") +kl:value("8192", "RSA 8192 bits") +kl:value("ec-256", "ECC 256 bits") +kl:value("ec-384", "ECC 384 bits") +kl.default = "2048" kl.rmempty = false -kl.datatype = "and(uinteger,min(2048))" if uhttpd_presence then u = cs:option(Flag, "update_uhttpd", translate("Use for uhttpd"),