1024 bits is already the minimum accepted size of current TLS libraries. 2048
is recommended for servers, see https://weakdh.org/
Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Sep 3 03:47:48 CEST 2015 on sn-devel-104
#if ENABLE_GNUTLS
#include <gnutls/gnutls.h>
-#define DH_BITS 1024
+#define DH_BITS 2048
#if defined(HAVE_GNUTLS_DATUM) && !defined(HAVE_GNUTLS_DATUM_T)
typedef gnutls_datum gnutls_datum_t;
#if ENABLE_GNUTLS
#include <gnutls/gnutls.h>
-#define DH_BITS 1024
+#define DH_BITS 2048
#if defined(HAVE_GNUTLS_DATUM) && !defined(HAVE_GNUTLS_DATUM_T)
typedef gnutls_datum gnutls_datum_t;