diff options
author | Darren Tucker <dtucker@zip.com.au> | 2004-02-29 20:12:33 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2004-02-29 20:12:33 +1100 |
commit | fc113c97a3935896869e8bccf7a70cb7c7ed95d3 (patch) | |
tree | 260ef3c0aa8256344bbc74a04dec593189507be3 /dh.c | |
parent | d592048c36ee15cef19d6177aeb015b69bfa8833 (diff) |
- dtucker@cvs.openbsd.org 2004/02/27 22:42:47
[dh.c]
Prevent sshd from sending DH groups with a primitive generator of zero or
one, even if they are listed in /etc/moduli. ok markus@
Diffstat (limited to 'dh.c')
-rw-r--r-- | dh.c | 5 |
1 files changed, 4 insertions, 1 deletions
@@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: dh.c,v 1.26 2003/12/16 15:51:54 markus Exp $"); +RCSID("$OpenBSD: dh.c,v 1.27 2004/02/27 22:42:47 dtucker Exp $"); #include "xmalloc.h" @@ -91,6 +91,9 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg) if (BN_num_bits(dhg->p) != dhg->size) goto failclean; + if (BN_is_zero(dhg->g) || BN_is_one(dhg->g)) + goto failclean; + return (1); failclean: |