summaryrefslogtreecommitdiff
path: root/dh.c
diff options
context:
space:
mode:
authorBen Lindstrom <mouring@eviladmin.org>2001-03-29 00:36:16 +0000
committerBen Lindstrom <mouring@eviladmin.org>2001-03-29 00:36:16 +0000
commitdf221391e620776789e40af9a885c7c9cd945bd3 (patch)
tree1639ed6e2923e7bb67cc3ebfc0c1bbae03150298 /dh.c
parent60a4381f1a6ebc2f8eeeb2ba4e005ede91ac9af3 (diff)
- provos@cvs.openbsd.org 2001/03/27 17:46:50
[compat.c compat.h dh.c dh.h ssh2.h sshconnect2.c sshd.c version.h] make dh group exchange more flexible, allow min and max group size, okay markus@, deraadt@
Diffstat (limited to 'dh.c')
-rw-r--r--dh.c19
1 files changed, 13 insertions, 6 deletions
diff --git a/dh.c b/dh.c
index ac73f8400..5f441ee1c 100644
--- a/dh.c
+++ b/dh.c
@@ -23,7 +23,7 @@
23 */ 23 */
24 24
25#include "includes.h" 25#include "includes.h"
26RCSID("$OpenBSD: dh.c,v 1.8 2001/03/05 17:58:22 stevesk Exp $"); 26RCSID("$OpenBSD: dh.c,v 1.9 2001/03/27 17:46:49 provos Exp $");
27 27
28#include "xmalloc.h" 28#include "xmalloc.h"
29 29
@@ -69,6 +69,8 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg)
69 if (cp == NULL || *strsize == '\0' || 69 if (cp == NULL || *strsize == '\0' ||
70 (dhg->size = atoi(strsize)) == 0) 70 (dhg->size = atoi(strsize)) == 0)
71 goto fail; 71 goto fail;
72 /* The whole group is one bit larger */
73 dhg->size++;
72 gen = strsep(&cp, " "); /* gen */ 74 gen = strsep(&cp, " "); /* gen */
73 if (cp == NULL || *gen == '\0') 75 if (cp == NULL || *gen == '\0')
74 goto fail; 76 goto fail;
@@ -95,7 +97,7 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg)
95} 97}
96 98
97DH * 99DH *
98choose_dh(int minbits) 100choose_dh(int min, int wantbits, int max)
99{ 101{
100 FILE *f; 102 FILE *f;
101 char line[1024]; 103 char line[1024];
@@ -118,8 +120,11 @@ choose_dh(int minbits)
118 BN_free(dhg.g); 120 BN_free(dhg.g);
119 BN_free(dhg.p); 121 BN_free(dhg.p);
120 122
121 if ((dhg.size > minbits && dhg.size < best) || 123 if (dhg.size > max || dhg.size < min)
122 (dhg.size > best && best < minbits)) { 124 continue;
125
126 if ((dhg.size > wantbits && dhg.size < best) ||
127 (dhg.size > best && best < wantbits)) {
123 best = dhg.size; 128 best = dhg.size;
124 bestcount = 0; 129 bestcount = 0;
125 } 130 }
@@ -129,8 +134,8 @@ choose_dh(int minbits)
129 fclose (f); 134 fclose (f);
130 135
131 if (bestcount == 0) { 136 if (bestcount == 0) {
132 log("WARNING: no primes in %s, using old prime", _PATH_DH_PRIMES); 137 log("WARNING: no suitable primes in %s", _PATH_DH_PRIMES);
133 return (dh_new_group1()); 138 return (NULL);
134 } 139 }
135 140
136 f = fopen(_PATH_DH_PRIMES, "r"); 141 f = fopen(_PATH_DH_PRIMES, "r");
@@ -143,6 +148,8 @@ choose_dh(int minbits)
143 while (fgets(line, sizeof(line), f)) { 148 while (fgets(line, sizeof(line), f)) {
144 if (!parse_prime(linenum, line, &dhg)) 149 if (!parse_prime(linenum, line, &dhg))
145 continue; 150 continue;
151 if (dhg.size > max || dhg.size < min)
152 continue;
146 if (dhg.size != best) 153 if (dhg.size != best)
147 continue; 154 continue;
148 if (linenum++ != which) { 155 if (linenum++ != which) {
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-26 15:06:19 +0000