diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | moduli.c | 34 | ||||
-rw-r--r-- | moduli.h | 23 | ||||
-rw-r--r-- | ssh-keygen.c | 16 |
4 files changed, 39 insertions, 39 deletions
@@ -17,6 +17,9 @@ | |||
17 | [clientloop.c misc.h readpass.c scard.c ssh-add.c ssh-agent.c ssh-keygen.c | 17 | [clientloop.c misc.h readpass.c scard.c ssh-add.c ssh-agent.c ssh-keygen.c |
18 | sshconnect.c sshconnect1.c sshconnect2.c] removed: readpass.h | 18 | sshconnect.c sshconnect1.c sshconnect2.c] removed: readpass.h |
19 | kill a tiny header; ok deraadt@ | 19 | kill a tiny header; ok deraadt@ |
20 | - djm@cvs.openbsd.org 2004/05/09 00:06:47 | ||
21 | [moduli.c ssh-keygen.c] removed: moduli.h | ||
22 | zap another tiny header; ok deraadt@ | ||
20 | 23 | ||
21 | 20040502 | 24 | 20040502 |
22 | - (dtucker) OpenBSD CVS Sync | 25 | - (dtucker) OpenBSD CVS Sync |
@@ -1093,4 +1096,4 @@ | |||
1093 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 1096 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
1094 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 1097 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
1095 | 1098 | ||
1096 | $Id: ChangeLog,v 1.3346 2004/05/13 06:15:47 dtucker Exp $ | 1099 | $Id: ChangeLog,v 1.3347 2004/05/13 06:24:32 dtucker Exp $ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: moduli.c,v 1.6 2004/04/22 11:56:57 djm Exp $ */ | 1 | /* $OpenBSD: moduli.c,v 1.7 2004/05/09 00:06:47 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 1994 Phil Karn <karn@qualcomm.com> | 3 | * Copyright 1994 Phil Karn <karn@qualcomm.com> |
4 | * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> | 4 | * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> |
@@ -38,7 +38,6 @@ | |||
38 | */ | 38 | */ |
39 | 39 | ||
40 | #include "includes.h" | 40 | #include "includes.h" |
41 | #include "moduli.h" | ||
42 | #include "xmalloc.h" | 41 | #include "xmalloc.h" |
43 | #include "log.h" | 42 | #include "log.h" |
44 | 43 | ||
@@ -91,6 +90,19 @@ | |||
91 | #define SHIFT_MEGAWORD (SHIFT_MEGABYTE-SHIFT_BYTE) | 90 | #define SHIFT_MEGAWORD (SHIFT_MEGABYTE-SHIFT_BYTE) |
92 | 91 | ||
93 | /* | 92 | /* |
93 | * Using virtual memory can cause thrashing. This should be the largest | ||
94 | * number that is supported without a large amount of disk activity -- | ||
95 | * that would increase the run time from hours to days or weeks! | ||
96 | */ | ||
97 | #define LARGE_MINIMUM (8UL) /* megabytes */ | ||
98 | |||
99 | /* | ||
100 | * Do not increase this number beyond the unsigned integer bit size. | ||
101 | * Due to a multiple of 4, it must be LESS than 128 (yielding 2**30 bits). | ||
102 | */ | ||
103 | #define LARGE_MAXIMUM (127UL) /* megabytes */ | ||
104 | |||
105 | /* | ||
94 | * Constant: when used with 32-bit integers, the largest sieve prime | 106 | * Constant: when used with 32-bit integers, the largest sieve prime |
95 | * has to be less than 2**32. | 107 | * has to be less than 2**32. |
96 | */ | 108 | */ |
@@ -114,6 +126,9 @@ | |||
114 | * Prime testing defines | 126 | * Prime testing defines |
115 | */ | 127 | */ |
116 | 128 | ||
129 | /* Minimum number of primality tests to perform */ | ||
130 | #define TRIAL_MINIMUM (4) | ||
131 | |||
117 | /* | 132 | /* |
118 | * Sieving data (XXX - move to struct) | 133 | * Sieving data (XXX - move to struct) |
119 | */ | 134 | */ |
@@ -235,6 +250,13 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start) | |||
235 | 250 | ||
236 | largememory = memory; | 251 | largememory = memory; |
237 | 252 | ||
253 | if (memory != 0 && | ||
254 | (memory < LARGE_MINIMUM || memory > LARGE_MAXIMUM)) { | ||
255 | error("Invalid memory amount (min %ld, max %ld)", | ||
256 | LARGE_MINIMUM, LARGE_MAXIMUM); | ||
257 | return (-1); | ||
258 | } | ||
259 | |||
238 | /* | 260 | /* |
239 | * Set power to the length in bits of the prime to be generated. | 261 | * Set power to the length in bits of the prime to be generated. |
240 | * This is changed to 1 less than the desired safe prime moduli p. | 262 | * This is changed to 1 less than the desired safe prime moduli p. |
@@ -430,8 +452,7 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start) | |||
430 | * The result is a list of so-call "safe" primes | 452 | * The result is a list of so-call "safe" primes |
431 | */ | 453 | */ |
432 | int | 454 | int |
433 | prime_test(FILE *in, FILE *out, u_int32_t trials, | 455 | prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted) |
434 | u_int32_t generator_wanted) | ||
435 | { | 456 | { |
436 | BIGNUM *q, *p, *a; | 457 | BIGNUM *q, *p, *a; |
437 | BN_CTX *ctx; | 458 | BN_CTX *ctx; |
@@ -441,6 +462,11 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, | |||
441 | time_t time_start, time_stop; | 462 | time_t time_start, time_stop; |
442 | int res; | 463 | int res; |
443 | 464 | ||
465 | if (trials < TRIAL_MINIMUM) { | ||
466 | error("Minimum primality trials is %d", TRIAL_MINIMUM); | ||
467 | return (-1); | ||
468 | } | ||
469 | |||
444 | time(&time_start); | 470 | time(&time_start); |
445 | 471 | ||
446 | p = BN_new(); | 472 | p = BN_new(); |
diff --git a/moduli.h b/moduli.h deleted file mode 100644 index 9cd1cd3f8..000000000 --- a/moduli.h +++ /dev/null | |||
@@ -1,23 +0,0 @@ | |||
1 | /* $OpenBSD: moduli.h,v 1.1 2003/07/28 09:49:56 djm Exp $ */ | ||
2 | |||
3 | #include <sys/types.h> | ||
4 | #include <openssl/bn.h> | ||
5 | |||
6 | /* | ||
7 | * Using virtual memory can cause thrashing. This should be the largest | ||
8 | * number that is supported without a large amount of disk activity -- | ||
9 | * that would increase the run time from hours to days or weeks! | ||
10 | */ | ||
11 | #define LARGE_MINIMUM (8UL) /* megabytes */ | ||
12 | |||
13 | /* | ||
14 | * Do not increase this number beyond the unsigned integer bit size. | ||
15 | * Due to a multiple of 4, it must be LESS than 128 (yielding 2**30 bits). | ||
16 | */ | ||
17 | #define LARGE_MAXIMUM (127UL) /* megabytes */ | ||
18 | |||
19 | /* Minimum number of primality tests to perform */ | ||
20 | #define TRIAL_MINIMUM (4) | ||
21 | |||
22 | int gen_candidates(FILE *, int, int, BIGNUM *); | ||
23 | int prime_test(FILE *, FILE *, u_int32_t, u_int32_t); | ||
diff --git a/ssh-keygen.c b/ssh-keygen.c index 2dfbb24b3..5539fe17a 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: ssh-keygen.c,v 1.114 2004/05/08 00:21:31 djm Exp $"); | 15 | RCSID("$OpenBSD: ssh-keygen.c,v 1.115 2004/05/09 00:06:47 djm Exp $"); |
16 | 16 | ||
17 | #include <openssl/evp.h> | 17 | #include <openssl/evp.h> |
18 | #include <openssl/pem.h> | 18 | #include <openssl/pem.h> |
@@ -27,7 +27,6 @@ RCSID("$OpenBSD: ssh-keygen.c,v 1.114 2004/05/08 00:21:31 djm Exp $"); | |||
27 | #include "pathnames.h" | 27 | #include "pathnames.h" |
28 | #include "log.h" | 28 | #include "log.h" |
29 | #include "misc.h" | 29 | #include "misc.h" |
30 | #include "moduli.h" | ||
31 | 30 | ||
32 | #ifdef SMARTCARD | 31 | #ifdef SMARTCARD |
33 | #include "scard.h" | 32 | #include "scard.h" |
@@ -85,6 +84,10 @@ char *__progname; | |||
85 | 84 | ||
86 | char hostname[MAXHOSTNAMELEN]; | 85 | char hostname[MAXHOSTNAMELEN]; |
87 | 86 | ||
87 | /* moduli.c */ | ||
88 | int gen_candidates(FILE *, int, int, BIGNUM *); | ||
89 | int prime_test(FILE *, FILE *, u_int32_t, u_int32_t); | ||
90 | |||
88 | static void | 91 | static void |
89 | ask_filename(struct passwd *pw, const char *prompt) | 92 | ask_filename(struct passwd *pw, const char *prompt) |
90 | { | 93 | { |
@@ -911,18 +914,9 @@ main(int ac, char **av) | |||
911 | break; | 914 | break; |
912 | case 'a': | 915 | case 'a': |
913 | trials = atoi(optarg); | 916 | trials = atoi(optarg); |
914 | if (trials < TRIAL_MINIMUM) { | ||
915 | fatal("Minimum primality trials is %d", | ||
916 | TRIAL_MINIMUM); | ||
917 | } | ||
918 | break; | 917 | break; |
919 | case 'M': | 918 | case 'M': |
920 | memory = atoi(optarg); | 919 | memory = atoi(optarg); |
921 | if (memory != 0 && | ||
922 | (memory < LARGE_MINIMUM || memory > LARGE_MAXIMUM)) { | ||
923 | fatal("Invalid memory amount (min %ld, max %ld)", | ||
924 | LARGE_MINIMUM, LARGE_MAXIMUM); | ||
925 | } | ||
926 | break; | 920 | break; |
927 | case 'G': | 921 | case 'G': |
928 | do_gen_candidates = 1; | 922 | do_gen_candidates = 1; |