From 76eea4ab4e658670ca6e76dd1e6d17f262208b57 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sun, 26 Jan 2014 09:37:25 +1100 Subject: - dtucker@cvs.openbsd.org 2014/01/25 10:12:50 [cipher.c cipher.h kex.c kex.h kexgexc.c] Add a special case for the DH group size for 3des-cbc, which has an effective strength much lower than the key size. This causes problems with some cryptlib implementations, which don't support group sizes larger than 4k but also don't use the largest group size it does support as specified in the RFC. Based on a patch from Petr Lautrbach at Redhat, reduced by me with input from Markus. ok djm@ markus@ --- cipher.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'cipher.h') diff --git a/cipher.h b/cipher.h index d78245615..133d2e73d 100644 --- a/cipher.h +++ b/cipher.h @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher.h,v 1.43 2013/12/06 13:34:54 markus Exp $ */ +/* $OpenBSD: cipher.h,v 1.44 2014/01/25 10:12:50 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -89,6 +89,7 @@ void cipher_cleanup(CipherContext *); void cipher_set_key_string(CipherContext *, const Cipher *, const char *, int); u_int cipher_blocksize(const Cipher *); u_int cipher_keylen(const Cipher *); +u_int cipher_seclen(const Cipher *); u_int cipher_authlen(const Cipher *); u_int cipher_ivlen(const Cipher *); u_int cipher_is_cbc(const Cipher *); -- cgit v1.2.3