diff options
author | Patrick Wildt <patrick@cvs.openbsd.org> | 2017-11-08 13:33:50 +0000 |
---|---|---|
committer | Patrick Wildt <patrick@cvs.openbsd.org> | 2017-11-08 13:33:50 +0000 |
commit | 918103455ceabf54af40927fdf81e9470a75ed3b (patch) | |
tree | 598400b6fa914601d359d751accff1557a1b27fa /sbin/isakmpd/ike_auth.c | |
parent | 845801f35e98a3088def9d60715087298e6511ba (diff) |
In the final RFC 5903 the computation for the DH shared secret changed.
Instead of the full point, only the X point is included.
The member g_xy is always the shared secret but so far its buffer has
been allocated using the size of the public points. Since this is a
different size now, as the shared secret for EC Groups should only store
the x point, we need another member to specify the length of g_xy.
Since this is a backwards incompatible change older isakmpds won't be
able to negotiate if you use EC groups. Bump the version of our own
vendor tag so peers can try to keep compatibility based on the presen-
ted tag. This could be used to implement backwards compatibility to
older isakmpds.
Prompted by and ok mpi@
Diffstat (limited to 'sbin/isakmpd/ike_auth.c')
-rw-r--r-- | sbin/isakmpd/ike_auth.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/sbin/isakmpd/ike_auth.c b/sbin/isakmpd/ike_auth.c index d617b743349..86cf757ae9a 100644 --- a/sbin/isakmpd/ike_auth.c +++ b/sbin/isakmpd/ike_auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ike_auth.c,v 1.113 2015/04/21 01:44:47 jsg Exp $ */ +/* $OpenBSD: ike_auth.c,v 1.114 2017/11/08 13:33:49 patrick Exp $ */ /* $EOM: ike_auth.c,v 1.59 2000/11/21 00:21:31 angelos Exp $ */ /* @@ -469,10 +469,10 @@ sig_gen_skeyid(struct exchange *exchange, size_t *sz) LOG_DBG((LOG_NEGOTIATION, 80, "sig_gen_skeyid: g^xy length %lu", (unsigned long)ie->g_x_len)); LOG_DBG_BUF((LOG_NEGOTIATION, 80, - "sig_gen_skeyid: SKEYID fed with g^xy", ie->g_xy, ie->g_x_len)); + "sig_gen_skeyid: SKEYID fed with g^xy", ie->g_xy, ie->g_xy_len)); prf->Init(prf->prfctx); - prf->Update(prf->prfctx, ie->g_xy, ie->g_x_len); + prf->Update(prf->prfctx, ie->g_xy, ie->g_xy_len); prf->Final(skeyid, prf->prfctx); prf_free(prf); return skeyid; |