diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2014-01-25 20:35:38 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2014-01-25 20:35:38 +0000 |
| commit | 474bfd24334e9362c14e23c3d0823a64ab20222e (patch) | |
| tree | 465f114890a061cf0344358fc1c2086e86c1cc97 /usr.bin/ssh/kex.c | |
| parent | 02f3ecf3e45d5962c5e1be77556fe2365cd7464a (diff) | |
dh_need needs to be set to max(seclen, blocksize, ivlen, mac_len)
ok dtucker@, noted by mancha
Diffstat (limited to 'usr.bin/ssh/kex.c')
| -rw-r--r-- | usr.bin/ssh/kex.c | 20 |
1 files changed, 9 insertions, 11 deletions
diff --git a/usr.bin/ssh/kex.c b/usr.bin/ssh/kex.c index 14476507d47..f9f092f26ff 100644 --- a/usr.bin/ssh/kex.c +++ b/usr.bin/ssh/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.96 2014/01/25 10:12:50 dtucker Exp $ */ +/* $OpenBSD: kex.c,v 1.97 2014/01/25 20:35:37 markus Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -489,16 +489,14 @@ kex_choose_conf(Kex *kex) need = dh_need = 0; for (mode = 0; mode < MODE_MAX; mode++) { newkeys = kex->newkeys[mode]; - if (need < newkeys->enc.key_len) - need = newkeys->enc.key_len; - if (need < newkeys->enc.block_size) - need = newkeys->enc.block_size; - if (need < newkeys->enc.iv_len) - need = newkeys->enc.iv_len; - if (need < newkeys->mac.key_len) - need = newkeys->mac.key_len; - if (dh_need < cipher_seclen(newkeys->enc.cipher)) - dh_need = cipher_seclen(newkeys->enc.cipher); + need = MAX(need, newkeys->enc.key_len); + need = MAX(need, newkeys->enc.block_size); + need = MAX(need, newkeys->enc.iv_len); + need = MAX(need, newkeys->mac.key_len); + dh_need = MAX(dh_need, cipher_seclen(newkeys->enc.cipher)); + dh_need = MAX(dh_need, newkeys->enc.block_size); + dh_need = MAX(dh_need, newkeys->enc.iv_len); + dh_need = MAX(dh_need, newkeys->mac.key_len); } /* XXX need runden? */ kex->we_need = need; |