diff options
| author | Darren Tucker <dtucker@cvs.openbsd.org> | 2003-12-09 13:52:56 +0000 |
|---|---|---|
| committer | Darren Tucker <dtucker@cvs.openbsd.org> | 2003-12-09 13:52:56 +0000 |
| commit | 59cbc6f71f2bcad8ca376c739a1a19c467cccb70 (patch) | |
| tree | ad544e50b798f63be2d8fe2f08a7069a6bebf934 /usr.bin/ssh | |
| parent | d29dfe98545e37462892fc09086f7e3a26113fd9 (diff) | |
Prevent ssh-keygen -T from outputting moduli with a generator of 0, since
they can't be used for Diffie-Hellman. Assistance and ok djm@
Diffstat (limited to 'usr.bin/ssh')
| -rw-r--r-- | usr.bin/ssh/moduli.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/usr.bin/ssh/moduli.c b/usr.bin/ssh/moduli.c index 17c7281c5ea..371319d0fb5 100644 --- a/usr.bin/ssh/moduli.c +++ b/usr.bin/ssh/moduli.c @@ -1,4 +1,4 @@ -/* $OpenBSD: moduli.c,v 1.3 2003/12/07 06:34:18 djm Exp $ */ +/* $OpenBSD: moduli.c,v 1.4 2003/12/09 13:52:55 dtucker Exp $ */ /* * Copyright 1994 Phil Karn <karn@qualcomm.com> * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> @@ -550,6 +550,15 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, continue; } + /* + * Primes with no known generator are useless for DH, so + * skip those. + */ + if (generator_known == 0) { + debug2("%10u: no known generator", count_in); + continue; + } + count_possible++; /* |