diff options
| author | Darren Tucker <dtucker@cvs.openbsd.org> | 2016-03-31 05:24:07 +0000 |
|---|---|---|
| committer | Darren Tucker <dtucker@cvs.openbsd.org> | 2016-03-31 05:24:07 +0000 |
| commit | 2b611c89a9db5fbe1e56e84dd7227da520781b50 (patch) | |
| tree | ef35e5093d4e9e38a1a4e7059ece1d94850674a2 /usr.bin | |
| parent | 079ed67d81cec3e2fe688ff4821278c8bc26d9a3 (diff) | |
Remove fallback from moduli to "primes" file that was deprecated in 2001
and fix log messages referring to primes file. Based on patch from
xnox at ubuntu.com via bz#2559. "kill it" deraadt@
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/ssh/dh.c | 14 | ||||
| -rw-r--r-- | usr.bin/ssh/pathnames.h | 4 |
2 files changed, 8 insertions, 10 deletions
diff --git a/usr.bin/ssh/dh.c b/usr.bin/ssh/dh.c index e40a75776b8..d819aa6de2d 100644 --- a/usr.bin/ssh/dh.c +++ b/usr.bin/ssh/dh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.c,v 1.58 2016/02/28 22:27:00 djm Exp $ */ +/* $OpenBSD: dh.c,v 1.59 2016/03/31 05:24:06 dtucker Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * @@ -28,6 +28,7 @@ #include <openssl/bn.h> #include <openssl/dh.h> +#include <errno.h> #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -148,10 +149,9 @@ choose_dh(int min, int wantbits, int max) int linenum; struct dhgroup dhg; - if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL && - (f = fopen(_PATH_DH_PRIMES, "r")) == NULL) { - logit("WARNING: %s does not exist, using fixed modulus", - _PATH_DH_MODULI); + if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL) { + logit("WARNING: could open open %s (%s), using fixed modulus", + _PATH_DH_MODULI, strerror(errno)); return (dh_new_group_fallback(max)); } @@ -179,7 +179,7 @@ choose_dh(int min, int wantbits, int max) if (bestcount == 0) { fclose(f); - logit("WARNING: no suitable primes in %s", _PATH_DH_PRIMES); + logit("WARNING: no suitable primes in %s", _PATH_DH_MODULI); return (dh_new_group_fallback(max)); } @@ -200,7 +200,7 @@ choose_dh(int min, int wantbits, int max) fclose(f); if (linenum != which+1) { logit("WARNING: line %d disappeared in %s, giving up", - which, _PATH_DH_PRIMES); + which, _PATH_DH_MODULI); return (dh_new_group_fallback(max)); } diff --git a/usr.bin/ssh/pathnames.h b/usr.bin/ssh/pathnames.h index e8035bb23b6..e6bb6409347 100644 --- a/usr.bin/ssh/pathnames.h +++ b/usr.bin/ssh/pathnames.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pathnames.h,v 1.24 2013/12/06 13:39:49 markus Exp $ */ +/* $OpenBSD: pathnames.h,v 1.25 2016/03/31 05:24:06 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -36,8 +36,6 @@ #define _PATH_HOST_RSA_KEY_FILE SSHDIR "/ssh_host_rsa_key" #define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key" #define _PATH_DH_MODULI ETCDIR "/moduli" -/* Backwards compatibility */ -#define _PATH_DH_PRIMES ETCDIR "/primes" #define _PATH_SSH_PROGRAM "/usr/bin/ssh" |