From 59cbc6f71f2bcad8ca376c739a1a19c467cccb70 Mon Sep 17 00:00:00 2001
From: Darren Tucker <dtucker@cvs.openbsd.org>
Date: Tue, 9 Dec 2003 13:52:56 +0000
Subject: Prevent ssh-keygen -T from outputting moduli with a generator of 0,
 since they can't be used for Diffie-Hellman.  Assistance and ok djm@

---
 usr.bin/ssh/moduli.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/usr.bin/ssh/moduli.c b/usr.bin/ssh/moduli.c
index 17c7281c5ea..371319d0fb5 100644
--- a/usr.bin/ssh/moduli.c
+++ b/usr.bin/ssh/moduli.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: moduli.c,v 1.3 2003/12/07 06:34:18 djm Exp $ */
+/* $OpenBSD: moduli.c,v 1.4 2003/12/09 13:52:55 dtucker Exp $ */
 /*
  * Copyright 1994 Phil Karn <karn@qualcomm.com>
  * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com>
@@ -550,6 +550,15 @@ prime_test(FILE *in, FILE *out, u_int32_t trials,
 			continue;
 		}
 
+		/*
+		 * Primes with no known generator are useless for DH, so
+		 * skip those.
+		 */
+		if (generator_known == 0) {
+			debug2("%10u: no known generator", count_in);
+			continue;
+		}
+
 		count_possible++;
 
 		/*
-- 
cgit v1.2.3