Fix CVE patch
This commit is contained in:
parent
e84163101e
commit
7822adaf41
|
@ -1,4 +1,4 @@
|
|||
From 2f86aac9599c4e08ab04fcc8bf86726ae76e12f6 Mon Sep 17 00:00:00 2001
|
||||
From dd422639afefbdd1c562b922f2188cd570eef264 Mon Sep 17 00:00:00 2001
|
||||
From: Aris Adamantiadis <aris@0xbadc0de.be>
|
||||
Date: Tue, 9 Feb 2016 15:09:27 +0100
|
||||
Subject: [PATCH] dh: Fix CVE-2016-0739
|
||||
|
@ -9,23 +9,18 @@ completely reworked and will be commited in a future version.
|
|||
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
|
||||
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
||||
---
|
||||
src/dh.c | 22 +++++++++++++++++-----
|
||||
1 file changed, 17 insertions(+), 5 deletions(-)
|
||||
src/dh.c | 12 +++++++-----
|
||||
1 file changed, 7 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/src/dh.c b/src/dh.c
|
||||
index 9b9d203..4eadef1 100644
|
||||
index 9b9d203..a60cb6d 100644
|
||||
--- a/src/dh.c
|
||||
+++ b/src/dh.c
|
||||
@@ -237,15 +237,21 @@ void ssh_print_hexa(const char *descr, const unsigned char *what, size_t len) {
|
||||
@@ -237,15 +237,16 @@ void ssh_print_hexa(const char *descr, const unsigned char *what, size_t len) {
|
||||
}
|
||||
|
||||
int dh_generate_x(ssh_session session) {
|
||||
+ int keysize;
|
||||
+ if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) {
|
||||
+ keysize = 1023;
|
||||
+ } else {
|
||||
+ keysize = 2047;
|
||||
+ }
|
||||
+ int keysize = 1023;
|
||||
session->next_crypto->x = bignum_new();
|
||||
if (session->next_crypto->x == NULL) {
|
||||
return -1;
|
||||
|
@ -40,17 +35,12 @@ index 9b9d203..4eadef1 100644
|
|||
#endif
|
||||
|
||||
/* not harder than this */
|
||||
@@ -258,15 +264,21 @@ int dh_generate_x(ssh_session session) {
|
||||
@@ -258,15 +259,16 @@ int dh_generate_x(ssh_session session) {
|
||||
|
||||
/* used by server */
|
||||
int dh_generate_y(ssh_session session) {
|
||||
- session->next_crypto->y = bignum_new();
|
||||
+ int keysize;
|
||||
+ if (session->next_crypto->kex_type == SSH_KEX_DH_GROUP1_SHA1) {
|
||||
+ keysize = 1023;
|
||||
+ } else {
|
||||
+ keysize = 2047;
|
||||
+ }
|
||||
+ int keysize = 1023;
|
||||
+ session->next_crypto->y = bignum_new();
|
||||
if (session->next_crypto->y == NULL) {
|
||||
return -1;
|
||||
|
|
Loading…
Reference in New Issue