git.openssl.org Git - openssl.git/commit

author	Richard Levitte <levitte@openssl.org>
	Thu, 26 Jan 2017 10:47:36 +0000 (11:47 +0100)
committer	Matt Caswell <matt@openssl.org>
	Thu, 26 Jan 2017 10:56:29 +0000 (10:56 +0000)
commit	918d8eadb35746456fd1a9d4e219c63ff706173e
tree	643482a660cd111da3f98b8042a4a51cb2175991	tree \| snapshot
parent	760d04342a495ee86bf5adc71a91d126af64397f	commit \| diff

Better check of DH parameters in TLS data

When the client reads DH parameters from the TLS stream, we only
checked that they all are non-zero.  This change updates the check
as follows:

    check that p is odd
    check that 1 < g < p - 1

Reviewed-by: Matt Caswell <matt@openssl.org>

ssl/s3_clnt.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom