- dtucker@cvs.openbsd.org 2003/12/09 13:52:55

[moduli.c] Prevent ssh-keygen -T from outputting moduli with a generator of 0, since they can't be used for Diffie-Hellman. Assistance and ok djm@
author: Darren Tucker <dtucker@zip.com.au> 2003-12-09 14:54:38 +0100
committer: Darren Tucker <dtucker@zip.com.au> 2003-12-09 14:54:38 +0100
commit: 5cd9d443ef70e5c8bf8cc21bc6cc81298e18e863 (patch)
tree: 54167b9fb2c0509c109986dbb75ac4fc72bd10f2 /moduli.c
parent: - (dtucker) [ssh-keyscan.c] Sync RCSIDs, missed in SSH_SSFDMAX change below. (diff)
download: openssh-5cd9d443ef70e5c8bf8cc21bc6cc81298e18e863.tar.xz
openssh-5cd9d443ef70e5c8bf8cc21bc6cc81298e18e863.zip
1 files changed, 10 insertions, 1 deletions
diff --git a/moduli.c b/moduli.c
index 17c7281c5..371319d0f 100644
--- a/moduli.c
+++ b/moduli.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: moduli.c,v 1.3 2003/12/07 06:34:18 djm Exp $ */
+/* $OpenBSD: moduli.c,v 1.4 2003/12/09 13:52:55 dtucker Exp $ */
 /*
  * Copyright 1994 Phil Karn <karn@qualcomm.com>
  * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com>
@@ -550,6 +550,15 @@ prime_test(FILE *in, FILE *out, u_int32_t trials,
 			continue;
 		}
 
+		/*
+		 * Primes with no known generator are useless for DH, so
+		 * skip those.
+		 */
+		if (generator_known == 0) {
+			debug2("%10u: no known generator", count_in);
+			continue;
+		}
+
 		count_possible++;
 
 		/*
author	Darren Tucker <dtucker@zip.com.au>	2003-12-09 14:54:38 +0100
committer	Darren Tucker <dtucker@zip.com.au>	2003-12-09 14:54:38 +0100
commit	5cd9d443ef70e5c8bf8cc21bc6cc81298e18e863 (patch)
tree	54167b9fb2c0509c109986dbb75ac4fc72bd10f2 /moduli.c
parent	- (dtucker) [ssh-keyscan.c] Sync RCSIDs, missed in SSH_SSFDMAX change below. (diff)
download	openssh-5cd9d443ef70e5c8bf8cc21bc6cc81298e18e863.tar.xz openssh-5cd9d443ef70e5c8bf8cc21bc6cc81298e18e863.zip