diff options
| author | dtucker@openbsd.org <dtucker@openbsd.org> | 2016-03-31 05:24:06 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2016-04-01 23:57:14 +1100 |
| commit | fdfbf4580de09d84a974211715e14f88a5704b8e (patch) | |
| tree | 37111a431abb3fa50fc2b5af83e2b34fb18a3e94 | |
| parent | 0235a5fa67fcac51adb564cba69011a535f86f6b (diff) | |
| download | openssh-git-fdfbf4580de09d84a974211715e14f88a5704b8e.tar.gz | |
upstream commit
Remove fallback from moduli to "primes" file that was
deprecated in 2001 and fix log messages referring to primes file. Based on
patch from xnox at ubuntu.com via bz#2559. "kill it" deraadt@
Upstream-ID: 0d4f8c70e2fa7431a83b95f8ca81033147ba8713
| -rw-r--r-- | dh.c | 14 | ||||
| -rw-r--r-- | pathnames.h | 4 |
2 files changed, 8 insertions, 10 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: dh.c,v 1.58 2016/02/28 22:27:00 djm Exp $ */ +/* $OpenBSD: dh.c,v 1.59 2016/03/31 05:24:06 dtucker Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * @@ -30,6 +30,7 @@ #include <openssl/bn.h> #include <openssl/dh.h> +#include <errno.h> #include <stdarg.h> #include <stdio.h> #include <stdlib.h> @@ -151,10 +152,9 @@ choose_dh(int min, int wantbits, int max) int linenum; struct dhgroup dhg; - if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL && - (f = fopen(_PATH_DH_PRIMES, "r")) == NULL) { - logit("WARNING: %s does not exist, using fixed modulus", - _PATH_DH_MODULI); + if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL) { + logit("WARNING: could open open %s (%s), using fixed modulus", + _PATH_DH_MODULI, strerror(errno)); return (dh_new_group_fallback(max)); } @@ -182,7 +182,7 @@ choose_dh(int min, int wantbits, int max) if (bestcount == 0) { fclose(f); - logit("WARNING: no suitable primes in %s", _PATH_DH_PRIMES); + logit("WARNING: no suitable primes in %s", _PATH_DH_MODULI); return (dh_new_group_fallback(max)); } @@ -203,7 +203,7 @@ choose_dh(int min, int wantbits, int max) fclose(f); if (linenum != which+1) { logit("WARNING: line %d disappeared in %s, giving up", - which, _PATH_DH_PRIMES); + which, _PATH_DH_MODULI); return (dh_new_group_fallback(max)); } diff --git a/pathnames.h b/pathnames.h index ec89fc66..f5e11ab1 100644 --- a/pathnames.h +++ b/pathnames.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pathnames.h,v 1.24 2013/12/06 13:39:49 markus Exp $ */ +/* $OpenBSD: pathnames.h,v 1.25 2016/03/31 05:24:06 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -42,8 +42,6 @@ #define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key" #define _PATH_HOST_RSA_KEY_FILE SSHDIR "/ssh_host_rsa_key" #define _PATH_DH_MODULI SSHDIR "/moduli" -/* Backwards compatibility */ -#define _PATH_DH_PRIMES SSHDIR "/primes" #ifndef _PATH_SSH_PROGRAM #define _PATH_SSH_PROGRAM "/usr/bin/ssh" |