diff options
| author |   dtucker <dtucker@openbsd.org> | 2016-03-31 05:24:06 +0000 |
|---|---|---|
| committer | dtucker <dtucker@openbsd.org> | 2016-03-31 05:24:06 +0000 |
| commit | 1ddc60d2c60c2fc5d1d1aa77cb70446ea653f727 (patch) | |
| tree | 9eb92d905c383f419922b04bb297e7d3f593b137 | |
| parent | remove files that are not built on hppa64 (diff) | |
| download | wireguard-openbsd-1ddc60d2c60c2fc5d1d1aa77cb70446ea653f727.tar.xz wireguard-openbsd-1ddc60d2c60c2fc5d1d1aa77cb70446ea653f727.zip | |
Remove fallback from moduli to "primes" file that was deprecated in 2001
and fix log messages referring to primes file. Based on patch from
xnox at ubuntu.com via bz#2559. "kill it" deraadt@
| -rw-r--r-- | usr.bin/ssh/dh.c | 14 | ||||
| -rw-r--r-- | usr.bin/ssh/pathnames.h | 4 |
2 files changed, 8 insertions, 10 deletions
diff --git a/usr.bin/ssh/dh.c b/usr.bin/ssh/dh.c index e40a75776b8..d819aa6de2d 100644 --- a/usr.bin/ssh/dh.c +++ b/usr.bin/ssh/dh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.c,v 1.58 2016/02/28 22:27:00 djm Exp $ */ +/* $OpenBSD: dh.c,v 1.59 2016/03/31 05:24:06 dtucker Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * @@ -28,6 +28,7 @@ #include <openssl/bn.h> #include <openssl/dh.h> +#include <errno.h> #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -148,10 +149,9 @@ choose_dh(int min, int wantbits, int max) int linenum; struct dhgroup dhg; - if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL && - (f = fopen(_PATH_DH_PRIMES, "r")) == NULL) { - logit("WARNING: %s does not exist, using fixed modulus", - _PATH_DH_MODULI); + if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL) { + logit("WARNING: could open open %s (%s), using fixed modulus", + _PATH_DH_MODULI, strerror(errno)); return (dh_new_group_fallback(max)); } @@ -179,7 +179,7 @@ choose_dh(int min, int wantbits, int max) if (bestcount == 0) { fclose(f); - logit("WARNING: no suitable primes in %s", _PATH_DH_PRIMES); + logit("WARNING: no suitable primes in %s", _PATH_DH_MODULI); return (dh_new_group_fallback(max)); } @@ -200,7 +200,7 @@ choose_dh(int min, int wantbits, int max) fclose(f); if (linenum != which+1) { logit("WARNING: line %d disappeared in %s, giving up", - which, _PATH_DH_PRIMES); + which, _PATH_DH_MODULI); return (dh_new_group_fallback(max)); } diff --git a/usr.bin/ssh/pathnames.h b/usr.bin/ssh/pathnames.h index e8035bb23b6..e6bb6409347 100644 --- a/usr.bin/ssh/pathnames.h +++ b/usr.bin/ssh/pathnames.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pathnames.h,v 1.24 2013/12/06 13:39:49 markus Exp $ */ +/* $OpenBSD: pathnames.h,v 1.25 2016/03/31 05:24:06 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -36,8 +36,6 @@ #define _PATH_HOST_RSA_KEY_FILE SSHDIR "/ssh_host_rsa_key" #define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key" #define _PATH_DH_MODULI ETCDIR "/moduli" -/* Backwards compatibility */ -#define _PATH_DH_PRIMES ETCDIR "/primes" #define _PATH_SSH_PROGRAM "/usr/bin/ssh" |