Skip to content
Commit 26505153 authored by Richard Levitte's avatar Richard Levitte Committed by Matt Caswell
Browse files

Better check of DH parameters in TLS data



When the client reads DH parameters from the TLS stream, we only
checked that they all are non-zero.  This change updates the check to
use DH_check_params()

DH_check_params() is a new function for light weight checking of the p
and g parameters:

    check that p is odd
    check that 1 < g < p - 1

Reviewed-by: default avatarViktor Dukhovni <viktor@openssl.org>
parent 2198b3a5
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment