]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
Enforce the DEFAULT_MAX_VERIFY_BITS for DH prime size as well.
authorNikos Mavrogiannopoulos <nmav@redhat.com>
Thu, 12 Dec 2013 15:25:36 +0000 (16:25 +0100)
committerNikos Mavrogiannopoulos <nmav@redhat.com>
Thu, 12 Dec 2013 15:27:24 +0000 (16:27 +0100)
lib/auth/dh_common.c

index 434515af200fa727e9754312df111beb919886ad..e1985d379c74b2917bed346a66cd4fd8a98b4eb8 100644 (file)
@@ -207,7 +207,7 @@ _gnutls_proc_dh_common_server_kx(gnutls_session_t session,
        uint8_t *data_p;
        uint8_t *data_g;
        uint8_t *data_Y;
-       int i, bits, ret;
+       int i, bits, ret, p_bits;
        ssize_t data_size = _data_size;
        
        gnutls_pk_params_init(&session->key.dh_params);
@@ -264,7 +264,8 @@ _gnutls_proc_dh_common_server_kx(gnutls_session_t session,
                return bits;
        }
 
-       if (_gnutls_mpi_get_nbits(session->key.dh_params.params[DH_P]) < (size_t) bits) {
+       p_bits = _gnutls_mpi_get_nbits(session->key.dh_params.params[DH_P]);
+       if (p_bits < bits) {
                /* the prime used by the peer is not acceptable
                 */
                gnutls_assert();
@@ -275,6 +276,15 @@ _gnutls_proc_dh_common_server_kx(gnutls_session_t session,
                return GNUTLS_E_DH_PRIME_UNACCEPTABLE;
        }
 
+       if (p_bits >= DEFAULT_MAX_VERIFY_BITS) {
+               gnutls_assert();
+               _gnutls_debug_log
+                   ("Received a prime of %u bits, limit is %u\n",
+                    (unsigned) p_bits,
+                    (unsigned) DEFAULT_MAX_VERIFY_BITS);
+               return GNUTLS_E_DH_PRIME_UNACCEPTABLE;
+       }
+
        _gnutls_dh_set_group(session, session->key.dh_params.params[DH_G],
                             session->key.dh_params.params[DH_P]);
        _gnutls_dh_set_peer_public(session, session->key.client_Y);