Bugzilla – Attachment 1843 Details for
Bug 1516
ssh-keygen should warn about keys larger than OPENSSL_RSA_MAX_MODULUS_BITS
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
keygen-max-bits.diff
keygen-max-bits.diff (text/plain), 981 bytes, created by
Damien Miller
on 2010-04-23 11:43:18 AEST
(
hide
)
Description:
keygen-max-bits.diff
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2010-04-23 11:43:18 AEST
Size:
981 bytes
patch
obsolete
>Index: ssh-keygen.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/ssh-keygen.c,v >retrieving revision 1.187 >diff -u -p -r1.187 ssh-keygen.c >--- ssh-keygen.c 16 Apr 2010 06:47:04 -0000 1.187 >+++ ssh-keygen.c 23 Apr 2010 01:42:39 -0000 >@@ -1555,6 +1555,7 @@ main(int argc, char **argv) > struct passwd *pw; > struct stat st; > int opt, type, fd; >+ u_int maxbits; > u_int32_t memory = 0, generator_wanted = 0, trials = 100; > int do_gen_candidates = 0, do_screen_candidates = 0; > BIGNUM *start = NULL; >@@ -1856,6 +1857,12 @@ main(int argc, char **argv) > } > if (bits == 0) > bits = (type == KEY_DSA) ? DEFAULT_BITS_DSA : DEFAULT_BITS; >+ maxbits = (type == KEY_DSA) ? >+ OPENSSL_DSA_MAX_MODULUS_BITS : OPENSSL_RSA_MAX_MODULUS_BITS; >+ if (bits > maxbits) { >+ fprintf(stderr, "key bits exceeds maximum %d\n", maxbits); >+ exit(1); >+ } > if (type == KEY_DSA && bits != 1024) > fatal("DSA keys must be 1024 bits"); > if (!quiet)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1843">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
dtucker
:
ok+
Actions:
View
|
Diff
Attachments on
bug 1516
: 1843