The minimum Diffie-Hellman bits size was raised to 1023

author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2016-08-10 11:48:23 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2016-08-10 16:56:17 +0200
commit: ce8d3c310ea526288bb1c6ee7a51b7386ea2abeb (patch)
tree: 5ae5512631a6076f8cc6eb1f115d271cd3d09d5c
parent: 2f3f6c8d74391afb4d7333acc780a5dda32fe30e (diff)
download: gnutls-ce8d3c310ea526288bb1c6ee7a51b7386ea2abeb.tar.gz
2 files changed, 4 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 967f00038e..7725fbdeac 100644
--- a/NEWS
+++ b/NEWS
@@ -28,6 +28,9 @@ Version 2.12.24 (unreleased)
    backend. There are interoperability issues, and these algorithms are
    too rare to require a proper fix.
 
+** libgnutls: The minimum Diffie-Hellman bits size was raised to 1023 from
+   768.
+
 ** libgnutls: Do not call the post client hello callback twice when resuming
    using session tickets.
 
diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c
index 169a7664f3..441fbdc51f 100644
--- a/lib/gnutls_state.c
+++ b/lib/gnutls_state.c
@@ -256,7 +256,7 @@ _gnutls_handshake_internal_state_clear (gnutls_session_t session)
 
 }
 
-#define MIN_DH_BITS 727
+#define MIN_DH_BITS 1023
 /**
  * gnutls_init:
  * @con_end: indicate if this session is to be used for server or client.
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2016-08-10 11:48:23 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2016-08-10 16:56:17 +0200
commit	ce8d3c310ea526288bb1c6ee7a51b7386ea2abeb (patch)
tree	5ae5512631a6076f8cc6eb1f115d271cd3d09d5c
parent	2f3f6c8d74391afb4d7333acc780a5dda32fe30e (diff)
download	gnutls-ce8d3c310ea526288bb1c6ee7a51b7386ea2abeb.tar.gz