- stevesk@cvs.openbsd.org 2002/03/29 19:18:33

[auth-rsa.c ssh-rsa.c ssh.h] make RSA modulus minimum #define; ok markus@
author: mouring <mouring> 2002-04-02 20:43:11 +0000
committer: mouring <mouring> 2002-04-02 20:43:11 +0000
commit: 1b789c61b37e3890e03fc6967fe48db9847d4882 (patch)
tree: 5a1c52f383f0b217f087cc662a5008c8a7c37f59 /auth-rsa.c
parent: ec11d53c060d1c8306914d5e9e619d630ad2f0ce (diff)
download: openssh-1b789c61b37e3890e03fc6967fe48db9847d4882.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/auth-rsa.c b/auth-rsa.c
index 5b98f2cf..493f14b1 100644
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: auth-rsa.c,v 1.54 2002/03/26 23:13:03 markus Exp $");
+RCSID("$OpenBSD: auth-rsa.c,v 1.55 2002/03/29 19:18:33 stevesk Exp $");
 
 #include <openssl/rsa.h>
 #include <openssl/md5.h>
@@ -33,6 +33,7 @@ RCSID("$OpenBSD: auth-rsa.c,v 1.54 2002/03/26 23:13:03 markus Exp $");
 #include "auth.h"
 #include "hostfile.h"
 #include "monitor_wrap.h"
+#include "ssh.h"
 
 /* import */
 extern ServerOptions options;
@@ -79,7 +80,7 @@ auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16])
 	int len;
 
 	/* don't allow short keys */
-	if (BN_num_bits(key->rsa->n) < 768) {
+	if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
 		error("auth_rsa_verify_response: n too small: %d bits",
 		    BN_num_bits(key->rsa->n));
 		return (0);
author	mouring <mouring>	2002-04-02 20:43:11 +0000
committer	mouring <mouring>	2002-04-02 20:43:11 +0000
commit	1b789c61b37e3890e03fc6967fe48db9847d4882 (patch)
tree	5a1c52f383f0b217f087cc662a5008c8a7c37f59 /auth-rsa.c
parent	ec11d53c060d1c8306914d5e9e619d630ad2f0ce (diff)
download	openssh-1b789c61b37e3890e03fc6967fe48db9847d4882.tar.gz