From: Kurt Roeckx <kurt@roeckx.be>
Date: Sun, 10 Jan 2016 12:55:08 +0000 (+0100)
Subject: Change minimum DH size from 768 to 1024
X-Git-Tag: OpenSSL_1_0_1r~11
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=f5fc9404c231ed013e31c0284adcacfb0f71b86b;p=oweals%2Fopenssl.git

Change minimum DH size from 768 to 1024

Reviewed-by: Viktor Dukhovni <openssl-users@dukhovni.org>
---

diff --git a/CHANGES b/CHANGES
index 915b1f6030..23ca912fa6 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,7 +4,8 @@
 
  Changes between 1.0.1q and 1.0.1r [xx XXX xxxx]
 
-  *)
+  *) Reject DH handshakes with parameters shorter than 1024 bits.
+     [Kurt Roeckx]
 
  Changes between 1.0.1p and 1.0.1q [3 Dec 2015]
 
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index af7f8fa856..cfa5080e6b 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -3417,7 +3417,7 @@ int ssl3_check_cert_and_algorithm(SSL *s)
     /* Check DHE only: static DH not implemented. */
     if (alg_k & SSL_kEDH) {
         int dh_size = BN_num_bits(dh->p);
-        if ((!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 768)
+        if ((!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 1024)
             || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 512)) {
             SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_DH_KEY_TOO_SMALL);
             goto f_err;