On Fri, Sep 15, 2000 at 04:53:27PM +0200, Richard Levitte - VMS Whacker wrote:
> Something to look into?
Yes. Was there any information on what platforms this happens on?
Of course I tried TLS connections with DHE where g = 2 between
the previous version (OpenSSL 0.9.5a) and the new code, and I
did not notice any problems; i.e. BN_mod_exp_mont_word and
BN_mod_exp_mont both worked (or both failed in the same way).
My tests were on Linux (x86) and Solaris (Sparc).
> Date: Fri, 15 Sep 2000 16:24:38 +0200
> From: Markus Friedl <[EMAIL PROTECTED]>
> To: Richard Levitte - VMS Whacker <[EMAIL PROTECTED]>
> % diff -u dh_key.c-orig dh_key.c
> --- dh_key.c-orig Fri Sep 15 16:22:34 2000
> +++ dh_key.c Fri Sep 15 16:20:59 2000
> @@ -194,12 +194,14 @@
> const BIGNUM *m, BN_CTX *ctx,
> BN_MONT_CTX *m_ctx)
> {
> +#if 0
> if (a->top == 1)
> {
> BN_ULONG A = a->d[0];
> return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);
> }
> else
> +#endif
> return BN_mod_exp_mont(r,a,p,m,ctx,m_ctx);
> }
>
> i don't know what the test for a->top means. openssh uses the
> generator '2' for DH.
Do connections between s_server (using default DH parameters)
and s_client work on that platform, using 'openssl s_server'
from the previous OpenSSL installation and 'openssl s_client'
from the new one (without that patch, of course)?
--
Bodo M�ller <[EMAIL PROTECTED]>
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
