X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/62e12ffe7836faf31fbe7f2b9d615c166e85a411..6d8216ff13019a82c3c9e3a97fe7f7a3ba39d1e6:/dh.c

diff --git a/dh.c b/dh.c
index ff31ca99..0908fcf1 100644
--- a/dh.c
+++ b/dh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh.c,v 1.37 2006/07/18 22:27:55 stevesk Exp $ */
+/* $OpenBSD: dh.c,v 1.46 2008/04/13 00:22:17 djm Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  *
@@ -25,9 +25,16 @@
 
 #include "includes.h"
 
+#include <sys/param.h>
+
 #include <openssl/bn.h>
 #include <openssl/dh.h>
 
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
 #include "dh.h"
 #include "pathnames.h"
 #include "log.h"
@@ -146,7 +153,7 @@ choose_dh(int min, int wantbits, int max)
 	}
 
 	linenum = 0;
-	which = arc4random() % bestcount;
+	which = arc4random_uniform(bestcount);
 	while (fgets(line, sizeof(line), f)) {
 		if (!parse_prime(linenum, line, &dhg))
 			continue;
@@ -178,7 +185,7 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
 	BIGNUM *tmp;
 
 	if (dh_pub->neg) {
-		logit("invalid public DH value: negativ");
+		logit("invalid public DH value: negative");
 		return 0;
 	}
 	if (BN_cmp(dh_pub, BN_value_one()) != 1) {	/* pub_exp <= 1 */
@@ -186,8 +193,10 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
 		return 0;
 	}
 
-	if ((tmp = BN_new()) == NULL)
-		return (-1);
+	if ((tmp = BN_new()) == NULL) {
+		error("%s: BN_new failed", __func__);
+		return 0;
+	}
 	if (!BN_sub(tmp, dh->p, BN_value_one()) ||
 	    BN_cmp(dh_pub, tmp) != -1) {		/* pub_exp > p-2 */
 		BN_clear_free(tmp);