yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-02-02 14:51:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Change default Diffie-Hellman parameters from RFC 5114 to RFC 7919

Browse source 
The origin of the primes in RFC 5114 is undocumented and their use therefore
constitutes a security risk.
This commit is contained in:
Hanno Becker 2017-09-27 11:49:49 +01:00
parent b2bad800e4
commit 8c8b0ab877
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
library/ssl_tls.c
View file

@ -7538,8 +7538,8 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
if( endpoint == MBEDTLS_SSL_IS_SERVER ) if( endpoint == MBEDTLS_SSL_IS_SERVER )
{ {
if( ( ret = mbedtls_ssl_conf_dh_param( conf, if( ( ret = mbedtls_ssl_conf_dh_param( conf,
MBEDTLS_DHM_RFC5114_MODP_2048_P, mbedtls_dhm_rfc7919_ffdhe2048_p,
MBEDTLS_DHM_RFC5114_MODP_2048_G ) ) != 0 ) mbedtls_dhm_rfc7919_ffdhe2048_g ) ) != 0 )
{ {
return( ret ); return( ret );
} }