From: Martin Willi <martin@strongswan.org>
Date: Wed, 17 Sep 2008 09:02:30 +0000 (-0000)
Subject: fixed DH value range testing
X-Git-Tag: 4.2.7~1
X-Git-Url: https://git.strongswan.org/?p=strongswan.git;a=commitdiff_plain;h=cdaf57ec34e1ebed97f465d2db2eab166131bf7c;hp=73f6886a509cd08c61ed0498deebae24a170a8a5

fixed DH value range testing
---

diff --git a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
index 1d885d1..4c5ffc6 100644
--- a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
+++ b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
@@ -395,7 +395,7 @@ static void set_other_public_value(private_gmp_diffie_hellman_t *this, chunk_t v
 	/* check public value: 
 	 * 1. 0 or 1 is invalid as 0^a = 0 and 1^a = 1
 	 * 2. a public value larger or equal the modulus is invalid */
-	if (mpz_cmp_ui(this->yb, 1) > 0 ||
+	if (mpz_cmp_ui(this->yb, 1) > 0 &&
 		mpz_cmp(this->yb, p_min_1) < 0)
 	{
 #ifdef EXTENDED_DH_TEST