summaryrefslogtreecommitdiffstats
path: root/vendor/golang.org/x/crypto
diff options
context:
space:
mode:
authorWim <wim@42.be>2020-11-22 15:55:57 +0100
committerGitHub <noreply@github.com>2020-11-22 15:55:57 +0100
commit4cc2c914e634eb8c79eb61aa1bc29faf6021ffcf (patch)
tree92d3b8d27cd35455eae7423e4d47aad67cc6a43b /vendor/golang.org/x/crypto
parentcbb46293ab670c1989bfcd9aae5d853223074038 (diff)
downloadmatterbridge-msglm-4cc2c914e634eb8c79eb61aa1bc29faf6021ffcf.tar.gz
matterbridge-msglm-4cc2c914e634eb8c79eb61aa1bc29faf6021ffcf.tar.bz2
matterbridge-msglm-4cc2c914e634eb8c79eb61aa1bc29faf6021ffcf.zip
Update vendor (#1297)
Diffstat (limited to 'vendor/golang.org/x/crypto')
-rw-r--r--vendor/golang.org/x/crypto/ssh/client_auth.go2
-rw-r--r--vendor/golang.org/x/crypto/ssh/kex.go13
2 files changed, 4 insertions, 11 deletions
diff --git a/vendor/golang.org/x/crypto/ssh/client_auth.go b/vendor/golang.org/x/crypto/ssh/client_auth.go
index f3265655..c611aeb6 100644
--- a/vendor/golang.org/x/crypto/ssh/client_auth.go
+++ b/vendor/golang.org/x/crypto/ssh/client_auth.go
@@ -471,7 +471,7 @@ func (cb KeyboardInteractiveChallenge) auth(session []byte, user string, c packe
}
if len(answers) != len(prompts) {
- return authFailure, nil, errors.New("ssh: not enough answers from keyboard-interactive callback")
+ return authFailure, nil, fmt.Errorf("ssh: incorrect number of answers from keyboard-interactive callback %d (expected %d)", len(answers), len(prompts))
}
responseLength := 1 + 4
for _, a := range answers {
diff --git a/vendor/golang.org/x/crypto/ssh/kex.go b/vendor/golang.org/x/crypto/ssh/kex.go
index 7eedb209..766e9293 100644
--- a/vendor/golang.org/x/crypto/ssh/kex.go
+++ b/vendor/golang.org/x/crypto/ssh/kex.go
@@ -557,8 +557,6 @@ type dhGEXSHA struct {
hashFunc crypto.Hash
}
-const numMRTests = 64
-
const (
dhGroupExchangeMinimumBits = 2048
dhGroupExchangePreferredBits = 2048
@@ -602,15 +600,8 @@ func (gex dhGEXSHA) Client(c packetConn, randSource io.Reader, magics *handshake
gex.p = kexDHGexGroup.P
gex.g = kexDHGexGroup.G
- // Check if p is safe by verifing that p and (p-1)/2 are primes
- one := big.NewInt(1)
- var pHalf = &big.Int{}
- pHalf.Rsh(gex.p, 1)
- if !gex.p.ProbablyPrime(numMRTests) || !pHalf.ProbablyPrime(numMRTests) {
- return nil, fmt.Errorf("ssh: server provided gex p is not safe")
- }
-
// Check if g is safe by verifing that g > 1 and g < p - 1
+ one := big.NewInt(1)
var pMinusOne = &big.Int{}
pMinusOne.Sub(gex.p, one)
if gex.g.Cmp(one) != 1 && gex.g.Cmp(pMinusOne) != -1 {
@@ -618,6 +609,8 @@ func (gex dhGEXSHA) Client(c packetConn, randSource io.Reader, magics *handshake
}
// Send GexInit
+ var pHalf = &big.Int{}
+ pHalf.Rsh(gex.p, 1)
x, err := rand.Int(randSource, pHalf)
if err != nil {
return nil, err