--- a/etc/uams/uams_dhx_pam.c +++ b/etc/uams/uams_dhx_pam.c @@ -192,7 +192,8 @@ { uint16_t sessid; size_t i; - BIGNUM *bn, *gbn, *pbn; + BIGNUM *bn, *gbn, *pbn, *qbn; + const BIGNUM *pubkey, *privkey; DH *dh; /* get the client's public key */ @@ -237,9 +238,12 @@ } /* generate key and make sure that we have enough space */ - dh->p = pbn; - dh->g = gbn; - if (DH_generate_key(dh) == 0) { + DH_set0_pqg(dh, pbn, qbn, gbn); + int genkey = DH_generate_key(dh); + + DH_get0_key(dh, &pubkey, &privkey); + + if (genkey == 0) { unsigned long dherror; char errbuf[256]; @@ -252,7 +256,7 @@ ERR_free_strings(); goto pam_fail; } - if (BN_num_bytes(dh->pub_key) > KEYSIZE) { + if (BN_num_bytes(pubkey) > KEYSIZE) { LOG(log_info, logtype_uams, "uams_dhx_pam.c :PAM: Err Generating Key -- Not enough Space? -- %s", strerror(errno)); goto pam_fail; } @@ -270,7 +274,7 @@ *rbuflen += sizeof(sessid); /* public key */ - BN_bn2bin(dh->pub_key, (unsigned char *)rbuf); + BN_bn2bin(pubkey, (unsigned char *)rbuf); rbuf += KEYSIZE; *rbuflen += KEYSIZE; --- a/etc/uams/uams_dhx_passwd.c +++ b/etc/uams/uams_dhx_passwd.c @@ -75,7 +75,8 @@ #ifdef SHADOWPW struct spwd *sp; #endif /* SHADOWPW */ - BIGNUM *bn, *gbn, *pbn; + BIGNUM *bn, *gbn, *pbn, *qbn; + const BIGNUM *pubkey, *privkey; uint16_t sessid; size_t i; DH *dh; @@ -140,9 +141,11 @@ } /* generate key and make sure we have enough space */ - dh->p = pbn; - dh->g = gbn; - if (!DH_generate_key(dh) || (BN_num_bytes(dh->pub_key) > KEYSIZE)) { + DH_set0_pqg(dh, pbn, qbn, gbn); + int genkey = DH_generate_key(dh); + DH_get0_key(dh, &pubkey, &privkey); + + if (!genkey || (BN_num_bytes(pubkey) > KEYSIZE)) { goto passwd_fail; } @@ -159,7 +162,7 @@ *rbuflen += sizeof(sessid); /* send our public key */ - BN_bn2bin(dh->pub_key, (unsigned char *)rbuf); + BN_bn2bin(pubkey, (unsigned char *)rbuf); rbuf += KEYSIZE; *rbuflen += KEYSIZE;