From e13ef5c43416304f0e750af3bb87fd2fad3eee41 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 1 Dec 2014 17:21:59 +0100
Subject: crypto: Define MODP_CUSTOM outside of IKE DH range

Before this fix it was possible to crash charon with an IKE_SA_INIT
message containing a KE payload with DH group MODP_CUSTOM(1025).
Defining MODP_CUSTOM outside of the two byte IKE DH identifier range
prevents it from getting negotiated.

Fixes CVE-2014-9221.
---
 src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c')

diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
index b487d59a5..50853d6f0 100644
--- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
@@ -40,7 +40,7 @@ struct private_openssl_ec_diffie_hellman_t {
 	/**
 	 * Diffie Hellman group number.
 	 */
-	u_int16_t group;
+	diffie_hellman_group_t group;
 
 	/**
 	 * EC private (public) key
-- 
cgit v1.2.3