Removed DH parameter size restriction

PeterMosmans · PeterMosmans · commit 1fb62ccc6360 · 2015-07-10T09:52:58.000+10:00
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
@@ -3609,7 +3609,7 @@ if (alg_k & (SSL_kRSA
         goto f_err;
     }
 # endif
-
+/** Removed check on purpose to allow DH parameters <768
     if (alg_k & (SSL_kDHE | SSL_kDHr | SSL_kDHd)) {
         int dh_size;
         if (alg_k & SSL_kDHE) {
@@ -3628,6 +3628,7 @@ if (alg_k & (SSL_kRSA
             goto f_err;
         }
     }
+**/
 #endif  /* !OPENSSL_NO_DH */
 
     if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&

Original file line number	Diff line number	Diff line change
`@@ -3609,7 +3609,7 @@ if (alg_k & (SSL_kRSA`
`3609`	`3609`	`goto f_err;`
`3610`	`3610`	`}`
`3611`	`3611`	`# endif`
`3612`		`-`
	`3612`	`+/** Removed check on purpose to allow DH parameters <768`
`3613`	`3613`	`if (alg_k & (SSL_kDHE \| SSL_kDHr \| SSL_kDHd)) {`
`3614`	`3614`	`int dh_size;`
`3615`	`3615`	`if (alg_k & SSL_kDHE) {`
`@@ -3628,6 +3628,7 @@ if (alg_k & (SSL_kRSA`
`3628`	`3628`	`goto f_err;`
`3629`	`3629`	`}`
`3630`	`3630`	`}`
	`3631`	`+**/`
`3631`	`3632`	`#endif /* !OPENSSL_NO_DH */`
`3632`	`3633`
`3633`	`3634`	`if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&`