[gnutls-dev] Small bug in SRP

Nikos Mavroyanopoulos nmav@gnutls.org
Wed Oct 1 19:54:05 2003


On Sun, Sep 21, 2003 at 11:15:04AM -0700, Casey Marshall wrote:

> Hi.
> I think, from what I know of SRP, that the function _gnutls_calc_srp_u
> should return an MPI of the hash result, which is in the variable `hd',
> not `holder'. Patch is:
[...]
> With this patch my own in-progress Java implementation of TLS can
> negotiate an SRP secret properly with a GnuTLS client. So maybe,
> perhaps, possibly, this is the right way to do it (the Internet Draft
> being light on details).
> (Incidentally, the example SRP parameter files do not seem to contain a
> prime modulus, which the implementation of SRP I am using rejects.)

You're correct. I've just updated the cvs with your fix. The cvs version
is already updated with the latest srp draft. I'll have a prerelease (0.9.8)
in a few days.

> Cheers,
> - -- 
> Casey Marshall || rsdio@metastatic.org
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (GNU/Linux)

-- 
Nikos Mavroyanopoulos