Use 2048-bit DHE parameters from RFC 3526 instead of 5114 by default The parameters from RFC 5114 are not considered trustworthy, while those from RFC 3526 have been generated in a nothing-up-my-sleeve manner.

commit: 11f740aae4221f000da5363c33805be60dc70721 [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Fri Oct 13 16:56:15 2017 +0100
committer: Hanno Becker <hanno.becker@arm.com> Fri Oct 13 16:56:15 2017 +0100
tree: dede53b12cce4d2d26228e5a181b2d90d2dcebff
parent: a75a4591430919a6eb3d430aca396044fe3816d4 [diff]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index bae8433..228e383 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -3702,9 +3702,9 @@
 
 #if defined(POLARSSL_DHM_C)
     if( ( ret = mpi_read_string( &ssl->dhm_P, 16,
-                                 POLARSSL_DHM_RFC5114_MODP_2048_P) ) != 0 ||
+                                 POLARSSL_DHM_RFC3526_MODP_2048_P) ) != 0 ||
         ( ret = mpi_read_string( &ssl->dhm_G, 16,
-                                 POLARSSL_DHM_RFC5114_MODP_2048_G) ) != 0 )
+                                 POLARSSL_DHM_RFC3526_MODP_2048_G) ) != 0 )
     {
         SSL_DEBUG_RET( 1, "mpi_read_string", ret );
         return( ret );
commit	11f740aae4221f000da5363c33805be60dc70721	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Fri Oct 13 16:56:15 2017 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Fri Oct 13 16:56:15 2017 +0100
tree	dede53b12cce4d2d26228e5a181b2d90d2dcebff
parent	a75a4591430919a6eb3d430aca396044fe3816d4 [diff]