mirror of
https://github.com/strongswan/strongswan.git
synced 2025-10-04 00:00:14 -04:00
eae30af029
The 5.4.0 update changed the default bignum implementation to what could explicitly be enabled via `--enable-sp-math-all`. Since this uses fixed-sized buffers sufficient for key sizes of SP_INT_BITS, with a default of 4096, modp6144 and modp8192 didn't work anymore (wc_DhGenerateKeyPair() returned MP_EXPTMOD_E). So we have to adapt the feature checks for this. To support the larger DH groups we can either increase the buffer size via `--with-max-rsa-bits` or add `--enable-heapmath` so buffers get (re-)allocated as needed. We go with the latter for now.