Description of problem: When openssl s_server is configured with 2048 bit RSA keys and a DHE cipher is negotiated, it will use the RFC5114 group 23. Version-Release number of selected component (if applicable): openssl-1.1.1g-1.fc31.x86_64 How reproducible: always Steps to Reproduce: 1. generate 2048 bit keys 2. connect client to server, force negotiation of DHE ciphers Actual results: Server proposes RFC 5114 group 23 in ServerKeyExchangeMessage Expected results: Server should select one of the parameters that use safe primes, from either RFC 3526 or RFC 7919 Additional info:
Fixed in rawhide and F33.