Security Fixes (BIND 9.3.2-P2):

Change the default RSA exponent from 3 to 65537 which is
not vulnerable to the attacks described in CVE-2006-4339.

Index: lib/dns/opensslrsa_link.c
--- lib/dns/opensslrsa_link.c.orig	2004-12-09 05:07:18 +0100
+++ lib/dns/opensslrsa_link.c	2006-11-04 09:58:32 +0100
@@ -39,6 +39,9 @@
 #include <openssl/err.h>
 #include <openssl/objects.h>
 #include <openssl/rsa.h>
+#if OPENSSL_VERSION_NUMBER > 0x00908000L
+#include <openssl/bn.h>
+#endif
 
 	/*
 	 * XXXMPA  Temporarially disable RSA_BLINDING as it requires
@@ -260,13 +263,47 @@
 
 static isc_result_t
 opensslrsa_generate(dst_key_t *key, int exp) {
+#if OPENSSL_VERSION_NUMBER > 0x00908000L
+	BN_GENCB cb;
+	RSA *rsa = RSA_new();
+	BIGNUM *e = BN_new();
+
+	if (rsa == NULL || e == NULL)
+		goto err;
+
+	if (exp == 0) {
+		/* RSA_F4 0x10001 */
+		BN_set_bit(e, 0);
+		BN_set_bit(e, 16);
+	 } else {
+		/* F5 0x100000001 */
+		BN_set_bit(e, 0);
+		BN_set_bit(e, 32);
+	}
+
+	BN_GENCB_set_old(&cb, NULL, NULL);
+
+	if (RSA_generate_key_ex(rsa, key->key_size, e, &cb)) {
+		BN_free(e);
+		SET_FLAGS(rsa);
+		key->opaque = rsa;
+		return (ISC_R_SUCCESS);
+	}
+
+ err:
+	if (e != NULL)
+		BN_free(e);
+	if (rsa != NULL)
+		RSA_free(rsa);
+	return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+#else
 	RSA *rsa;
 	unsigned long e;
 
 	if (exp == 0)
-		e = RSA_3;
-	else
 		e = RSA_F4;
+	else
+		e = 0x40000003;
 	rsa = RSA_generate_key(key->key_size, e, NULL, NULL);
 	if (rsa == NULL)
 		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
@@ -274,6 +311,7 @@
 	key->opaque = rsa;
 
 	return (ISC_R_SUCCESS);
+#endif
 }
 
 static isc_boolean_t