Index: trunk/src/sh_forward.c
===================================================================
--- trunk/src/sh_forward.c	(revision 223)
+++ trunk/src/sh_forward.c	(revision 225)
@@ -1200,5 +1200,5 @@
 		      /* --- Now send H(A,B,H(Sc)) and check. --- 
 		       */
-		      if (foo_Sc != NULL)
+		      if (foo_Sc != NULL && 0 == sh_srp_check_zero (foo_Sc))
 			{
 			  sh_srp_M(foo_A, 
@@ -4157,5 +4157,6 @@
 				       conn->A, 
 				       conn->client_entry->verifier);
-		  if (foo_Ss == NULL)
+
+		  if (foo_Ss == NULL || 0 != sh_srp_check_zero (foo_Ss))
 		    {
 		      status_update (conn->client_entry, CLT_FAILED);
Index: trunk/src/sh_srp.c
===================================================================
--- trunk/src/sh_srp.c	(revision 223)
+++ trunk/src/sh_srp.c	(revision 225)
@@ -388,4 +388,5 @@
   if (res != BIG_OK)             val = (-1);
   else if (0 != big_zerop(&AB) ) val = (-1); /* 0 != (sign == 0) */
+  else if (0 != big_zerop(&r) )  val = (-1); /* 0 != (sign == 0) */
   else                           val =    0;
 
@@ -711,4 +712,95 @@
 
 
-
-
+#ifdef SH_CUTEST
+#include "CuTest.h"
+
+void Test_srp (CuTest *tc)
+{
+#if defined(USE_SRP_PROTOCOL) && (defined (SH_WITH_CLIENT) || defined (SH_WITH_SERVER))
+
+  int result;
+  char     modulus[80*4];
+  bignum   a, b, c;
+  bigerr_t res;
+  char    *str = NULL;
+
+  res = sh_srp_init();
+  CuAssertTrue(tc, res == 0);
+
+  (void) sl_strlcpy(modulus, SRP_MODULUS_1024_1, sizeof(modulus));
+  (void) sl_strlcat(modulus, SRP_MODULUS_1024_2, sizeof(modulus));
+  (void) sl_strlcat(modulus, SRP_MODULUS_1024_3, sizeof(modulus));
+  (void) sl_strlcat(modulus, SRP_MODULUS_1024_4, sizeof(modulus));
+
+  res = big_create(&a);
+  CuAssertTrue(tc, res == BIG_OK);
+
+  /* Check plain zero 
+   */
+  result = sh_srp_check_zero ("0");
+  CuAssertTrue(tc, result != 0);
+  
+  res = big_set_string ("0",  16, &a);
+  CuAssertTrue(tc, res == BIG_OK);
+
+  result = sh_srp_check_zero (big_string(&a, 16));
+  CuAssertTrue(tc, result != 0);
+
+  /* Check modulus (equals 0 % M) 
+   */
+  result = sh_srp_check_zero (modulus);
+  CuAssertTrue(tc, result != 0);
+
+  res = big_set_string (modulus,  16, &a);
+  CuAssertTrue(tc, res == BIG_OK);
+
+  result = sh_srp_check_zero (big_string(&a, 16));
+  CuAssertTrue(tc, result != 0);
+
+  /* Check non-zero 
+   */
+  modulus[0] = 'a';
+
+  result = sh_srp_check_zero (modulus);
+  CuAssertTrue(tc, result == 0);
+
+  res = big_set_string (modulus,  16, &a);
+  CuAssertTrue(tc, res == BIG_OK);
+
+  result = sh_srp_check_zero (big_string(&a, 16));
+  CuAssertTrue(tc, result == 0);
+
+  modulus[0] = 'f';
+
+  /* Check multiple of modulus 
+   */
+  res = big_set_string (modulus,  16, &a);
+  CuAssertTrue(tc, res == BIG_OK);
+
+  res = big_create(&b);
+  CuAssertTrue(tc, res == BIG_OK);
+
+  res = big_create(&c);
+  CuAssertTrue(tc, res == BIG_OK);
+
+  res = big_set_string ("deadbeef", 16, &b);
+  CuAssertTrue(tc, res == BIG_OK);
+
+  res = big_mul (&a, &b, &c);
+  CuAssertTrue(tc, res == BIG_OK);
+
+  str = strdup(big_string (&c, 16));
+  CuAssertPtrNotNull(tc, str);
+
+  result = sh_srp_check_zero (str);
+  CuAssertTrue(tc, result != 0);
+
+#else
+  (void) tc; /* fix compiler warning */
+#endif
+  return;
+}
+#endif
+
+
+