[openssh-commits] [openssh] branch master updated (931c9338 -> 5c1953bf)
git+noreply at mindrot.org
git+noreply at mindrot.org
Tue Dec 29 12:41:16 AEDT 2020
This is an automated email from the git hooks/post-receive script.
djm pushed a change to branch master
in repository openssh.
from 931c9338 whitespace at EOL
new 09d070cc upstream: tweak the description of KnownHostsCommand in ssh_conf.5,
new 2c71cec0 upstream: Update/replace the experimental post-quantim hybrid key
new 659864fe upstream: Adapt to replacement of
new 5c1953bf adapt KEX fuzzer to PQ kex change
The 4 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Detailed log of new commits:
commit 5c1953bf98732da5a76c706714ac066dbfa015ac
Author: Damien Miller <djm at mindrot.org>
Date: Tue Dec 29 12:40:54 2020 +1100
adapt KEX fuzzer to PQ kex change
commit 659864fe81dbc57eeed3769c462679d83e026640
Author: djm at openbsd.org <djm at openbsd.org>
Date: Tue Dec 29 01:02:15 2020 +0000
upstream: Adapt to replacement of
sntrup4591761x25519-sha512 at tinyssh.org with
sntrup761x25519-sha512 at openssh.com.
Also test sntrup761x25519-sha512 at openssh.com in unittests/kex
OpenBSD-Regress-ID: cfa3506b2b077a9cac1877fb521efd2641b6030c
commit 2c71cec020219d69df84055c59eba5799a1233ec
Author: djm at openbsd.org <djm at openbsd.org>
Date: Tue Dec 29 00:59:15 2020 +0000
upstream: Update/replace the experimental post-quantim hybrid key
exchange method based on Streamlined NTRU Prime (coupled with X25519).
The previous sntrup4591761x25519-sha512 at tinyssh.org method is
replaced with sntrup761x25519-sha512 at openssh.com. Per the authors,
sntrup4591761 was replaced almost two years ago by sntrup761.
The sntrup761 implementaion, like sntrup4591761 before it, is public
domain code extracted from the SUPERCOP cryptography benchmark
suite (https://bench.cr.yp.to/supercop.html).
Thanks for Daniel J Bernstein for guidance on algorithm selection.
Patch from Tobias Heider; feedback & ok markus@ and myself
(note this both the updated method and the one that it replaced are
disabled by default)
OpenBSD-Commit-ID: 2bf582b772d81ee24e911bb6f4b2aecfd39338ae
commit 09d070ccc3574ae0d7947d212ed53c7268ef7e1f
Author: jmc at openbsd.org <jmc at openbsd.org>
Date: Tue Dec 22 07:40:26 2020 +0000
upstream: tweak the description of KnownHostsCommand in ssh_conf.5,
and add entries for it to the -O list in scp.1 and sftp.1;
ok djm
OpenBSD-Commit-ID: aba31ebea03f38f8d218857f7ce16a500c3e4aff
Summary of changes:
.depend | 7 +-
Makefile.in | 2 +-
crypto_api.h | 16 +-
kex.c | 4 +-
kex.h | 14 +-
kexgen.c | 18 +-
kexsntrup4591761x25519.c => kexsntrup761x25519.c | 52 +-
monitor.c | 4 +-
regress/misc/fuzz-harness/kex_fuzz.cc | 2 +-
regress/misc/kexfuzz/Makefile | 6 +-
regress/unittests/kex/Makefile | 6 +-
regress/unittests/kex/test_kex.c | 4 +-
scp.1 | 5 +-
sftp.1 | 5 +-
sntrup4591761.c | 1083 -----------------
sntrup4591761.sh | 57 -
sntrup761.c | 1364 ++++++++++++++++++++++
sntrup761.sh | 65 ++
ssh-keyscan.c | 4 +-
ssh_api.c | 6 +-
ssh_config.5 | 20 +-
sshconnect2.c | 4 +-
sshd.c | 4 +-
sshd_config.5 | 6 +-
24 files changed, 1526 insertions(+), 1232 deletions(-)
rename kexsntrup4591761x25519.c => kexsntrup761x25519.c (78%)
delete mode 100644 sntrup4591761.c
delete mode 100644 sntrup4591761.sh
create mode 100644 sntrup761.c
create mode 100644 sntrup761.sh
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list