[openssh-commits] [openssh] branch master updated (ac1ec954 -> 1875042c)

git+noreply at mindrot.org git+noreply at mindrot.org
Sat Sep 17 20:40:12 AEST 2022 

This is an automated email from the git hooks/post-receive script.

djm pushed a change to branch master
in repository openssh.

      from  ac1ec954  upstream: sftp: Be a bit more clever about completions
       new  30b2a7e4  upstream: correct error value
       new  3991a0cf  upstream: actually hook up restrict_websafe; the command-line flag
       new  07d8771b  upstream: Add a sshkey_check_rsa_length() call for checking the
       new  54b333d1  upstream: add a RequiredRSASize for checking RSA key length in
       new  1875042c  upstream: Add RequiredRSASize for sshd(8); RSA keys that fall

The 5 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.


Detailed log of new commits:

commit 1875042c52a3b950ae5963c9ca3774a4cc7f0380
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Sat Sep 17 10:34:29 2022 +0000

    upstream: Add RequiredRSASize for sshd(8); RSA keys that fall
    
    beneath this limit will be ignored for user and host-based authentication.
    
    Feedback deraadt@ ok markus@
    
    OpenBSD-Commit-ID: 187931dfc19d51873df5930a04f2d972adf1f7f1

commit 54b333d12e55e6560b328c737d514ff3511f1afd
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Sat Sep 17 10:33:18 2022 +0000

    upstream: add a RequiredRSASize for checking RSA key length in
    
    ssh(1). User authentication keys that fall beneath this limit will be
    ignored. If a host presents a host key beneath this limit then the connection
    will be terminated (unfortunately there are no fallbacks in the protocol for
    host authentication).
    
    feedback deraadt, Dmitry Belyavskiy; ok markus@
    
    OpenBSD-Commit-ID: 430e339b2a79fa9ecc63f2837b06fdd88a7da13a

commit 07d8771bacfefbcfb37fa8a6dc6103bcc097e0ab
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Sat Sep 17 10:30:45 2022 +0000

    upstream: Add a sshkey_check_rsa_length() call for checking the
    
    length of an RSA key; ok markus@
    
    OpenBSD-Commit-ID: de77cd5b11594297eda82edc594b0d32b8535134

commit 3991a0cf947cf3ae0f0373bcec5a90e86a7152f5
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Sat Sep 17 10:11:29 2022 +0000

    upstream: actually hook up restrict_websafe; the command-line flag
    
    was never actually used. Spotted by Matthew Garrett
    
    OpenBSD-Commit-ID: 0b363518ac4c2819dbaa3dfad4028633ab9cdff1

commit 30b2a7e4291fb9e357f80a237931ff008d686d3b
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri Sep 16 06:55:37 2022 +0000

    upstream: correct error value
    
    OpenBSD-Commit-ID: 780efcbad76281f11f14b2a5ff04eb6db3dfdad4

Summary of changes:
 auth2-hostbased.c |  7 ++++++-
 auth2-pubkey.c    |  7 ++++++-
 readconf.c        | 13 +++++++++++--
 readconf.h        |  4 +++-
 servconf.c        | 13 ++++++++++++-
 servconf.h        |  3 ++-
 sftp-server.c     |  4 ++--
 ssh-agent.c       |  5 +++--
 ssh.1             |  5 +++--
 ssh.c             | 27 ++++++++++++++++++---------
 ssh_config.5      | 15 +++++++++++++--
 sshconnect2.c     | 20 +++++++++++++++++++-
 sshd.c            |  9 ++++++++-
 sshd_config.5     | 14 ++++++++++++--
 sshkey.c          | 26 ++++++++++++++++----------
 sshkey.h          |  3 ++-
 16 files changed, 136 insertions(+), 39 deletions(-)

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list