[openssh-commits] [openssh] branch master updated: upstream: sntrup761x25519-sha512 now has an IANA codepoint assigned, so

git+noreply at mindrot.org git+noreply at mindrot.org
Fri Aug 23 09:27:39 AEST 2024 

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

The following commit(s) were added to refs/heads/master by this push:
     new aee54878 upstream: sntrup761x25519-sha512 now has an IANA codepoint assigned, so
aee54878 is described below

commit aee54878255d71bf93aa6e91bbd4eb1825c0d1b9
Author: djm at openbsd.org <djm at openbsd.org>
AuthorDate: Thu Aug 22 23:11:30 2024 +0000

    upstream: sntrup761x25519-sha512 now has an IANA codepoint assigned, so
    
    we can make the algorithm available without the @openssh.com suffix too. ok
    markus@ deraadt@
    
    OpenBSD-Commit-ID: eeed8fcde688143a737729d3d56d20ab4353770f
---
 kex-names.c   | 4 +++-
 kex.h         | 5 +++--
 myproposal.h  | 3 ++-
 ssh_config.5  | 6 +++---
 sshd_config.5 | 8 +++++---
 5 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/kex-names.c b/kex-names.c
index 339eb1c2..903f5d1a 100644
--- a/kex-names.c
+++ b/kex-names.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex-names.c,v 1.1 2024/05/17 00:32:32 djm Exp $ */
+/* $OpenBSD: kex-names.c,v 1.2 2024/08/22 23:11:30 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -79,6 +79,8 @@ static const struct kexalg kexalgs[] = {
 #ifdef USE_SNTRUP761X25519
 	{ KEX_SNTRUP761X25519_SHA512, KEX_KEM_SNTRUP761X25519_SHA512, 0,
 	    SSH_DIGEST_SHA512 },
+	{ KEX_SNTRUP761X25519_SHA512_OLD, KEX_KEM_SNTRUP761X25519_SHA512, 0,
+	    SSH_DIGEST_SHA512 },
 #endif
 #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */
 	{ NULL, 0, -1, -1},
diff --git a/kex.h b/kex.h
index 34665eb2..4b3ece66 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.123 2024/05/17 00:30:23 djm Exp $ */
+/* $OpenBSD: kex.h,v 1.124 2024/08/22 23:11:30 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -62,7 +62,8 @@
 #define	KEX_ECDH_SHA2_NISTP521		"ecdh-sha2-nistp521"
 #define	KEX_CURVE25519_SHA256		"curve25519-sha256"
 #define	KEX_CURVE25519_SHA256_OLD	"curve25519-sha256 at libssh.org"
-#define	KEX_SNTRUP761X25519_SHA512	"sntrup761x25519-sha512 at openssh.com"
+#define	KEX_SNTRUP761X25519_SHA512	"sntrup761x25519-sha512"
+#define	KEX_SNTRUP761X25519_SHA512_OLD	"sntrup761x25519-sha512 at openssh.com"
 
 #define COMP_NONE	0
 /* pre-auth compression (COMP_ZLIB) is only supported in the client */
diff --git a/myproposal.h b/myproposal.h
index ee6e9f74..bef65690 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: myproposal.h,v 1.71 2022/03/30 21:13:23 djm Exp $ */
+/* $OpenBSD: myproposal.h,v 1.72 2024/08/22 23:11:30 djm Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -25,6 +25,7 @@
  */
 
 #define KEX_SERVER_KEX	\
+	"sntrup761x25519-sha512," \
 	"sntrup761x25519-sha512 at openssh.com," \
 	"curve25519-sha256," \
 	"curve25519-sha256 at libssh.org," \
diff --git a/ssh_config.5 b/ssh_config.5
index 021269ef..6a688a1b 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.398 2024/07/14 10:19:23 jsg Exp $
-.Dd $Mdocdate: July 14 2024 $
+.\" $OpenBSD: ssh_config.5,v 1.399 2024/08/22 23:11:30 djm Exp $
+.Dd $Mdocdate: August 22 2024 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -1281,7 +1281,7 @@ default set.
 .Pp
 The default is:
 .Bd -literal -offset indent
-sntrup761x25519-sha512 at openssh.com,
+sntrup761x25519-sha512,sntrup761x25519-sha512 at openssh.com,
 curve25519-sha256,curve25519-sha256 at libssh.org,
 ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
 diffie-hellman-group-exchange-sha256,
diff --git a/sshd_config.5 b/sshd_config.5
index a0e76998..587a9033 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.368 2024/07/26 15:24:49 naddy Exp $
-.Dd $Mdocdate: July 26 2024 $
+.\" $OpenBSD: sshd_config.5,v 1.369 2024/08/22 23:11:30 djm Exp $
+.Dd $Mdocdate: August 22 2024 $
 .Dt SSHD_CONFIG 5
 .Os
 .Sh NAME
@@ -1050,12 +1050,14 @@ ecdh-sha2-nistp384
 .It
 ecdh-sha2-nistp521
 .It
+sntrup761x25519-sha512
+.It
 sntrup761x25519-sha512 at openssh.com
 .El
 .Pp
 The default is:
 .Bd -literal -offset indent
-sntrup761x25519-sha512 at openssh.com,
+sntrup761x25519-sha512,sntrup761x25519-sha512 at openssh.com,
 curve25519-sha256,curve25519-sha256 at libssh.org,
 ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
 diffie-hellman-group-exchange-sha256,

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list