[openssh-commits] [openssh] branch master updated (d1e578af -> 37c70ea8)
git+noreply at mindrot.org
git+noreply at mindrot.org
Tue Jan 26 12:21:57 AEDT 2021
This is an automated email from the git hooks/post-receive script.
djm pushed a change to branch master
in repository openssh.
from d1e578af upstream: make ssh hostbased authentication send the signature
new cb7b22ea upstream: factor out common code in the agent client
new 1fe16fd6 upstream: use recallocarray to allocate the agent sockets table;
new 3b44f251 upstream: move check_host_cert() from sshconnect,c to sshkey.c and
new dfe18a29 upstream: make struct hostkeys public; I have no idea why I made it
new e0e8bee8 upstream: more ssh-agent refactoring
new 37c70ea8 upstream: refactor key constraint parsing in ssh-agent
The 6 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Detailed log of new commits:
commit 37c70ea8d4f3664a88141bcdf0bf7a16bd5fd1ac
Author: djm at openbsd.org <djm at openbsd.org>
Date: Tue Jan 26 00:54:49 2021 +0000
upstream: refactor key constraint parsing in ssh-agent
Key constraints parsing code previously existed in both the "add regular
key" and "add smartcard key" path. This unifies them but also introduces
more consistency checking: duplicated constraints and constraints that
are nonsensical for a particular situation (e.g. FIDO provider for a
smartcard key) are now banned.
ok markus@
OpenBSD-Commit-ID: 511cb1b1c021ee1d51a4c2d649b937445de7983c
commit e0e8bee8024fa9e31974244d14f03d799e5c0775
Author: djm at openbsd.org <djm at openbsd.org>
Date: Tue Jan 26 00:53:31 2021 +0000
upstream: more ssh-agent refactoring
Allow confirm_key() to accept an additional reason suffix
Factor publickey userauth parsing out into its own function and allow
it to optionally return things it parsed out of the message to its
caller.
feedback/ok markus@
OpenBSD-Commit-ID: 29006515617d1aa2d8b85cd2bf667e849146477e
commit dfe18a295542c169ffde8533b3d7fe42088e2de7
Author: djm at openbsd.org <djm at openbsd.org>
Date: Tue Jan 26 00:51:30 2021 +0000
upstream: make struct hostkeys public; I have no idea why I made it
opaque originally.
ok markus@
OpenBSD-Commit-ID: e50780b34d4bbe628d69b2405b024dd749d982f3
commit 3b44f2513cae89c920e8fe927b9bc910a1c8c65a
Author: djm at openbsd.org <djm at openbsd.org>
Date: Tue Jan 26 00:49:30 2021 +0000
upstream: move check_host_cert() from sshconnect,c to sshkey.c and
refactor it to make it more generally usable and testable.
ok markus@
OpenBSD-Commit-ID: 536f489f5ff38808c1fa711ba58d4579b636f9e4
commit 1fe16fd61bb53944ec510882acc0491abd66ff76
Author: djm at openbsd.org <djm at openbsd.org>
Date: Tue Jan 26 00:47:47 2021 +0000
upstream: use recallocarray to allocate the agent sockets table;
also clear socket entries that are being marked as unused.
spinkle in some debug2() spam to make it easier to watch an agent
do its thing.
ok markus
OpenBSD-Commit-ID: 74582c8e82e96afea46f6c7b6813a429cbc75922
commit cb7b22ea20a01332c81c0ddcb3555ad50de9cce2
Author: djm at openbsd.org <djm at openbsd.org>
Date: Tue Jan 26 00:46:17 2021 +0000
upstream: factor out common code in the agent client
Add a ssh_request_reply_decode() function that sends a message to
the agent, reads and parses a success/failure reply.
Use it for all requests that only expect success/failure
ok markus@
OpenBSD-Commit-ID: e0c1f4d5e6cfa525d62581e2b8de93be0cb85adb
Summary of changes:
auth2-hostbased.c | 4 +-
auth2-pubkey.c | 6 +-
authfd.c | 63 +++++----
hostfile.c | 8 +-
hostfile.h | 7 +-
ssh-agent.c | 375 ++++++++++++++++++++++++++++++++++--------------------
sshconnect.c | 56 +++-----
sshkey.c | 39 +++++-
sshkey.h | 6 +-
sshsig.c | 6 +-
10 files changed, 351 insertions(+), 219 deletions(-)
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list