artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7800c16) | patch
better validate CASignatureAlgorithms in ssh_config and sshd_config.
authordjm <djm@openbsd.org>
Wed, 21 Jun 2023 05:10:26 +0000 (05:10 +0000)
committerdjm <djm@openbsd.org>
Wed, 21 Jun 2023 05:10:26 +0000 (05:10 +0000)
commitfd6d8a575ff14ec727afa81f4b201c239686a599
tree62b0d0945386b0cc7e655632edd5dcfaefc761bbtree | snapshot
parent7800c160b8717a2e4dba6ad3b683ff4cdd9e867ecommit | diff
better validate CASignatureAlgorithms in ssh_config and sshd_config.

Previously this directive would accept certificate algorithm names, but
these were unusable in practice as OpenSSH does not support CA chains.

part of bz3577; ok dtucker@
usr.bin/ssh/readconf.c diff | blob | history
usr.bin/ssh/servconf.c diff | blob | history
usr.bin/ssh/sshkey.c diff | blob | history
usr.bin/ssh/sshkey.h diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim