summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--PROTOCOL.mux4
-rw-r--r--cipher.c4
-rw-r--r--configure.ac6
-rw-r--r--gss-serv.c4
-rw-r--r--monitor.c4
-rw-r--r--session.c6
-rw-r--r--ssh-keygen.c4
-rw-r--r--sshbuf.h4
-rw-r--r--sshd.c4
-rw-r--r--umac.c4
10 files changed, 24 insertions, 20 deletions
diff --git a/PROTOCOL.mux b/PROTOCOL.mux
index 77a0780a5..5fc4c06b9 100644
--- a/PROTOCOL.mux
+++ b/PROTOCOL.mux
@@ -39,7 +39,7 @@ messages between the client and server. The client therefore must
39speak a significant subset of the SSH protocol, but in return is able 39speak a significant subset of the SSH protocol, but in return is able
40to access basically the full suite of connection protocol features. 40to access basically the full suite of connection protocol features.
41Moreover, as no file descriptor passing is required, the connection 41Moreover, as no file descriptor passing is required, the connection
42supporting a proxy client may iteself be forwarded or relayed to another 42supporting a proxy client may itself be forwarded or relayed to another
43host if necessary. 43host if necessary.
44 44
451. Connection setup 451. Connection setup
@@ -295,4 +295,4 @@ XXX session inspection via master
295XXX signals via mux request 295XXX signals via mux request
296XXX list active connections via mux 296XXX list active connections via mux
297 297
298$OpenBSD: PROTOCOL.mux,v 1.11 2018/09/26 07:30:05 djm Exp $ 298$OpenBSD: PROTOCOL.mux,v 1.12 2020/03/13 03:17:07 djm Exp $
diff --git a/cipher.c b/cipher.c
index 54d325ee2..cd6e6def0 100644
--- a/cipher.c
+++ b/cipher.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cipher.c,v 1.115 2020/02/26 13:40:09 jsg Exp $ */ 1/* $OpenBSD: cipher.c,v 1.116 2020/03/13 03:17:07 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -337,7 +337,7 @@ cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher,
337/* 337/*
338 * cipher_crypt() operates as following: 338 * cipher_crypt() operates as following:
339 * Copy 'aadlen' bytes (without en/decryption) from 'src' to 'dest'. 339 * Copy 'aadlen' bytes (without en/decryption) from 'src' to 'dest'.
340 * Theses bytes are treated as additional authenticated data for 340 * These bytes are treated as additional authenticated data for
341 * authenticated encryption modes. 341 * authenticated encryption modes.
342 * En/Decrypt 'len' bytes at offset 'aadlen' from 'src' to 'dest'. 342 * En/Decrypt 'len' bytes at offset 'aadlen' from 'src' to 'dest'.
343 * Use 'authlen' bytes at offset 'len'+'aadlen' as the authentication tag. 343 * Use 'authlen' bytes at offset 'len'+'aadlen' as the authentication tag.
diff --git a/configure.ac b/configure.ac
index 7094d470d..a5c5c6243 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3111,9 +3111,13 @@ if test "x$enable_sk" = "xyes" -a "x$enable_sk_internal" = "xyes" ; then
3111 AC_DEFINE([ENABLE_SK_INTERNAL], [], 3111 AC_DEFINE([ENABLE_SK_INTERNAL], [],
3112 [Enable for built-in U2F/FIDO support]) 3112 [Enable for built-in U2F/FIDO support])
3113 enable_sk="built-in" 3113 enable_sk="built-in"
3114 ], [ ], 3114 ], [ AC_MSG_ERROR([no usable libfido2 found]) ],
3115 [ $OTHERLIBS ] 3115 [ $OTHERLIBS ]
3116 ) 3116 )
3117 AC_CHECK_HEADER([fido.h], [],
3118 AC_MSG_ERROR([missing fido.h from libfido2]))
3119 AC_CHECK_HEADER([fido/credman.h], [],
3120 AC_MSG_ERROR([missing fido/credman.h from libfido2]))
3117fi 3121fi
3118 3122
3119AC_CHECK_FUNCS([ \ 3123AC_CHECK_FUNCS([ \
diff --git a/gss-serv.c b/gss-serv.c
index ab3a15f0f..b5d4bb2d1 100644
--- a/gss-serv.c
+++ b/gss-serv.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: gss-serv.c,v 1.31 2018/07/09 21:37:55 markus Exp $ */ 1/* $OpenBSD: gss-serv.c,v 1.32 2020/03/13 03:17:07 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. 4 * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -337,7 +337,7 @@ ssh_gssapi_storecreds(void)
337 debug("ssh_gssapi_storecreds: Not a GSSAPI mechanism"); 337 debug("ssh_gssapi_storecreds: Not a GSSAPI mechanism");
338} 338}
339 339
340/* This allows GSSAPI methods to do things to the childs environment based 340/* This allows GSSAPI methods to do things to the child's environment based
341 * on the passed authentication process and credentials. 341 * on the passed authentication process and credentials.
342 */ 342 */
343/* As user */ 343/* As user */
diff --git a/monitor.c b/monitor.c
index 9a67d937b..b6e855d5d 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor.c,v 1.209 2020/02/26 13:40:09 jsg Exp $ */ 1/* $OpenBSD: monitor.c,v 1.210 2020/03/13 03:17:07 djm Exp $ */
2/* 2/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -1722,7 +1722,7 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor)
1722 } 1722 }
1723} 1723}
1724 1724
1725/* This function requries careful sanity checking */ 1725/* This function requires careful sanity checking */
1726 1726
1727void 1727void
1728mm_get_keystate(struct ssh *ssh, struct monitor *pmonitor) 1728mm_get_keystate(struct ssh *ssh, struct monitor *pmonitor)
diff --git a/session.c b/session.c
index 8c0e54f79..18cdfa8cf 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: session.c,v 1.318 2020/01/23 07:10:22 dtucker Exp $ */ 1/* $OpenBSD: session.c,v 1.319 2020/03/13 03:17:07 djm Exp $ */
2/* 2/*
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved 4 * All rights reserved
@@ -1017,7 +1017,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
1017 1017
1018#ifdef GSSAPI 1018#ifdef GSSAPI
1019 /* Allow any GSSAPI methods that we've used to alter 1019 /* Allow any GSSAPI methods that we've used to alter
1020 * the childs environment as they see fit 1020 * the child's environment as they see fit
1021 */ 1021 */
1022 ssh_gssapi_do_child(&env, &envsize); 1022 ssh_gssapi_do_child(&env, &envsize);
1023#endif 1023#endif
@@ -2412,7 +2412,7 @@ session_exit_message(struct ssh *ssh, Session *s, int status)
2412 /* 2412 /*
2413 * Adjust cleanup callback attachment to send close messages when 2413 * Adjust cleanup callback attachment to send close messages when
2414 * the channel gets EOF. The session will be then be closed 2414 * the channel gets EOF. The session will be then be closed
2415 * by session_close_by_channel when the childs close their fds. 2415 * by session_close_by_channel when the child sessions close their fds.
2416 */ 2416 */
2417 channel_register_cleanup(ssh, c->self, session_close_by_channel, 1); 2417 channel_register_cleanup(ssh, c->self, session_close_by_channel, 1);
2418 2418
diff --git a/ssh-keygen.c b/ssh-keygen.c
index cf8e1ba97..0fa141cff 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keygen.c,v 1.403 2020/03/13 03:12:17 djm Exp $ */ 1/* $OpenBSD: ssh-keygen.c,v 1.404 2020/03/13 03:17:07 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2476,7 +2476,7 @@ load_sign_key(const char *keypath, const struct sshkey *pubkey)
2476 int r; 2476 int r;
2477 2477
2478 /* 2478 /*
2479 * If passed a public key filename, then try to locate the correponding 2479 * If passed a public key filename, then try to locate the corresponding
2480 * private key. This lets us specify certificates on the command-line 2480 * private key. This lets us specify certificates on the command-line
2481 * and have ssh-keygen find the appropriate private key. 2481 * and have ssh-keygen find the appropriate private key.
2482 */ 2482 */
diff --git a/sshbuf.h b/sshbuf.h
index 165cd0b18..78e322647 100644
--- a/sshbuf.h
+++ b/sshbuf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshbuf.h,v 1.19 2020/01/25 23:02:14 djm Exp $ */ 1/* $OpenBSD: sshbuf.h,v 1.20 2020/03/13 03:17:07 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2011 Damien Miller 3 * Copyright (c) 2011 Damien Miller
4 * 4 *
@@ -187,7 +187,7 @@ int sshbuf_peek_u8(const struct sshbuf *buf, size_t offset,
187 u_char *valp); 187 u_char *valp);
188 188
189/* 189/*
190 * Functions to poke values into an exisiting buffer (e.g. a length header 190 * Functions to poke values into an existing buffer (e.g. a length header
191 * to a packet). The destination bytes must already exist in the buffer. 191 * to a packet). The destination bytes must already exist in the buffer.
192 */ 192 */
193int sshbuf_poke_u64(struct sshbuf *buf, size_t offset, u_int64_t val); 193int sshbuf_poke_u64(struct sshbuf *buf, size_t offset, u_int64_t val);
diff --git a/sshd.c b/sshd.c
index 60b2aaf73..c85df4da9 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshd.c,v 1.549 2020/01/31 23:13:04 djm Exp $ */ 1/* $OpenBSD: sshd.c,v 1.550 2020/03/13 03:17:07 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1110,7 +1110,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
1110 for (i = 0; i < num_listen_socks; i++) 1110 for (i = 0; i < num_listen_socks; i++)
1111 if (listen_socks[i] > maxfd) 1111 if (listen_socks[i] > maxfd)
1112 maxfd = listen_socks[i]; 1112 maxfd = listen_socks[i];
1113 /* pipes connected to unauthenticated childs */ 1113 /* pipes connected to unauthenticated child sshd processes */
1114 startup_pipes = xcalloc(options.max_startups, sizeof(int)); 1114 startup_pipes = xcalloc(options.max_startups, sizeof(int));
1115 startup_flags = xcalloc(options.max_startups, sizeof(int)); 1115 startup_flags = xcalloc(options.max_startups, sizeof(int));
1116 for (i = 0; i < options.max_startups; i++) 1116 for (i = 0; i < options.max_startups; i++)
diff --git a/umac.c b/umac.c
index 23132e94e..3d4e285bb 100644
--- a/umac.c
+++ b/umac.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: umac.c,v 1.19 2020/02/26 13:40:09 jsg Exp $ */ 1/* $OpenBSD: umac.c,v 1.20 2020/03/13 03:17:07 djm Exp $ */
2/* ----------------------------------------------------------------------- 2/* -----------------------------------------------------------------------
3 * 3 *
4 * umac.c -- C Implementation UMAC Message Authentication 4 * umac.c -- C Implementation UMAC Message Authentication
@@ -39,7 +39,7 @@
39 * at http://www.esat.kuleuven.ac.be/~rijmen/rijndael/ (search for 39 * at http://www.esat.kuleuven.ac.be/~rijmen/rijndael/ (search for
40 * "Barreto"). The only two files needed are rijndael-alg-fst.c and 40 * "Barreto"). The only two files needed are rijndael-alg-fst.c and
41 * rijndael-alg-fst.h. Brian Gladman's version is distributed with the GNU 41 * rijndael-alg-fst.h. Brian Gladman's version is distributed with the GNU
42 * Public lisence at http://fp.gladman.plus.com/AES/index.htm. It 42 * Public license at http://fp.gladman.plus.com/AES/index.htm. It
43 * includes a fast IA-32 assembly version. The OpenSSL crypo library is 43 * includes a fast IA-32 assembly version. The OpenSSL crypo library is
44 * the third. 44 * the third.
45 * 45 *