diff options
| author | jsg@openbsd.org <jsg@openbsd.org> | 2023-12-20 01:06:25 +0100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2024-01-08 03:25:21 +0100 |
| commit | 64ddf776531ca4933832beecc8b7ebe1b937e081 (patch) | |
| tree | e65746b98f9dc3ac6a210109ba7eda4a04d535e7 | |
| parent | upstream: sort -C, and add to usage(); ok djm (diff) | |
| download | openssh-64ddf776531ca4933832beecc8b7ebe1b937e081.tar.xz openssh-64ddf776531ca4933832beecc8b7ebe1b937e081.zip | |
upstream: spelling; ok markus@
OpenBSD-Commit-ID: 9d01f2e9d59a999d5d42fc3b3efcf8dfb892e31b
| -rw-r--r-- | PROTOCOL | 6 | ||||
| -rw-r--r-- | PROTOCOL.agent | 4 | ||||
| -rw-r--r-- | ssh-keyscan.c | 6 | ||||
| -rw-r--r-- | sshkey.c | 4 | ||||
| -rw-r--r-- | xmss_hash.c | 4 |
5 files changed, 12 insertions, 12 deletions
@@ -142,7 +142,7 @@ approaches. OpenSSH supports a number of transport-layer hardening measures under a "strict KEX" feature. This feature is signalled similarly to the RFC8308 ext-info feature: by including a additional algorithm in the -initiial SSH2_MSG_KEXINIT kex_algorithms field. The client may append +initial SSH2_MSG_KEXINIT kex_algorithms field. The client may append "kex-strict-c-v00@openssh.com" to its kex_algorithms and the server may append "kex-strict-s-v00@openssh.com". These pseudo-algorithms are only valid in the initial SSH2_MSG_KEXINIT and MUST be ignored @@ -150,7 +150,7 @@ if they are present in subsequent SSH2_MSG_KEXINIT packets. When an endpoint that supports this extension observes this algorithm name in a peer's KEXINIT packet, it MUST make the following changes to -the the protocol: +the protocol: a) During initial KEX, terminate the connection if any unexpected or out-of-sequence packet is received. This includes terminating the @@ -790,4 +790,4 @@ master instance and later clients. OpenSSH extends the usual agent protocol. These changes are documented in the PROTOCOL.agent file. -$OpenBSD: PROTOCOL,v 1.52 2023/12/19 06:41:14 djm Exp $ +$OpenBSD: PROTOCOL,v 1.53 2023/12/20 00:06:25 jsg Exp $ diff --git a/PROTOCOL.agent b/PROTOCOL.agent index e4a6b74c5..7637882f1 100644 --- a/PROTOCOL.agent +++ b/PROTOCOL.agent @@ -91,7 +91,7 @@ with private keys as they are loaded from a PKCS#11 token. bool certs_only string certsblob -Where "certsblob" constists of one or more certificates encoded as public +Where "certsblob" consists of one or more certificates encoded as public key blobs: string[] certificates @@ -112,4 +112,4 @@ A SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED will return SSH_AGENT_SUCCESS if any key (plain private or certificate) was successfully loaded, or SSH_AGENT_FAILURE if no key was loaded. -$OpenBSD: PROTOCOL.agent,v 1.21 2023/12/18 14:46:56 djm Exp $ +$OpenBSD: PROTOCOL.agent,v 1.22 2023/12/20 00:06:25 jsg Exp $ diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 1d2df709b..af0dc79b8 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keyscan.c,v 1.153 2023/06/21 05:06:04 djm Exp $ */ +/* $OpenBSD: ssh-keyscan.c,v 1.154 2023/12/20 00:06:25 jsg Exp $ */ /* * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. * @@ -504,11 +504,11 @@ congreet(int s) /* * Read the server banner as per RFC4253 section 4.2. The "SSH-" - * protocol identification string may be preceeded by an arbitrarily + * protocol identification string may be preceded by an arbitrarily * large banner which we must read and ignore. Loop while reading * newline-terminated lines until we have one starting with "SSH-". * The ID string cannot be longer than 255 characters although the - * preceeding banner lines may (in which case they'll be discarded + * preceding banner lines may (in which case they'll be discarded * in multiple iterations of the outer loop). */ for (;;) { @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.140 2023/10/16 08:40:00 dtucker Exp $ */ +/* $OpenBSD: sshkey.c,v 1.141 2023/12/20 00:06:25 jsg Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -1927,7 +1927,7 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, goto out; } if (sshkey_type_is_cert(type)) { - /* Skip nonce that preceeds all certificates */ + /* Skip nonce that precedes all certificates */ if (sshbuf_get_string_direct(b, NULL, NULL) != 0) { ret = SSH_ERR_INVALID_FORMAT; goto out; diff --git a/xmss_hash.c b/xmss_hash.c index db0e5fa36..70c126ae2 100644 --- a/xmss_hash.c +++ b/xmss_hash.c @@ -1,4 +1,4 @@ -/* $OpenBSD: xmss_hash.c,v 1.3 2022/04/20 16:00:25 millert Exp $ */ +/* $OpenBSD: xmss_hash.c,v 1.4 2023/12/20 00:06:25 jsg Exp $ */ /* hash.c version 20160722 Andreas Hülsing @@ -74,7 +74,7 @@ int prf(unsigned char *out, const unsigned char *in, const unsigned char *key, u } /* - * Implemts H_msg + * Implements H_msg */ int h_msg(unsigned char *out, const unsigned char *in, unsigned long long inlen, const unsigned char *key, const unsigned int keylen, const unsigned int n) { |