CVS: cvs.openbsd.org: src

[Damien Miller]

CVSROOT:        /cvs
Module name:    src
Changes by:     d...@cvs.openbsd.org    2021/05/31 00:48:42

Modified files:
        usr.bin/ssh    : sk-usbhid.c 

Log message:
Hash challenge supplied by client during FIDO key enrollment prior to
passing it to libfido2, which does expect a hash.

There is no effect for users who are simply generating FIDO keys using
ssh-keygen - by default we generate a random 256 bit challenge, but
people building attestation workflows around our tools should now have
a more consistent experience (esp. fewer failures when they fail to
guess the magic 32-byte challenge length requirement).

ok markus@