CVSROOT: /cvs Module name: src Changes by: d...@cvs.openbsd.org 2023/12/18 07:48:09
Modified files: usr.bin/ssh : ssh-agent.c Log message: ssh-agent: record failed session-bind attempts Record failed attempts to session-bind a connection and refuse signing operations on that connection henceforth. Prevents a future situation where we add a new hostkey type that is not recognised by an older ssh-agent, that consequently causes session-bind to fail (this situation is only likely to arise when people mix ssh(1) and ssh-agent(1) of different versions on the same host). Previously, after such a failure the agent socket would be considered unbound and not subject to restriction. Spotted by Jann Horn