CVSROOT: /cvs
Module name: src
Changes by: d...@cvs.openbsd.org 2023/12/18 07:48:09
Modified files:
usr.bin/ssh : ssh-agent.c
Log message:
ssh-agent: record failed session-bind attempts
Record failed attempts to session-bind a connection and refuse signing
operations on that connection henceforth.
Prevents a future situation where we add a new hostkey type that is not
recognised by an older ssh-agent, that consequently causes session-bind
to fail (this situation is only likely to arise when people mix ssh(1)
and ssh-agent(1) of different versions on the same host). Previously,
after such a failure the agent socket would be considered unbound and
not subject to restriction.
Spotted by Jann Horn
