upstream: add a RequiredRSASize for checking RSA key length in

ssh(1). User authentication keys that fall beneath this limit will be ignored. If a host presents a host key beneath this limit then the connection will be terminated (unfortunately there are no fallbacks in the protocol for host authentication). feedback deraadt, Dmitry Belyavskiy; ok markus@ OpenBSD-Commit-ID: 430e339b2a79fa9ecc63f2837b06fdd88a7da13a
author: djm@openbsd.org <djm@openbsd.org> 2022-09-17 10:33:18 +0000
committer: Damien Miller <djm@mindrot.org> 2022-09-17 20:39:02 +1000
commit: 54b333d12e55e6560b328c737d514ff3511f1afd (patch)
tree: a146a4a4f3413d2003e573de1f7085823a2f306c /readconf.h
parent: 07d8771bacfefbcfb37fa8a6dc6103bcc097e0ab (diff)
download: openssh-git-54b333d12e55e6560b328c737d514ff3511f1afd.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/readconf.h b/readconf.h
index f647bd42..ffb5ec4f 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.h,v 1.147 2022/06/03 04:30:47 djm Exp $ */
+/* $OpenBSD: readconf.h,v 1.148 2022/09/17 10:33:18 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -176,6 +176,8 @@ typedef struct {
 
 	char   *known_hosts_command;
 
+	int	required_rsa_size;	/* minimum size of RSA keys */
+
 	char	*ignored_unknown; /* Pattern list of unknown tokens to ignore */
 }       Options;
author	djm@openbsd.org <djm@openbsd.org>	2022-09-17 10:33:18 +0000
committer	Damien Miller <djm@mindrot.org>	2022-09-17 20:39:02 +1000
commit	54b333d12e55e6560b328c737d514ff3511f1afd (patch)
tree	a146a4a4f3413d2003e573de1f7085823a2f306c /readconf.h
parent	07d8771bacfefbcfb37fa8a6dc6103bcc097e0ab (diff)
download	openssh-git-54b333d12e55e6560b328c737d514ff3511f1afd.tar.gz