fix merge conflicts

.skipped-commit-ids

@@ -27,6 +27,7 @@ cc12a9029833d222043aecd252d654965c351a69	moduli-gen Makefile
 f9a0726d957cf10692a231996a1f34e7f9cdfeb0	moduli update
 1e0a2692b7e20b126dda60bf04999d1d30d959d8	sshd relinking makefile changes
 e1dc11143f83082e3154d6094f9136d0dc2637ad	more relinking makefile tweaks
+5a636f6ca7f25bfe775df4952f7aac90a7fcbbee	moduli update
 
 Old upstream tree:
 

PROTOCOL

@@ -137,12 +137,12 @@ than as a named global or channel request to allow pings with very
 short packet lengths, which would not be possible with other
 approaches.
 
-1.9 transport: strict key exchange extension
+1.10 transport: strict key exchange extension
 
 OpenSSH supports a number of transport-layer hardening measures under
 a "strict KEX" feature. This feature is signalled similarly to the
 RFC8308 ext-info feature: by including a additional algorithm in the
-initiial SSH2_MSG_KEXINIT kex_algorithms field. The client may append
+initial SSH2_MSG_KEXINIT kex_algorithms field. The client may append
 "kex-strict-c-v00@openssh.com" to its kex_algorithms and the server
 may append "kex-strict-s-v00@openssh.com". These pseudo-algorithms
 are only valid in the initial SSH2_MSG_KEXINIT and MUST be ignored
@@ -150,20 +150,21 @@ if they are present in subsequent SSH2_MSG_KEXINIT packets.
 
 When an endpoint that supports this extension observes this algorithm
 name in a peer's KEXINIT packet, it MUST make the following changes to
-the the protocol:
+the protocol:
 
-a) During initial KEX, terminate the connection if any unexpected or
-   out-of-sequence packet is received. This includes terminating the
-   connection if the first packet received is not SSH2_MSG_KEXINIT.
-   Unexpected packets for the purpose of strict KEX include messages
-   that are otherwise valid at any time during the connection such as
-   SSH2_MSG_DEBUG and SSH2_MSG_IGNORE.
+a) During initial KEX, terminate the connection if out-of-sequence
+   packet or any message that is not strictly required by KEX is
+   received. This includes terminating the connection if the first
+   packet received is not SSH2_MSG_KEXINIT. Unexpected packets for
+   the purpose of strict KEX include messages that are otherwise
+   valid at any time during the connection such as SSH2_MSG_DEBUG,
+   SSH2_MSG_IGNORE or SSH2_MSG_UNIMPLEMENTED.
 b) After sending or receiving a SSH2_MSG_NEWKEYS message, reset the
    packet sequence number to zero. This behaviour persists for the
    duration of the connection (i.e. not just the first
    SSH2_MSG_NEWKEYS).
 
-1.10 transport: SSH2_MSG_EXT_INFO during user authentication
+1.11 transport: SSH2_MSG_EXT_INFO during user authentication
 
 This protocol extension allows the SSH2_MSG_EXT_INFO to be sent
 during user authentication. RFC8308 does allow a second
@@ -735,6 +736,7 @@ identifiers:
 The server will reply with a SSH_FXP_EXTENDED_REPLY:
 
 	byte		SSH_FXP_EXTENDED_REPLY
+	uint32		id
 	string		usernames
 	string		groupnames
 
@@ -790,4 +792,4 @@ master instance and later clients.
 OpenSSH extends the usual agent protocol. These changes are documented
 in the PROTOCOL.agent file.
 
-$OpenBSD: PROTOCOL,v 1.51 2023/12/18 14:45:49 djm Exp $
+$OpenBSD: PROTOCOL,v 1.55 2024/01/08 05:05:15 djm Exp $

PROTOCOL.agent

@@ -91,7 +91,7 @@ with private keys as they are loaded from a PKCS#11 token.
 	bool		certs_only
 	string		certsblob
 
-Where "certsblob" constists of one or more certificates encoded as public
+Where "certsblob" consists of one or more certificates encoded as public
 key blobs:
 
 	string[]	certificates
@@ -112,4 +112,4 @@ A SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED will return SSH_AGENT_SUCCESS
 if any key (plain private or certificate) was successfully loaded, or
 SSH_AGENT_FAILURE if no key was loaded.
 
-$OpenBSD: PROTOCOL.agent,v 1.21 2023/12/18 14:46:56 djm Exp $
+$OpenBSD: PROTOCOL.agent,v 1.22 2023/12/20 00:06:25 jsg Exp $

PROTOCOL.mux

@@ -188,8 +188,6 @@ For dynamically allocated listen port the server replies with
 
 7. Requesting closure of port forwards
 
-Note: currently unimplemented (server will always reply with MUX_S_FAILURE).
-
 A client may request the master to close a port forward:
 
 	uint32	MUX_C_CLOSE_FWD
@@ -295,4 +293,4 @@ XXX session inspection via master
 XXX signals via mux request
 XXX list active connections via mux
 
-$OpenBSD: PROTOCOL.mux,v 1.13 2022/01/01 01:55:30 jsg Exp $
+$OpenBSD: PROTOCOL.mux,v 1.14 2024/01/08 05:11:18 djm Exp $

README.platform

@@ -53,11 +53,12 @@ Darwin does not provide a tun(4) driver required for OpenSSH-based
 virtual private networks. The BSD manpage still exists, but the driver
 has been removed in recent releases of Darwin and MacOS X.
 
-Nevertheless, tunnel support is known to work with Darwin 8 and
-MacOS X 10.4 in Point-to-Point (Layer 3) and Ethernet (Layer 2) mode
-using a third party driver. More information is available at:
-	http://www-user.rhrk.uni-kl.de/~nissler/tuntap/
+Tunnel support is known to work with Darwin 8 and MacOS X 10.4 in
+Point-to-Point (Layer 3) and Ethernet (Layer 2) mode using a third
+party driver. More information is available at:
+	https://tuntaposx.sourceforge.net
 
+Recent Darwin/MacOS X versions are likely unsupported.
 
 Linux
 -----

kex.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.184 2023/12/18 14:45:49 djm Exp $ */
+/* $OpenBSD: kex.c,v 1.185 2024/01/08 00:34:33 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -776,10 +776,11 @@ static int
 kex_input_newkeys(int type, u_int32_t seq, struct ssh *ssh)
 {
 	struct kex *kex = ssh->kex;
-	int r;
+	int r, initial = (kex->flags & KEX_INITIAL) != 0;
+	char *cp, **prop;
 
 	debug("SSH2_MSG_NEWKEYS received");
-	if (kex->ext_info_c && (kex->flags & KEX_INITIAL) != 0)
+	if (kex->ext_info_c && initial)
 		ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &kex_input_ext_info);
 	ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_protocol_error);
 	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);
@@ -787,10 +788,32 @@ kex_input_newkeys(int type, u_int32_t seq, struct ssh *ssh)
 		return r;
 	if ((r = ssh_set_newkeys(ssh, MODE_IN)) != 0)
 		return r;
+	if (initial) {
+		/* Remove initial KEX signalling from proposal for rekeying */
+		if ((r = kex_buf2prop(kex->my, NULL, &prop)) != 0)
+			return r;
+		if ((cp = match_filter_denylist(prop[PROPOSAL_KEX_ALGS],
+		    kex->server ?
+		    "ext-info-s,kex-strict-s-v00@openssh.com" :
+		    "ext-info-c,kex-strict-c-v00@openssh.com")) == NULL) {
+			error_f("match_filter_denylist failed");
+			goto fail;
+		}
+		free(prop[PROPOSAL_KEX_ALGS]);
+		prop[PROPOSAL_KEX_ALGS] = cp;
+		if ((r = kex_prop2buf(ssh->kex->my, prop)) != 0) {
+			error_f("kex_prop2buf failed");
+ fail:
+			kex_proposal_free_entries(prop);
+			free(prop);
+			return SSH_ERR_INTERNAL_ERROR;
+		}
+		kex_proposal_free_entries(prop);
+		free(prop);
+	}
 	kex->done = 1;
 	kex->flags &= ~KEX_INITIAL;
 	sshbuf_reset(kex->peer);
-	/* sshbuf_reset(kex->my); */
 	kex->flags &= ~KEX_INIT_SENT;
 	free(kex->name);
 	kex->name = NULL;

m4/openssh.m4

@@ -20,18 +20,24 @@ char *f2(char *s, ...) {
 	va_end(args);
 	return strdup(ret);
 }
+const char *f3(int s) {
+	return s ? "good" : "gooder";
+}
 int main(int argc, char **argv) {
-	(void)argv;
 	char b[256], *cp;
+	const char *s;
 	/* Some math to catch -ftrapv problems in the toolchain */
 	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
 	float l = i * 2.1;
 	double m = l / 0.5;
 	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
+	(void)argv;
 	f(1);
-	snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld\n", i,j,k,l,m,n,o);
+	s = f3(f(2));
+	snprintf(b, sizeof b, "%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s);
 	if (write(1, b, 0) == -1) exit(0);
-	cp = f2("%d %d %d %f %f %lld %lld\n", i,j,k,l,m,n,o);
+	cp = f2("%d %d %d %f %f %lld %lld %s\n", i,j,k,l,m,n,o,s);
+	if (write(1, cp, 0) == -1) exit(0);
 	free(cp);
 	/*
 	 * Test fallthrough behaviour.  clang 10's -Wimplicit-fallthrough does

openbsd-compat/getopt.h

@@ -33,6 +33,14 @@
 #ifndef _GETOPT_H_
 #define _GETOPT_H_
 
+#ifndef __THROW
+# if defined __cplusplus
+#  define __THROW throw()
+# else
+#  define __THROW
+# endif
+#endif
+
 /*
  * GNU-like getopt_long() and 4.4BSD getsubopt()/optreset extensions
  */
@@ -63,8 +71,8 @@ int	 getopt_long_only(int, char * const *, const char *,
 
 #ifndef _GETOPT_DEFINED_
 #define _GETOPT_DEFINED_
-int	 getopt(int, char * const *, const char *);
-int	 getsubopt(char **, char * const *, char **);
+int	 getopt(int, char * const *, const char *) __THROW;
+int	 getsubopt(char **, char * const *, char **) __THROW;
 
 extern   char *optarg;                  /* getopt(3) external variables */
 extern   int opterr;

openbsd-compat/openbsd-compat.h

@@ -48,6 +48,14 @@
 #include "blf.h"
 #include "fnmatch.h"
 
+#ifndef __THROW
+# if defined __cplusplus
+#  define __THROW throw()
+# else
+#  define __THROW
+# endif
+#endif
+
 #if defined(HAVE_LOGIN_CAP) && !defined(HAVE_LOGIN_GETPWCLASS)
 # include <login_cap.h>
 # define login_getpwclass(pw) login_getclass(pw->pw_class)
@@ -187,7 +195,7 @@ int getgrouplist(const char *, gid_t, gid_t *, int *);
 #endif
 
 #if !defined(HAVE_GETOPT) || !defined(HAVE_GETOPT_OPTRESET)
-int BSDgetopt(int argc, char * const *argv, const char *opts);
+int BSDgetopt(int argc, char * const *argv, const char *opts) __THROW;
 #include "openbsd-compat/getopt.h"
 #endif
 

regress/misc/fuzz-harness/Makefile

@@ -1,10 +1,10 @@
 # NB. libssh and libopenbsd-compat should be built with the same sanitizer opts.
-CC=clang-11
-CXX=clang++-11
+CC=clang-16
+CXX=clang++-16
 FUZZ_FLAGS=-fsanitize=address,fuzzer -fno-omit-frame-pointer
-FUZZ_LIBS=-lFuzzer
+FUZZ_LIBS=-L/usr/lib/llvm-16/lib -lFuzzer
 
-CXXFLAGS=-O2 -g -Wall -Wextra -Wno-unused-parameter -I ../../.. $(FUZZ_FLAGS)
+CXXFLAGS=-O2 -g -Wall -Wextra -Wno-unused-parameter -Wno-exceptions -I ../../.. $(FUZZ_FLAGS)
 CFLAGS=$(CXXFLAGS)
 LDFLAGS=-L ../../.. -L ../../../openbsd-compat -g $(FUZZ_FLAGS)
 LIBS=-lssh -lopenbsd-compat -lmd -lcrypto -lfido2 -lcbor $(FUZZ_LIBS)

regress/misc/fuzz-harness/agent_fuzz_helper.c

@@ -175,3 +175,10 @@ test_one(const uint8_t* s, size_t slen)
 	cleanup_idtab();
 	cleanup_sockettab();
 }
+
+int
+pkcs11_make_cert(const struct sshkey *priv,
+    const struct sshkey *certpub, struct sshkey **certprivp)
+{
+	return -1; /* XXX */
+}

ssh-add.1

@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-add.1,v 1.85 2023/12/18 14:46:56 djm Exp $
+.\"	$OpenBSD: ssh-add.1,v 1.86 2023/12/19 06:57:34 jmc Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 18 2023 $
+.Dd $Mdocdate: December 19 2023 $
 .Dt SSH-ADD 1
 .Os
 .Sh NAME
@@ -43,7 +43,7 @@
 .Nd adds private key identities to the OpenSSH authentication agent
 .Sh SYNOPSIS
 .Nm ssh-add
-.Op Fl cCDdKkLlqvXx
+.Op Fl CcDdKkLlqvXx
 .Op Fl E Ar fingerprint_hash
 .Op Fl H Ar hostkey_file
 .Op Fl h Ar destination_constraint
@@ -52,7 +52,7 @@
 .Op Ar
 .Nm ssh-add
 .Fl s Ar pkcs11
-.Op Fl vC
+.Op Fl Cv
 .Op Ar certificate ...
 .Nm ssh-add
 .Fl e Ar pkcs11
@@ -94,6 +94,9 @@ to work.
 .Pp
 The options are as follows:
 .Bl -tag -width Ds
+.It Fl C
+When loading keys into or deleting keys from the agent, process
+certificates only and skip plain keys.
 .It Fl c
 Indicates that added identities should be subject to confirmation before
 being used for authentication.
@@ -102,9 +105,6 @@ Confirmation is performed by
 Successful confirmation is signaled by a zero exit status from
 .Xr ssh-askpass 1 ,
 rather than text entered into the requester.
-.It Fl C
-When loading keys into or deleting keys from the agent, process
-certificates only and skip plain keys.
 .It Fl D
 Deletes all identities from the agent.
 .It Fl d

ssh-add.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-add.c,v 1.169 2023/12/18 14:46:56 djm Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.171 2024/01/08 00:30:39 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -797,14 +797,14 @@ usage(void)
 "usage: ssh-add [-cDdKkLlqvXx] [-E fingerprint_hash] [-S provider] [-t life]\n"
 #else
 	fprintf(stderr,
-"usage: ssh-add [-cDdKkLlqvXx] [-E fingerprint_hash] [-H hostkey_file]\n"
+"usage: ssh-add [-CcDdKkLlqvXx] [-E fingerprint_hash] [-H hostkey_file]\n"
 "               [-h destination_constraint] [-S provider] [-t life]\n"
 #endif
 #ifdef WITH_XMSS
 "               [-M maxsign] [-m minleft]\n"
 #endif
 "               [file ...]\n"
-"       ssh-add -s pkcs11\n"
+"       ssh-add -s pkcs11 [-Cv] [certificate ...]\n"
 "       ssh-add -e pkcs11\n"
 "       ssh-add -T pubkey ...\n"
 	);
@@ -825,12 +825,7 @@ main(int argc, char **argv)
 	LogLevel log_level = SYSLOG_LEVEL_INFO;
 	struct sshkey *k, **certs = NULL;
 	struct dest_constraint **dest_constraints = NULL;
-#ifdef WINDOWS
-	// when ndest_contraints is implemented, will have to use complex I
 	size_t ndest_constraints = 0, ncerts = 0;
-#else
-	size_t ndest_constraints = 0i, ncerts = 0;
-#endif /* WINDOWS */
 
 	/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
 	sanitise_stdfd();

ssh-agent.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.303 2023/12/18 14:48:08 djm Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.304 2023/12/18 15:58:56 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1525,7 +1525,7 @@ no_identities(SocketEntry *e)
 /* Add an identity to idlist; takes ownership of 'key' and 'comment' */
 static void
 add_p11_identity(struct sshkey *key, char *comment, const char *provider,
-    time_t death, int confirm, struct dest_constraint *dest_constraints,
+    time_t death, u_int confirm, struct dest_constraint *dest_constraints,
     size_t ndest_constraints)
 {
 	Identity *id;

ssh-keyscan.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keyscan.c,v 1.153 2023/06/21 05:06:04 djm Exp $ */
+/* $OpenBSD: ssh-keyscan.c,v 1.154 2023/12/20 00:06:25 jsg Exp $ */
 /*
  * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
  *
@@ -504,11 +504,11 @@ congreet(int s)
 
 	/*
 	 * Read the server banner as per RFC4253 section 4.2.  The "SSH-"
-	 * protocol identification string may be preceeded by an arbitrarily
+	 * protocol identification string may be preceded by an arbitrarily
 	 * large banner which we must read and ignore.  Loop while reading
 	 * newline-terminated lines until we have one starting with "SSH-".
 	 * The ID string cannot be longer than 255 characters although the
-	 * preceeding banner lines may (in which case they'll be discarded
+	 * preceding banner lines may (in which case they'll be discarded
 	 * in multiple iterations of the outer loop).
 	 */
 	for (;;) {

ssh-pkcs11-client.c

@@ -688,6 +688,7 @@ pkcs11_make_cert(const struct sshkey *priv,
 		RSA_set_method(ret->rsa, helper->rsa_meth);
 		if (helper->nrsa++ >= INT_MAX)
 			fatal_f("RSA refcount error");
+#if defined(OPENSSL_HAS_ECC) && defined(HAVE_EC_KEY_METHOD_NEW)
 	} else if (priv->type == KEY_ECDSA) {
 		if ((helper = helper_by_ec(priv->ecdsa)) == NULL ||
 		    helper->fd == -1)
@@ -697,6 +698,7 @@ pkcs11_make_cert(const struct sshkey *priv,
 		EC_KEY_set_method(ret->ecdsa, helper->ec_meth);
 		if (helper->nec++ >= INT_MAX)
 			fatal_f("EC refcount error");
+#endif
 	} else
 		fatal_f("unknown key type %s", sshkey_type(priv));
 

sshconnect2.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.371 2023/12/18 14:45:49 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.372 2024/01/08 00:34:34 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -225,7 +225,7 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port,
     const struct ssh_conn_info *cinfo)
 {
 	char *myproposal[PROPOSAL_MAX];
-	char *s, *all_key, *hkalgs = NULL;
+	char *all_key, *hkalgs = NULL;
 	int r, use_known_hosts_order = 0;
 
 	xxx_host = host;
@@ -253,14 +253,12 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port,
 		fatal_fr(r, "kex_assemble_namelist");
 	free(all_key);
 
-	if ((s = kex_names_cat(options.kex_algorithms, "ext-info-c")) == NULL)
-		fatal_f("kex_names_cat");
-
 	if (use_known_hosts_order)
 		hkalgs = order_hostkeyalgs(host, hostaddr, port, cinfo);
 
-	kex_proposal_populate_entries(ssh, myproposal, s, options.ciphers,
-	    options.macs, compression_alg_list(options.compression),
+	kex_proposal_populate_entries(ssh, myproposal,
+	    options.kex_algorithms, options.ciphers, options.macs,
+	    compression_alg_list(options.compression),
 	    hkalgs ? hkalgs : options.hostkeyalgorithms);
 
 	free(hkalgs);
@@ -285,13 +283,7 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port,
 	ssh->kex->verify_host_key=&verify_host_key_callback;
 
 	ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &ssh->kex->done);
-
-	/* remove ext-info from the KEX proposals for rekeying */
-	free(myproposal[PROPOSAL_KEX_ALGS]);
-	myproposal[PROPOSAL_KEX_ALGS] =
-	    compat_kex_proposal(ssh, options.kex_algorithms);
-	if ((r = kex_prop2buf(ssh->kex->my, myproposal)) != 0)
-		fatal_r(r, "kex_prop2buf");
+	kex_proposal_free_entries(myproposal);
 
 #ifdef DEBUG_KEXDH
 	/* send 1st encrypted/maced/compressed message */
@@ -301,7 +293,6 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port,
 	    (r = ssh_packet_write_wait(ssh)) != 0)
 		fatal_fr(r, "send packet");
 #endif
-	kex_proposal_free_entries(myproposal);
 }
 
 /*

sshd.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.601 2023/12/18 14:45:49 djm Exp $ */
+/* $OpenBSD: sshd.c,v 1.602 2024/01/08 00:34:34 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2935,6 +2935,7 @@ do_ssh2_kex(struct ssh *ssh)
 	kex->sign = sshd_hostkey_sign;
 
 	ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &kex->done);
+	kex_proposal_free_entries(myproposal);
 
 #ifdef DEBUG_KEXDH
 	/* send 1st encrypted/maced/compressed message */
@@ -2944,7 +2945,6 @@ do_ssh2_kex(struct ssh *ssh)
 	    (r = ssh_packet_write_wait(ssh)) != 0)
 		fatal_fr(r, "send test");
 #endif
-	kex_proposal_free_entries(myproposal);
 	debug("KEX done");
 }
 

sshkey.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.140 2023/10/16 08:40:00 dtucker Exp $ */
+/* $OpenBSD: sshkey.c,v 1.141 2023/12/20 00:06:25 jsg Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -1936,7 +1936,7 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp,
 		goto out;
 	}
 	if (sshkey_type_is_cert(type)) {
-		/* Skip nonce that preceeds all certificates */
+		/* Skip nonce that precedes all certificates */
 		if (sshbuf_get_string_direct(b, NULL, NULL) != 0) {
 			ret = SSH_ERR_INVALID_FORMAT;
 			goto out;

xmss_hash.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: xmss_hash.c,v 1.3 2022/04/20 16:00:25 millert Exp $ */
+/* $OpenBSD: xmss_hash.c,v 1.4 2023/12/20 00:06:25 jsg Exp $ */
 /*
 hash.c version 20160722
 Andreas Hülsing
@@ -74,7 +74,7 @@ int prf(unsigned char *out, const unsigned char *in, const unsigned char *key, u
 }
 
 /*
- * Implemts H_msg
+ * Implements H_msg
  */
 int h_msg(unsigned char *out, const unsigned char *in, unsigned long long inlen, const unsigned char *key, const unsigned int keylen, const unsigned int n)
 {