Date: Wed, 01 Feb 2017 11:15:10 +0100 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: heasley <heas@shrubbery.net> Cc: freebsd-security@freebsd.org Subject: Re: fbsd11 & sshv1 Message-ID: <86y3xqdxox.fsf@desk.des.no> In-Reply-To: <20170131201722.GH11924@shrubbery.net> (heasley's message of "Tue, 31 Jan 2017 20:17:22 %2B0000") References: <20170127173016.GF12175@shrubbery.net> <867f5c66yr.fsf@desk.des.no> <20170130195226.GD73060@shrubbery.net> <867f5bfmde.fsf@desk.des.no> <20170131201722.GH11924@shrubbery.net>
next in thread | previous in thread | raw e-mail | index | archive | help
heasley <heas@shrubbery.net> writes: > Dag-Erling Sm=C3=B8rgrav <des@des.no> writes: > > You know what would be even sadder? If the OpenSSH developers had > > to continue to devote significant resources to maintaining a rat's > > nest of legacy code [...] > I was not suggesting that openssl maintain their apparently messy > code; they're maintaining it already, for whatever the remaining > period is. The legacy code I'm referring to is code they inherited from Tatu Yl=C3=B6n= en and have worked diligently to improve over the last 15 years. But SSH1 is a shitty protocol and too different from SSH2 to be easily integrated into a single framework. There really isn't much point in expending any more effort on it. > i'm suggesting a port with a v1 client; that is built with all the other > binary ports for abi changes and whatever else is reasonable. yes, i > can build my own, but i feel it should be a port. You mean like net/tcpdump398, which was forked from net/tcpdump because some people liked its output format better than that of tcpdump 4, and then forgotten, and is known to have dozens of security vulnerabilities? DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86y3xqdxox.fsf>