Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 01 Mar 2013 22:06:11 -0500
From:      Mike Tancsa <mike@sentex.net>
To:        =?UTF-8?B?RGFnLUVybGluZyBTbcO4cmdyYXY=?= <des@des.no>
Cc:        stable@freebsd.org, svn-src-stable-9@freebsd.org
Subject:   Re: svn commit: r247485 - in stable/9: crypto/openssh crypto/openssh/openbsd-compat secure/lib/libssh secure/usr.sbin/sshd
Message-ID:  <51316CA3.8000301@sentex.net>
In-Reply-To: <8638wesvu1.fsf@ds4.des.no>
References:  <201302281843.r1SIhoaq004371@svn.freebsd.org> <5130D8E0.3020605@sentex.net> <5130E9F1.6050308@sentex.net> <867glqsy4q.fsf@ds4.des.no> <513108C4.10501@sentex.net> <8638wesvu1.fsf@ds4.des.no>

next in thread | previous in thread | raw e-mail | index | archive | help
On 3/1/2013 3:34 PM, Dag-Erling Smørgrav wrote:
> Mike Tancsa <mike@sentex.net> writes:
>> Dag-Erling Smørgrav <des@des.no> writes:
>>> Are you sure this was due to the OpenSSH update, and not the OpenSSL
>>> update a few days ago?  Can you try to roll back to r247484?
>> I didnt think openssl got updated on RELENG_9 ?
> 
> Ah, you're right.  There is an OpenSSL commit immediately before my
> OpenSSH commit in src/secure, but it's from last July :)
> 
> Can you try to connect against each version in turn while running
> tcpdump or wireshark and show me the pre-kex handshake and proposal
> exchange (basically, everything that's transmitted in cleartext) in both
> cases?

The pcaps and basic wireshark output at

http://tancsa.com/openssh/

	---Mike




-- 
-------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike@sentex.net
Providing Internet services since 1994 www.sentex.net
Cambridge, Ontario Canada   http://www.tancsa.com/



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?51316CA3.8000301>