From owner-svn-src-stable-9@FreeBSD.ORG  Fri Mar  1 20:34:32 2013
Return-Path: <owner-svn-src-stable-9@FreeBSD.ORG>
Delivered-To: svn-src-stable-9@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id 5C13648F;
 Fri,  1 Mar 2013 20:34:32 +0000 (UTC) (envelope-from des@des.no)
Received: from smtp.des.no (smtp.des.no [194.63.250.102])
 by mx1.freebsd.org (Postfix) with ESMTP id 1FB371674;
 Fri,  1 Mar 2013 20:34:31 +0000 (UTC)
Received: from ds4.des.no (smtp.des.no [194.63.250.102])
 by smtp-int.des.no (Postfix) with ESMTP id 2FAFFAA3A;
 Fri,  1 Mar 2013 20:34:31 +0000 (UTC)
Received: by ds4.des.no (Postfix, from userid 1001)
 id 00ACD9D07; Fri,  1 Mar 2013 21:34:30 +0100 (CET)
From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
To: Mike Tancsa <mike@sentex.net>
Subject: Re: svn commit: r247485 - in stable/9: crypto/openssh
 crypto/openssh/openbsd-compat secure/lib/libssh secure/usr.sbin/sshd
References: <201302281843.r1SIhoaq004371@svn.freebsd.org>
 <5130D8E0.3020605@sentex.net> <5130E9F1.6050308@sentex.net>
 <867glqsy4q.fsf@ds4.des.no> <513108C4.10501@sentex.net>
Date: Fri, 01 Mar 2013 21:34:30 +0100
In-Reply-To: <513108C4.10501@sentex.net> (Mike Tancsa's message of "Fri, 01
 Mar 2013 15:00:04 -0500")
Message-ID: <8638wesvu1.fsf@ds4.des.no>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.2 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Cc: stable@freebsd.org, svn-src-stable-9@freebsd.org
X-BeenThere: svn-src-stable-9@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: SVN commit messages for only the 9-stable src tree
 <svn-src-stable-9.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-stable-9>, 
 <mailto:svn-src-stable-9-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-stable-9>
List-Post: <mailto:svn-src-stable-9@freebsd.org>
List-Help: <mailto:svn-src-stable-9-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-stable-9>, 
 <mailto:svn-src-stable-9-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Mar 2013 20:34:32 -0000

Mike Tancsa <mike@sentex.net> writes:
> Dag-Erling Sm=C3=B8rgrav <des@des.no> writes:
> > Are you sure this was due to the OpenSSH update, and not the OpenSSL
> > update a few days ago?  Can you try to roll back to r247484?
> I didnt think openssl got updated on RELENG_9 ?

Ah, you're right.  There is an OpenSSL commit immediately before my
OpenSSH commit in src/secure, but it's from last July :)

Can you try to connect against each version in turn while running
tcpdump or wireshark and show me the pre-kex handshake and proposal
exchange (basically, everything that's transmitted in cleartext) in both
cases?

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no