From owner-freebsd-stable Sun Jul 2 16:39:16 2000 Delivered-To: freebsd-stable@freebsd.org Received: from ns.itga.com.au (ns.itga.com.au [202.53.40.210]) by hub.freebsd.org (Postfix) with ESMTP id 4720937B606; Sun, 2 Jul 2000 16:39:04 -0700 (PDT) (envelope-from gnb@itga.com.au) Received: from lightning.itga.com.au (lightning.itga.com.au [192.168.71.20]) by ns.itga.com.au (8.9.3/8.9.3) with ESMTP id JAA23715; Mon, 3 Jul 2000 09:38:54 +1000 (EST) (envelope-from gnb@itga.com.au) Received: from itga.com.au (lightning.itga.com.au [192.168.71.20]) by lightning.itga.com.au (8.9.3/8.9.3) with ESMTP id JAA17922; Mon, 3 Jul 2000 09:38:50 +1000 (EST) Message-Id: <200007022338.JAA17922@lightning.itga.com.au> X-Mailer: exmh version 2.0.1 12/23/97 From: Gregory Bond To: John Hay Cc: stable@FreeBSD.ORG, green@FreeBSD.ORG Subject: Re: International Crypto/ssh broked yet again by deletion of rsa_eay.c,v In-reply-to: Your message of Sat, 30 Jun 2000 11:42:22 +0200. Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 03 Jul 2000 09:38:50 +1000 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG >Just add src-crypto-rsa to your cvsup file. Look in >/usr/src/share/examples/cvsup/secure* to see how. I'm already using cvs-all and cvs-crypto (via update.sh from the cvsup-mirror port). The problem is that sometime between CVSup update begins at 2000-06-26 07:44:17 UTC and CVSup update begins at 2000-06-29 06:43:09 UTC someone repo-deleted rsa_eay.c (not cvs deleted, not moved into Attic, but deleted the whole ,v file). Presumably, this was part of the following commit to ssh.c: ------ revision 1.8 date: 2000/06/27 21:17:25; author: green; state: Exp; lines: +4 -1 MFF: So /this/ is what has made OpenSSH's SSHv2 support never work right! In some cases, limits did not get set to the proper class, but instead always to "default", because not all passwd copies were done to completion. ---------------------------- But secure/lib/Makefile still uses rsa_eay.c (the existence of which triggers the compilation and installation of librsaINTL). This deletion causes librsaINTL to be silently ignored, hence new installations in non-US locations cannot get working SSH and other crypto. Existing installations with existing librsaINTL libraries will probably continue to work for a time, until the library code changes. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message