Date: Fri, 01 Mar 2013 22:06:11 -0500 From: Mike Tancsa <mike@sentex.net> To: =?UTF-8?B?RGFnLUVybGluZyBTbcO4cmdyYXY=?= <des@des.no> Cc: stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: Re: svn commit: r247485 - in stable/9: crypto/openssh crypto/openssh/openbsd-compat secure/lib/libssh secure/usr.sbin/sshd Message-ID: <51316CA3.8000301@sentex.net> In-Reply-To: <8638wesvu1.fsf@ds4.des.no> References: <201302281843.r1SIhoaq004371@svn.freebsd.org> <5130D8E0.3020605@sentex.net> <5130E9F1.6050308@sentex.net> <867glqsy4q.fsf@ds4.des.no> <513108C4.10501@sentex.net> <8638wesvu1.fsf@ds4.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On 3/1/2013 3:34 PM, Dag-Erling Smørgrav wrote: > Mike Tancsa <mike@sentex.net> writes: >> Dag-Erling Smørgrav <des@des.no> writes: >>> Are you sure this was due to the OpenSSH update, and not the OpenSSL >>> update a few days ago? Can you try to roll back to r247484? >> I didnt think openssl got updated on RELENG_9 ? > > Ah, you're right. There is an OpenSSL commit immediately before my > OpenSSH commit in src/secure, but it's from last July :) > > Can you try to connect against each version in turn while running > tcpdump or wireshark and show me the pre-kex handshake and proposal > exchange (basically, everything that's transmitted in cleartext) in both > cases? The pcaps and basic wireshark output at http://tancsa.com/openssh/ ---Mike -- ------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?51316CA3.8000301>