fbsd11 & sshv1
Dag-Erling Smørgrav
des at des.no
Wed Feb 1 10:16:02 UTC 2017
heasley <heas at shrubbery.net> writes:
> Dag-Erling Smørgrav <des at des.no> writes:
> > You know what would be even sadder? If the OpenSSH developers had
> > to continue to devote significant resources to maintaining a rat's
> > nest of legacy code [...]
> I was not suggesting that openssl maintain their apparently messy
> code; they're maintaining it already, for whatever the remaining
> period is.
The legacy code I'm referring to is code they inherited from Tatu Ylönen
and have worked diligently to improve over the last 15 years. But SSH1
is a shitty protocol and too different from SSH2 to be easily integrated
into a single framework. There really isn't much point in expending any
more effort on it.
> i'm suggesting a port with a v1 client; that is built with all the other
> binary ports for abi changes and whatever else is reasonable. yes, i
> can build my own, but i feel it should be a port.
You mean like net/tcpdump398, which was forked from net/tcpdump because
some people liked its output format better than that of tcpdump 4, and
then forgotten, and is known to have dozens of security vulnerabilities?
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-security
mailing list