bugzilla-daemon at bugzilla.mindrot.org
2017-Apr-08 03:51 UTC
[Bug 2708] New: openssh: 7.5p1 update breaks ldns/sshfp
https://bugzilla.mindrot.org/show_bug.cgi?id=2708 Bug ID: 2708 Summary: openssh: 7.5p1 update breaks ldns/sshfp Product: Portable OpenSSH Version: 7.5p1 Hardware: Other OS: FreeBSD Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: mindrot10 at xse.com Created attachment 2974 --> https://bugzilla.mindrot.org/attachment.cgi?id=2974&action=edit patch I'm building the FreeBSD security/openssh-portable port and have found that upgrading from 7.4p1 to 7.5p1 breaks sshfp: debug1: found 8 insecure fingerprints in DNS debug1: matching host key fingerprint found in DNS When configure is given --with-ldns config.h ends up with: /* #undef HAVE_LDNS */ I believe this is because ldns=yes is missing from the new ldns-config logic in configure.ac. The attached patch fixes this issue for me. FreeBSD zinc.ee.lbl.gov 10.3-RELEASE-p17 FreeBSD 10.3-RELEASE-p17 #17 r26: Thu Feb 23 10:08:13 PST 2017 leres at zinc.ee.lbl.gov:/usr/src/sys/amd64/compile/LBL amd64 -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2017-Apr-28 03:44 UTC
[Bug 2708] openssh: 7.5p1 update breaks ldns/sshfp
https://bugzilla.mindrot.org/show_bug.cgi?id=2708 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org Status|NEW |RESOLVED Resolution|--- |DUPLICATE --- Comment #1 from Damien Miller <djm at mindrot.org> --- *** This bug has been marked as a duplicate of bug 2697 *** -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2021-Apr-23 04:59 UTC
[Bug 2708] openssh: 7.5p1 update breaks ldns/sshfp
https://bugzilla.mindrot.org/show_bug.cgi?id=2708 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #2 from Damien Miller <djm at mindrot.org> --- closing resolved bugs as of 8.6p1 release -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
Reasonably Related Threads
- [PATCH] Add support for ldns
- [Bug 2697] New: Portable OpenSSH 7.5 can't build with ldns using ldns-config
- [Bug 2022] New: ssh segfaults when using ldns, SSHFP, a DNSSEC-enabled resolver and a CNAME
- sshfp/ldns still having issues in 7.6
- sshfp/ldns still having issues in 7.6