On 11/10/15 5:42 PM, Dag-Erling Smørgrav wrote:
Some of you may have noticed that OpenSSH in base is lagging far behind
the upstream code.
The main reason for this is the burden of maintaining the HPN patches.
They are extensive, very intrusive, and touch parts of the OpenSSH code
that change significantly in every release. Since they are not
regularly updated, I have to choose between trying to resolve the
conflicts myself (hoping I don't break anything) or waiting for them to
catch up and then figuring out how to apply the new version.
Therefore, I would like to remove the HPN patches from base and refer
anyone who really needs them to the openssh-portable port, which has
them as a default option. I would also like to remove the NONE cipher
patch, which is also available in the port (off by default, just like in
base).
DES
The inclusion of the HPN patches meant that we could drop a custom
unsupported HPN enabled ssh from our build process.
It makes ssh actually usable.
Without it we need to keep integrating HPN ever time ssh is upgraded.
We were SO HAPPY when it came in by default.
_______________________________________________
freebsd-security@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
