On Fri, Oct 31, 2014 at 03:03:11AM +0100, Mike Burns wrote:
> It is my understanding of the code that ssh(1) no longer supports
> DNSSEC. I say this because it calls getrrsetbyname(3) to check the
> secure flag, which calls into the ASR machine. In asr.c, the `pass0'
> function only parses two opti
It is my understanding of the code that ssh(1) no longer supports
DNSSEC. I say this because it calls getrrsetbyname(3) to check the
secure flag, which calls into the ASR machine. In asr.c, the `pass0'
function only parses two options, "tcp" and "ndots:", ignoring "edns0".
Indeed, the asr_run(3) ma