Bug 1317 - ssh uses obsolete SIG RRtype
Summary: ssh uses obsolete SIG RRtype
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh (show other bugs)
Version: -current
Hardware: Other Linux
: P2 normal
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks: V_4_8
  Show dependency treegraph
 
Reported: 2007-05-23 00:07 AEST by Simon Vallet
Modified: 2008-03-31 15:20 AEDT (History)
1 user (show)

See Also:

Attachments
Patch against CVS (1.34 KB, patch)
2007-05-23 00:07 AEST, Simon Vallet 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Simon Vallet 2007-05-23 00:07:53 AEST 
Created attachment 1296 [details]
Patch against CVS

ssh uses an obsolete RRtype to check for signatures on SSHFP records : SIG (RRtype 24) is obsolete for RR signature records since RFC 3755 (see ยง3 there). The minimal patch below fixes the problem by using RRSIG (RRtype 46) instead.
Comment 1 Damien Miller 2007-10-26 16:27:41 AEST 
fixed as part of a sync from OpenBSD's getrrsetbyname implementation, which recently picked up a similar change. openssh-4.8 will include this.
Comment 2 Damien Miller 2008-03-31 15:20:39 AEDT 
Fix shipped in 4.9/4.9p1 release.