A tentative macports/macports-ports PR #3835 to update OpenSSH to version 7.9p1 has been submitted to help move forward Chih-Hsuan Yen’s PR #3822 to update OpenSSL to version 1.1.1b. Per discussion on MacPorts Trac <https://trac.macports.org/ticket/56216>, patches to update both gsskex and hpn variants have been added to the PR.
I’m interested in opinions on (at least) temporarily dropping macOS keychain integration as part of the gsskex (GSS-API authentication extension) variant. The macOS keychain patch needs to be updated to OpenSSH 1.1 APIs. It appears to be relatively straight forward - I got part way through the update before running out time. So the question is: would anyone oppose OpenSSH's gsskex variant being updated in stages in order to fast forward the OpenSSL 1.1 update? -AM
smime.p7s
Description: S/MIME cryptographic signature
