New upstream release (7.8p1)

Closes: #907534
author: Colin Watson <cjwatson@debian.org> 2018-08-24 12:49:36 +0100
committer: Colin Watson <cjwatson@debian.org> 2018-08-30 00:57:27 +0100
commit: 816386e17654ca36834bebbf351419e460fad8f6 (patch)
tree: 3dc79d831cb73bc25b92f5a4d18f8e328c0c570a /debian/patches/gssapi.patch
parent: 3e6f76c7039d3df22b1d0a3a5f30150efb09b69d (diff)
parent: 16a47fc4b04977a14f44dd433c8da1499fa80671 (diff)
1 files changed, 293 insertions, 272 deletions
diff --git a/debian/patches/gssapi.patch b/debian/patches/gssapi.patch
index d47b0a796..25edd5cbe 100644
--- a/debian/patches/gssapi.patch
+++ b/debian/patches/gssapi.patch
@@ -1,4 +1,4 @@
-From cb427e23bf78d65407c78d868c4ef525dbfaa68f Mon Sep 17 00:00:00 2001
+From e6c7c11ac2576ac62334616bd4408bf64140bba7 Mon Sep 17 00:00:00 2001
 From: Simon Wilkinson <simon@sxw.org.uk>
 Date: Sun, 9 Feb 2014 16:09:48 +0000
 Subject: GSSAPI key exchange support
@@ -17,7 +17,7 @@ have it merged into the main openssh package rather than having separate
 security history.
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242
-Last-Updated: 2017-10-04
+Last-Updated: 2018-08-24
 Patch-Name: gssapi.patch
 ---
@@ -25,23 +25,23 @@ Patch-Name: gssapi.patch
 Makefile.in      |   3 +-
 auth-krb5.c      |  17 ++-
 auth.c           |  96 +-------------
- auth2-gss.c      |  49 ++++++-
+ auth2-gss.c      |  54 +++++++-
 auth2.c          |   2 +
 canohost.c       |  93 +++++++++++++
 canohost.h       |   3 +
 clientloop.c     |  15 ++-
 config.h.in      |   6 +
 configure.ac     |  24 ++++
- gss-genr.c       | 275 +++++++++++++++++++++++++++++++++++++-
+ gss-genr.c       | 277 +++++++++++++++++++++++++++++++++++++-
 gss-serv-krb5.c  |  85 +++++++++++-
 gss-serv.c       | 184 ++++++++++++++++++++++++--
 kex.c            |  19 +++
 kex.h            |  14 ++
 kexgssc.c        | 338 +++++++++++++++++++++++++++++++++++++++++++++++
 kexgsss.c        | 295 +++++++++++++++++++++++++++++++++++++++++
- monitor.c        | 115 ++++++++++++++--
+ monitor.c        | 122 +++++++++++++++--
 monitor.h        |   3 +
- monitor_wrap.c   |  47 ++++++-
+ monitor_wrap.c   |  53 +++++++-
 monitor_wrap.h   |   4 +-
 readconf.c       |  43 ++++++
 readconf.h       |   5 +
@@ -50,13 +50,13 @@ Patch-Name: gssapi.patch
 ssh-gss.h        |  41 +++++-
 ssh_config       |   2 +
 ssh_config.5     |  32 +++++
- sshconnect2.c    | 131 +++++++++++++++++-
+ sshconnect2.c    | 133 ++++++++++++++++++-
 sshd.c           | 112 +++++++++++++++-
 sshd_config      |   2 +
 sshd_config.5    |  10 ++
 sshkey.c         |   3 +-
 sshkey.h         |   1 +
- 35 files changed, 2063 insertions(+), 147 deletions(-)
+ 35 files changed, 2087 insertions(+), 145 deletions(-)
 create mode 100644 ChangeLog.gssapi
 create mode 100644 kexgssc.c
 create mode 100644 kexgsss.c
@@ -181,7 +181,7 @@ index 000000000..f117a336a
 +    (from jbasney AT ncsa.uiuc.edu)
 +    <gssapi-with-mic support is Bugzilla #1008>
 diff --git a/Makefile.in b/Makefile.in
-index 04e1c8e53..6f3f042b1 100644
+index 2385c62a8..6175c6063 100644
 --- a/Makefile.in
 +++ b/Makefile.in
 @@ -100,6 +100,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
@@ -193,7 +193,7 @@ index 04e1c8e53..6f3f042b1 100644
 
 SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
 @@ -113,7 +114,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \
-        auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \
+        auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \
        auth2-none.o auth2-passwd.o auth2-pubkey.o \
        monitor.o monitor_wrap.o auth-krb5.o \
 -       auth2-gss.o gss-serv.o gss-serv-krb5.o \
@@ -202,7 +202,7 @@ index 04e1c8e53..6f3f042b1 100644
        sftp-server.o sftp-common.o \
        sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \
 diff --git a/auth-krb5.c b/auth-krb5.c
-index a5a81ed2e..38e7fee21 100644
+index 3096f1c8e..204752e1b 100644
 --- a/auth-krb5.c
 +++ b/auth-krb5.c
 @@ -182,8 +182,13 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
@@ -253,10 +253,10 @@ index a5a81ed2e..38e7fee21 100644
        return (krb5_cc_resolve(ctx, ccname, ccache));
 }
 diff --git a/auth.c b/auth.c
-index 63366768a..76d586e31 100644
+index 9a3bc96f1..80eb78c48 100644
 --- a/auth.c
 +++ b/auth.c
-@@ -396,7 +396,8 @@ auth_root_allowed(struct ssh *ssh, const char *method)
+@@ -395,7 +395,8 @@ auth_root_allowed(struct ssh *ssh, const char *method)
        case PERMIT_NO_PASSWD:
                if (strcmp(method, "publickey") == 0 ||
                    strcmp(method, "hostbased") == 0 ||
@@ -266,7 +266,7 @@ index 63366768a..76d586e31 100644
                        return 1;
                break;
        case PERMIT_FORCED_ONLY:
-@@ -728,99 +729,6 @@ fakepw(void)
+@@ -733,99 +734,6 @@ fakepw(void)
        return (&fake);
 }
 
@@ -367,11 +367,11 @@ index 63366768a..76d586e31 100644
  * Return the canonical name of the host in the other side of the current
  * connection.  The host name is cached, so it is efficient to call this
 diff --git a/auth2-gss.c b/auth2-gss.c
-index 589283b72..fd411d3a7 100644
+index 9351e0428..1f12bb113 100644
 --- a/auth2-gss.c
 +++ b/auth2-gss.c
 @@ -1,7 +1,7 @@
- /* $OpenBSD: auth2-gss.c,v 1.26 2017/06/24 06:34:38 djm Exp $ */
+ /* $OpenBSD: auth2-gss.c,v 1.29 2018/07/31 03:10:27 djm Exp $ */
 
 /*
 - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -379,7 +379,7 @@ index 589283b72..fd411d3a7 100644
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
-@@ -53,6 +53,41 @@ static int input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh);
+@@ -54,6 +54,46 @@ static int input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh);
 static int input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh);
 static int input_gssapi_errtok(int, u_int32_t, struct ssh *);
 
@@ -390,21 +390,26 @@ index 589283b72..fd411d3a7 100644
 +userauth_gsskeyex(struct ssh *ssh)
 +{
 +       Authctxt *authctxt = ssh->authctxt;
-+       int authenticated = 0;
+       int r, authenticated = 0;
-+       Buffer b;
+       struct sshbuf *b;
 +       gss_buffer_desc mic, gssbuf;
-+       u_int len;
+       u_char *p;
-+
+       size_t len;
-+       mic.value = packet_get_string(&len);
+
+       if ((r = sshpkt_get_string(ssh, &p, &len)) != 0 ||
+           (r = sshpkt_get_end(ssh)) != 0)
+               fatal("%s: %s", __func__, ssh_err(r));
+       if ((b = sshbuf_new()) == NULL)
+               fatal("%s: sshbuf_new failed", __func__);
+       mic.value = p;
 +       mic.length = len;
 +
-+       packet_check_eom();
+       ssh_gssapi_buildmic(b, authctxt->user, authctxt->service,
-+
-+       ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service,
 +           "gssapi-keyex");
 +
-+       gssbuf.value = buffer_ptr(&b);
+       if ((gssbuf.value = sshbuf_mutable_ptr(b)) == NULL)
-+       gssbuf.length = buffer_len(&b);
+               fatal("%s: sshbuf_mutable_ptr failed", __func__);
+       gssbuf.length = sshbuf_len(b);
 +
 +       /* gss_kex_context is NULL with privsep, so we can't check it here */
 +       if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, 
@@ -412,7 +417,7 @@ index 589283b72..fd411d3a7 100644
 +               authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
 +                   authctxt->pw));
 +       
-+       buffer_free(&b);
+       sshbuf_free(b);
 +       free(mic.value);
 +
 +       return (authenticated);
@@ -421,9 +426,9 @@ index 589283b72..fd411d3a7 100644
 /*
  * We only support those mechanisms that we know about (ie ones that we know
  * how to check local user kuserok and the like)
-@@ -240,7 +275,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh)
+@@ -260,7 +300,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, struct ssh *ssh)
- 
+        if ((r = sshpkt_get_end(ssh)) != 0)
-        packet_check_eom();
+                fatal("%s: %s", __func__, ssh_err(r));
 
 -       authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
 +       authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user,
@@ -431,8 +436,8 @@ index 589283b72..fd411d3a7 100644
 
        if ((!use_privsep || mm_is_monitor()) &&
            (displayname = ssh_gssapi_displayname()) != NULL)
-@@ -281,7 +317,8 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
+@@ -306,7 +347,8 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
-        gssbuf.length = buffer_len(&b);
+        gssbuf.length = sshbuf_len(b);
 
        if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
 -               authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user));
@@ -441,7 +446,7 @@ index 589283b72..fd411d3a7 100644
        else
                logit("GSSAPI MIC check failed");
 
-@@ -301,6 +338,12 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
+@@ -326,6 +368,12 @@ input_gssapi_mic(int type, u_int32_t plen, struct ssh *ssh)
        return 0;
 }
 
@@ -455,10 +460,10 @@ index 589283b72..fd411d3a7 100644
        "gssapi-with-mic",
        userauth_gssapi,
 diff --git a/auth2.c b/auth2.c
-index e0034229a..c34f58c45 100644
+index ab8795895..96efe164c 100644
 --- a/auth2.c
 +++ b/auth2.c
-@@ -72,6 +72,7 @@ extern Authmethod method_passwd;
+@@ -74,6 +74,7 @@ extern Authmethod method_passwd;
 extern Authmethod method_kbdint;
 extern Authmethod method_hostbased;
 #ifdef GSSAPI
@@ -466,7 +471,7 @@ index e0034229a..c34f58c45 100644
 extern Authmethod method_gssapi;
 #endif
 
-@@ -79,6 +80,7 @@ Authmethod *authmethods[] = {
+@@ -81,6 +82,7 @@ Authmethod *authmethods[] = {
        &method_none,
        &method_pubkey,
 #ifdef GSSAPI
@@ -593,7 +598,7 @@ index 26d62855a..0cadc9f18 100644
 int             get_peer_port(int);
 char           *get_local_ipaddr(int);
 diff --git a/clientloop.c b/clientloop.c
-index 7bcf22e38..ef803e985 100644
+index ad35cb7ba..e69c5141f 100644
 --- a/clientloop.c
 +++ b/clientloop.c
 @@ -112,6 +112,10 @@
@@ -607,7 +612,7 @@ index 7bcf22e38..ef803e985 100644
 /* import options */
 extern Options options;
 
-@@ -1335,9 +1339,18 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
+@@ -1357,9 +1361,18 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
                        break;
 
                /* Do channel operations unless rekeying in progress. */
@@ -628,10 +633,10 @@ index 7bcf22e38..ef803e985 100644
                client_process_net_input(readset);
 
 diff --git a/config.h.in b/config.h.in
-index 572087407..4c9545c78 100644
+index 7940b4c86..93295da07 100644
 --- a/config.h.in
 +++ b/config.h.in
-@@ -1746,6 +1746,9 @@
+@@ -1749,6 +1749,9 @@
 /* Use btmp to log bad logins */
 #undef USE_BTMP
 
@@ -641,7 +646,7 @@ index 572087407..4c9545c78 100644
 /* Use libedit for sftp */
 #undef USE_LIBEDIT
 
-@@ -1761,6 +1764,9 @@
+@@ -1764,6 +1767,9 @@
 /* Use PIPES instead of a socketpair() */
 #undef USE_PIPES
 
@@ -652,10 +657,10 @@ index 572087407..4c9545c78 100644
 #undef USE_SOLARIS_PRIVS
 
 diff --git a/configure.ac b/configure.ac
-index 663062bef..1cd5eab6c 100644
+index 83e530750..82428b241 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -664,6 +664,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
+@@ -673,6 +673,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
            [Use tunnel device compatibility to OpenBSD])
        AC_DEFINE([SSH_TUN_PREPEND_AF], [1],
            [Prepend the address family to IP tunnel traffic])
@@ -687,11 +692,11 @@ index 663062bef..1cd5eab6c 100644
        AC_CHECK_DECL([AU_IPv4], [],
            AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records])
 diff --git a/gss-genr.c b/gss-genr.c
-index 62559ed9e..0b3ae073c 100644
+index d56257b4a..285fc29a5 100644
 --- a/gss-genr.c
 +++ b/gss-genr.c
 @@ -1,7 +1,7 @@
- /* $OpenBSD: gss-genr.c,v 1.24 2016/09/12 01:22:38 deraadt Exp $ */
+ /* $OpenBSD: gss-genr.c,v 1.26 2018/07/10 09:13:30 djm Exp $ */
 
 /*
 - * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
@@ -699,12 +704,11 @@ index 62559ed9e..0b3ae073c 100644
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
-@@ -40,12 +40,167 @@
+@@ -41,12 +41,34 @@
- #include "buffer.h"
+ #include "sshbuf.h"
 #include "log.h"
 #include "ssh2.h"
 +#include "cipher.h"
-+#include "key.h"
 +#include "kex.h"
 +#include <openssl/evp.h>
 
@@ -732,6 +736,13 @@ index 62559ed9e..0b3ae073c 100644
 +       return (gss_enc2oid != NULL);
 +}
 +
+ /* sshbuf_get for gss_buffer_desc */
+ int
+ ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g)
+@@ -62,6 +84,141 @@ ssh_gssapi_get_buffer_desc(struct sshbuf *b, gss_buffer_desc *g)
+        return 0;
+ }
+ 
 +/*
 + * Return a list of the gss-group1-sha1 mechanisms supported by this program
 + *
@@ -754,9 +765,9 @@ index 62559ed9e..0b3ae073c 100644
 +char *
 +ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
 +    const char *host, const char *client) {
-+       Buffer buf;
+       struct sshbuf *buf;
 +       size_t i;
-+       int oidpos, enclen;
+       int r, oidpos, enclen;
 +       char *mechs, *encoded;
 +       u_char digest[EVP_MAX_MD_SIZE];
 +       char deroid[2];
@@ -772,7 +783,8 @@ index 62559ed9e..0b3ae073c 100644
 +       gss_enc2oid = xmalloc(sizeof(ssh_gss_kex_mapping) *
 +           (gss_supported->count + 1));
 +
-+       buffer_init(&buf);
+       if ((buf = sshbuf_new()) == NULL)
+               fatal("%s: sshbuf_new failed", __func__);
 +
 +       oidpos = 0;
 +       for (i = 0; i < gss_supported->count; i++) {
@@ -793,20 +805,25 @@ index 62559ed9e..0b3ae073c 100644
 +                       enclen = __b64_ntop(digest, EVP_MD_size(evp_md),
 +                           encoded, EVP_MD_size(evp_md) * 2);
 +
-+                       if (oidpos != 0)
+                       if (oidpos != 0) {
-+                               buffer_put_char(&buf, ',');
+                               if ((r = sshbuf_put_u8(buf, ',')) != 0)
-+
+                                       fatal("%s: buffer error: %s",
-+                       buffer_append(&buf, KEX_GSS_GEX_SHA1_ID,
+                                           __func__, ssh_err(r));
-+                           sizeof(KEX_GSS_GEX_SHA1_ID) - 1);
+                       }
-+                       buffer_append(&buf, encoded, enclen);
+
-+                       buffer_put_char(&buf, ',');
+                       if ((r = sshbuf_put(buf, KEX_GSS_GEX_SHA1_ID,
-+                       buffer_append(&buf, KEX_GSS_GRP1_SHA1_ID, 
+                           sizeof(KEX_GSS_GEX_SHA1_ID) - 1)) != 0 ||
-+                           sizeof(KEX_GSS_GRP1_SHA1_ID) - 1);
+                           (r = sshbuf_put(buf, encoded, enclen)) != 0 ||
-+                       buffer_append(&buf, encoded, enclen);
+                           (r = sshbuf_put_u8(buf, ',')) != 0 ||
-+                       buffer_put_char(&buf, ',');
+                           (r = sshbuf_put(buf, KEX_GSS_GRP1_SHA1_ID,
-+                       buffer_append(&buf, KEX_GSS_GRP14_SHA1_ID,
+                           sizeof(KEX_GSS_GRP1_SHA1_ID) - 1)) != 0 ||
-+                           sizeof(KEX_GSS_GRP14_SHA1_ID) - 1);
+                           (r = sshbuf_put(buf, encoded, enclen)) != 0 ||
-+                       buffer_append(&buf, encoded, enclen);
+                           (r = sshbuf_put_u8(buf, ',')) != 0 ||
+                           (r = sshbuf_put(buf, KEX_GSS_GRP14_SHA1_ID,
+                           sizeof(KEX_GSS_GRP14_SHA1_ID) - 1)) != 0 ||
+                           (r = sshbuf_put(buf, encoded, enclen)) != 0)
+                               fatal("%s: buffer error: %s",
+                                   __func__, ssh_err(r));
 +
 +                       gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]);
 +                       gss_enc2oid[oidpos].encoded = encoded;
@@ -816,11 +833,8 @@ index 62559ed9e..0b3ae073c 100644
 +       gss_enc2oid[oidpos].oid = NULL;
 +       gss_enc2oid[oidpos].encoded = NULL;
 +
-+       buffer_put_char(&buf, '\0');
+       if ((mechs = sshbuf_dup_string(buf)) == NULL)
-+
+               fatal("%s: sshbuf_dup_string failed", __func__);
-+       mechs = xmalloc(buffer_len(&buf));
-+       buffer_get(&buf, mechs, buffer_len(&buf));
-+       buffer_free(&buf);
 +
 +       if (strlen(mechs) == 0) {
 +               free(mechs);
@@ -867,7 +881,7 @@ index 62559ed9e..0b3ae073c 100644
 /* Check that the OID in a data stream matches that in the context */
 int
 ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len)
-@@ -198,7 +353,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok,
+@@ -218,7 +375,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok,
        }
 
        ctx->major = gss_init_sec_context(&ctx->minor,
@@ -876,7 +890,7 @@ index 62559ed9e..0b3ae073c 100644
            GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag,
            0, NULL, recv_tok, NULL, send_tok, flags, NULL);
 
-@@ -227,9 +382,43 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host)
+@@ -247,9 +404,43 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host)
        return (ctx->major);
 }
 
@@ -920,7 +934,7 @@ index 62559ed9e..0b3ae073c 100644
        if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context,
            GSS_C_QOP_DEFAULT, buffer, hash)))
                ssh_gssapi_error(ctx);
-@@ -237,6 +426,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
+@@ -257,6 +448,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
        return (ctx->major);
 }
 
@@ -938,9 +952,9 @@ index 62559ed9e..0b3ae073c 100644
 +}
 +
 void
- ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service,
+ ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service,
     const char *context)
-@@ -250,11 +452,16 @@ ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service,
+@@ -273,11 +477,16 @@ ssh_gssapi_buildmic(struct sshbuf *b, const char *user, const char *service,
 }
 
 int
@@ -958,7 +972,7 @@ index 62559ed9e..0b3ae073c 100644
 
        /* RFC 4462 says we MUST NOT do SPNEGO */
        if (oid->length == spnego_oid.length && 
-@@ -264,6 +471,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
+@@ -287,6 +496,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
        ssh_gssapi_build_ctx(ctx);
        ssh_gssapi_set_oid(*ctx, oid);
        major = ssh_gssapi_import_name(*ctx, host);
@@ -969,7 +983,7 @@ index 62559ed9e..0b3ae073c 100644
        if (!GSS_ERROR(major)) {
                major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, 
                    NULL);
-@@ -273,10 +484,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
+@@ -296,10 +509,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
                            GSS_C_NO_BUFFER);
        }
 
@@ -1038,11 +1052,11 @@ index 62559ed9e..0b3ae073c 100644
 +
 #endif /* GSSAPI */
 diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c
-index 795992d9f..fd8b37183 100644
+index a151bc1e4..90f8692f5 100644
 --- a/gss-serv-krb5.c
 +++ b/gss-serv-krb5.c
 @@ -1,7 +1,7 @@
- /* $OpenBSD: gss-serv-krb5.c,v 1.8 2013/07/20 01:55:13 djm Exp $ */
+ /* $OpenBSD: gss-serv-krb5.c,v 1.9 2018/07/09 21:37:55 markus Exp $ */
 
 /*
 - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -1050,7 +1064,7 @@ index 795992d9f..fd8b37183 100644
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
-@@ -121,8 +121,8 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
+@@ -120,8 +120,8 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
        krb5_error_code problem;
        krb5_principal princ;
        OM_uint32 maj_status, min_status;
@@ -1060,7 +1074,7 @@ index 795992d9f..fd8b37183 100644
 
        if (client->creds == NULL) {
                debug("No credentials stored");
-@@ -181,11 +181,16 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
+@@ -180,11 +180,16 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
                return;
        }
 
@@ -1081,7 +1095,7 @@ index 795992d9f..fd8b37183 100644
 
 #ifdef USE_PAM
        if (options.use_pam)
-@@ -197,6 +202,71 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
+@@ -196,6 +201,71 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
        return;
 }
 
@@ -1153,7 +1167,7 @@ index 795992d9f..fd8b37183 100644
 ssh_gssapi_mech gssapi_kerberos_mech = {
        "toWM5Slw5Ew8Mqkay+al2g==",
        "Kerberos",
-@@ -204,7 +274,8 @@ ssh_gssapi_mech gssapi_kerberos_mech = {
+@@ -203,7 +273,8 @@ ssh_gssapi_mech gssapi_kerberos_mech = {
        NULL,
        &ssh_gssapi_krb5_userok,
        NULL,
@@ -1164,11 +1178,11 @@ index 795992d9f..fd8b37183 100644
 
 #endif /* KRB5 */
 diff --git a/gss-serv.c b/gss-serv.c
-index 6cae720e5..967c6cfbc 100644
+index ab3a15f0f..6c087a1b1 100644
 --- a/gss-serv.c
 +++ b/gss-serv.c
 @@ -1,7 +1,7 @@
- /* $OpenBSD: gss-serv.c,v 1.30 2017/06/24 06:34:38 djm Exp $ */
+ /* $OpenBSD: gss-serv.c,v 1.31 2018/07/09 21:37:55 markus Exp $ */
 
 /*
 - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -1176,7 +1190,7 @@ index 6cae720e5..967c6cfbc 100644
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
-@@ -45,17 +45,22 @@
+@@ -44,17 +44,22 @@
 #include "session.h"
 #include "misc.h"
 #include "servconf.h"
@@ -1201,7 +1215,7 @@ index 6cae720e5..967c6cfbc 100644
 
 #ifdef KRB5
 extern ssh_gssapi_mech gssapi_kerberos_mech;
-@@ -141,6 +146,28 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
+@@ -140,6 +145,28 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
        return (ssh_gssapi_acquire_cred(*ctx));
 }
 
@@ -1230,7 +1244,7 @@ index 6cae720e5..967c6cfbc 100644
 /* Unprivileged */
 void
 ssh_gssapi_supported_oids(gss_OID_set *oidset)
-@@ -151,7 +178,9 @@ ssh_gssapi_supported_oids(gss_OID_set *oidset)
+@@ -150,7 +177,9 @@ ssh_gssapi_supported_oids(gss_OID_set *oidset)
        gss_OID_set supported;
 
        gss_create_empty_oid_set(&min_status, oidset);
@@ -1241,7 +1255,7 @@ index 6cae720e5..967c6cfbc 100644
 
        while (supported_mechs[i]->name != NULL) {
                if (GSS_ERROR(gss_test_oid_set_member(&min_status,
-@@ -277,8 +306,48 @@ OM_uint32
+@@ -276,8 +305,48 @@ OM_uint32
 ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
 {
        int i = 0;
@@ -1291,7 +1305,7 @@ index 6cae720e5..967c6cfbc 100644
 
        client->mech = NULL;
 
-@@ -293,6 +362,13 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
+@@ -292,6 +361,13 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
        if (client->mech == NULL)
                return GSS_S_FAILURE;
 
@@ -1305,7 +1319,7 @@ index 6cae720e5..967c6cfbc 100644
        if ((ctx->major = gss_display_name(&ctx->minor, ctx->client,
            &client->displayname, NULL))) {
                ssh_gssapi_error(ctx);
-@@ -310,6 +386,8 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
+@@ -309,6 +385,8 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
                return (ctx->major);
        }
 
@@ -1314,7 +1328,7 @@ index 6cae720e5..967c6cfbc 100644
        /* We can't copy this structure, so we just move the pointer to it */
        client->creds = ctx->client_creds;
        ctx->client_creds = GSS_C_NO_CREDENTIAL;
-@@ -357,7 +435,7 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep)
+@@ -356,7 +434,7 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep)
 
 /* Privileged */
 int
@@ -1323,7 +1337,7 @@ index 6cae720e5..967c6cfbc 100644
 {
        OM_uint32 lmin;
 
-@@ -367,9 +445,11 @@ ssh_gssapi_userok(char *user)
+@@ -366,9 +444,11 @@ ssh_gssapi_userok(char *user)
                return 0;
        }
        if (gssapi_client.mech && gssapi_client.mech->userok)
@@ -1337,7 +1351,7 @@ index 6cae720e5..967c6cfbc 100644
                        /* Destroy delegated credentials if userok fails */
                        gss_release_buffer(&lmin, &gssapi_client.displayname);
                        gss_release_buffer(&lmin, &gssapi_client.exportedname);
-@@ -383,14 +463,90 @@ ssh_gssapi_userok(char *user)
+@@ -382,14 +462,90 @@ ssh_gssapi_userok(char *user)
        return (0);
 }
 
@@ -1435,7 +1449,7 @@ index 6cae720e5..967c6cfbc 100644
 
 /* Privileged */
 diff --git a/kex.c b/kex.c
-index 15ea28b07..6cc2935fe 100644
+index 25f9f66f6..fb5bfaea5 100644
 --- a/kex.c
 +++ b/kex.c
 @@ -54,6 +54,10 @@
@@ -1475,7 +1489,7 @@ index 15ea28b07..6cc2935fe 100644
        return NULL;
 }
 
-@@ -599,6 +615,9 @@ kex_free(struct kex *kex)
+@@ -653,6 +669,9 @@ kex_free(struct kex *kex)
        sshbuf_free(kex->peer);
        sshbuf_free(kex->my);
        free(kex->session_id);
@@ -1486,10 +1500,10 @@ index 15ea28b07..6cc2935fe 100644
        free(kex->server_version_string);
        free(kex->failed_choice);
 diff --git a/kex.h b/kex.h
-index 01bb3986a..a708e4868 100644
+index 593de1208..4e5ead839 100644
 --- a/kex.h
 +++ b/kex.h
-@@ -99,6 +99,9 @@ enum kex_exchange {
+@@ -100,6 +100,9 @@ enum kex_exchange {
        KEX_DH_GEX_SHA256,
        KEX_ECDH_SHA2,
        KEX_C25519_SHA256,
@@ -1499,7 +1513,7 @@ index 01bb3986a..a708e4868 100644
        KEX_MAX
 };
 
-@@ -147,6 +150,12 @@ struct kex {
+@@ -148,6 +151,12 @@ struct kex {
        u_int   flags;
        int     hash_alg;
        int     ec_nid;
@@ -1512,7 +1526,7 @@ index 01bb3986a..a708e4868 100644
        char    *client_version_string;
        char    *server_version_string;
        char    *failed_choice;
-@@ -197,6 +206,11 @@ int         kexecdh_server(struct ssh *);
+@@ -198,6 +207,11 @@ int         kexecdh_server(struct ssh *);
 int     kexc25519_client(struct ssh *);
 int     kexc25519_server(struct ssh *);
 
@@ -1526,7 +1540,7 @@ index 01bb3986a..a708e4868 100644
     const BIGNUM *, const BIGNUM *, const BIGNUM *, u_char *, size_t *);
 diff --git a/kexgssc.c b/kexgssc.c
 new file mode 100644
-index 000000000..10447f2b0
+index 000000000..953c0a248
 --- /dev/null
 +++ b/kexgssc.c
 @@ -0,0 +1,338 @@
@@ -1566,9 +1580,9 @@ index 000000000..10447f2b0
 +#include <string.h>
 +
 +#include "xmalloc.h"
-+#include "buffer.h"
+#include "sshbuf.h"
 +#include "ssh2.h"
-+#include "key.h"
+#include "sshkey.h"
 +#include "cipher.h"
 +#include "kex.h"
 +#include "log.h"
@@ -1805,8 +1819,8 @@ index 000000000..10447f2b0
 +                   ssh->kex->hash_alg,
 +                   ssh->kex->client_version_string,
 +                   ssh->kex->server_version_string,
-+                   buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my),
+                   sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
-+                   buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer),
+                   sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
 +                   (serverhostkey ? serverhostkey : empty), slen,
 +                   dh->pub_key,        /* e */
 +                   dh_server_pub,      /* f */
@@ -1819,8 +1833,8 @@ index 000000000..10447f2b0
 +                   ssh->kex->hash_alg,
 +                   ssh->kex->client_version_string,
 +                   ssh->kex->server_version_string,
-+                   buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my),
+                   sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
-+                   buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer),
+                   sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
 +                   (serverhostkey ? serverhostkey : empty), slen,
 +                   min, nbits, max,
 +                   dh->p, dh->g,
@@ -1870,7 +1884,7 @@ index 000000000..10447f2b0
 +#endif /* GSSAPI */
 diff --git a/kexgsss.c b/kexgsss.c
 new file mode 100644
-index 000000000..38ca082ba
+index 000000000..31ec6a890
 --- /dev/null
 +++ b/kexgsss.c
 @@ -0,0 +1,295 @@
@@ -1908,9 +1922,9 @@ index 000000000..38ca082ba
 +#include <openssl/bn.h>
 +
 +#include "xmalloc.h"
-+#include "buffer.h"
+#include "sshbuf.h"
 +#include "ssh2.h"
-+#include "key.h"
+#include "sshkey.h"
 +#include "cipher.h"
 +#include "kex.h"
 +#include "log.h"
@@ -2096,8 +2110,8 @@ index 000000000..38ca082ba
 +               kex_dh_hash(
 +                   ssh->kex->hash_alg,
 +                   ssh->kex->client_version_string, ssh->kex->server_version_string,
-+                   buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer),
+                   sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
-+                   buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my),
+                   sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
 +                   NULL, 0, /* Change this if we start sending host keys */
 +                   dh_client_pub, dh->pub_key, shared_secret,
 +                   hash, &hashlen
@@ -2107,8 +2121,8 @@ index 000000000..38ca082ba
 +               kexgex_hash(
 +                   ssh->kex->hash_alg,
 +                   ssh->kex->client_version_string, ssh->kex->server_version_string,
-+                   buffer_ptr(ssh->kex->peer), buffer_len(ssh->kex->peer),
+                   sshbuf_ptr(ssh->kex->peer), sshbuf_len(ssh->kex->peer),
-+                   buffer_ptr(ssh->kex->my), buffer_len(ssh->kex->my),
+                   sshbuf_ptr(ssh->kex->my), sshbuf_len(ssh->kex->my),
 +                   NULL, 0,
 +                   min, nbits, max,
 +                   dh->p, dh->g,
@@ -2170,19 +2184,19 @@ index 000000000..38ca082ba
 +}
 +#endif /* GSSAPI */
 diff --git a/monitor.c b/monitor.c
-index c68e1b0d9..868fb0d2d 100644
+index d4b4b0471..4e574a2ae 100644
 --- a/monitor.c
 +++ b/monitor.c
-@@ -158,6 +158,8 @@ int mm_answer_gss_setup_ctx(int, Buffer *);
+@@ -143,6 +143,8 @@ int mm_answer_gss_setup_ctx(int, struct sshbuf *);
- int mm_answer_gss_accept_ctx(int, Buffer *);
+ int mm_answer_gss_accept_ctx(int, struct sshbuf *);
- int mm_answer_gss_userok(int, Buffer *);
+ int mm_answer_gss_userok(int, struct sshbuf *);
- int mm_answer_gss_checkmic(int, Buffer *);
+ int mm_answer_gss_checkmic(int, struct sshbuf *);
-+int mm_answer_gss_sign(int, Buffer *);
+int mm_answer_gss_sign(int, struct sshbuf *);
-+int mm_answer_gss_updatecreds(int, Buffer *);
+int mm_answer_gss_updatecreds(int, struct sshbuf *);
 #endif
 
 #ifdef SSH_AUDIT_EVENTS
-@@ -232,11 +234,18 @@ struct mon_table mon_dispatch_proto20[] = {
+@@ -213,11 +215,18 @@ struct mon_table mon_dispatch_proto20[] = {
     {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx},
     {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok},
     {MONITOR_REQ_GSSCHECKMIC, MON_ONCE, mm_answer_gss_checkmic},
@@ -2201,7 +2215,7 @@ index c68e1b0d9..868fb0d2d 100644
 #ifdef WITH_OPENSSL
     {MONITOR_REQ_MODULI, 0, mm_answer_moduli},
 #endif
-@@ -306,6 +315,10 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
+@@ -287,6 +296,10 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
        /* Permit requests for moduli and signatures */
        monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
        monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
@@ -2212,7 +2226,7 @@ index c68e1b0d9..868fb0d2d 100644
 
        /* The first few requests do not require asynchronous access */
        while (!authenticated) {
-@@ -415,6 +428,10 @@ monitor_child_postauth(struct monitor *pmonitor)
+@@ -399,6 +412,10 @@ monitor_child_postauth(struct monitor *pmonitor)
        monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
        monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
        monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
@@ -2223,7 +2237,7 @@ index c68e1b0d9..868fb0d2d 100644
 
        if (auth_opts->permit_pty_flag) {
                monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1);
-@@ -1652,6 +1669,13 @@ monitor_apply_keystate(struct monitor *pmonitor)
+@@ -1662,6 +1679,13 @@ monitor_apply_keystate(struct monitor *pmonitor)
 # endif
 #endif /* WITH_OPENSSL */
                kex->kex[KEX_C25519_SHA256] = kexc25519_server;
@@ -2237,29 +2251,29 @@ index c68e1b0d9..868fb0d2d 100644
                kex->load_host_public_key=&get_hostkey_public_by_type;
                kex->load_host_private_key=&get_hostkey_private_by_type;
                kex->host_key_index=&get_hostkey_index;
-@@ -1740,8 +1764,8 @@ mm_answer_gss_setup_ctx(int sock, Buffer *m)
+@@ -1752,8 +1776,8 @@ mm_answer_gss_setup_ctx(int sock, struct sshbuf *m)
-        OM_uint32 major;
+        u_char *p;
-        u_int len;
+        int r;
 
 -       if (!options.gss_authentication)
 -               fatal("%s: GSSAPI authentication not enabled", __func__);
 +       if (!options.gss_authentication && !options.gss_keyex)
 +               fatal("%s: GSSAPI not enabled", __func__);
 
-        goid.elements = buffer_get_string(m, &len);
+        if ((r = sshbuf_get_string(m, &p, &len)) != 0)
-        goid.length = len;
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
-@@ -1770,8 +1794,8 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m)
+@@ -1785,8 +1809,8 @@ mm_answer_gss_accept_ctx(int sock, struct sshbuf *m)
        OM_uint32 flags = 0; /* GSI needs this */
-        u_int len;
+        int r;
 
 -       if (!options.gss_authentication)
 -               fatal("%s: GSSAPI authentication not enabled", __func__);
 +       if (!options.gss_authentication && !options.gss_keyex)
 +               fatal("%s: GSSAPI not enabled", __func__);
 
-        in.value = buffer_get_string(m, &len);
+        if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0)
-        in.length = len;
+                fatal("%s: buffer error: %s", __func__, ssh_err(r));
-@@ -1790,6 +1814,7 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m)
+@@ -1806,6 +1830,7 @@ mm_answer_gss_accept_ctx(int sock, struct sshbuf *m)
                monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0);
                monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);
                monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1);
@@ -2267,19 +2281,19 @@ index c68e1b0d9..868fb0d2d 100644
        }
        return (0);
 }
-@@ -1801,8 +1826,8 @@ mm_answer_gss_checkmic(int sock, Buffer *m)
+@@ -1817,8 +1842,8 @@ mm_answer_gss_checkmic(int sock, struct sshbuf *m)
        OM_uint32 ret;
-        u_int len;
+        int r;
 
 -       if (!options.gss_authentication)
 -               fatal("%s: GSSAPI authentication not enabled", __func__);
 +       if (!options.gss_authentication && !options.gss_keyex)
 +               fatal("%s: GSSAPI not enabled", __func__);
 
-        gssbuf.value = buffer_get_string(m, &len);
+        if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 ||
-        gssbuf.length = len;
+            (r = ssh_gssapi_get_buffer_desc(m, &mic)) != 0)
-@@ -1831,10 +1856,11 @@ mm_answer_gss_userok(int sock, Buffer *m)
+@@ -1847,10 +1872,11 @@ mm_answer_gss_userok(int sock, struct sshbuf *m)
-        int authenticated;
+        int r, authenticated;
        const char *displayname;
 
 -       if (!options.gss_authentication)
@@ -2291,25 +2305,29 @@ index c68e1b0d9..868fb0d2d 100644
 +       authenticated = authctxt->valid && 
 +           ssh_gssapi_userok(authctxt->user, authctxt->pw);
 
-        buffer_clear(m);
+        sshbuf_reset(m);
-        buffer_put_int(m, authenticated);
+        if ((r = sshbuf_put_u32(m, authenticated)) != 0)
-@@ -1850,5 +1876,76 @@ mm_answer_gss_userok(int sock, Buffer *m)
+@@ -1867,5 +1893,83 @@ mm_answer_gss_userok(int sock, struct sshbuf *m)
        /* Monitor loop will terminate if authenticated */
        return (authenticated);
 }
 +
 +int 
-+mm_answer_gss_sign(int socket, Buffer *m)
+mm_answer_gss_sign(int socket, struct sshbuf *m)
 +{
 +       gss_buffer_desc data;
 +       gss_buffer_desc hash = GSS_C_EMPTY_BUFFER;
 +       OM_uint32 major, minor;
-+       u_int len;
+       size_t len;
+       u_char *p;
+       int r;
 +
 +       if (!options.gss_authentication && !options.gss_keyex)
 +               fatal("%s: GSSAPI not enabled", __func__);
 +
-+       data.value = buffer_get_string(m, &len);
+       if ((r = sshbuf_get_string(m, &p, &len)) != 0)
+               fatal("%s: buffer error: %s", __func__, ssh_err(r));
+       data.value = p;
 +       data.length = len;
 +       if (data.length != 20) 
 +               fatal("%s: data length incorrect: %d", __func__, 
@@ -2325,9 +2343,10 @@ index c68e1b0d9..868fb0d2d 100644
 +
 +       free(data.value);
 +
-+       buffer_clear(m);
+       sshbuf_reset(m);
-+       buffer_put_int(m, major);
+       if ((r = sshbuf_put_u32(m, major)) != 0 ||
-+       buffer_put_string(m, hash.value, hash.length);
+           (r = sshbuf_put_string(m, hash.value, hash.length)) != 0)
+               fatal("%s: buffer error: %s", __func__, ssh_err(r));
 +
 +       mm_request_send(socket, MONITOR_ANS_GSSSIGN, m);
 +
@@ -2343,16 +2362,17 @@ index c68e1b0d9..868fb0d2d 100644
 +}
 +
 +int
-+mm_answer_gss_updatecreds(int socket, Buffer *m) {
+mm_answer_gss_updatecreds(int socket, struct sshbuf *m) {
 +       ssh_gssapi_ccache store;
-+       int ok;
+       int r, ok;
 +
 +       if (!options.gss_authentication && !options.gss_keyex)
 +               fatal("%s: GSSAPI not enabled", __func__);
 +
-+       store.filename = buffer_get_string(m, NULL);
+       if ((r = sshbuf_get_cstring(m, &store.filename, NULL)) != 0 ||
-+       store.envvar   = buffer_get_string(m, NULL);
+           (r = sshbuf_get_cstring(m, &store.envvar, NULL)) != 0 ||
-+       store.envval   = buffer_get_string(m, NULL);
+           (r = sshbuf_get_cstring(m, &store.envval, NULL)) != 0)
+               fatal("%s: buffer error: %s", __func__, ssh_err(r));
 +
 +       ok = ssh_gssapi_update_creds(&store);
 +
@@ -2360,8 +2380,9 @@ index c68e1b0d9..868fb0d2d 100644
 +       free(store.envvar);
 +       free(store.envval);
 +
-+       buffer_clear(m);
+       sshbuf_reset(m);
-+       buffer_put_int(m, ok);
+       if ((r = sshbuf_put_u32(m, ok)) != 0)
+               fatal("%s: buffer error: %s", __func__, ssh_err(r));
 +
 +       mm_request_send(socket, MONITOR_ANS_GSSUPCREDS, m);
 +
@@ -2371,10 +2392,10 @@ index c68e1b0d9..868fb0d2d 100644
 #endif /* GSSAPI */
 
 diff --git a/monitor.h b/monitor.h
-index d68f67458..ec41404c7 100644
+index 16047299f..44fbed589 100644
 --- a/monitor.h
 +++ b/monitor.h
-@@ -65,6 +65,9 @@ enum monitor_reqtype {
+@@ -63,6 +63,9 @@ enum monitor_reqtype {
        MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111,
        MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113,
 
@@ -2385,19 +2406,19 @@ index d68f67458..ec41404c7 100644
 
 struct monitor {
 diff --git a/monitor_wrap.c b/monitor_wrap.c
-index 9666bda4b..e749efc18 100644
+index 732fb3476..1865a122a 100644
 --- a/monitor_wrap.c
 +++ b/monitor_wrap.c
-@@ -943,7 +943,7 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
+@@ -984,7 +984,7 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
 }
 
 int
 -mm_ssh_gssapi_userok(char *user)
 +mm_ssh_gssapi_userok(char *user, struct passwd *pw)
 {
-        Buffer m;
+        struct sshbuf *m;
-        int authenticated = 0;
+        int r, authenticated = 0;
-@@ -960,5 +960,50 @@ mm_ssh_gssapi_userok(char *user)
+@@ -1003,4 +1003,55 @@ mm_ssh_gssapi_userok(char *user)
        debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not ");
        return (authenticated);
 }
@@ -2405,21 +2426,23 @@ index 9666bda4b..e749efc18 100644
 +OM_uint32
 +mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash)
 +{
-+       Buffer m;
+       struct sshbuf *m;
 +       OM_uint32 major;
-+       u_int len;
+       int r;
 +
-+       buffer_init(&m);
+       if ((m = sshbuf_new()) == NULL)
-+       buffer_put_string(&m, data->value, data->length);
+               fatal("%s: sshbuf_new failed", __func__);
+       if ((r = sshbuf_put_string(m, data->value, data->length)) != 0)
+               fatal("%s: buffer error: %s", __func__, ssh_err(r));
 +
-+       mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSIGN, &m);
+       mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSIGN, m);
-+       mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSIGN, &m);
+       mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSIGN, m);
 +
-+       major = buffer_get_int(&m);
+       if ((r = sshbuf_get_u32(m, &major)) != 0 ||
-+       hash->value = buffer_get_string(&m, &len);
+           (r = ssh_gssapi_get_buffer_desc(m, hash)) != 0)
-+       hash->length = len;
+               fatal("%s: buffer error: %s", __func__, ssh_err(r));
 +
-+       buffer_free(&m);
+       sshbuf_free(m);
 +
 +       return(major);
 +}
@@ -2427,29 +2450,32 @@ index 9666bda4b..e749efc18 100644
 +int
 +mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *store)
 +{
-+       Buffer m;
+       struct sshbuf *m;
-+       int ok;
+       int r, ok;
-+
+
-+       buffer_init(&m);
+       if ((m = sshbuf_new()) == NULL)
-+
+               fatal("%s: sshbuf_new failed", __func__);
-+       buffer_put_cstring(&m, store->filename ? store->filename : "");
+       if ((r = sshbuf_put_cstring(m,
-+       buffer_put_cstring(&m, store->envvar ? store->envvar : "");
+           store->filename ? store->filename : "")) != 0 ||
-+       buffer_put_cstring(&m, store->envval ? store->envval : "");
+           (r = sshbuf_put_cstring(m,
-+       
+           store->envvar ? store->envvar : "")) != 0 ||
-+       mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUPCREDS, &m);
+           (r = sshbuf_put_cstring(m,
-+       mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSUPCREDS, &m);
+           store->envval ? store->envval : "")) != 0)
+               fatal("%s: buffer error: %s", __func__, ssh_err(r));
+
+       mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUPCREDS, m);
+       mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSUPCREDS, m);
+
+       if ((r = sshbuf_get_u32(m, &ok)) != 0)
+               fatal("%s: buffer error: %s", __func__, ssh_err(r));
+       sshbuf_free(m);
 +
-+       ok = buffer_get_int(&m);
-+
-+       buffer_free(&m);
-+       
 +       return (ok);
 +}
 +
 #endif /* GSSAPI */
- 
 diff --git a/monitor_wrap.h b/monitor_wrap.h
-index 762332704..0970d1f87 100644
+index 644da081d..7f93144ff 100644
 --- a/monitor_wrap.h
 +++ b/monitor_wrap.h
 @@ -60,8 +60,10 @@ int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t,
@@ -2465,19 +2491,19 @@ index 762332704..0970d1f87 100644
 
 #ifdef USE_PAM
 diff --git a/readconf.c b/readconf.c
-index 88051db57..c8e792991 100644
+index db5f2d547..4ad3c75fe 100644
 --- a/readconf.c
 +++ b/readconf.c
-@@ -160,6 +160,8 @@ typedef enum {
+@@ -161,6 +161,8 @@ typedef enum {
        oClearAllForwardings, oNoHostAuthenticationForLocalhost,
        oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
        oAddressFamily, oGssAuthentication, oGssDelegateCreds,
 +       oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey,
 +       oGssServerIdentity, 
        oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
-        oSendEnv, oControlPath, oControlMaster, oControlPersist,
+        oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist,
        oHashKnownHosts,
-@@ -199,10 +201,20 @@ static struct {
+@@ -201,10 +203,20 @@ static struct {
        /* Sometimes-unsupported options */
 #if defined(GSSAPI)
        { "gssapiauthentication", oGssAuthentication },
@@ -2498,7 +2524,7 @@ index 88051db57..c8e792991 100644
 #endif
 #ifdef ENABLE_PKCS11
        { "smartcarddevice", oPKCS11Provider },
-@@ -950,10 +962,30 @@ parse_time:
+@@ -973,10 +985,30 @@ parse_time:
                intptr = &options->gss_authentication;
                goto parse_flag;
 
@@ -2529,7 +2555,7 @@ index 88051db57..c8e792991 100644
        case oBatchMode:
                intptr = &options->batch_mode;
                goto parse_flag;
-@@ -1765,7 +1797,12 @@ initialize_options(Options * options)
+@@ -1817,7 +1849,12 @@ initialize_options(Options * options)
        options->pubkey_authentication = -1;
        options->challenge_response_authentication = -1;
        options->gss_authentication = -1;
@@ -2542,7 +2568,7 @@ index 88051db57..c8e792991 100644
        options->password_authentication = -1;
        options->kbd_interactive_authentication = -1;
        options->kbd_interactive_devices = NULL;
-@@ -1906,8 +1943,14 @@ fill_default_options(Options * options)
+@@ -1962,8 +1999,14 @@ fill_default_options(Options * options)
                options->challenge_response_authentication = 1;
        if (options->gss_authentication == -1)
                options->gss_authentication = 0;
@@ -2558,10 +2584,10 @@ index 88051db57..c8e792991 100644
                options->password_authentication = 1;
        if (options->kbd_interactive_authentication == -1)
 diff --git a/readconf.h b/readconf.h
-index f4d9e2b26..f469daaff 100644
+index c56887816..5ea0c296b 100644
 --- a/readconf.h
 +++ b/readconf.h
-@@ -42,7 +42,12 @@ typedef struct {
+@@ -40,7 +40,12 @@ typedef struct {
        int     challenge_response_authentication;
                                        /* Try S/Key or TIS, authentication. */
        int     gss_authentication;     /* Try GSS authentication */
@@ -2575,10 +2601,10 @@ index f4d9e2b26..f469daaff 100644
                                                 * authentication. */
        int     kbd_interactive_authentication; /* Try keyboard-interactive auth. */
 diff --git a/servconf.c b/servconf.c
-index 0f0d09068..cbbea05bf 100644
+index c0f6af0be..e1ae07fb7 100644
 --- a/servconf.c
 +++ b/servconf.c
-@@ -123,8 +123,10 @@ initialize_server_options(ServerOptions *options)
+@@ -124,8 +124,10 @@ initialize_server_options(ServerOptions *options)
        options->kerberos_ticket_cleanup = -1;
        options->kerberos_get_afs_token = -1;
        options->gss_authentication=-1;
@@ -2589,7 +2615,7 @@ index 0f0d09068..cbbea05bf 100644
        options->password_authentication = -1;
        options->kbd_interactive_authentication = -1;
        options->challenge_response_authentication = -1;
-@@ -315,10 +317,14 @@ fill_default_server_options(ServerOptions *options)
+@@ -333,10 +335,14 @@ fill_default_server_options(ServerOptions *options)
                options->kerberos_get_afs_token = 0;
        if (options->gss_authentication == -1)
                options->gss_authentication = 0;
@@ -2604,15 +2630,15 @@ index 0f0d09068..cbbea05bf 100644
        if (options->password_authentication == -1)
                options->password_authentication = 1;
        if (options->kbd_interactive_authentication == -1)
-@@ -461,6 +467,7 @@ typedef enum {
+@@ -481,6 +487,7 @@ typedef enum {
        sHostKeyAlgorithms,
        sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile,
        sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor,
 +       sGssKeyEx, sGssStoreRekey,
-        sAcceptEnv, sPermitTunnel,
+        sAcceptEnv, sSetEnv, sPermitTunnel,
-        sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
+        sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory,
        sUsePrivilegeSeparation, sAllowAgentForwarding,
-@@ -535,12 +542,20 @@ static struct {
+@@ -555,12 +562,20 @@ static struct {
 #ifdef GSSAPI
        { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },
        { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },
@@ -2633,7 +2659,7 @@ index 0f0d09068..cbbea05bf 100644
        { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
        { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
        { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL },
-@@ -1407,6 +1422,10 @@ process_server_config_line(ServerOptions *options, char *line,
+@@ -1459,6 +1474,10 @@ process_server_config_line(ServerOptions *options, char *line,
                intptr = &options->gss_authentication;
                goto parse_flag;
 
@@ -2644,7 +2670,7 @@ index 0f0d09068..cbbea05bf 100644
        case sGssCleanupCreds:
                intptr = &options->gss_cleanup_creds;
                goto parse_flag;
-@@ -1415,6 +1434,10 @@ process_server_config_line(ServerOptions *options, char *line,
+@@ -1467,6 +1486,10 @@ process_server_config_line(ServerOptions *options, char *line,
                intptr = &options->gss_strict_acceptor;
                goto parse_flag;
 
@@ -2655,7 +2681,7 @@ index 0f0d09068..cbbea05bf 100644
        case sPasswordAuthentication:
                intptr = &options->password_authentication;
                goto parse_flag;
-@@ -2453,7 +2476,10 @@ dump_config(ServerOptions *o)
+@@ -2551,7 +2574,10 @@ dump_config(ServerOptions *o)
 #endif
 #ifdef GSSAPI
        dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
@@ -2667,10 +2693,10 @@ index 0f0d09068..cbbea05bf 100644
        dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication);
        dump_cfg_fmtint(sKbdInteractiveAuthentication,
 diff --git a/servconf.h b/servconf.h
-index 37a0fb1a3..5dfc9bc02 100644
+index 557521d73..9b117fe27 100644
 --- a/servconf.h
 +++ b/servconf.h
-@@ -130,8 +130,10 @@ typedef struct {
+@@ -124,8 +124,10 @@ typedef struct {
        int     kerberos_get_afs_token;         /* If true, try to get AFS token if
                                                 * authenticated with Kerberos. */
        int     gss_authentication;     /* If true, permit GSSAPI authentication */
@@ -2682,11 +2708,11 @@ index 37a0fb1a3..5dfc9bc02 100644
                                                 * authentication. */
        int     kbd_interactive_authentication; /* If true, permit */
 diff --git a/ssh-gss.h b/ssh-gss.h
-index 6593e422d..919660a03 100644
+index 36180d07a..350ce7882 100644
 --- a/ssh-gss.h
 +++ b/ssh-gss.h
 @@ -1,6 +1,6 @@
- /* $OpenBSD: ssh-gss.h,v 1.12 2017/06/24 06:34:38 djm Exp $ */
+ /* $OpenBSD: ssh-gss.h,v 1.14 2018/07/10 09:13:30 djm Exp $ */
 /*
 - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
 + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
@@ -2749,10 +2775,10 @@ index 6593e422d..919660a03 100644
 
 int  ssh_gssapi_check_oid(Gssctxt *, void *, size_t);
 void ssh_gssapi_set_oid_data(Gssctxt *, void *, size_t);
-@@ -119,17 +136,33 @@ void ssh_gssapi_build_ctx(Gssctxt **);
+@@ -123,17 +140,33 @@ void ssh_gssapi_delete_ctx(Gssctxt **);
- void ssh_gssapi_delete_ctx(Gssctxt **);
 OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t);
- void ssh_gssapi_buildmic(Buffer *, const char *, const char *, const char *);
+ void ssh_gssapi_buildmic(struct sshbuf *, const char *,
+     const char *, const char *);
 -int ssh_gssapi_check_mechanism(Gssctxt **, gss_OID, const char *);
 +int ssh_gssapi_check_mechanism(Gssctxt **, gss_OID, const char *, const char *);
 +OM_uint32 ssh_gssapi_client_identity(Gssctxt *, const char *);
@@ -2799,10 +2825,10 @@ index c12f5ef52..bcb9f153d 100644
 #   CheckHostIP yes
 #   AddressFamily any
 diff --git a/ssh_config.5 b/ssh_config.5
-index 71705cabd..66826aa70 100644
+index f499396a3..5b99921b4 100644
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -727,10 +727,42 @@ The default is
+@@ -718,10 +718,42 @@ The default is
 Specifies whether user authentication based on GSSAPI is allowed.
 The default is
 .Cm no .
@@ -2846,7 +2872,7 @@ index 71705cabd..66826aa70 100644
 Indicates that
 .Xr ssh 1
 diff --git a/sshconnect2.c b/sshconnect2.c
-index 1f4a74cf4..83562c688 100644
+index 10e4f0a08..c6a1b1271 100644
 --- a/sshconnect2.c
 +++ b/sshconnect2.c
 @@ -162,6 +162,11 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
@@ -2861,7 +2887,7 @@ index 1f4a74cf4..83562c688 100644
        xxx_host = host;
        xxx_hostaddr = hostaddr;
 
-@@ -192,6 +197,35 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
+@@ -194,6 +199,35 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
                    order_hostkeyalgs(host, hostaddr, port));
        }
 
@@ -2897,7 +2923,7 @@ index 1f4a74cf4..83562c688 100644
        if (options.rekey_limit || options.rekey_interval)
                packet_set_rekey_limits(options.rekey_limit,
                    options.rekey_interval);
-@@ -213,15 +247,41 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
+@@ -215,15 +249,41 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
 # endif
 #endif
        kex->kex[KEX_C25519_SHA256] = kexc25519_client;
@@ -2939,7 +2965,7 @@ index 1f4a74cf4..83562c688 100644
        if ((r = kex_prop2buf(kex->my, myproposal)) != 0)
                fatal("kex_prop2buf: %s", ssh_err(r));
 
-@@ -311,6 +371,7 @@ int input_gssapi_token(int type, u_int32_t, struct ssh *);
+@@ -314,6 +374,7 @@ int input_gssapi_token(int type, u_int32_t, struct ssh *);
 int    input_gssapi_hash(int type, u_int32_t, struct ssh *);
 int    input_gssapi_error(int, u_int32_t, struct ssh *);
 int    input_gssapi_errtok(int, u_int32_t, struct ssh *);
@@ -2947,7 +2973,7 @@ index 1f4a74cf4..83562c688 100644
 #endif
 
 void   userauth(Authctxt *, char *);
-@@ -327,6 +388,11 @@ static char *authmethods_get(void);
+@@ -330,6 +391,11 @@ static char *authmethods_get(void);
 
 Authmethod authmethods[] = {
 #ifdef GSSAPI
@@ -2959,10 +2985,10 @@ index 1f4a74cf4..83562c688 100644
        {"gssapi-with-mic",
                userauth_gssapi,
                NULL,
-@@ -643,25 +709,40 @@ userauth_gssapi(Authctxt *authctxt)
+@@ -657,25 +723,40 @@ userauth_gssapi(Authctxt *authctxt)
        static u_int mech = 0;
        OM_uint32 min;
-        int ok = 0;
+        int r, ok = 0;
 +       char *gss_host;
 +
 +       if (options.gss_server_identity)
@@ -2987,9 +3013,9 @@ index 1f4a74cf4..83562c688 100644
        while (mech < gss_supported->count && !ok) {
                /* My DER encoding requires length<128 */
                if (gss_supported->elements[mech].length < 128 &&
-                    ssh_gssapi_check_mechanism(&gssctxt, 
+                    ssh_gssapi_check_mechanism(&gssctxt,
 -                   &gss_supported->elements[mech], authctxt->host)) {
-+                   &gss_supported->elements[mech], gss_host, 
+                   &gss_supported->elements[mech], gss_host,
 +                    options.gss_client_identity)) {
                        ok = 1; /* Mechanism works */
                } else {
@@ -3002,29 +3028,20 @@ index 1f4a74cf4..83562c688 100644
        if (!ok)
                return 0;
 
-@@ -752,8 +833,8 @@ input_gssapi_response(int type, u_int32_t plen, struct ssh *ssh)
+@@ -906,6 +987,54 @@ input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh)
- {
-        Authctxt *authctxt = ssh->authctxt;
-        Gssctxt *gssctxt;
-       int oidlen;
-       char *oidv;
-+       u_int oidlen;
-+       u_char *oidv;
- 
-        if (authctxt == NULL)
-                fatal("input_gssapi_response: no authentication context");
-@@ -866,6 +947,48 @@ input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh)
        free(lang);
-        return 0;
+        return r;
 }
 +
 +int
 +userauth_gsskeyex(Authctxt *authctxt)
 +{
-+       Buffer b;
+       struct ssh *ssh = active_state; /* XXX */
+       struct sshbuf *b;
 +       gss_buffer_desc gssbuf;
 +       gss_buffer_desc mic = GSS_C_EMPTY_BUFFER;
 +       OM_uint32 ms;
+       int r;
 +
 +       static int attempt = 0;
 +       if (attempt++ >= 1)
@@ -3035,25 +3052,29 @@ index 1f4a74cf4..83562c688 100644
 +               return (0);
 +       }
 +
-+       ssh_gssapi_buildmic(&b, authctxt->server_user, authctxt->service,
+       if ((b = sshbuf_new()) == NULL)
+               fatal("%s: sshbuf_new failed", __func__);
+       ssh_gssapi_buildmic(b, authctxt->server_user, authctxt->service,
 +           "gssapi-keyex");
 +
-+       gssbuf.value = buffer_ptr(&b);
+       if ((gssbuf.value = sshbuf_mutable_ptr(b)) == NULL)
-+       gssbuf.length = buffer_len(&b);
+               fatal("%s: sshbuf_mutable_ptr failed", __func__);
+       gssbuf.length = sshbuf_len(b);
 +
 +       if (GSS_ERROR(ssh_gssapi_sign(gss_kex_context, &gssbuf, &mic))) {
-+               buffer_free(&b);
+               sshbuf_free(b);
 +               return (0);
 +       }
 +
-+       packet_start(SSH2_MSG_USERAUTH_REQUEST);
+       if ((r = sshpkt_start(ssh, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
-+       packet_put_cstring(authctxt->server_user);
+           (r = sshpkt_put_cstring(ssh, authctxt->server_user)) != 0 ||
-+       packet_put_cstring(authctxt->service);
+           (r = sshpkt_put_cstring(ssh, authctxt->service)) != 0 ||
-+       packet_put_cstring(authctxt->method->name);
+           (r = sshpkt_put_cstring(ssh, authctxt->method->name)) != 0 ||
-+       packet_put_string(mic.value, mic.length);
+           (r = sshpkt_put_string(ssh, mic.value, mic.length)) != 0 ||
-+       packet_send();
+           (r = sshpkt_send(ssh)) != 0)
+               fatal("%s: %s", __func__, ssh_err(r));
 +
-+       buffer_free(&b);
+       sshbuf_free(b);
 +       gss_release_buffer(&ms, &mic);
 +
 +       return (1);
@@ -3063,7 +3084,7 @@ index 1f4a74cf4..83562c688 100644
 
 int
 diff --git a/sshd.c b/sshd.c
-index fd95b681b..e88185efa 100644
+index a738c3ab6..2e453cdf8 100644
 --- a/sshd.c
 +++ b/sshd.c
 @@ -123,6 +123,10 @@
@@ -3077,7 +3098,7 @@ index fd95b681b..e88185efa 100644
 /* Re-exec fds */
 #define REEXEC_DEVCRYPTO_RESERVED_FD   (STDERR_FILENO + 1)
 #define REEXEC_STARTUP_PIPE_FD         (STDERR_FILENO + 2)
-@@ -531,7 +535,7 @@ privsep_preauth_child(void)
+@@ -536,7 +540,7 @@ privsep_preauth_child(void)
 
 #ifdef GSSAPI
        /* Cache supported mechanism OIDs for later use */
@@ -3086,10 +3107,10 @@ index fd95b681b..e88185efa 100644
                ssh_gssapi_prepare_supported_oids();
 #endif
 
-@@ -1753,10 +1757,13 @@ main(int ac, char **av)
+@@ -1811,10 +1815,13 @@ main(int ac, char **av)
-                    key ? "private" : "agent", i, sshkey_ssh_name(pubkey), fp);
                free(fp);
        }
+        accumulate_host_timing_secret(cfg, NULL);
 +#ifndef GSSAPI
 +       /* The GSSAPI key exchange can run without a host key */
        if (!sensitive_data.have_ssh2_key) {
@@ -3100,7 +3121,7 @@ index fd95b681b..e88185efa 100644
 
        /*
         * Load certificates. They are stored in an array at identical
-@@ -2047,6 +2054,60 @@ main(int ac, char **av)
+@@ -2105,6 +2112,60 @@ main(int ac, char **av)
            rdomain == NULL ? "" : "\"");
        free(laddr);
 
@@ -3161,7 +3182,7 @@ index fd95b681b..e88185efa 100644
        /*
         * We don't want to listen forever unless the other side
         * successfully authenticates itself.  So we set up an alarm which is
-@@ -2234,6 +2295,48 @@ do_ssh2_kex(void)
+@@ -2288,6 +2349,48 @@ do_ssh2_kex(void)
        myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(
            list_hostkey_types());
 
@@ -3210,7 +3231,7 @@ index fd95b681b..e88185efa 100644
        /* start key exchange */
        if ((r = kex_setup(active_state, myproposal)) != 0)
                fatal("kex_setup: %s", ssh_err(r));
-@@ -2251,6 +2354,13 @@ do_ssh2_kex(void)
+@@ -2305,6 +2408,13 @@ do_ssh2_kex(void)
 # endif
 #endif
        kex->kex[KEX_C25519_SHA256] = kexc25519_server;
@@ -3225,7 +3246,7 @@ index fd95b681b..e88185efa 100644
        kex->client_version_string=client_version_string;
        kex->server_version_string=server_version_string;
 diff --git a/sshd_config b/sshd_config
-index 3109d5d73..86263d713 100644
+index 19b7c91a1..2c48105f8 100644
 --- a/sshd_config
 +++ b/sshd_config
 @@ -69,6 +69,8 @@ AuthorizedKeysFile    .ssh/authorized_keys
@@ -3238,10 +3259,10 @@ index 3109d5d73..86263d713 100644
 # Set this to 'yes' to enable PAM authentication, account processing,
 # and session processing. If this is enabled, PAM authentication will
 diff --git a/sshd_config.5 b/sshd_config.5
-index e3c7c3936..c4a3f3cb2 100644
+index e1b54ba20..a0ac717c7 100644
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -636,6 +636,11 @@ The default is
+@@ -637,6 +637,11 @@ The default is
 Specifies whether user authentication based on GSSAPI is allowed.
 The default is
 .Cm no .
@@ -3253,7 +3274,7 @@ index e3c7c3936..c4a3f3cb2 100644
 .It Cm GSSAPICleanupCredentials
 Specifies whether to automatically destroy the user's credentials cache
 on logout.
-@@ -655,6 +660,11 @@ machine's default store.
+@@ -656,6 +661,11 @@ machine's default store.
 This facility is provided to assist with operation on multi homed machines.
 The default is
 .Cm yes .
@@ -3264,20 +3285,20 @@ index e3c7c3936..c4a3f3cb2 100644
 +.Cm no .
 .It Cm HostbasedAcceptedKeyTypes
 Specifies the key types that will be accepted for hostbased authentication
- as a comma-separated pattern list.
+ as a list of comma-separated patterns.
 diff --git a/sshkey.c b/sshkey.c
-index 7712fba23..088872860 100644
+index 72c08c7e0..91e99a262 100644
 --- a/sshkey.c
 +++ b/sshkey.c
-@@ -122,6 +122,7 @@ static const struct keytype keytypes[] = {
+@@ -140,6 +140,7 @@ static const struct keytype keytypes[] = {
 #  endif /* OPENSSL_HAS_NISTP521 */
 # endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
-+       { "null", "null", KEY_NULL, 0, 0, 0 },
+       { "null", "null", NULL, KEY_NULL, 0, 0, 0 },
-        { NULL, NULL, -1, -1, 0, 0 }
+        { NULL, NULL, NULL, -1, -1, 0, 0 }
 };
 
-@@ -210,7 +211,7 @@ sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep)
+@@ -228,7 +229,7 @@ sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep)
        const struct keytype *kt;
 
        for (kt = keytypes; kt->type != -1; kt++) {
@@ -3287,7 +3308,7 @@ index 7712fba23..088872860 100644
                if (!include_sigonly && kt->sigonly)
                        continue;
 diff --git a/sshkey.h b/sshkey.h
-index 155cd45ae..4e89049f1 100644
+index 9060b2ecb..0cbdcfd74 100644
 --- a/sshkey.h
 +++ b/sshkey.h
 @@ -63,6 +63,7 @@ enum sshkey_types {
author	Colin Watson <cjwatson@debian.org>	2018-08-24 12:49:36 +0100
committer	Colin Watson <cjwatson@debian.org>	2018-08-30 00:57:27 +0100
commit	816386e17654ca36834bebbf351419e460fad8f6 (patch)
tree	3dc79d831cb73bc25b92f5a4d18f8e328c0c570a /debian/patches/gssapi.patch
parent	3e6f76c7039d3df22b1d0a3a5f30150efb09b69d (diff)
parent	16a47fc4b04977a14f44dd433c8da1499fa80671 (diff)