* New upstream release (http://www.openssh.org/txt/release-5.7):

  - Implement Elliptic Curve Cryptography modes for key exchange (ECDH)
    and host/user keys (ECDSA) as specified by RFC5656.  ECDH and ECDSA
    offer better performance than plain DH and DSA at the same equivalent
    symmetric key length, as well as much shorter keys.
  - sftp(1)/sftp-server(8): add a protocol extension to support a hard
    link operation.  It is available through the "ln" command in the
    client.  The old "ln" behaviour of creating a symlink is available
    using its "-s" option or through the preexisting "symlink" command.
  - scp(1): Add a new -3 option to scp: Copies between two remote hosts
    are transferred through the local host (closes: #508613).
  - ssh(1): "atomically" create the listening mux socket by binding it on
    a temporary name and then linking it into position after listen() has
    succeeded.  This allows the mux clients to determine that the server
    socket is either ready or stale without races (closes: #454784).
    Stale server sockets are now automatically removed (closes: #523250).
  - ssh(1): install a SIGCHLD handler to reap expired child process
    (closes: #594687).
  - ssh(1)/ssh-agent(1): honour $TMPDIR for client xauth and ssh-agent
    temporary directories (closes: #357469, although only if you arrange
    for ssh-agent to actually see $TMPDIR since the setgid bit will cause
    it to be stripped off).

24 files changed, 278 insertions, 312 deletions

diff --git a/debian/changelog b/debian/changelog
index 294f29f30..84269b035 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,30 @@
+openssh (1:5.7p1-1) UNRELEASED; urgency=low
+
+  * New upstream release (http://www.openssh.org/txt/release-5.7):
+    - Implement Elliptic Curve Cryptography modes for key exchange (ECDH)
+      and host/user keys (ECDSA) as specified by RFC5656.  ECDH and ECDSA
+      offer better performance than plain DH and DSA at the same equivalent
+      symmetric key length, as well as much shorter keys.
+    - sftp(1)/sftp-server(8): add a protocol extension to support a hard
+      link operation.  It is available through the "ln" command in the
+      client.  The old "ln" behaviour of creating a symlink is available
+      using its "-s" option or through the preexisting "symlink" command.
+    - scp(1): Add a new -3 option to scp: Copies between two remote hosts
+      are transferred through the local host (closes: #508613).
+    - ssh(1): "atomically" create the listening mux socket by binding it on
+      a temporary name and then linking it into position after listen() has
+      succeeded.  This allows the mux clients to determine that the server
+      socket is either ready or stale without races (closes: #454784).
+      Stale server sockets are now automatically removed (closes: #523250).
+    - ssh(1): install a SIGCHLD handler to reap expired child process
+      (closes: #594687).
+    - ssh(1)/ssh-agent(1): honour $TMPDIR for client xauth and ssh-agent
+      temporary directories (closes: #357469, although only if you arrange
+      for ssh-agent to actually see $TMPDIR since the setgid bit will cause
+      it to be stripped off).
+
+ -- Colin Watson <cjwatson@debian.org>  Mon, 24 Jan 2011 12:07:24 +0000
+
 openssh (1:5.6p1-3) experimental; urgency=low
 
   * Drop override for desktop-file-but-no-dh_desktop-call, which Lintian no
diff --git a/debian/patches/authorized-keys-man-symlink.patch b/debian/patches/authorized-keys-man-symlink.patch
index 34535f001..891b934ab 100644
--- a/debian/patches/authorized-keys-man-symlink.patch
+++ b/debian/patches/authorized-keys-man-symlink.patch
@@ -8,7 +8,7 @@ Index: b/Makefile.in
 ===================================================================
 --- a/Makefile.in
 +++ b/Makefile.in
-@@ -284,6 +284,7 @@
+@@ -287,6 +287,7 @@
         $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
         $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5
         $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
diff --git a/debian/patches/debian-banner.patch b/debian/patches/debian-banner.patch
index b0761420e..32251397d 100644
--- a/debian/patches/debian-banner.patch
+++ b/debian/patches/debian-banner.patch
@@ -10,42 +10,42 @@ Index: b/servconf.c
 ===================================================================
 --- a/servconf.c
 +++ b/servconf.c
-@@ -136,6 +136,7 @@
-        options->revoked_keys_file = NULL;
-        options->trusted_user_ca_keys = NULL;
+@@ -143,6 +143,7 @@
         options->authorized_principals_file = NULL;
+        options->ip_qos_interactive = -1;
+        options->ip_qos_bulk = -1;
 +       options->debian_banner = -1;
  }
  
  void
-@@ -278,6 +279,8 @@
-                options->permit_tun = SSH_TUNMODE_NO;
-        if (options->zero_knowledge_password_authentication == -1)
-                options->zero_knowledge_password_authentication = 0;
+@@ -293,6 +294,8 @@
+                options->ip_qos_interactive = IPTOS_LOWDELAY;
+        if (options->ip_qos_bulk == -1)
+                options->ip_qos_bulk = IPTOS_THROUGHPUT;
 +       if (options->debian_banner == -1)
 +               options->debian_banner = 1;
  
         /* Turn privilege separation on by default */
         if (use_privsep == -1)
-@@ -326,6 +329,7 @@
-        sUsePrivilegeSeparation, sAllowAgentForwarding,
+@@ -342,6 +345,7 @@
         sZeroKnowledgePasswordAuthentication, sHostCertificate,
         sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
+        sKexAlgorithms, sIPQoS,
 +       sDebianBanner,
         sDeprecated, sUnsupported
  } ServerOpCodes;
  
-@@ -459,6 +463,7 @@
-        { "revokedkeys", sRevokedKeys, SSHCFG_ALL },
-        { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
+@@ -477,6 +481,7 @@
         { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
+        { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL },
+        { "ipqos", sIPQoS, SSHCFG_ALL },
 +       { "debianbanner", sDebianBanner, SSHCFG_GLOBAL },
         { NULL, sBadOption, 0 }
  };
  
-@@ -1392,6 +1397,10 @@
-                charptr = &options->revoked_keys_file;
-                goto parse_filename;
+@@ -1439,6 +1444,10 @@
+                }
+                break;
  
 +       case sDebianBanner:
 +               intptr = &options->debian_banner;
@@ -58,7 +58,7 @@ Index: b/servconf.h
 ===================================================================
 --- a/servconf.h
 +++ b/servconf.h
-@@ -157,6 +157,8 @@
+@@ -160,6 +160,8 @@
  
         int     num_permitted_opens;
  
@@ -85,7 +85,7 @@ Index: b/sshd_config.5
 ===================================================================
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -340,6 +340,11 @@
+@@ -339,6 +339,11 @@
  .Dq no .
  The default is
  .Dq delayed .
diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch
index 2fe365639..e804aa526 100644
--- a/debian/patches/debian-config.patch
+++ b/debian/patches/debian-config.patch
@@ -24,7 +24,7 @@ Index: b/readconf.c
 ===================================================================
 --- a/readconf.c
 +++ b/readconf.c
-@@ -1179,7 +1179,7 @@
+@@ -1223,7 +1223,7 @@
         if (options->forward_x11 == -1)
                 options->forward_x11 = 0;
         if (options->forward_x11_trusted == -1)
@@ -61,7 +61,7 @@ Index: b/ssh_config.5
 ===================================================================
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -72,6 +72,22 @@
+@@ -71,6 +71,22 @@
  host-specific declarations should be given near the beginning of the
  file, and general defaults at the end.
  .Pp
@@ -84,7 +84,7 @@ Index: b/ssh_config.5
  The configuration file has the following format:
  .Pp
  Empty lines and lines starting with
-@@ -483,7 +499,8 @@
+@@ -482,7 +498,8 @@
  Remote clients will be refused access after this time.
  .Pp
  The default is
@@ -98,7 +98,7 @@ Index: b/sshd_config
 ===================================================================
 --- a/sshd_config
 +++ b/sshd_config
-@@ -36,6 +36,7 @@
+@@ -37,6 +37,7 @@
  # Authentication:
  
  #LoginGraceTime 2m
@@ -110,7 +110,7 @@ Index: b/sshd_config.5
 ===================================================================
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -58,6 +58,33 @@
+@@ -57,6 +57,33 @@
  .Pq \&"
  in order to represent arguments containing spaces.
  .Pp
diff --git a/debian/patches/dnssec-sshfp.patch b/debian/patches/dnssec-sshfp.patch
index a71b42f0f..8e8285a1f 100644
--- a/debian/patches/dnssec-sshfp.patch
+++ b/debian/patches/dnssec-sshfp.patch
@@ -9,7 +9,7 @@ Index: b/dns.c
 ===================================================================
 --- a/dns.c
 +++ b/dns.c
-@@ -176,6 +176,7 @@
+@@ -177,6 +177,7 @@
  {
         u_int counter;
         int result;
@@ -17,7 +17,7 @@ Index: b/dns.c
         struct rrsetinfo *fingerprints = NULL;
  
         u_int8_t hostkey_algorithm;
-@@ -199,8 +200,19 @@
+@@ -200,8 +201,19 @@
                 return -1;
         }
  
diff --git a/debian/patches/doc-hash-tab-completion.patch b/debian/patches/doc-hash-tab-completion.patch
index fb522013c..5cf8aa46b 100644
--- a/debian/patches/doc-hash-tab-completion.patch
+++ b/debian/patches/doc-hash-tab-completion.patch
@@ -8,7 +8,7 @@ Index: b/ssh_config.5
 ===================================================================
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -562,6 +562,9 @@
+@@ -566,6 +566,9 @@
  will not be converted automatically,
  but may be manually hashed using
  .Xr ssh-keygen 1 .
diff --git a/debian/patches/gssapi-autoconf.patch b/debian/patches/gssapi-autoconf.patch
index d88382dcb..51d8a8e72 100644
--- a/debian/patches/gssapi-autoconf.patch
+++ b/debian/patches/gssapi-autoconf.patch
@@ -7,7 +7,7 @@ Index: b/config.h.in
 ===================================================================
 --- a/config.h.in
 +++ b/config.h.in
-@@ -1387,6 +1387,9 @@
+@@ -1417,6 +1417,9 @@
  /* Use btmp to log bad logins */
  #undef USE_BTMP
  
@@ -17,7 +17,7 @@ Index: b/config.h.in
  /* Use libedit for sftp */
  #undef USE_LIBEDIT
  
-@@ -1399,6 +1402,9 @@
+@@ -1432,6 +1435,9 @@
  /* Use PIPES instead of a socketpair() */
  #undef USE_PIPES
  
diff --git a/debian/patches/gssapi-compat.patch b/debian/patches/gssapi-compat.patch
deleted file mode 100644
index b93134933..000000000
--- a/debian/patches/gssapi-compat.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-Description: Compatibility with old GSSAPI option names
- These options were supported by the old ssh-krb5 package in Debian.
- .
- Forwarded to Simon Wilkinson for inclusion in the GSSAPI patch.
-Author: Colin Watson <cjwatson@debian.org>
-Forwarded: yes
-Last-Updated: 2010-03-01
-
-Index: b/servconf.c
-===================================================================
---- a/servconf.c
-+++ b/servconf.c
-@@ -381,16 +381,20 @@
- #ifdef GSSAPI
-        { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },
-        { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },
-+       { "gssapicleanupcreds", sGssCleanupCreds, SSHCFG_GLOBAL },
-        { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL },
-        { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL },
-        { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL },
- #else
-        { "gssapiauthentication", sUnsupported, SSHCFG_ALL },
-        { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL },
-+       { "gssapicleanupcreds", sUnsupported, SSHCFG_GLOBAL },
-        { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL },
-        { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL },
-        { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL },
- #endif
-+       { "gssusesessionccache", sUnsupported, SSHCFG_GLOBAL },
-+       { "gssapiusesessioncredcache", sUnsupported, SSHCFG_GLOBAL },
-        { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
-        { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
-        { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL },
diff --git a/debian/patches/gssapi-dump.patch b/debian/patches/gssapi-dump.patch
deleted file mode 100644
index 0969c59b4..000000000
--- a/debian/patches/gssapi-dump.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-Description: GSSAPI configuration dump fixes
- Add GSSAPIKeyExchange, GSSAPIStrictAcceptorCheck, and
- GSSAPIStoreCredentialsOnRekey to sshd -T configuration dump.
- .
- Forwarded to Simon Wilkinson for inclusion in the GSSAPI patch.
-Author: Colin Watson <cjwatson@debian.org>
-Forwarded: yes
-Last-Updated: 2010-02-27
-
-Index: b/servconf.c
-===================================================================
---- a/servconf.c
-+++ b/servconf.c
-@@ -1688,7 +1688,10 @@
- #endif
- #ifdef GSSAPI
-        dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
-+       dump_cfg_fmtint(sGssKeyEx, o->gss_keyex);
-        dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds);
-+       dump_cfg_fmtint(sGssStrictAcceptor, o->gss_strict_acceptor);
-+       dump_cfg_fmtint(sGssStoreRekey, o->gss_store_rekey);
- #endif
- #ifdef JPAKE
-        dump_cfg_fmtint(sZeroKnowledgePasswordAuthentication,
diff --git a/debian/patches/gssapi.patch b/debian/patches/gssapi.patch
index 778c23023..692437142 100644
--- a/debian/patches/gssapi.patch
+++ b/debian/patches/gssapi.patch
@@ -19,14 +19,24 @@ Index: b/ChangeLog.gssapi
 ===================================================================
 --- /dev/null
 +++ b/ChangeLog.gssapi
-@@ -0,0 +1,103 @@
+@@ -0,0 +1,113 @@
++20110101
++  - Finally update for OpenSSH 5.6p1
++  - Add GSSAPIServerIdentity option from Jim Basney
++ 
++20100308
++  - [ Makefile.in, key.c, key.h ]
++    Updates for OpenSSH 5.4p1
++  - [ servconf.c ]
++    Include GSSAPI options in the sshd -T configuration dump, and flag
++    some older configuration options as being unsupported. Thanks to Colin 
++    Watson.
++  -
++
 +20100124
 +  - [ sshconnect2.c ]
 +    Adapt to deal with additional element in Authmethod structure. Thanks to
-+    Colin Wilson
-+  - [ clientloop.c ]
-+    Protect credentials updated code with suitable #ifdefs. Thanks to Colin
-+    Wilson
++    Colin Watson
 +
 +20090615
 +  - [ gss-genr.c gss-serv.c kexgssc.c kexgsss.c monitor.c sshconnect2.c
@@ -127,23 +137,23 @@ Index: b/Makefile.in
 ===================================================================
 --- a/Makefile.in
 +++ b/Makefile.in
-@@ -74,7 +74,7 @@
-        monitor_fdpass.o rijndael.o ssh-dss.o ssh-rsa.o dh.o kexdh.o \
-        kexgex.o kexdhc.o kexgexc.o msg.o progressmeter.o dns.o \
-        entropy.o gss-genr.o umac.o jpake.o schnorr.o \
--       ssh-pkcs11.o
-+       ssh-pkcs11.o kexgssc.o
+@@ -75,7 +75,7 @@
+        monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \
+        kexdh.o kexgex.o kexdhc.o kexgexc.o bufec.o kexecdh.o kexecdhc.o \
+        msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o jpake.o \
+-       schnorr.o ssh-pkcs11.o
++       schnorr.o kexgssc.o ssh-pkcs11.o
  
  SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
         sshconnect.o sshconnect1.o sshconnect2.o mux.o \
-@@ -88,7 +88,7 @@
+@@ -90,7 +90,7 @@
         auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-jpake.o \
-        monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o \
+        monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o kexecdhs.o \
         auth-krb5.o \
 -       auth2-gss.o gss-serv.o gss-serv-krb5.o \
 +       auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o\
         loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
-        audit.o audit-bsm.o platform.o sftp-server.o sftp-common.o \
+        sftp-server.o sftp-common.o \
         roaming_common.o roaming_serv.o
 Index: b/auth-krb5.c
 ===================================================================
@@ -384,7 +394,7 @@ Index: b/configure.ac
 ===================================================================
 --- a/configure.ac
 +++ b/configure.ac
-@@ -477,6 +477,30 @@
+@@ -514,6 +514,30 @@
             [Use tunnel device compatibility to OpenBSD])
         AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
             [Prepend the address family to IP tunnel traffic])
@@ -1222,9 +1232,9 @@ Index: b/kex.c
  #if OPENSSL_VERSION_NUMBER >= 0x00907000L
  # if defined(HAVE_EVP_SHA256)
  # define evp_ssh_sha256 EVP_sha256
-@@ -326,6 +330,20 @@
-                k->kex_type = KEX_DH_GEX_SHA256;
-                k->evp_md = evp_ssh_sha256();
+@@ -358,6 +362,20 @@
+                k->kex_type = KEX_ECDH_SHA2;
+                k->evp_md = kex_ecdh_name_to_evpmd(k->name);
  #endif
 +#ifdef GSSAPI
 +       } else if (strncmp(k->name, KEX_GSS_GEX_SHA1_ID,
@@ -1247,17 +1257,17 @@ Index: b/kex.h
 ===================================================================
 --- a/kex.h
 +++ b/kex.h
-@@ -67,6 +67,9 @@
-        KEX_DH_GRP14_SHA1,
+@@ -73,6 +73,9 @@
         KEX_DH_GEX_SHA1,
         KEX_DH_GEX_SHA256,
+        KEX_ECDH_SHA2,
 +       KEX_GSS_GRP1_SHA1,
 +       KEX_GSS_GRP14_SHA1,
 +       KEX_GSS_GEX_SHA1,
         KEX_MAX
  };
  
-@@ -123,6 +126,12 @@
+@@ -129,6 +132,12 @@
         sig_atomic_t done;
         int     flags;
         const EVP_MD *evp_md;
@@ -1270,9 +1280,9 @@ Index: b/kex.h
         char    *client_version_string;
         char    *server_version_string;
         int     (*verify_host_key)(Key *);
-@@ -146,6 +155,11 @@
- void    kexgex_client(Kex *);
- void    kexgex_server(Kex *);
+@@ -156,6 +165,11 @@
+ void    kexecdh_client(Kex *);
+ void    kexecdh_server(Kex *);
  
 +#ifdef GSSAPI
 +void   kexgss_client(Kex *);
@@ -1918,21 +1928,30 @@ Index: b/key.c
 ===================================================================
 --- a/key.c
 +++ b/key.c
-@@ -1020,6 +1020,8 @@
-                return KEY_RSA_CERT;
-        } else if (strcmp(name, "ssh-dss-cert-v01@openssh.com") == 0) {
-                return KEY_DSA_CERT;
+@@ -971,6 +971,8 @@
+                }
+                break;
+ #endif /* OPENSSL_HAS_ECC */
++       case KEY_NULL:
++               return "null";
+        }
+        return "ssh-unknown";
+ }
+@@ -1276,6 +1278,8 @@
+            strcmp(name, "ecdsa-sha2-nistp521-cert-v01@openssh.com") == 0) {
+                return KEY_ECDSA_CERT;
+ #endif
 +       } else if (strcmp(name, "null") == 0) {
 +               return KEY_NULL;
         }
+ 
         debug2("key_type_from_name: unknown key type '%s'", name);
-        return KEY_UNSPEC;
 Index: b/key.h
 ===================================================================
 --- a/key.h
 +++ b/key.h
-@@ -39,6 +39,7 @@
-        KEY_DSA_CERT,
+@@ -44,6 +44,7 @@
+        KEY_ECDSA_CERT,
         KEY_RSA_CERT_V00,
         KEY_DSA_CERT_V00,
 +       KEY_NULL,
@@ -1995,10 +2014,10 @@ Index: b/monitor.c
         } else {
                 mon_dispatch = mon_dispatch_postauth15;
                 monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
-@@ -1691,6 +1708,13 @@
-        kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
+@@ -1692,6 +1709,13 @@
         kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
         kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
+        kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
 +#ifdef GSSAPI
 +       if (options.gss_keyex) {
 +               kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
@@ -2009,7 +2028,7 @@ Index: b/monitor.c
         kex->server = 1;
         kex->hostkey_type = buffer_get_int(m);
         kex->kex_type = buffer_get_int(m);
-@@ -1897,6 +1921,9 @@
+@@ -1898,6 +1922,9 @@
         OM_uint32 major;
         u_int len;
  
@@ -2019,7 +2038,7 @@ Index: b/monitor.c
         goid.elements = buffer_get_string(m, &len);
         goid.length = len;
  
-@@ -1924,6 +1951,9 @@
+@@ -1925,6 +1952,9 @@
         OM_uint32 flags = 0; /* GSI needs this */
         u_int len;
  
@@ -2029,7 +2048,7 @@ Index: b/monitor.c
         in.value = buffer_get_string(m, &len);
         in.length = len;
         major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags);
-@@ -1941,6 +1971,7 @@
+@@ -1942,6 +1972,7 @@
                 monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0);
                 monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);
                 monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1);
@@ -2037,7 +2056,7 @@ Index: b/monitor.c
         }
         return (0);
  }
-@@ -1952,6 +1983,9 @@
+@@ -1953,6 +1984,9 @@
         OM_uint32 ret;
         u_int len;
  
@@ -2047,7 +2066,7 @@ Index: b/monitor.c
         gssbuf.value = buffer_get_string(m, &len);
         gssbuf.length = len;
         mic.value = buffer_get_string(m, &len);
-@@ -1978,7 +2012,11 @@
+@@ -1979,7 +2013,11 @@
  {
         int authenticated;
  
@@ -2060,7 +2079,7 @@ Index: b/monitor.c
  
         buffer_clear(m);
         buffer_put_int(m, authenticated);
-@@ -1991,6 +2029,74 @@
+@@ -1992,6 +2030,74 @@
         /* Monitor loop will terminate if authenticated */
         return (authenticated);
  }
@@ -2152,7 +2171,7 @@ Index: b/monitor_wrap.c
 ===================================================================
 --- a/monitor_wrap.c
 +++ b/monitor_wrap.c
-@@ -1231,7 +1231,7 @@
+@@ -1232,7 +1232,7 @@
  }
  
  int
@@ -2161,7 +2180,7 @@ Index: b/monitor_wrap.c
  {
         Buffer m;
         int authenticated = 0;
-@@ -1248,6 +1248,51 @@
+@@ -1249,6 +1249,51 @@
         debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not ");
         return (authenticated);
  }
@@ -2233,15 +2252,16 @@ Index: b/readconf.c
 ===================================================================
 --- a/readconf.c
 +++ b/readconf.c
-@@ -127,6 +127,7 @@
+@@ -129,6 +129,8 @@
         oClearAllForwardings, oNoHostAuthenticationForLocalhost,
         oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
         oAddressFamily, oGssAuthentication, oGssDelegateCreds,
 +       oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey,
++       oGssServerIdentity, 
         oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
         oSendEnv, oControlPath, oControlMaster, oControlPersist,
         oHashKnownHosts,
-@@ -166,10 +167,18 @@
+@@ -169,10 +171,19 @@
         { "afstokenpassing", oUnsupported },
  #if defined(GSSAPI)
         { "gssapiauthentication", oGssAuthentication },
@@ -2249,6 +2269,7 @@ Index: b/readconf.c
         { "gssapidelegatecredentials", oGssDelegateCreds },
 +       { "gssapitrustdns", oGssTrustDns },
 +       { "gssapiclientidentity", oGssClientIdentity },
++       { "gssapiserveridentity", oGssServerIdentity },
 +       { "gssapirenewalforcesrekey", oGssRenewalRekey },
  #else
         { "gssapiauthentication", oUnsupported },
@@ -2260,7 +2281,7 @@ Index: b/readconf.c
  #endif
         { "fallbacktorsh", oDeprecated },
         { "usersh", oDeprecated },
-@@ -474,10 +483,26 @@
+@@ -479,10 +490,30 @@
                 intptr = &options->gss_authentication;
                 goto parse_flag;
  
@@ -2280,6 +2301,10 @@ Index: b/readconf.c
 +               charptr = &options->gss_client_identity;
 +               goto parse_string;
 +
++       case oGssServerIdentity:
++               charptr = &options->gss_server_identity;
++               goto parse_string;
++
 +       case oGssRenewalRekey:
 +               intptr = &options->gss_renewal_rekey;
 +               goto parse_flag;
@@ -2287,7 +2312,7 @@ Index: b/readconf.c
         case oBatchMode:
                 intptr = &options->batch_mode;
                 goto parse_flag;
-@@ -1058,7 +1083,11 @@
+@@ -1092,7 +1123,12 @@
         options->pubkey_authentication = -1;
         options->challenge_response_authentication = -1;
         options->gss_authentication = -1;
@@ -2296,10 +2321,11 @@ Index: b/readconf.c
 +       options->gss_trust_dns = -1;
 +       options->gss_renewal_rekey = -1;
 +       options->gss_client_identity = NULL;
++       options->gss_server_identity = NULL;
         options->password_authentication = -1;
         options->kbd_interactive_authentication = -1;
         options->kbd_interactive_devices = NULL;
-@@ -1156,8 +1185,14 @@
+@@ -1193,8 +1229,14 @@
                 options->challenge_response_authentication = 1;
         if (options->gss_authentication == -1)
                 options->gss_authentication = 0;
@@ -2318,7 +2344,7 @@ Index: b/readconf.h
 ===================================================================
 --- a/readconf.h
 +++ b/readconf.h
-@@ -46,7 +46,11 @@
+@@ -46,7 +46,12 @@
         int     challenge_response_authentication;
                                         /* Try S/Key or TIS, authentication. */
         int     gss_authentication;     /* Try GSS authentication */
@@ -2327,6 +2353,7 @@ Index: b/readconf.h
 +       int     gss_trust_dns;          /* Trust DNS for GSS canonicalization */
 +       int     gss_renewal_rekey;      /* Credential renewal forces rekey */
 +       char    *gss_client_identity;   /* Principal to initiate GSSAPI with */
++       char    *gss_server_identity;   /* GSSAPI target principal */
         int     password_authentication;        /* Try password
                                                  * authentication. */
         int     kbd_interactive_authentication; /* Try keyboard-interactive auth. */
@@ -2334,7 +2361,7 @@ Index: b/servconf.c
 ===================================================================
 --- a/servconf.c
 +++ b/servconf.c
-@@ -93,7 +93,10 @@
+@@ -97,7 +97,10 @@
         options->kerberos_ticket_cleanup = -1;
         options->kerberos_get_afs_token = -1;
         options->gss_authentication=-1;
@@ -2345,7 +2372,7 @@ Index: b/servconf.c
         options->password_authentication = -1;
         options->kbd_interactive_authentication = -1;
         options->challenge_response_authentication = -1;
-@@ -215,8 +218,14 @@
+@@ -226,8 +229,14 @@
                 options->kerberos_get_afs_token = 0;
         if (options->gss_authentication == -1)
                 options->gss_authentication = 0;
@@ -2360,7 +2387,7 @@ Index: b/servconf.c
         if (options->password_authentication == -1)
                 options->password_authentication = 1;
         if (options->kbd_interactive_authentication == -1)
-@@ -307,7 +316,9 @@
+@@ -322,7 +331,9 @@
         sBanner, sUseDNS, sHostbasedAuthentication,
         sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
         sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
@@ -2371,23 +2398,28 @@ Index: b/servconf.c
         sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
         sUsePrivilegeSeparation, sAllowAgentForwarding,
         sZeroKnowledgePasswordAuthentication, sHostCertificate,
-@@ -370,9 +381,15 @@
+@@ -386,10 +397,20 @@
  #ifdef GSSAPI
         { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },
         { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },
++       { "gssapicleanupcreds", sGssCleanupCreds, SSHCFG_GLOBAL },
 +       { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL },
 +       { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL },
 +       { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL },
  #else
         { "gssapiauthentication", sUnsupported, SSHCFG_ALL },
         { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL },
++       { "gssapicleanupcreds", sUnsupported, SSHCFG_GLOBAL },
 +       { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL },
 +       { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL },
 +       { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL },
  #endif
++       { "gssusesessionccache", sUnsupported, SSHCFG_GLOBAL },
++       { "gssapiusesessioncredcache", sUnsupported, SSHCFG_GLOBAL },
         { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
         { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
-@@ -926,10 +943,22 @@
+        { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL },
+@@ -944,10 +965,22 @@
                 intptr = &options->gss_authentication;
                 goto parse_flag;
  
@@ -2410,11 +2442,22 @@ Index: b/servconf.c
         case sPasswordAuthentication:
                 intptr = &options->password_authentication;
                 goto parse_flag;
+@@ -1704,7 +1737,10 @@
+ #endif
+ #ifdef GSSAPI
+        dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
++       dump_cfg_fmtint(sGssKeyEx, o->gss_keyex);
+        dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds);
++       dump_cfg_fmtint(sGssStrictAcceptor, o->gss_strict_acceptor);
++       dump_cfg_fmtint(sGssStoreRekey, o->gss_store_rekey);
+ #endif
+ #ifdef JPAKE
+        dump_cfg_fmtint(sZeroKnowledgePasswordAuthentication,
 Index: b/servconf.h
 ===================================================================
 --- a/servconf.h
 +++ b/servconf.h
-@@ -94,7 +94,10 @@
+@@ -97,7 +97,10 @@
         int     kerberos_get_afs_token;         /* If true, try to get AFS token if
                                                  * authenticated with Kerberos. */
         int     gss_authentication;     /* If true, permit GSSAPI authentication */
@@ -2543,7 +2586,7 @@ Index: b/ssh_config.5
 ===================================================================
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -509,11 +509,38 @@
+@@ -508,11 +508,43 @@
  The default is
  .Dq no .
  Note that this option applies to protocol version 2 only.
@@ -2557,6 +2600,11 @@ Index: b/ssh_config.5
 +If set, specifies the GSSAPI client identity that ssh should use when 
 +connecting to the server. The default is unset, which means that the default 
 +identity will be used.
++.It Cm GSSAPIServerIdentity
++If set, specifies the GSSAPI server identity that ssh should expect when 
++connecting to the server. The default is unset, which means that the
++expected GSSAPI server identity will be determined from the target
++hostname.
  .It Cm GSSAPIDelegateCredentials
  Forward (delegate) credentials to the server.
  The default is
@@ -2587,7 +2635,7 @@ Index: b/sshconnect2.c
 ===================================================================
 --- a/sshconnect2.c
 +++ b/sshconnect2.c
-@@ -106,9 +106,34 @@
+@@ -159,9 +159,34 @@
  {
         Kex *kex;
  
@@ -2622,9 +2670,9 @@ Index: b/sshconnect2.c
         if (options.ciphers == (char *)-1) {
                 logit("No valid ciphers for protocol version 2 given, using defaults.");
                 options.ciphers = NULL;
-@@ -136,6 +161,17 @@
-                myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
-                    options.hostkeyalgorithms;
+@@ -196,6 +221,17 @@
+        if (options.kex_algorithms != NULL)
+                myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms;
  
 +#ifdef GSSAPI
 +       /* If we've got GSSAPI algorithms, then we also support the
@@ -2640,10 +2688,10 @@ Index: b/sshconnect2.c
         if (options.rekey_limit)
                 packet_set_rekey_limit((u_int32_t)options.rekey_limit);
  
-@@ -145,10 +181,26 @@
-        kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
+@@ -206,10 +242,30 @@
         kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
         kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
+        kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
 +#ifdef GSSAPI
 +       if (options.gss_keyex) {
 +               kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_client;
@@ -2660,14 +2708,18 @@ Index: b/sshconnect2.c
 +               kex->gss_deleg_creds = options.gss_deleg_creds;
 +               kex->gss_trust_dns = options.gss_trust_dns;
 +               kex->gss_client = options.gss_client_identity;
-+               kex->gss_host = gss_host;
++               if (options.gss_server_identity) {
++                       kex->gss_host = options.gss_server_identity;
++               } else {
++                       kex->gss_host = gss_host;
++        }
 +       }
 +#endif
 +
         xxx_kex = kex;
  
         dispatch_run(DISPATCH_BLOCK, &kex->done, kex);
-@@ -243,6 +295,7 @@
+@@ -304,6 +360,7 @@
  void   input_gssapi_hash(int type, u_int32_t, void *);
  void   input_gssapi_error(int, u_int32_t, void *);
  void   input_gssapi_errtok(int, u_int32_t, void *);
@@ -2675,7 +2727,7 @@ Index: b/sshconnect2.c
  #endif
  
  void   userauth(Authctxt *, char *);
-@@ -258,6 +311,11 @@
+@@ -319,6 +376,11 @@
  
  Authmethod authmethods[] = {
  #ifdef GSSAPI
@@ -2687,13 +2739,15 @@ Index: b/sshconnect2.c
         {"gssapi-with-mic",
                 userauth_gssapi,
                 NULL,
-@@ -564,19 +622,29 @@
+@@ -625,19 +687,31 @@
         static u_int mech = 0;
         OM_uint32 min;
         int ok = 0;
 +       const char *gss_host;
 +
-+       if (options.gss_trust_dns)
++       if (options.gss_server_identity)
++               gss_host = options.gss_server_identity;
++       else if (options.gss_trust_dns)
 +               gss_host = get_canonical_hostname(1);
 +       else
 +               gss_host = authctxt->host;
@@ -2719,7 +2773,7 @@ Index: b/sshconnect2.c
                         ok = 1; /* Mechanism works */
                 } else {
                         mech++;
-@@ -673,8 +741,8 @@
+@@ -734,8 +808,8 @@
  {
         Authctxt *authctxt = ctxt;
         Gssctxt *gssctxt;
@@ -2730,7 +2784,7 @@ Index: b/sshconnect2.c
  
         if (authctxt == NULL)
                 fatal("input_gssapi_response: no authentication context");
-@@ -784,6 +852,48 @@
+@@ -845,6 +919,48 @@
         xfree(msg);
         xfree(lang);
  }
@@ -2794,7 +2848,7 @@ Index: b/sshd.c
  #ifdef LIBWRAP
  #include <tcpd.h>
  #include <syslog.h>
-@@ -1586,10 +1590,13 @@
+@@ -1590,10 +1594,13 @@
                 logit("Disabling protocol version 1. Could not load host key");
                 options.protocol &= ~SSH_PROTO_1;
         }
@@ -2808,7 +2862,7 @@ Index: b/sshd.c
         if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) {
                 logit("sshd: no hostkeys available -- exiting.");
                 exit(1);
-@@ -1918,6 +1925,60 @@
+@@ -1922,6 +1929,60 @@
         /* Log the connection. */
         verbose("Connection from %.500s port %d", remote_ip, remote_port);
  
@@ -2869,7 +2923,7 @@ Index: b/sshd.c
         /*
          * We don't want to listen forever unless the other side
          * successfully authenticates itself.  So we set up an alarm which is
-@@ -2296,12 +2357,61 @@
+@@ -2303,6 +2364,48 @@
  
         myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types();
  
@@ -2918,9 +2972,10 @@ Index: b/sshd.c
         /* start key exchange */
         kex = kex_setup(myproposal);
         kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
-        kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
+@@ -2310,6 +2413,13 @@
         kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
         kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
+        kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
 +#ifdef GSSAPI
 +       if (options.gss_keyex) {
 +               kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server;
@@ -2935,7 +2990,7 @@ Index: b/sshd_config
 ===================================================================
 --- a/sshd_config
 +++ b/sshd_config
-@@ -71,6 +71,8 @@
+@@ -72,6 +72,8 @@
  # GSSAPI options
  #GSSAPIAuthentication no
  #GSSAPICleanupCredentials yes
@@ -2948,7 +3003,7 @@ Index: b/sshd_config.5
 ===================================================================
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -424,12 +424,40 @@
+@@ -423,12 +423,40 @@
  The default is
  .Dq no .
  Note that this option applies to protocol version 2 only.
diff --git a/debian/patches/keepalive-extensions.patch b/debian/patches/keepalive-extensions.patch
index 9e1705719..89011cfb7 100644
--- a/debian/patches/keepalive-extensions.patch
+++ b/debian/patches/keepalive-extensions.patch
@@ -18,24 +18,24 @@ Index: b/readconf.c
 ===================================================================
 --- a/readconf.c
 +++ b/readconf.c
-@@ -134,6 +134,7 @@
-        oHashKnownHosts,
+@@ -138,6 +138,7 @@
         oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
         oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
+        oKexAlgorithms, oIPQoS,
 +       oProtocolKeepAlives, oSetupTimeOut,
         oDeprecated, oUnsupported
  } OpCodes;
  
-@@ -251,6 +252,8 @@
- #else
-        { "zeroknowledgepasswordauthentication", oUnsupported },
+@@ -258,6 +259,8 @@
  #endif
+        { "kexalgorithms", oKexAlgorithms },
+        { "ipqos", oIPQoS },
 +       { "protocolkeepalives", oProtocolKeepAlives },
 +       { "setuptimeout", oSetupTimeOut },
  
         { NULL, oBadOption }
  };
-@@ -865,6 +868,8 @@
+@@ -888,6 +891,8 @@
                 goto parse_flag;
  
         case oServerAliveInterval:
@@ -44,7 +44,7 @@ Index: b/readconf.c
                 intptr = &options->server_alive_interval;
                 goto parse_time;
  
-@@ -1284,8 +1289,13 @@
+@@ -1336,8 +1341,13 @@
                 options->rekey_limit = 0;
         if (options->verify_host_key_dns == -1)
                 options->verify_host_key_dns = 0;
@@ -64,7 +64,7 @@ Index: b/ssh_config.5
 ===================================================================
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -128,8 +128,12 @@
+@@ -127,8 +127,12 @@
  If set to
  .Dq yes ,
  passphrase/password querying will be disabled.
@@ -78,7 +78,7 @@ Index: b/ssh_config.5
  The argument must be
  .Dq yes
  or
-@@ -994,8 +998,15 @@
+@@ -1058,8 +1062,15 @@
  will send a message through the encrypted
  channel to request a response from the server.
  The default
@@ -95,7 +95,7 @@ Index: b/ssh_config.5
  .It Cm StrictHostKeyChecking
  If this flag is set to
  .Dq yes ,
-@@ -1034,6 +1045,12 @@
+@@ -1098,6 +1109,12 @@
  other side.
  If they are sent, death of the connection or crash of one
  of the machines will be properly noticed.
@@ -112,7 +112,7 @@ Index: b/sshd_config.5
 ===================================================================
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -985,6 +985,9 @@
+@@ -1034,6 +1034,9 @@
  .Pp
  To disable TCP keepalive messages, the value should be set to
  .Dq no .
diff --git a/debian/patches/lintian-symlink-pickiness.patch b/debian/patches/lintian-symlink-pickiness.patch
index 955d38b50..f5ac00814 100644
--- a/debian/patches/lintian-symlink-pickiness.patch
+++ b/debian/patches/lintian-symlink-pickiness.patch
@@ -9,7 +9,7 @@ Index: b/Makefile.in
 ===================================================================
 --- a/Makefile.in
 +++ b/Makefile.in
-@@ -294,9 +294,9 @@
+@@ -297,9 +297,9 @@
         $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8
         $(INSTALL) -m 644 ssh-vulnkey.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-vulnkey.1
         -rm -f $(DESTDIR)$(bindir)/slogin
diff --git a/debian/patches/openbsd-docs.patch b/debian/patches/openbsd-docs.patch
index de63e46f8..fc07e8861 100644
--- a/debian/patches/openbsd-docs.patch
+++ b/debian/patches/openbsd-docs.patch
@@ -34,7 +34,7 @@ Index: b/ssh-keygen.1
 ===================================================================
 --- a/ssh-keygen.1
 +++ b/ssh-keygen.1
-@@ -148,9 +148,7 @@
+@@ -147,9 +147,7 @@
  .Pa ~/.ssh/id_dsa
  or
  .Pa ~/.ssh/id_rsa .
@@ -45,7 +45,7 @@ Index: b/ssh-keygen.1
  .Pp
  Normally this program generates the key and asks for a file in which
  to store the private key.
-@@ -394,9 +392,7 @@
+@@ -393,9 +391,7 @@
  .It Fl q
  Silence
  .Nm ssh-keygen .
@@ -60,7 +60,7 @@ Index: b/ssh.1
 ===================================================================
 --- a/ssh.1
 +++ b/ssh.1
-@@ -728,6 +728,10 @@
+@@ -726,6 +726,10 @@
  .Sx HISTORY
  section of
  .Xr ssl 8
@@ -68,14 +68,14 @@ Index: b/ssh.1
 +.nh
 +http://www.openbsd.org/cgi\-bin/man.cgi?query=ssl&sektion=8#HISTORY)
 +.hy
- contains a brief discussion of the two algorithms.
+ contains a brief discussion of the DSA and RSA algorithms.
  .Pp
  The file
 Index: b/sshd.8
 ===================================================================
 --- a/sshd.8
 +++ b/sshd.8
-@@ -70,7 +70,7 @@
+@@ -69,7 +69,7 @@
  .Nm
  listens for connections from clients.
  It is normally started at boot from
@@ -84,16 +84,16 @@ Index: b/sshd.8
  It forks a new
  daemon for each incoming connection.
  The forked daemons handle
-@@ -845,7 +845,7 @@
+@@ -850,7 +850,7 @@
  .Xr ssh 1 ) .
  It should only be writable by root.
  .Pp
--.It /etc/moduli
-+.It /etc/ssh/moduli
+-.It Pa /etc/moduli
++.It Pa /etc/ssh/moduli
  Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange".
  The file format is described in
  .Xr moduli 5 .
-@@ -941,7 +941,6 @@
+@@ -948,7 +948,6 @@
  .Xr ssh-vulnkey 1 ,
  .Xr chroot 2 ,
  .Xr hosts_access 5 ,
@@ -105,7 +105,7 @@ Index: b/sshd_config.5
 ===================================================================
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -222,8 +222,7 @@
+@@ -221,8 +221,7 @@
  By default, no banner is displayed.
  .It Cm ChallengeResponseAuthentication
  Specifies whether challenge-response authentication is allowed (e.g. via
diff --git a/debian/patches/package-versioning.patch b/debian/patches/package-versioning.patch
index 67e014002..ffd416d98 100644
--- a/debian/patches/package-versioning.patch
+++ b/debian/patches/package-versioning.patch
@@ -11,7 +11,7 @@ Index: b/sshconnect.c
 ===================================================================
 --- a/sshconnect.c
 +++ b/sshconnect.c
-@@ -542,7 +542,7 @@
+@@ -556,7 +556,7 @@
         snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s%s",
             compat20 ? PROTOCOL_MAJOR_2 : PROTOCOL_MAJOR_1,
             compat20 ? PROTOCOL_MINOR_2 : minor1,
@@ -38,7 +38,7 @@ Index: b/version.h
 --- a/version.h
 +++ b/version.h
 @@ -3,4 +3,9 @@
- #define SSH_VERSION    "OpenSSH_5.6"
+ #define SSH_VERSION    "OpenSSH_5.7"
  
  #define SSH_PORTABLE   "p1"
 -#define SSH_RELEASE    SSH_VERSION SSH_PORTABLE
diff --git a/debian/patches/scp-quoting.patch b/debian/patches/scp-quoting.patch
index 3f06225ad..239c1b599 100644
--- a/debian/patches/scp-quoting.patch
+++ b/debian/patches/scp-quoting.patch
@@ -11,7 +11,7 @@ Index: b/scp.c
 ===================================================================
 --- a/scp.c
 +++ b/scp.c
-@@ -182,8 +182,16 @@
+@@ -189,8 +189,16 @@
  
         if (verbose_mode) {
                 fprintf(stderr, "Executing:");
diff --git a/debian/patches/selinux-role.patch b/debian/patches/selinux-role.patch
index 8a7e7c687..74cd06201 100644
--- a/debian/patches/selinux-role.patch
+++ b/debian/patches/selinux-role.patch
@@ -33,7 +33,7 @@ Index: b/auth1.c
         /* Get the name of the user that we wish to log in as. */
         packet_read_expect(SSH_CMSG_USER);
 @@ -392,11 +392,17 @@
-        user = packet_get_string(&ulen);
+        user = packet_get_cstring(&ulen);
         packet_check_eom();
  
 +       if ((role = strchr(user, '/')) != NULL)
@@ -173,7 +173,7 @@ Index: b/monitor_wrap.c
 ===================================================================
 --- a/monitor_wrap.c
 +++ b/monitor_wrap.c
-@@ -279,10 +279,10 @@
+@@ -280,10 +280,10 @@
         return (banner);
  }
  
@@ -186,7 +186,7 @@ Index: b/monitor_wrap.c
  {
         Buffer m;
  
-@@ -291,12 +291,30 @@
+@@ -292,11 +292,29 @@
         buffer_init(&m);
         buffer_put_cstring(&m, service);
         buffer_put_cstring(&m, style ? style : "");
@@ -196,7 +196,7 @@ Index: b/monitor_wrap.c
  
         buffer_free(&m);
  }
- 
++
 +/* Inform the privileged process about role */
 +
 +void
@@ -213,10 +213,9 @@ Index: b/monitor_wrap.c
 +
 +       buffer_free(&m);
 +}
-+
+ 
  /* Do the password authentication */
  int
- mm_auth_password(Authctxt *authctxt, char *password)
 Index: b/monitor_wrap.h
 ===================================================================
 --- a/monitor_wrap.h
diff --git a/debian/patches/series b/debian/patches/series
index f3c6a87e0..751a9868c 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,8 +1,6 @@
 # GSSAPI
 gssapi.patch
 gssapi-autoconf.patch
-gssapi-compat.patch
-gssapi-dump.patch
 
 # SELinux
 selinux-role.patch
@@ -41,4 +39,3 @@ doc-hash-tab-completion.patch
 # Debian-specific configuration
 gnome-ssh-askpass2-icon.patch
 debian-config.patch
-ssh-sigchld.patch
diff --git a/debian/patches/shell-path.patch b/debian/patches/shell-path.patch
index ddae43a45..5100d8ec7 100644
--- a/debian/patches/shell-path.patch
+++ b/debian/patches/shell-path.patch
@@ -10,18 +10,18 @@ Index: b/sshconnect.c
 ===================================================================
 --- a/sshconnect.c
 +++ b/sshconnect.c
-@@ -141,7 +141,7 @@
- 
+@@ -144,7 +144,7 @@
                 /* Execute the proxy command.  Note that we gave up any
                    extra privileges above. */
+                signal(SIGPIPE, SIG_DFL);
 -               execv(argv[0], argv);
 +               execvp(argv[0], argv);
                 perror(argv[0]);
                 exit(1);
         }
-@@ -1243,7 +1243,7 @@
-        pid = fork();
+@@ -1274,7 +1274,7 @@
         if (pid == 0) {
+                signal(SIGPIPE, SIG_DFL);
                 debug3("Executing %s -c \"%s\"", shell, args);
 -               execl(shell, shell, "-c", args, (char *)NULL);
 +               execlp(shell, shell, "-c", args, (char *)NULL);
diff --git a/debian/patches/ssh-argv0.patch b/debian/patches/ssh-argv0.patch
index 4a651bfa1..43d9d4d44 100644
--- a/debian/patches/ssh-argv0.patch
+++ b/debian/patches/ssh-argv0.patch
@@ -11,7 +11,7 @@ Index: b/ssh.1
 ===================================================================
 --- a/ssh.1
 +++ b/ssh.1
-@@ -1396,6 +1396,7 @@
+@@ -1406,6 +1406,7 @@
  .Xr sftp 1 ,
  .Xr ssh-add 1 ,
  .Xr ssh-agent 1 ,
diff --git a/debian/patches/ssh-sigchld.patch b/debian/patches/ssh-sigchld.patch
deleted file mode 100644
index 21d286b21..000000000
--- a/debian/patches/ssh-sigchld.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-Description: Install a SIGCHLD handler to reap expired child processes
-Origin: upstream, http://bazaar.launchpad.net/~vcs-imports/openssh/main/revision/6166
-Bug-Debian: http://bugs.debian.org/594687
-Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1812
-Forwarded: not-needed
-Last-Update: 2010-10-26
-
-Index: b/ssh.c
-===================================================================
---- a/ssh.c
-+++ b/ssh.c
-@@ -50,6 +50,7 @@
- #include <sys/ioctl.h>
- #include <sys/param.h>
- #include <sys/socket.h>
-+#include <sys/wait.h>
- 
- #include <ctype.h>
- #include <errno.h>
-@@ -210,6 +211,7 @@
- static int ssh_session(void);
- static int ssh_session2(void);
- static void load_public_identity_files(void);
-+static void main_sigchld_handler(int);
- 
- /* from muxclient.c */
- void muxclient(const char *);
-@@ -849,6 +851,7 @@
-            tilde_expand_filename(options.user_hostfile2, original_real_uid);
- 
-        signal(SIGPIPE, SIG_IGN); /* ignore SIGPIPE early */
-+       signal(SIGCHLD, main_sigchld_handler);
- 
-        /* Log into the remote system.  Never returns if the login fails. */
-        ssh_login(&sensitive_data, host, (struct sockaddr *)&hostaddr,
-@@ -1532,3 +1535,19 @@
-        bzero(pwdir, strlen(pwdir));
-        xfree(pwdir);
- }
-+
-+static void
-+main_sigchld_handler(int sig)
-+{
-+       int save_errno = errno;
-+       pid_t pid;
-+       int status;
-+
-+       while ((pid = waitpid(-1, &status, WNOHANG)) > 0 ||
-+           (pid < 0 && errno == EINTR))
-+               ;
-+
-+       signal(sig, main_sigchld_handler);
-+       errno = save_errno;
-+}
-+
diff --git a/debian/patches/ssh-vulnkey.patch b/debian/patches/ssh-vulnkey.patch
index 81c225a7f..444aef251 100644
--- a/debian/patches/ssh-vulnkey.patch
+++ b/debian/patches/ssh-vulnkey.patch
@@ -32,7 +32,7 @@ Index: b/Makefile.in
  
  CC=@CC@
  LD=@LD@
-@@ -62,7 +64,7 @@
+@@ -63,7 +65,7 @@
  INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@
  INSTALL_SSH_RAND_HELPER=@INSTALL_SSH_RAND_HELPER@
  
@@ -41,8 +41,8 @@ Index: b/Makefile.in
  
  LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o bufbn.o buffer.o \
         canohost.o channels.o cipher.o cipher-acss.o cipher-aes.o \
-@@ -93,8 +95,8 @@
-        audit.o audit-bsm.o platform.o sftp-server.o sftp-common.o \
+@@ -95,8 +97,8 @@
+        sftp-server.o sftp-common.o \
         roaming_common.o roaming_serv.o
  
 -MANPAGES       = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out
@@ -52,7 +52,7 @@ Index: b/Makefile.in
  MANTYPE                = @MANTYPE@
  
  CONFIGFILES=sshd_config.out ssh_config.out moduli.out
-@@ -174,6 +176,9 @@
+@@ -177,6 +179,9 @@
  ssh-rand-helper${EXEEXT}: $(LIBCOMPAT) libssh.a ssh-rand-helper.o
         $(LD) -o $@ ssh-rand-helper.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
  
@@ -62,7 +62,7 @@ Index: b/Makefile.in
  # test driver for the loginrec code - not built by default
  logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
         $(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS)
-@@ -268,6 +273,7 @@
+@@ -271,6 +276,7 @@
         $(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT)
         $(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
         $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
@@ -70,7 +70,7 @@ Index: b/Makefile.in
         $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
         $(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
         $(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
-@@ -285,6 +291,7 @@
+@@ -288,6 +294,7 @@
         $(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
         $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
         $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8
@@ -78,7 +78,7 @@ Index: b/Makefile.in
         -rm -f $(DESTDIR)$(bindir)/slogin
         ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin
         -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
-@@ -366,6 +373,7 @@
+@@ -377,6 +384,7 @@
         -rm -f $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT)
         -rm -f $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT)
         -rm -f $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT)
@@ -86,7 +86,7 @@ Index: b/Makefile.in
         -rm -f $(DESTDIR)$(bindir)/sftp$(EXEEXT)
         -rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
         -rm -r $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
-@@ -379,6 +387,7 @@
+@@ -390,6 +398,7 @@
         -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
         -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
         -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
@@ -111,15 +111,15 @@ Index: b/auth-rsa.c
 ===================================================================
 --- a/auth-rsa.c
 +++ b/auth-rsa.c
-@@ -94,7 +94,7 @@
-        MD5_CTX md;
-        int len;
+@@ -247,7 +247,7 @@
+                            file, linenum, BN_num_bits(key->rsa->n), bits);
  
--       if (auth_key_is_revoked(key))
-+       if (auth_key_is_revoked(key, 0))
-                return 0;
+                /* Never accept a revoked key */
+-               if (auth_key_is_revoked(key))
++               if (auth_key_is_revoked(key, 0))
+                        break;
  
-        /* don't allow short keys */
+                /* We have found the desired key. */
 Index: b/auth.c
 ===================================================================
 --- a/auth.c
@@ -132,7 +132,7 @@ Index: b/auth.c
  #include "auth.h"
  #include "auth-options.h"
  #include "canohost.h"
-@@ -615,10 +616,34 @@
+@@ -621,10 +622,34 @@
  
  /* Returns 1 if key is revoked by revoked_keys_file, 0 otherwise */
  int
@@ -223,7 +223,7 @@ Index: b/authfile.c
  
  /* Version identification string for SSH v1 identity files. */
  static const char authfile_id_string[] =
-@@ -814,3 +815,140 @@
+@@ -906,3 +907,140 @@
         return ret;
  }
  
@@ -390,7 +390,7 @@ Index: b/pathnames.h
  #ifndef _PATH_SSH_PIDDIR
  #define _PATH_SSH_PIDDIR               "/var/run"
  #endif
-@@ -43,6 +47,9 @@
+@@ -44,6 +48,9 @@
  /* Backwards compatibility */
  #define _PATH_DH_PRIMES                        SSHDIR "/primes"
  
@@ -404,7 +404,7 @@ Index: b/readconf.c
 ===================================================================
 --- a/readconf.c
 +++ b/readconf.c
-@@ -123,6 +123,7 @@
+@@ -125,6 +125,7 @@
         oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
         oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
         oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
@@ -412,7 +412,7 @@ Index: b/readconf.c
         oHostKeyAlgorithms, oBindAddress, oPKCS11Provider,
         oClearAllForwardings, oNoHostAuthenticationForLocalhost,
         oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
-@@ -154,6 +155,7 @@
+@@ -158,6 +159,7 @@
         { "passwordauthentication", oPasswordAuthentication },
         { "kbdinteractiveauthentication", oKbdInteractiveAuthentication },
         { "kbdinteractivedevices", oKbdInteractiveDevices },
@@ -420,7 +420,7 @@ Index: b/readconf.c
         { "rsaauthentication", oRSAAuthentication },
         { "pubkeyauthentication", oPubkeyAuthentication },
         { "dsaauthentication", oPubkeyAuthentication },             /* alias */
-@@ -479,6 +481,10 @@
+@@ -486,6 +488,10 @@
                 intptr = &options->challenge_response_authentication;
                 goto parse_flag;
  
@@ -431,7 +431,7 @@ Index: b/readconf.c
         case oGssAuthentication:
                 intptr = &options->gss_authentication;
                 goto parse_flag;
-@@ -1093,6 +1099,7 @@
+@@ -1134,6 +1140,7 @@
         options->kbd_interactive_devices = NULL;
         options->rhosts_rsa_authentication = -1;
         options->hostbased_authentication = -1;
@@ -439,7 +439,7 @@ Index: b/readconf.c
         options->batch_mode = -1;
         options->check_host_ip = -1;
         options->strict_host_key_checking = -1;
-@@ -1201,6 +1208,8 @@
+@@ -1245,6 +1252,8 @@
                 options->rhosts_rsa_authentication = 0;
         if (options->hostbased_authentication == -1)
                 options->hostbased_authentication = 0;
@@ -452,7 +452,7 @@ Index: b/readconf.h
 ===================================================================
 --- a/readconf.h
 +++ b/readconf.h
-@@ -56,6 +56,7 @@
+@@ -57,6 +57,7 @@
         int     kbd_interactive_authentication; /* Try keyboard-interactive auth. */
         char    *kbd_interactive_devices; /* Keyboard-interactive auth devices. */
         int     zero_knowledge_password_authentication; /* Try jpake */
@@ -464,7 +464,7 @@ Index: b/servconf.c
 ===================================================================
 --- a/servconf.c
 +++ b/servconf.c
-@@ -100,6 +100,7 @@
+@@ -104,6 +104,7 @@
         options->password_authentication = -1;
         options->kbd_interactive_authentication = -1;
         options->challenge_response_authentication = -1;
@@ -472,7 +472,7 @@ Index: b/servconf.c
         options->permit_empty_passwd = -1;
         options->permit_user_env = -1;
         options->use_login = -1;
-@@ -232,6 +233,8 @@
+@@ -243,6 +244,8 @@
                 options->kbd_interactive_authentication = 0;
         if (options->challenge_response_authentication == -1)
                 options->challenge_response_authentication = 1;
@@ -481,7 +481,7 @@ Index: b/servconf.c
         if (options->permit_empty_passwd == -1)
                 options->permit_empty_passwd = 0;
         if (options->permit_user_env == -1)
-@@ -307,7 +310,7 @@
+@@ -322,7 +325,7 @@
         sListenAddress, sAddressFamily,
         sPrintMotd, sPrintLastLog, sIgnoreRhosts,
         sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
@@ -490,7 +490,7 @@ Index: b/servconf.c
         sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,
         sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
         sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
-@@ -416,6 +419,7 @@
+@@ -432,6 +435,7 @@
         { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
         { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
         { "strictmodes", sStrictModes, SSHCFG_GLOBAL },
@@ -498,7 +498,7 @@ Index: b/servconf.c
         { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },
         { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
         { "uselogin", sUseLogin, SSHCFG_GLOBAL },
-@@ -1011,6 +1015,10 @@
+@@ -1029,6 +1033,10 @@
                 intptr = &options->tcp_keep_alive;
                 goto parse_flag;
  
@@ -509,7 +509,7 @@ Index: b/servconf.c
         case sEmptyPasswd:
                 intptr = &options->permit_empty_passwd;
                 goto parse_flag;
-@@ -1708,6 +1716,7 @@
+@@ -1757,6 +1765,7 @@
         dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost);
         dump_cfg_fmtint(sStrictModes, o->strict_modes);
         dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive);
@@ -521,7 +521,7 @@ Index: b/servconf.h
 ===================================================================
 --- a/servconf.h
 +++ b/servconf.h
-@@ -104,6 +104,7 @@
+@@ -107,6 +107,7 @@
         int     challenge_response_authentication;
         int     zero_knowledge_password_authentication;
                                         /* If true, permit jpake auth */
@@ -533,7 +533,7 @@ Index: b/ssh-add.1
 ===================================================================
 --- a/ssh-add.1
 +++ b/ssh-add.1
-@@ -82,6 +82,10 @@
+@@ -81,6 +81,10 @@
  .Nm
  to work.
  .Pp
@@ -544,7 +544,7 @@ Index: b/ssh-add.1
  The options are as follows:
  .Bl -tag -width Ds
  .It Fl c
-@@ -182,6 +186,7 @@
+@@ -183,6 +187,7 @@
  .Xr ssh 1 ,
  .Xr ssh-agent 1 ,
  .Xr ssh-keygen 1 ,
@@ -556,7 +556,7 @@ Index: b/ssh-add.c
 ===================================================================
 --- a/ssh-add.c
 +++ b/ssh-add.c
-@@ -139,7 +139,7 @@
+@@ -142,7 +142,7 @@
  add_file(AuthenticationConnection *ac, const char *filename)
  {
         Key *private, *cert;
@@ -565,7 +565,7 @@ Index: b/ssh-add.c
         char msg[1024], *certpath;
         int fd, perms_ok, ret = -1;
  
-@@ -184,6 +184,14 @@
+@@ -187,6 +187,14 @@
                             "Bad passphrase, try again for %.200s: ", comment);
                 }
         }
@@ -584,7 +584,7 @@ Index: b/ssh-keygen.1
 ===================================================================
 --- a/ssh-keygen.1
 +++ b/ssh-keygen.1
-@@ -669,6 +669,7 @@
+@@ -659,6 +659,7 @@
  .Xr ssh 1 ,
  .Xr ssh-add 1 ,
  .Xr ssh-agent 1 ,
@@ -1236,7 +1236,7 @@ Index: b/ssh.1
 ===================================================================
 --- a/ssh.1
 +++ b/ssh.1
-@@ -1392,6 +1392,7 @@
+@@ -1402,6 +1402,7 @@
  .Xr ssh-agent 1 ,
  .Xr ssh-keygen 1 ,
  .Xr ssh-keyscan 1 ,
@@ -1248,7 +1248,7 @@ Index: b/ssh.c
 ===================================================================
 --- a/ssh.c
 +++ b/ssh.c
-@@ -1422,7 +1422,7 @@
+@@ -1448,7 +1448,7 @@
  static void
  load_public_identity_files(void)
  {
@@ -1257,7 +1257,7 @@ Index: b/ssh.c
         char *pwdir = NULL, *pwname = NULL;
         int i = 0;
         Key *public;
-@@ -1479,6 +1479,22 @@
+@@ -1505,6 +1505,22 @@
                 public = key_load_public(filename, NULL);
                 debug("identity file %s type %d", filename,
                     public ? public->type : -1);
@@ -1284,7 +1284,7 @@ Index: b/ssh_config.5
 ===================================================================
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -1082,6 +1082,23 @@
+@@ -1146,6 +1146,23 @@
  .Dq any .
  The default is
  .Dq any:any .
@@ -1312,7 +1312,7 @@ Index: b/sshconnect2.c
 ===================================================================
 --- a/sshconnect2.c
 +++ b/sshconnect2.c
-@@ -1421,6 +1421,8 @@
+@@ -1488,6 +1488,8 @@
  
         /* list of keys stored in the filesystem */
         for (i = 0; i < options.num_identity_files; i++) {
@@ -1321,7 +1321,7 @@ Index: b/sshconnect2.c
                 key = options.identity_keys[i];
                 if (key && key->type == KEY_RSA1)
                         continue;
-@@ -1514,7 +1516,7 @@
+@@ -1581,7 +1583,7 @@
                         debug("Offering %s public key: %s", key_type(id->key),
                             id->filename);
                         sent = send_pubkey_test(authctxt, id);
@@ -1334,7 +1334,7 @@ Index: b/sshd.8
 ===================================================================
 --- a/sshd.8
 +++ b/sshd.8
-@@ -938,6 +938,7 @@
+@@ -945,6 +945,7 @@
  .Xr ssh-agent 1 ,
  .Xr ssh-keygen 1 ,
  .Xr ssh-keyscan 1 ,
@@ -1346,7 +1346,7 @@ Index: b/sshd.c
 ===================================================================
 --- a/sshd.c
 +++ b/sshd.c
-@@ -1573,6 +1573,11 @@
+@@ -1576,6 +1576,11 @@
                         sensitive_data.host_keys[i] = NULL;
                         continue;
                 }
@@ -1362,7 +1362,7 @@ Index: b/sshd_config.5
 ===================================================================
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -743,6 +743,20 @@
+@@ -792,6 +792,20 @@
  Specifies whether password authentication is allowed.
  The default is
  .Dq yes .
diff --git a/debian/patches/ssh1-keepalive.patch b/debian/patches/ssh1-keepalive.patch
index dac1ca1cc..5f1caddc9 100644
--- a/debian/patches/ssh1-keepalive.patch
+++ b/debian/patches/ssh1-keepalive.patch
@@ -12,11 +12,11 @@ Index: b/clientloop.c
  server_alive_check(void)
  {
 -       if (packet_inc_alive_timeouts() > options.server_alive_count_max) {
--               logit("Timeout, server not responding.");
+-               logit("Timeout, server %s not responding.", host);
 -               cleanup_exit(255);
 +       if (compat20) {
 +               if (packet_inc_alive_timeouts() > options.server_alive_count_max) {
-+                       logit("Timeout, server not responding.");
++                       logit("Timeout, server %s not responding.", host);
 +                       cleanup_exit(255);
 +               }
 +               packet_start(SSH2_MSG_GLOBAL_REQUEST);
@@ -51,7 +51,7 @@ Index: b/ssh_config.5
 ===================================================================
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -983,7 +983,10 @@
+@@ -1047,7 +1047,10 @@
  .Cm ServerAliveCountMax
  is left at the default, if the server becomes unresponsive,
  ssh will disconnect after approximately 45 seconds.
diff --git a/debian/patches/syslog-level-silent.patch b/debian/patches/syslog-level-silent.patch
index 3cb9fdc65..9b560217f 100644
--- a/debian/patches/syslog-level-silent.patch
+++ b/debian/patches/syslog-level-silent.patch
@@ -26,7 +26,7 @@ Index: b/ssh.c
 ===================================================================
 --- a/ssh.c
 +++ b/ssh.c
-@@ -642,7 +642,7 @@
+@@ -641,7 +641,7 @@
                 tty_flag = 0;
         /* Do not allocate a tty if stdin is not a tty. */
         if ((!isatty(fileno(stdin)) || stdin_null_flag) && !force_tty_flag) {
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch
index 69700e592..fe2d99be0 100644
--- a/debian/patches/user-group-modes.patch
+++ b/debian/patches/user-group-modes.patch
@@ -15,7 +15,7 @@ Index: b/readconf.c
 ===================================================================
 --- a/readconf.c
 +++ b/readconf.c
-@@ -28,6 +28,8 @@
+@@ -30,6 +30,8 @@
  #include <stdio.h>
  #include <string.h>
  #include <unistd.h>
@@ -24,7 +24,7 @@ Index: b/readconf.c
  
  #include "xmalloc.h"
  #include "ssh.h"
-@@ -1045,8 +1047,7 @@
+@@ -1085,8 +1087,7 @@
  
                 if (fstat(fileno(f), &sb) == -1)
                         fatal("fstat %s: %s", filename, strerror(errno));
@@ -38,20 +38,20 @@ Index: b/ssh.1
 ===================================================================
 --- a/ssh.1
 +++ b/ssh.1
-@@ -1290,6 +1290,8 @@
+@@ -1293,6 +1293,8 @@
  .Xr ssh_config 5 .
  Because of the potential for abuse, this file must have strict permissions:
  read/write for the user, and not accessible by others.
 +It may be group-writable provided that the group in question contains only
 +the user.
  .Pp
- .It ~/.ssh/environment
+ .It Pa ~/.ssh/environment
  Contains additional definitions for environment variables; see
 Index: b/ssh_config.5
 ===================================================================
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -1235,6 +1235,8 @@
+@@ -1299,6 +1299,8 @@
  This file is used by the SSH client.
  Because of the potential for abuse, this file must have strict permissions:
  read/write for the user, and not accessible by others.
@@ -64,7 +64,7 @@ Index: b/auth.c
 ===================================================================
 --- a/auth.c
 +++ b/auth.c
-@@ -393,8 +393,7 @@
+@@ -392,8 +392,7 @@
                 user_hostfile = tilde_expand_filename(userfile, pw->pw_uid);
                 if (options.strict_modes &&
                     (stat(user_hostfile, &st) == 0) &&
@@ -74,7 +74,7 @@ Index: b/auth.c
                         logit("Authentication refused for %.100s: "
                             "bad owner or modes for %.200s",
                             pw->pw_name, user_hostfile);
-@@ -448,8 +447,7 @@
+@@ -454,8 +453,7 @@
  
         /* check the open file to avoid races */
         if (fstat(fileno(f), &st) < 0 ||
@@ -84,7 +84,7 @@ Index: b/auth.c
                 snprintf(err, errlen, "bad ownership or modes for file %s",
                     buf);
                 return -1;
-@@ -465,8 +463,7 @@
+@@ -471,8 +469,7 @@
  
                 debug3("secure_filename: checking '%s'", buf);
                 if (stat(buf, &st) < 0 ||
@@ -98,7 +98,7 @@ Index: b/misc.c
 ===================================================================
 --- a/misc.c
 +++ b/misc.c
-@@ -45,8 +45,9 @@
+@@ -48,8 +48,9 @@
  #include <netdb.h>
  #ifdef HAVE_PATHS_H
  # include <paths.h>
@@ -109,7 +109,7 @@ Index: b/misc.c
  #ifdef SSH_TUN_OPENBSD
  #include <net/if.h>
  #endif
-@@ -639,6 +640,55 @@
+@@ -642,6 +643,55 @@
  }
  
  int
@@ -169,7 +169,7 @@ Index: b/misc.h
 ===================================================================
 --- a/misc.h
 +++ b/misc.h
-@@ -92,4 +92,6 @@
+@@ -102,4 +102,6 @@
  int     ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
  int     read_keyfile_line(FILE *, const char *, char *, size_t, u_long *);