New upstream release (7.3p1).

24 files changed, 1141 insertions, 218 deletions

diff --git a/regress/.cvsignore b/regress/.cvsignore
deleted file mode 100644
index 3fd25b02e..000000000
--- a/regress/.cvsignore
+++ /dev/null
@@ -1,31 +0,0 @@
-*-agent
-*.copy
-*.log
-*.prv
-*.pub
-actual
-authorized_keys_*
-batch
-copy.dd*
-data
-expect
-host.rsa*
-key.*
-known_hosts
-krl-*
-modpipe
-remote_pid
-revoked-*
-revoked-ca
-revoked-keyid
-revoked-serials
-rsa
-rsa1
-sftp-server.sh
-ssh-log-wrapper.sh
-ssh_config
-ssh_proxy*
-sshd_config
-sshd_proxy*
-t*.out
-t*.out[0-9]
diff --git a/regress/Makefile b/regress/Makefile
index 451909c1a..08fd82dbf 100644
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -1,4 +1,4 @@
-#       $OpenBSD: Makefile,v 1.82 2015/09/24 06:16:53 djm Exp $
+#       $OpenBSD: Makefile,v 1.88 2016/06/03 04:10:41 dtucker Exp $
 
 REGRESS_TARGETS=        unit t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t-exec
 tests:          prep $(REGRESS_TARGETS)
@@ -54,6 +54,7 @@ LTESTS= 	connect \
                 multiplex \
                 reexec \
                 brokenkeys \
+                sshcfgparse \
                 cfgparse \
                 cfgmatch \
                 addrmatch \
@@ -75,7 +76,8 @@ LTESTS= 	connect \
                 keygen-knownhosts \
                 hostkey-rotate \
                 principals-command \
-                cert-file
+                cert-file \
+                cfginclude
 
 
 #               dhgex \
@@ -86,27 +88,28 @@ INTEROP_TESTS=	putty-transfer putty-ciphers putty-kex conch-ciphers
 #LTESTS=        cipher-speed
 
 USER!=          id -un
-CLEANFILES=     t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \
-                t8.out t8.out.pub t9.out t9.out.pub t10.out t10.out.pub \
-                t12.out t12.out.pub \
-                authorized_keys_${USER} known_hosts pidfile testdata \
-                ssh_config sshd_config.orig ssh_proxy sshd_config sshd_proxy \
-                rsa.pub rsa rsa1.pub rsa1 host.rsa host.rsa1 \
-                rsa-agent rsa-agent.pub rsa1-agent rsa1-agent.pub \
-                ls.copy banner.in banner.out empty.in \
-                scp-ssh-wrapper.scp ssh_proxy_envpass remote_pid \
-                sshd_proxy_bak rsa_ssh2_cr.prv rsa_ssh2_crnl.prv \
-                known_hosts-cert host_ca_key* cert_host_key* cert_user_key* \
-                putty.rsa2 sshd_proxy_orig ssh_proxy_bak \
-                key.rsa-* key.dsa-* key.ecdsa-* \
-                authorized_principals_${USER} expect actual ready \
-                sshd_proxy.* authorized_keys_${USER}.* modpipe revoked-* krl-* \
-                ssh.log failed-ssh.log sshd.log failed-sshd.log \
-                regress.log failed-regress.log ssh-log-wrapper.sh \
-                sftp-server.sh sftp-server.log sftp.log setuid-allowed \
-                data ed25519-agent ed25519-agent.pub key.ed25519-512 \
-                key.ed25519-512.pub netcat host_krl_* host_revoked_* \
-                kh.* user_*key* agent-key.* known_hosts.* hkr.*
+CLEANFILES=     *.core actual agent-key.* authorized_keys_${USER} \
+                authorized_keys_${USER}.* authorized_principals_${USER} \
+                banner.in banner.out cert_host_key* cert_user_key* \
+                copy.1 copy.2 data ed25519-agent ed25519-agent* \
+                ed25519-agent.pub empty.in expect failed-regress.log \
+                failed-ssh.log failed-sshd.log hkr.* host.rsa host.rsa1 \
+                host_* host_ca_key* host_krl_* host_revoked_* key.* \
+                key.dsa-* key.ecdsa-* key.ed25519-512 key.ed25519-512.pub \
+                key.rsa-* keys-command-args kh.* known_hosts \
+                known_hosts-cert known_hosts.* krl-* ls.copy modpipe \
+                netcat pidfile putty.rsa2 ready regress.log remote_pid \
+                revoked-* rsa rsa-agent rsa-agent.pub rsa.pub rsa1 \
+                rsa1-agent rsa1-agent.pub rsa1.pub rsa_ssh2_cr.prv \
+                rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \
+                scp-ssh-wrapper.scp setuid-allowed sftp-server.log \
+                sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \
+                ssh_config ssh_config.* ssh_proxy ssh_proxy_bak \
+                ssh_proxy_envpass sshd.log sshd_config sshd_config.orig \
+                sshd_proxy sshd_proxy.* sshd_proxy_bak sshd_proxy_orig \
+                t10.out t10.out.pub t12.out t12.out.pub t2.out t3.out \
+                t6.out1 t6.out2 t7.out t7.out.pub t8.out t8.out.pub \
+                t9.out t9.out.pub testdata user_*key* user_ca* user_key*
 
 SUDO_CLEAN+=    /var/run/testdata_${USER} /var/run/keycommand_${USER}
 
diff --git a/regress/agent-getpeereid.sh b/regress/agent-getpeereid.sh
index d5ae2d6e2..24b71f458 100644
--- a/regress/agent-getpeereid.sh
+++ b/regress/agent-getpeereid.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: agent-getpeereid.sh,v 1.5 2013/05/17 10:33:09 dtucker Exp $
+#       $OpenBSD: agent-getpeereid.sh,v 1.6 2016/05/03 14:41:04 djm Exp $
 #       Placed in the Public Domain.
 
 tid="disallow agent attach from other uid"
@@ -13,10 +13,16 @@ else
         echo "skipped (not supported on this platform)"
         exit 0
 fi
-if [ -z "$SUDO" ]; then
-        echo "skipped: need SUDO to switch to uid $UNPRIV"
-        exit 0
-fi
+case "x$SUDO" in
+        xsudo) sudo=1;;
+        xdoas) ;;
+        x)
+                echo "need SUDO to switch to uid $UNPRIV"
+                exit 0 ;;
+        *)
+                echo "unsupported $SUDO - "doas" and "sudo" are allowed"
+                exit 0 ;;
+esac
 
 trace "start agent"
 eval `${SSHAGENT} -s -a ${ASOCK}` > /dev/null
@@ -31,8 +37,13 @@ else
         if [ $r -ne 1 ]; then
                 fail "ssh-add failed with $r != 1"
         fi
-
-        < /dev/null ${SUDO} -S -u ${UNPRIV} ssh-add -l 2>/dev/null
+        if test -z "$sudo" ; then
+                # doas
+                ${SUDO} -n -u ${UNPRIV} ssh-add -l 2>/dev/null
+        else
+                # sudo
+                < /dev/null ${SUDO} -S -u ${UNPRIV} ssh-add -l 2>/dev/null
+        fi
         r=$?
         if [ $r -lt 2 ]; then
                 fail "ssh-add did not fail for ${UNPRIV}: $r < 2"
diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh
index 3f53922c8..62261cf8b 100644
--- a/regress/cert-hostkey.sh
+++ b/regress/cert-hostkey.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: cert-hostkey.sh,v 1.13 2015/07/10 06:23:25 markus Exp $
+#       $OpenBSD: cert-hostkey.sh,v 1.14 2016/05/02 09:52:00 djm Exp $
 #       Placed in the Public Domain.
 
 tid="certified host keys"
@@ -30,34 +30,51 @@ cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
 
 HOSTS='localhost-with-alias,127.0.0.1,::1'
 
-# Create a CA key and add it to known hosts. Ed25519 chosed for speed.
+kh_ca() {
+        for k in "$@" ; do
+                printf "@cert-authority $HOSTS "
+                cat $OBJ/$k || fatal "couldn't cat $k"
+        done
+}
+kh_revoke() {
+        for k in "$@" ; do
+                printf "@revoked * "
+                cat $OBJ/$k || fatal "couldn't cat $k"
+        done
+}
+
+# Create a CA key and add it to known hosts. Ed25519 chosen for speed.
+# RSA for testing RSA/SHA2 signatures.
 ${SSHKEYGEN} -q -N '' -t ed25519  -f $OBJ/host_ca_key ||\
         fail "ssh-keygen of host_ca_key failed"
-(
-        printf '@cert-authority '
-        printf "$HOSTS "
-        cat $OBJ/host_ca_key.pub
-) > $OBJ/known_hosts-cert.orig
+${SSHKEYGEN} -q -N '' -t rsa  -f $OBJ/host_ca_key2 ||\
+        fail "ssh-keygen of host_ca_key failed"
+
+kh_ca host_ca_key.pub host_ca_key2.pub > $OBJ/known_hosts-cert.orig
 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
 
 # Plain text revocation files
 touch $OBJ/host_revoked_empty
 touch $OBJ/host_revoked_plain
 touch $OBJ/host_revoked_cert
-cp $OBJ/host_ca_key.pub $OBJ/host_revoked_ca
+cat $OBJ/host_ca_key.pub $OBJ/host_ca_key2.pub > $OBJ/host_revoked_ca
 
 PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'`
 
+if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then
+        PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512"
+fi
+
 # Prepare certificate, plain key and CA KRLs
 ${SSHKEYGEN} -kf $OBJ/host_krl_empty || fatal "KRL init failed"
 ${SSHKEYGEN} -kf $OBJ/host_krl_plain || fatal "KRL init failed"
 ${SSHKEYGEN} -kf $OBJ/host_krl_cert || fatal "KRL init failed"
-${SSHKEYGEN} -kf $OBJ/host_krl_ca $OBJ/host_ca_key.pub \
+${SSHKEYGEN} -kf $OBJ/host_krl_ca $OBJ/host_ca_key.pub $OBJ/host_ca_key2.pub \
         || fatal "KRL init failed"
 
 # Generate and sign host keys
 serial=1
-for ktype in $PLAIN_TYPES ; do 
+for ktype in $PLAIN_TYPES ; do
         verbose "$tid: sign host ${ktype} cert"
         # Generate and sign a host key
         ${SSHKEYGEN} -q -N '' -t ${ktype} \
@@ -66,7 +83,11 @@ for ktype in $PLAIN_TYPES ; do
         ${SSHKEYGEN} -ukf $OBJ/host_krl_plain \
             $OBJ/cert_host_key_${ktype}.pub || fatal "KRL update failed"
         cat $OBJ/cert_host_key_${ktype}.pub >> $OBJ/host_revoked_plain
-        ${SSHKEYGEN} -h -q -s $OBJ/host_ca_key -z $serial \
+        case $ktype in
+        rsa-sha2-*)     tflag="-t $ktype"; ca="$OBJ/host_ca_key2" ;;
+        *)              tflag=""; ca="$OBJ/host_ca_key" ;;
+        esac
+        ${SSHKEYGEN} -h -q -s $ca -z $serial $tflag \
             -I "regress host key for $USER" \
             -n $HOSTS $OBJ/cert_host_key_${ktype} ||
                 fatal "couldn't sign cert_host_key_${ktype}"
@@ -100,7 +121,7 @@ attempt_connect() {
 
 # Basic connect and revocation tests.
 for privsep in yes no ; do
-        for ktype in $PLAIN_TYPES ; do 
+        for ktype in $PLAIN_TYPES ; do
                 verbose "$tid: host ${ktype} cert connect privsep $privsep"
                 (
                         cat $OBJ/sshd_proxy_bak
@@ -131,18 +152,14 @@ for privsep in yes no ; do
 done
 
 # Revoked certificates with key present
-(
-        printf '@cert-authority '
-        printf "$HOSTS "
-        cat $OBJ/host_ca_key.pub
-        for ktype in $PLAIN_TYPES ; do
-                test -f "$OBJ/cert_host_key_${ktype}.pub" || fatal "no pubkey"
-                printf "@revoked * `cat $OBJ/cert_host_key_${ktype}.pub`\n"
-        done
-) > $OBJ/known_hosts-cert.orig
+kh_ca host_ca_key.pub host_ca_key2.pub > $OBJ/known_hosts-cert.orig
+for ktype in $PLAIN_TYPES ; do
+        test -f "$OBJ/cert_host_key_${ktype}.pub" || fatal "no pubkey"
+        kh_revoke cert_host_key_${ktype}.pub >> $OBJ/known_hosts-cert.orig
+done
 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
 for privsep in yes no ; do
-        for ktype in $PLAIN_TYPES ; do 
+        for ktype in $PLAIN_TYPES ; do
                 verbose "$tid: host ${ktype} revoked cert privsep $privsep"
                 (
                         cat $OBJ/sshd_proxy_bak
@@ -162,16 +179,10 @@ for privsep in yes no ; do
 done
 
 # Revoked CA
-(
-        printf '@cert-authority '
-        printf "$HOSTS "
-        cat $OBJ/host_ca_key.pub
-        printf '@revoked '
-        printf "* "
-        cat $OBJ/host_ca_key.pub
-) > $OBJ/known_hosts-cert.orig
+kh_ca host_ca_key.pub host_ca_key2.pub > $OBJ/known_hosts-cert.orig
+kh_revoke host_ca_key.pub host_ca_key2.pub >> $OBJ/known_hosts-cert.orig
 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
-for ktype in $PLAIN_TYPES ; do 
+for ktype in $PLAIN_TYPES ; do
         verbose "$tid: host ${ktype} revoked cert"
         (
                 cat $OBJ/sshd_proxy_bak
@@ -188,11 +199,7 @@ for ktype in $PLAIN_TYPES ; do
 done
 
 # Create a CA key and add it to known hosts
-(
-        printf '@cert-authority '
-        printf "$HOSTS "
-        cat $OBJ/host_ca_key.pub
-) > $OBJ/known_hosts-cert.orig
+kh_ca host_ca_key.pub host_ca_key2.pub > $OBJ/known_hosts-cert.orig
 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
 
 test_one() {
@@ -201,16 +208,19 @@ test_one() {
         sign_opts=$3
 
         for kt in rsa ed25519 ; do
-                ${SSHKEYGEN} -q -s $OBJ/host_ca_key \
-                    -I "regress host key for $USER" \
+                case $ktype in
+                rsa-sha2-*)     tflag="-t $ktype"; ca="$OBJ/host_ca_key2" ;;
+                *)              tflag=""; ca="$OBJ/host_ca_key" ;;
+                esac
+                ${SSHKEYGEN} -q -s $ca $tflag -I "regress host key for $USER" \
                     $sign_opts $OBJ/cert_host_key_${kt} ||
-                        fail "couldn't sign cert_host_key_${kt}"
+                        fatal "couldn't sign cert_host_key_${kt}"
                 (
                         cat $OBJ/sshd_proxy_bak
                         echo HostKey $OBJ/cert_host_key_${kt}
                         echo HostCertificate $OBJ/cert_host_key_${kt}-cert.pub
                 ) > $OBJ/sshd_proxy
-        
+
                 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
                 ${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \
                     -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \
@@ -237,17 +247,20 @@ test_one "cert valid interval"	success "-h -V-1w:+2w"
 test_one "cert has constraints" failure "-h -Oforce-command=false"
 
 # Check downgrade of cert to raw key when no CA found
-for ktype in $PLAIN_TYPES ; do 
+for ktype in $PLAIN_TYPES ; do
         rm -f $OBJ/known_hosts-cert $OBJ/cert_host_key*
         verbose "$tid: host ${ktype} ${v} cert downgrade to raw key"
         # Generate and sign a host key
-        ${SSHKEYGEN} -q -N '' -t ${ktype} \
-            -f $OBJ/cert_host_key_${ktype} || \
+        ${SSHKEYGEN} -q -N '' -t ${ktype} -f $OBJ/cert_host_key_${ktype} || \
                 fail "ssh-keygen of cert_host_key_${ktype} failed"
-        ${SSHKEYGEN} -t ${v} -h -q -s $OBJ/host_ca_key \
+        case $ktype in
+        rsa-sha2-*)     tflag="-t $ktype"; ca="$OBJ/host_ca_key2" ;;
+        *)              tflag=""; ca="$OBJ/host_ca_key" ;;
+        esac
+        ${SSHKEYGEN} -h -q $tflag -s $ca $tflag \
             -I "regress host key for $USER" \
             -n $HOSTS $OBJ/cert_host_key_${ktype} ||
-                fail "couldn't sign cert_host_key_${ktype}"
+                fatal "couldn't sign cert_host_key_${ktype}"
         (
                 printf "$HOSTS "
                 cat $OBJ/cert_host_key_${ktype}.pub
@@ -257,7 +270,7 @@ for ktype in $PLAIN_TYPES ; do
                 echo HostKey $OBJ/cert_host_key_${ktype}
                 echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
         ) > $OBJ/sshd_proxy
-        
+
         ${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \
             -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \
                 -F $OBJ/ssh_proxy somehost true
@@ -267,23 +280,22 @@ for ktype in $PLAIN_TYPES ; do
 done
 
 # Wrong certificate
-(
-        printf '@cert-authority '
-        printf "$HOSTS "
-        cat $OBJ/host_ca_key.pub
-) > $OBJ/known_hosts-cert.orig
+kh_ca host_ca_key.pub host_ca_key2.pub > $OBJ/known_hosts-cert.orig
 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
-for kt in $PLAIN_TYPES ; do 
+for kt in $PLAIN_TYPES ; do
+        verbose "$tid: host ${kt} connect wrong cert"
         rm -f $OBJ/cert_host_key*
         # Self-sign key
-        ${SSHKEYGEN} -q -N '' -t ${kt} \
-            -f $OBJ/cert_host_key_${kt} || \
+        ${SSHKEYGEN} -q -N '' -t ${kt} -f $OBJ/cert_host_key_${kt} || \
                 fail "ssh-keygen of cert_host_key_${kt} failed"
-        ${SSHKEYGEN} -t ${v} -h -q -s $OBJ/cert_host_key_${kt} \
+        case $kt in
+        rsa-sha2-*)     tflag="-t $kt" ;;
+        *)              tflag="" ;;
+        esac
+        ${SSHKEYGEN} $tflag -h -q -s $OBJ/cert_host_key_${kt} \
             -I "regress host key for $USER" \
             -n $HOSTS $OBJ/cert_host_key_${kt} ||
-                fail "couldn't sign cert_host_key_${kt}"
-        verbose "$tid: host ${kt} connect wrong cert"
+                fatal "couldn't sign cert_host_key_${kt}"
         (
                 cat $OBJ/sshd_proxy_bak
                 echo HostKey $OBJ/cert_host_key_${kt}
diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh
index c38c00a02..319746395 100644
--- a/regress/cert-userkey.sh
+++ b/regress/cert-userkey.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: cert-userkey.sh,v 1.14 2015/07/10 06:23:25 markus Exp $
+#       $OpenBSD: cert-userkey.sh,v 1.16 2016/05/03 12:15:49 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="certified user keys"
@@ -9,8 +9,16 @@ cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak
 
 PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'`
 
+if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then
+        PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512"
+fi
+
 kname() {
-        n=`echo "$1" | sed 's/^dsa/ssh-dss/;s/^rsa/ssh-rsa/;s/^ed/ssh-ed/'`
+        case $ktype in
+        rsa-sha2-*) ;;
+        # subshell because some seds will add a newline
+        *) n=$(echo $1 | sed 's/^dsa/ssh-dss/;s/^rsa/ssh-rsa/;s/^ed/ssh-ed/') ;;
+        esac
         echo "$n*,ssh-rsa*,ssh-ed25519*"
 }
 
@@ -19,18 +27,24 @@ ${SSHKEYGEN} -q -N '' -t rsa  -f $OBJ/user_ca_key ||\
         fail "ssh-keygen of user_ca_key failed"
 
 # Generate and sign user keys
-for ktype in $PLAIN_TYPES ; do 
+for ktype in $PLAIN_TYPES $EXTRA_TYPES ; do
         verbose "$tid: sign user ${ktype} cert"
         ${SSHKEYGEN} -q -N '' -t ${ktype} \
             -f $OBJ/cert_user_key_${ktype} || \
-                fail "ssh-keygen of cert_user_key_${ktype} failed"
-        ${SSHKEYGEN} -q -s $OBJ/user_ca_key -I "regress user key for $USER" \
-            -z $$ -n ${USER},mekmitasdigoat $OBJ/cert_user_key_${ktype} ||
-                fail "couldn't sign cert_user_key_${ktype}"
+                fatal "ssh-keygen of cert_user_key_${ktype} failed"
+        # Generate RSA/SHA2 certs for rsa-sha2* keys.
+        case $ktype in
+        rsa-sha2-*)     tflag="-t $ktype" ;;
+        *)              tflag="" ;;
+        esac
+        ${SSHKEYGEN} -q -s $OBJ/user_ca_key -z $$ \
+            -I "regress user key for $USER" \
+            -n ${USER},mekmitasdigoat $tflag $OBJ/cert_user_key_${ktype} || \
+                fatal "couldn't sign cert_user_key_${ktype}"
 done
 
 # Test explicitly-specified principals
-for ktype in $PLAIN_TYPES ; do 
+for ktype in $EXTRA_TYPES $PLAIN_TYPES ; do
         t=$(kname $ktype)
         for privsep in yes no ; do
                 _prefix="${ktype} privsep $privsep"
@@ -67,7 +81,7 @@ for ktype in $PLAIN_TYPES ; do
                 if [ $? -eq 0 ]; then
                         fail "ssh cert connect succeeded unexpectedly"
                 fi
-        
+
                 # Wrong authorized_principals
                 verbose "$tid: ${_prefix} wrong authorized_principals"
                 echo gregorsamsa > $OBJ/authorized_principals_$USER
@@ -166,8 +180,8 @@ basic_tests() {
                 echo > $OBJ/authorized_keys_$USER
                 extra_sshd="TrustedUserCAKeys $OBJ/user_ca_key.pub"
         fi
-        
-        for ktype in $PLAIN_TYPES ; do 
+
+        for ktype in $PLAIN_TYPES ; do
                 t=$(kname $ktype)
                 for privsep in yes no ; do
                         _prefix="${ktype} privsep $privsep $auth"
@@ -183,7 +197,7 @@ basic_tests() {
                                 cat $OBJ/ssh_proxy_bak
                                 echo "PubkeyAcceptedKeyTypes ${t}"
                         ) > $OBJ/ssh_proxy
-        
+
                         ${SSH} -2i $OBJ/cert_user_key_${ktype} \
                             -F $OBJ/ssh_proxy somehost true
                         if [ $? -ne 0 ]; then
@@ -223,7 +237,7 @@ basic_tests() {
                                 fail "ssh cert connect failed"
                         fi
                 done
-        
+
                 # Revoked CA
                 verbose "$tid: ${ktype} $auth revoked CA key"
                 (
@@ -238,7 +252,7 @@ basic_tests() {
                         fail "ssh cert connect succeeded unexpecedly"
                 fi
         done
-        
+
         verbose "$tid: $auth CA does not authenticate"
         (
                 cat $OBJ/sshd_proxy_bak
@@ -286,7 +300,7 @@ test_one() {
                                         echo $auth_opt >> $OBJ/sshd_proxy
                                 fi
                         fi
-                        
+
                         verbose "$tid: $ident auth $auth expect $result $ktype"
                         ${SSHKEYGEN} -q -s $OBJ/user_ca_key \
                             -I "regress user key for $USER" \
@@ -342,13 +356,13 @@ test_one "principals key option no principals" failure "" \
 
 # Wrong certificate
 cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy
-for ktype in $PLAIN_TYPES ; do 
+for ktype in $PLAIN_TYPES ; do
         t=$(kname $ktype)
         # Self-sign
         ${SSHKEYGEN} -q -s $OBJ/cert_user_key_${ktype} -I \
             "regress user key for $USER" \
             -n $USER $OBJ/cert_user_key_${ktype} ||
-                fail "couldn't sign cert_user_key_${ktype}"
+                fatal "couldn't sign cert_user_key_${ktype}"
         verbose "$tid: user ${ktype} connect wrong cert"
         ${SSH} -2i $OBJ/cert_user_key_${ktype} -F $OBJ/ssh_proxy \
             somehost true >/dev/null 2>&1
diff --git a/regress/cfginclude.sh b/regress/cfginclude.sh
new file mode 100644
index 000000000..2fc39ce45
--- /dev/null
+++ b/regress/cfginclude.sh
@@ -0,0 +1,293 @@
+#       $OpenBSD: cfginclude.sh,v 1.2 2016/05/03 15:30:46 dtucker Exp $
+#       Placed in the Public Domain.
+
+tid="config include"
+
+# to appease StrictModes
+umask 022
+
+cat > $OBJ/ssh_config.i << _EOF
+Match host a
+        Hostname aa
+
+Match host b
+        Hostname bb
+        Include $OBJ/ssh_config.i.*
+
+Match host c
+        Include $OBJ/ssh_config.i.*
+        Hostname cc
+
+Match host m
+        Include $OBJ/ssh_config.i.*
+
+Host d
+        Hostname dd
+
+Host e
+        Hostname ee
+        Include $OBJ/ssh_config.i.*
+
+Host f
+        Include $OBJ/ssh_config.i.*
+        Hostname ff
+
+Host n
+        Include $OBJ/ssh_config.i.*
+_EOF
+
+cat > $OBJ/ssh_config.i.0 << _EOF
+Match host xxxxxx
+_EOF
+
+cat > $OBJ/ssh_config.i.1 << _EOF
+Match host a
+        Hostname aaa
+
+Match host b
+        Hostname bbb
+
+Match host c
+        Hostname ccc
+
+Host d
+        Hostname ddd
+
+Host e
+        Hostname eee
+
+Host f
+        Hostname fff
+_EOF
+
+cat > $OBJ/ssh_config.i.2 << _EOF
+Match host a
+        Hostname aaaa
+
+Match host b
+        Hostname bbbb
+
+Match host c
+        Hostname cccc
+
+Host d
+        Hostname dddd
+
+Host e
+        Hostname eeee
+
+Host f
+        Hostname ffff
+
+Match all
+        Hostname xxxx
+_EOF
+
+trial() {
+        _host="$1"
+        _exp="$2"
+        ${REAL_SSH} -F $OBJ/ssh_config.i -G "$_host" > $OBJ/ssh_config.out ||
+                fatal "ssh config parse failed"
+        _got=`grep -i '^hostname ' $OBJ/ssh_config.out | awk '{print $2}'`
+        if test "x$_exp" != "x$_got" ; then
+                fail "host $_host include fail: expected $_exp got $_got"
+        fi
+}
+
+trial a aa
+trial b bb
+trial c ccc
+trial d dd
+trial e ee
+trial f fff
+trial m xxxx
+trial n xxxx
+trial x x
+
+# Prepare an included config with an error.
+
+cat > $OBJ/ssh_config.i.3 << _EOF
+Hostname xxxx
+        Junk
+_EOF
+
+${REAL_SSH} -F $OBJ/ssh_config.i -G a 2>/dev/null && \
+        fail "ssh include allowed invalid config"
+
+${REAL_SSH} -F $OBJ/ssh_config.i -G x 2>/dev/null && \
+        fail "ssh include allowed invalid config"
+
+rm -f $OBJ/ssh_config.i.*
+
+# Ensure that a missing include is not fatal.
+cat > $OBJ/ssh_config.i << _EOF
+Include $OBJ/ssh_config.i.*
+Hostname aa
+_EOF
+
+trial a aa
+
+# Ensure that Match/Host in an included config does not affect parent.
+cat > $OBJ/ssh_config.i.x << _EOF
+Match host x
+_EOF
+
+trial a aa
+
+cat > $OBJ/ssh_config.i.x << _EOF
+Host x
+_EOF
+
+trial a aa
+
+# cleanup
+rm -f $OBJ/ssh_config.i $OBJ/ssh_config.i.* $OBJ/ssh_config.out
+#       $OpenBSD: cfginclude.sh,v 1.2 2016/05/03 15:30:46 dtucker Exp $
+#       Placed in the Public Domain.
+
+tid="config include"
+
+cat > $OBJ/ssh_config.i << _EOF
+Match host a
+        Hostname aa
+
+Match host b
+        Hostname bb
+        Include $OBJ/ssh_config.i.*
+
+Match host c
+        Include $OBJ/ssh_config.i.*
+        Hostname cc
+
+Match host m
+        Include $OBJ/ssh_config.i.*
+
+Host d
+        Hostname dd
+
+Host e
+        Hostname ee
+        Include $OBJ/ssh_config.i.*
+
+Host f
+        Include $OBJ/ssh_config.i.*
+        Hostname ff
+
+Host n
+        Include $OBJ/ssh_config.i.*
+_EOF
+
+cat > $OBJ/ssh_config.i.0 << _EOF
+Match host xxxxxx
+_EOF
+
+cat > $OBJ/ssh_config.i.1 << _EOF
+Match host a
+        Hostname aaa
+
+Match host b
+        Hostname bbb
+
+Match host c
+        Hostname ccc
+
+Host d
+        Hostname ddd
+
+Host e
+        Hostname eee
+
+Host f
+        Hostname fff
+_EOF
+
+cat > $OBJ/ssh_config.i.2 << _EOF
+Match host a
+        Hostname aaaa
+
+Match host b
+        Hostname bbbb
+
+Match host c
+        Hostname cccc
+
+Host d
+        Hostname dddd
+
+Host e
+        Hostname eeee
+
+Host f
+        Hostname ffff
+
+Match all
+        Hostname xxxx
+_EOF
+
+trial() {
+        _host="$1"
+        _exp="$2"
+        ${REAL_SSH} -F $OBJ/ssh_config.i -G "$_host" > $OBJ/ssh_config.out ||
+                fatal "ssh config parse failed"
+        _got=`grep -i '^hostname ' $OBJ/ssh_config.out | awk '{print $2}'`
+        if test "x$_exp" != "x$_got" ; then
+                fail "host $_host include fail: expected $_exp got $_got"
+        fi
+}
+
+trial a aa
+trial b bb
+trial c ccc
+trial d dd
+trial e ee
+trial f fff
+trial m xxxx
+trial n xxxx
+trial x x
+
+# Prepare an included config with an error.
+
+cat > $OBJ/ssh_config.i.3 << _EOF
+Hostname xxxx
+        Junk
+_EOF
+
+${REAL_SSH} -F $OBJ/ssh_config.i -G a 2>/dev/null && \
+        fail "ssh include allowed invalid config"
+
+${REAL_SSH} -F $OBJ/ssh_config.i -G x 2>/dev/null && \
+        fail "ssh include allowed invalid config"
+
+rm -f $OBJ/ssh_config.i.*
+
+# Ensure that a missing include is not fatal.
+cat > $OBJ/ssh_config.i << _EOF
+Include $OBJ/ssh_config.i.*
+Hostname aa
+_EOF
+
+trial a aa
+
+# Ensure that Match/Host in an included config does not affect parent.
+cat > $OBJ/ssh_config.i.x << _EOF
+Match host x
+_EOF
+
+trial a aa
+
+cat > $OBJ/ssh_config.i.x << _EOF
+Host x
+_EOF
+
+trial a aa
+
+# Ensure that recursive includes are bounded.
+cat > $OBJ/ssh_config.i << _EOF
+Include $OBJ/ssh_config.i
+_EOF
+
+${REAL_SSH} -F $OBJ/ssh_config.i -G a 2>/dev/null && \
+        fail "ssh include allowed infinite recursion?" # or hang...
+
+# cleanup
+rm -f $OBJ/ssh_config.i $OBJ/ssh_config.i.* $OBJ/ssh_config.out
diff --git a/regress/cfgparse.sh b/regress/cfgparse.sh
index 736f38976..ccf511f6b 100644
--- a/regress/cfgparse.sh
+++ b/regress/cfgparse.sh
@@ -1,7 +1,7 @@
-#       $OpenBSD: cfgparse.sh,v 1.5 2015/05/29 03:05:13 djm Exp $
+#       $OpenBSD: cfgparse.sh,v 1.6 2016/06/03 03:47:59 dtucker Exp $
 #       Placed in the Public Domain.
 
-tid="config parse"
+tid="sshd config parse"
 
 # This is a reasonable proxy for IPv6 support.
 if ! config_defined HAVE_STRUCT_IN6_ADDR ; then
diff --git a/regress/connect-privsep.sh b/regress/connect-privsep.sh
index 9a51f5690..ea739f614 100644
--- a/regress/connect-privsep.sh
+++ b/regress/connect-privsep.sh
@@ -26,7 +26,12 @@ done
 
 # Because sandbox is sensitive to changes in libc, especially malloc, retest
 # with every malloc.conf option (and none).
-for m in '' A F G H J P R S X '<' '>'; do
+if [ -z "TEST_MALLOC_OPTIONS" ]; then
+        mopts="A F G H J P R S X < >"
+else
+        mopts=`echo $TEST_MALLOC_OPTIONS | sed 's/./& /g'`
+fi
+for m in '' $mopts ; do
     for p in ${SSH_PROTOCOLS}; do
         env MALLOC_OPTIONS="$m" ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true
         if [ $? -ne 0 ]; then
diff --git a/regress/forwarding.sh b/regress/forwarding.sh
index fb4f35aff..2539db9b7 100644
--- a/regress/forwarding.sh
+++ b/regress/forwarding.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: forwarding.sh,v 1.15 2015/03/03 22:35:19 markus Exp $
+#       $OpenBSD: forwarding.sh,v 1.16 2016/04/14 23:57:17 djm Exp $
 #       Placed in the Public Domain.
 
 tid="local and remote forwarding"
@@ -59,7 +59,7 @@ for d in L R; do
                     -$d ${base}01:127.0.0.1:$PORT \
                     -$d ${base}02:127.0.0.1:$PORT \
                     -$d ${base}03:127.0.0.1:$PORT \
-                    -$d ${base}01:127.0.0.1:$PORT \
+                    -$d ${base}01:localhost:$PORT \
                     -$d ${base}04:127.0.0.1:$PORT \
                     -oExitOnForwardFailure=yes somehost true
                 r=$?
diff --git a/regress/integrity.sh b/regress/integrity.sh
index 1d4976771..bfadc6b48 100644
--- a/regress/integrity.sh
+++ b/regress/integrity.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: integrity.sh,v 1.16 2015/03/24 20:22:17 markus Exp $
+#       $OpenBSD: integrity.sh,v 1.18 2016/03/04 02:48:06 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="integrity"
@@ -54,7 +54,7 @@ for m in $macs; do
                         fail "ssh -m $m succeeds with bit-flip at $off"
                 fi
                 ecnt=`expr $ecnt + 1`
-                out=$(tail -2 $TEST_SSH_LOGFILE | egrep -v "^debug" | \
+                out=$(egrep -v "^debug" $TEST_SSH_LOGFILE | tail -2 | \
                      tr -s '\r\n' '.')
                 case "$out" in
                 Bad?packet*)    elen=`expr $elen + 1`; skip=3;;
diff --git a/regress/misc/Makefile b/regress/misc/Makefile
new file mode 100644
index 000000000..14c0c279f
--- /dev/null
+++ b/regress/misc/Makefile
@@ -0,0 +1,3 @@
+SUBDIR=         kexfuzz
+
+.include <bsd.subdir.mk>
diff --git a/regress/misc/kexfuzz/Makefile b/regress/misc/kexfuzz/Makefile
new file mode 100644
index 000000000..3018b632f
--- /dev/null
+++ b/regress/misc/kexfuzz/Makefile
@@ -0,0 +1,78 @@
+#       $OpenBSD: Makefile,v 1.1 2016/03/04 02:30:37 djm Exp $
+
+.include <bsd.own.mk>
+.include <bsd.obj.mk>
+
+# XXX detect from ssh binary?
+SSH1?=          no
+OPENSSL?=       yes
+
+PROG=   kexfuzz
+SRCS=   kexfuzz.c
+NOMAN=  1
+
+.if (${OPENSSL:L} == "yes")
+CFLAGS+=        -DWITH_OPENSSL
+.else
+# SSH v.1 requires OpenSSL.
+SSH1=           no
+.endif
+
+.if (${SSH1:L} == "yes")
+CFLAGS+=        -DWITH_SSH1
+.endif
+
+# enable warnings
+WARNINGS=Yes
+
+DEBUG=-g
+CFLAGS+=        -fstack-protector-all
+CDIAGFLAGS=     -Wall
+CDIAGFLAGS+=    -Wextra
+CDIAGFLAGS+=    -Werror
+CDIAGFLAGS+=    -Wchar-subscripts
+CDIAGFLAGS+=    -Wcomment
+CDIAGFLAGS+=    -Wformat
+CDIAGFLAGS+=    -Wformat-security
+CDIAGFLAGS+=    -Wimplicit
+CDIAGFLAGS+=    -Winline
+CDIAGFLAGS+=    -Wmissing-declarations
+CDIAGFLAGS+=    -Wmissing-prototypes
+CDIAGFLAGS+=    -Wparentheses
+CDIAGFLAGS+=    -Wpointer-arith
+CDIAGFLAGS+=    -Wreturn-type
+CDIAGFLAGS+=    -Wshadow
+CDIAGFLAGS+=    -Wsign-compare
+CDIAGFLAGS+=    -Wstrict-aliasing
+CDIAGFLAGS+=    -Wstrict-prototypes
+CDIAGFLAGS+=    -Wswitch
+CDIAGFLAGS+=    -Wtrigraphs
+CDIAGFLAGS+=    -Wuninitialized
+CDIAGFLAGS+=    -Wunused
+.if ${COMPILER_VERSION} == "gcc4"
+CDIAGFLAGS+=    -Wpointer-sign
+CDIAGFLAGS+=    -Wold-style-definition
+.endif
+
+SSHREL=../../../../../usr.bin/ssh
+
+CFLAGS+=-I${.CURDIR}/${SSHREL}
+
+.if exists(${.CURDIR}/${SSHREL}/lib/${__objdir})
+LDADD+=-L${.CURDIR}/${SSHREL}/lib/${__objdir} -lssh
+DPADD+=${.CURDIR}/${SSHREL}/lib/${__objdir}/libssh.a
+.else
+LDADD+=-L${.CURDIR}/${SSHREL}/lib -lssh
+DPADD+=${.CURDIR}/${SSHREL}/lib/libssh.a
+.endif
+
+LDADD+= -lutil -lz
+DPADD+= ${LIBUTIL} ${LIBZ}
+
+.if (${OPENSSL:L} == "yes")
+LDADD+= -lcrypto
+DPADD+= ${LIBCRYPTO}
+.endif
+
+.include <bsd.prog.mk>
+
diff --git a/regress/misc/kexfuzz/README b/regress/misc/kexfuzz/README
new file mode 100644
index 000000000..8b215b5bf
--- /dev/null
+++ b/regress/misc/kexfuzz/README
@@ -0,0 +1,28 @@
+This is a harness to help with fuzzing KEX.
+
+To use it, you first set it to count packets in each direction:
+
+./kexfuzz -K diffie-hellman-group1-sha1 -k host_ed25519_key -c
+S2C: 29
+C2S: 31
+
+Then get it to record a particular packet (in this case the 4th
+packet from client->server):
+
+./kexfuzz -K diffie-hellman-group1-sha1 -k host_ed25519_key \
+    -d -D C2S -i 3 -f packet_3
+
+Fuzz the packet somehow:
+
+dd if=/dev/urandom of=packet_3 bs=32 count=1 # Just for example
+
+Then re-run the key exchange substituting the modified packet in
+its original sequence:
+
+./kexfuzz -K diffie-hellman-group1-sha1 -k host_ed25519_key \
+    -r -D C2S -i 3 -f packet_3
+
+A comprehensive KEX fuzz run would fuzz every packet in both
+directions for each key exchange type and every hostkey type.
+This will take some time.
+
diff --git a/regress/misc/kexfuzz/kexfuzz.c b/regress/misc/kexfuzz/kexfuzz.c
new file mode 100644
index 000000000..2894d3a1e
--- /dev/null
+++ b/regress/misc/kexfuzz/kexfuzz.c
@@ -0,0 +1,410 @@
+/*      $OpenBSD: kexfuzz.c,v 1.1 2016/03/04 02:30:37 djm Exp $ */
+/*
+ * Fuzz harness for KEX code
+ *
+ * Placed in the public domain
+ */
+
+#include "includes.h"
+
+#include <sys/types.h>
+#include <sys/param.h>
+#include <stdio.h>
+#ifdef HAVE_STDINT_H
+# include <stdint.h>
+#endif
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <fcntl.h>
+#ifdef HAVE_ERR_H
+# include <err.h>
+#endif
+
+#include "ssherr.h"
+#include "ssh_api.h"
+#include "sshbuf.h"
+#include "packet.h"
+#include "myproposal.h"
+#include "authfile.h"
+
+struct ssh *active_state = NULL; /* XXX - needed for linking */
+
+void kex_tests(void);
+static int do_debug = 0;
+
+enum direction { S2C, C2S };
+
+static int
+do_send_and_receive(struct ssh *from, struct ssh *to, int mydirection,
+    int *packet_count, int trigger_direction, int packet_index,
+    const char *dump_path, struct sshbuf *replace_data)
+{
+        u_char type;
+        size_t len, olen;
+        const u_char *buf;
+        int r;
+        FILE *dumpfile;
+
+        for (;;) {
+                if ((r = ssh_packet_next(from, &type)) != 0) {
+                        fprintf(stderr, "ssh_packet_next: %s\n", ssh_err(r));
+                        return r;
+                }
+                if (type != 0)
+                        return 0;
+                buf = ssh_output_ptr(from, &len);
+                olen = len;
+                if (do_debug) {
+                        printf("%s packet %d type %u len %zu:\n",
+                            mydirection == S2C ? "s2c" : "c2s",
+                            *packet_count, type, len);
+                        sshbuf_dump_data(buf, len, stdout);
+                }
+                if (mydirection == trigger_direction &&
+                    packet_index == *packet_count) {
+                        if (replace_data != NULL) {
+                                buf = sshbuf_ptr(replace_data);
+                                len = sshbuf_len(replace_data);
+                                if (do_debug) {
+                                        printf("***** replaced packet "
+                                            "len %zu\n", len);
+                                        sshbuf_dump_data(buf, len, stdout);
+                                }
+                        } else if (dump_path != NULL) {
+                                if ((dumpfile = fopen(dump_path, "w+")) == NULL)
+                                        err(1, "fopen %s", dump_path);
+                                if (len != 0 &&
+                                    fwrite(buf, len, 1, dumpfile) != 1)
+                                        err(1, "fwrite %s", dump_path);
+                                if (do_debug)
+                                        printf("***** dumped packet "
+                                            "len %zu\n", len);
+                                fclose(dumpfile);
+                                exit(0);
+                        }
+                }
+                (*packet_count)++;
+                if (len == 0)
+                        return 0;
+                if ((r = ssh_input_append(to, buf, len)) != 0 ||
+                    (r = ssh_output_consume(from, olen)) != 0)
+                        return r;
+        }
+}
+
+/* Minimal test_helper.c scaffholding to make this standalone */
+const char *in_test = NULL;
+#define TEST_START(a)   \
+        do { \
+                in_test = (a); \
+                if (do_debug) \
+                        fprintf(stderr, "test %s starting\n", in_test); \
+        } while (0)
+#define TEST_DONE()     \
+        do { \
+                if (do_debug) \
+                        fprintf(stderr, "test %s done\n", \
+                            in_test ? in_test : "???"); \
+                in_test = NULL; \
+        } while(0)
+#define ASSERT_INT_EQ(a, b) \
+        do { \
+                if ((int)(a) != (int)(b)) { \
+                        fprintf(stderr, "%s %s:%d " \
+                            "%s (%d) != expected %s (%d)\n", \
+                            in_test ? in_test : "(none)", \
+                            __func__, __LINE__, #a, (int)(a), #b, (int)(b)); \
+                        exit(2); \
+                } \
+        } while (0)
+#define ASSERT_INT_GE(a, b) \
+        do { \
+                if ((int)(a) < (int)(b)) { \
+                        fprintf(stderr, "%s %s:%d " \
+                            "%s (%d) < expected %s (%d)\n", \
+                            in_test ? in_test : "(none)", \
+                            __func__, __LINE__, #a, (int)(a), #b, (int)(b)); \
+                        exit(2); \
+                } \
+        } while (0)
+#define ASSERT_PTR_NE(a, b) \
+        do { \
+                if ((a) == (b)) { \
+                        fprintf(stderr, "%s %s:%d " \
+                            "%s (%p) != expected %s (%p)\n", \
+                            in_test ? in_test : "(none)", \
+                            __func__, __LINE__, #a, (a), #b, (b)); \
+                        exit(2); \
+                } \
+        } while (0)
+
+
+static void
+run_kex(struct ssh *client, struct ssh *server, int *s2c, int *c2s,
+    int direction, int packet_index,
+    const char *dump_path, struct sshbuf *replace_data)
+{
+        int r = 0;
+
+        while (!server->kex->done || !client->kex->done) {
+                if ((r = do_send_and_receive(server, client, S2C, s2c,
+                    direction, packet_index, dump_path, replace_data)))
+                        break;
+                if ((r = do_send_and_receive(client, server, C2S, c2s,
+                    direction, packet_index, dump_path, replace_data)))
+                        break;
+        }
+        if (do_debug)
+                printf("done: %s\n", ssh_err(r));
+        ASSERT_INT_EQ(r, 0);
+        ASSERT_INT_EQ(server->kex->done, 1);
+        ASSERT_INT_EQ(client->kex->done, 1);
+}
+
+static void
+do_kex_with_key(const char *kex, struct sshkey *prvkey, int *c2s, int *s2c,
+    int direction, int packet_index,
+    const char *dump_path, struct sshbuf *replace_data)
+{
+        struct ssh *client = NULL, *server = NULL, *server2 = NULL;
+        struct sshkey *pubkey = NULL;
+        struct sshbuf *state;
+        struct kex_params kex_params;
+        char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT };
+        char *keyname = NULL;
+
+        TEST_START("sshkey_from_private");
+        ASSERT_INT_EQ(sshkey_from_private(prvkey, &pubkey), 0);
+        TEST_DONE();
+
+        TEST_START("ssh_init");
+        memcpy(kex_params.proposal, myproposal, sizeof(myproposal));
+        if (kex != NULL)
+                kex_params.proposal[PROPOSAL_KEX_ALGS] = strdup(kex);
+        keyname = strdup(sshkey_ssh_name(prvkey));
+        ASSERT_PTR_NE(keyname, NULL);
+        kex_params.proposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = keyname;
+        ASSERT_INT_EQ(ssh_init(&client, 0, &kex_params), 0);
+        ASSERT_INT_EQ(ssh_init(&server, 1, &kex_params), 0);
+        ASSERT_PTR_NE(client, NULL);
+        ASSERT_PTR_NE(server, NULL);
+        TEST_DONE();
+
+        TEST_START("ssh_add_hostkey");
+        ASSERT_INT_EQ(ssh_add_hostkey(server, prvkey), 0);
+        ASSERT_INT_EQ(ssh_add_hostkey(client, pubkey), 0);
+        TEST_DONE();
+
+        TEST_START("kex");
+        run_kex(client, server, s2c, c2s, direction, packet_index,
+            dump_path, replace_data);
+        TEST_DONE();
+
+        TEST_START("rekeying client");
+        ASSERT_INT_EQ(kex_send_kexinit(client), 0);
+        run_kex(client, server, s2c, c2s, direction, packet_index,
+            dump_path, replace_data);
+        TEST_DONE();
+
+        TEST_START("rekeying server");
+        ASSERT_INT_EQ(kex_send_kexinit(server), 0);
+        run_kex(client, server, s2c, c2s, direction, packet_index,
+            dump_path, replace_data);
+        TEST_DONE();
+
+        TEST_START("ssh_packet_get_state");
+        state = sshbuf_new();
+        ASSERT_PTR_NE(state, NULL);
+        ASSERT_INT_EQ(ssh_packet_get_state(server, state), 0);
+        ASSERT_INT_GE(sshbuf_len(state), 1);
+        TEST_DONE();
+
+        TEST_START("ssh_packet_set_state");
+        server2 = NULL;
+        ASSERT_INT_EQ(ssh_init(&server2, 1, NULL), 0);
+        ASSERT_PTR_NE(server2, NULL);
+        ASSERT_INT_EQ(ssh_add_hostkey(server2, prvkey), 0);
+        kex_free(server2->kex); /* XXX or should ssh_packet_set_state()? */
+        ASSERT_INT_EQ(ssh_packet_set_state(server2, state), 0);
+        ASSERT_INT_EQ(sshbuf_len(state), 0);
+        sshbuf_free(state);
+        ASSERT_PTR_NE(server2->kex, NULL);
+        /* XXX we need to set the callbacks */
+        server2->kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
+        server2->kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
+        server2->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
+        server2->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
+#ifdef OPENSSL_HAS_ECC
+        server2->kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
+#endif
+        server2->kex->kex[KEX_C25519_SHA256] = kexc25519_server;
+        server2->kex->load_host_public_key = server->kex->load_host_public_key;
+        server2->kex->load_host_private_key = server->kex->load_host_private_key;
+        server2->kex->sign = server->kex->sign;
+        TEST_DONE();
+
+        TEST_START("rekeying server2");
+        ASSERT_INT_EQ(kex_send_kexinit(server2), 0);
+        run_kex(client, server2, s2c, c2s, direction, packet_index,
+            dump_path, replace_data);
+        ASSERT_INT_EQ(kex_send_kexinit(client), 0);
+        run_kex(client, server2, s2c, c2s, direction, packet_index,
+            dump_path, replace_data);
+        TEST_DONE();
+
+        TEST_START("cleanup");
+        sshkey_free(pubkey);
+        ssh_free(client);
+        ssh_free(server);
+        ssh_free(server2);
+        free(keyname);
+        TEST_DONE();
+}
+
+static void
+usage(void)
+{
+        fprintf(stderr,
+            "Usage: kexfuzz [-hcdrv] [-D direction] [-f data_file]\n"
+            "               [-K kex_alg] [-k private_key] [-i packet_index]\n"
+            "\n"
+            "Options:\n"
+            "    -h               Display this help\n"
+            "    -c               Count packets sent during KEX\n"
+            "    -d               Dump mode: record KEX packet to data file\n"
+            "    -r               Replace mode: replace packet with data file\n"
+            "    -v               Turn on verbose logging\n"
+            "    -D S2C|C2S       Packet direction for replacement or dump\n"
+            "    -f data_file     Path to data file for replacement or dump\n"
+            "    -K kex_alg       Name of KEX algorithm to test (see below)\n"
+            "    -k private_key   Path to private key file\n"
+            "    -i packet_index  Index of packet to replace or dump (from 0)\n"
+            "\n"
+            "Available KEX algorithms: %s\n", kex_alg_list(' '));
+}
+
+static void
+badusage(const char *bad)
+{
+        fprintf(stderr, "Invalid options\n");
+        fprintf(stderr, "%s\n", bad);
+        usage();
+        exit(1);
+}
+
+int
+main(int argc, char **argv)
+{
+        int ch, fd, r;
+        int count_flag = 0, dump_flag = 0, replace_flag = 0;
+        int packet_index = -1, direction = -1;
+        int s2c = 0, c2s = 0; /* packet counts */
+        const char *kex = NULL, *kpath = NULL, *data_path = NULL;
+        struct sshkey *key = NULL;
+        struct sshbuf *replace_data = NULL;
+
+        setvbuf(stdout, NULL, _IONBF, 0);
+        while ((ch = getopt(argc, argv, "hcdrvD:f:K:k:i:")) != -1) {
+                switch (ch) {
+                case 'h':
+                        usage();
+                        return 0;
+                case 'c':
+                        count_flag = 1;
+                        break;
+                case 'd':
+                        dump_flag = 1;
+                        break;
+                case 'r':
+                        replace_flag = 1;
+                        break;
+                case 'v':
+                        do_debug = 1;
+                        break;
+
+                case 'D':
+                        if (strcasecmp(optarg, "s2c") == 0)
+                                direction = S2C;
+                        else if (strcasecmp(optarg, "c2s") == 0)
+                                direction = C2S;
+                        else
+                                badusage("Invalid direction (-D)");
+                        break;
+                case 'f':
+                        data_path = optarg;
+                        break;
+                case 'K':
+                        kex = optarg;
+                        break;
+                case 'k':
+                        kpath = optarg;
+                        break;
+                case 'i':
+                        packet_index = atoi(optarg);
+                        if (packet_index < 0)
+                                badusage("Invalid packet index");
+                        break;
+                default:
+                        badusage("unsupported flag");
+                }
+        }
+        argc -= optind;
+        argv += optind;
+
+        /* Must select a single mode */
+        if ((count_flag + dump_flag + replace_flag) != 1)
+                badusage("Must select one mode: -c, -d or -r");
+        /* KEX type is mandatory */
+        if (kex == NULL || !kex_names_valid(kex) || strchr(kex, ',') != NULL)
+                badusage("Missing or invalid kex type (-K flag)");
+        /* Valid key is mandatory */
+        if (kpath == NULL)
+                badusage("Missing private key (-k flag)");
+        if ((fd = open(kpath, O_RDONLY)) == -1)
+                err(1, "open %s", kpath);
+        if ((r = sshkey_load_private_type_fd(fd, KEY_UNSPEC, NULL,
+            &key, NULL)) != 0)
+                errx(1, "Unable to load key %s: %s", kpath, ssh_err(r));
+        close(fd);
+        /* XXX check that it is a private key */
+        /* XXX support certificates */
+        if (key == NULL || key->type == KEY_UNSPEC || key->type == KEY_RSA1)
+                badusage("Invalid key file (-k flag)");
+
+        /* Replace (fuzz) mode */
+        if (replace_flag) {
+                if (packet_index == -1 || direction == -1 || data_path == NULL)
+                        badusage("Replace (-r) mode must specify direction "
+                            "(-D) packet index (-i) and data path (-f)");
+                if ((fd = open(data_path, O_RDONLY)) == -1)
+                        err(1, "open %s", data_path);
+                replace_data = sshbuf_new();
+                if ((r = sshkey_load_file(fd, replace_data)) != 0)
+                        errx(1, "read %s: %s", data_path, ssh_err(r));
+                close(fd);
+        }
+
+        /* Dump mode */
+        if (dump_flag) {
+                if (packet_index == -1 || direction == -1 || data_path == NULL)
+                        badusage("Dump (-d) mode must specify direction "
+                            "(-D), packet index (-i) and data path (-f)");
+        }
+
+        /* Count mode needs no further flags */
+
+        do_kex_with_key(kex, key, &c2s, &s2c,
+            direction, packet_index,
+            dump_flag ? data_path : NULL,
+            replace_flag ? replace_data : NULL);
+        sshkey_free(key);
+        sshbuf_free(replace_data);
+
+        if (count_flag) {
+                printf("S2C: %d\n", s2c);
+                printf("C2S: %d\n", c2s);
+        }
+
+        return 0;
+}
diff --git a/regress/modpipe.c b/regress/modpipe.c
index e854f9e07..5f4824b51 100755
--- a/regress/modpipe.c
+++ b/regress/modpipe.c
@@ -25,36 +25,11 @@
 #include <stdarg.h>
 #include <stdlib.h>
 #include <errno.h>
+#ifdef HAVE_ERR_H
+# include <err.h>
+#endif
 #include "openbsd-compat/getopt_long.c"
 
-static void err(int, const char *, ...) __attribute__((format(printf, 2, 3)));
-static void errx(int, const char *, ...) __attribute__((format(printf, 2, 3)));
-
-static void
-err(int r, const char *fmt, ...)
-{
-        va_list args;
-
-        va_start(args, fmt);
-        fprintf(stderr, "%s: ", strerror(errno));
-        vfprintf(stderr, fmt, args);
-        fputc('\n', stderr);
-        va_end(args);
-        exit(r);
-}
-
-static void
-errx(int r, const char *fmt, ...)
-{
-        va_list args;
-
-        va_start(args, fmt);
-        vfprintf(stderr, fmt, args);
-        fputc('\n', stderr);
-        va_end(args);
-        exit(r);
-}
-
 static void
 usage(void)
 {
diff --git a/regress/netcat.c b/regress/netcat.c
index 6234ba019..98a08b1ec 100644
--- a/regress/netcat.c
+++ b/regress/netcat.c
@@ -61,6 +61,9 @@
 #  include <sys/poll.h>
 # endif
 #endif
+#ifdef HAVE_ERR_H
+# include <err.h>
+#endif
 
 /* Telnet options from arpa/telnet.h */
 #define IAC     255
@@ -134,46 +137,6 @@ void	usage(int);
 ssize_t drainbuf(int, unsigned char *, size_t *);
 ssize_t fillbuf(int, unsigned char *, size_t *);
 
-static void err(int, const char *, ...) __attribute__((format(printf, 2, 3)));
-static void errx(int, const char *, ...) __attribute__((format(printf, 2, 3)));
-static void warn(const char *, ...) __attribute__((format(printf, 1, 2)));
-
-static void
-err(int r, const char *fmt, ...)
-{
-        va_list args;
-
-        va_start(args, fmt);
-        fprintf(stderr, "%s: ", strerror(errno));
-        vfprintf(stderr, fmt, args);
-        fputc('\n', stderr);
-        va_end(args);
-        exit(r);
-}
-
-static void
-errx(int r, const char *fmt, ...)
-{
-        va_list args;
-
-        va_start(args, fmt);
-        vfprintf(stderr, fmt, args);
-        fputc('\n', stderr);
-        va_end(args);
-        exit(r);
-}
-
-static void
-warn(const char *fmt, ...)
-{
-        va_list args;
-
-        va_start(args, fmt);
-        fprintf(stderr, "%s: ", strerror(errno));
-        vfprintf(stderr, fmt, args);
-        fputc('\n', stderr);
-        va_end(args);
-}
 
 int
 main(int argc, char *argv[])
diff --git a/regress/sshcfgparse.sh b/regress/sshcfgparse.sh
new file mode 100644
index 000000000..010e02865
--- /dev/null
+++ b/regress/sshcfgparse.sh
@@ -0,0 +1,29 @@
+#       $OpenBSD: sshcfgparse.sh,v 1.2 2016/07/14 01:24:21 dtucker Exp $
+#       Placed in the Public Domain.
+
+tid="ssh config parse"
+
+verbose "reparse minimal config"
+(${SSH} -G -F $OBJ/ssh_config somehost >$OBJ/ssh_config.1 &&
+ ${SSH} -G -F $OBJ/ssh_config.1 somehost >$OBJ/ssh_config.2 &&
+ diff $OBJ/ssh_config.1 $OBJ/ssh_config.2) || fail "reparse minimal config"
+
+verbose "ssh -W opts"
+f=`${SSH} -GF $OBJ/ssh_config host | awk '/exitonforwardfailure/{print $2}'`
+test "$f" = "no" || fail "exitonforwardfailure default"
+f=`${SSH} -GF $OBJ/ssh_config -W a:1 h | awk '/exitonforwardfailure/{print $2}'`
+test "$f" = "yes" || fail "exitonforwardfailure enable"
+f=`${SSH} -GF $OBJ/ssh_config -W a:1 -o exitonforwardfailure=no h | \
+    awk '/exitonforwardfailure/{print $2}'`
+test "$f" = "no" || fail "exitonforwardfailure override"
+
+f=`${SSH} -GF $OBJ/ssh_config host | awk '/clearallforwardings/{print $2}'`
+test "$f" = "no" || fail "clearallforwardings default"
+f=`${SSH} -GF $OBJ/ssh_config -W a:1 h | awk '/clearallforwardings/{print $2}'`
+test "$f" = "yes" || fail "clearallforwardings enable"
+f=`${SSH} -GF $OBJ/ssh_config -W a:1 -o clearallforwardings=no h | \
+    awk '/clearallforwardings/{print $2}'`
+test "$f" = "no" || fail "clearallforwardings override"
+
+# cleanup
+rm -f $OBJ/ssh_config.[012]
diff --git a/regress/test-exec.sh b/regress/test-exec.sh
index 114e129f2..1b6526d0b 100644
--- a/regress/test-exec.sh
+++ b/regress/test-exec.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: test-exec.sh,v 1.51 2015/03/03 22:35:19 markus Exp $
+#       $OpenBSD: test-exec.sh,v 1.53 2016/04/15 02:57:10 djm Exp $
 #       Placed in the Public Domain.
 
 #SUDO=sudo
@@ -221,6 +221,7 @@ echo "#!/bin/sh" > $SSHLOGWRAP
 echo "exec ${SSH} -E${TEST_SSH_LOGFILE} "'"$@"' >>$SSHLOGWRAP
 
 chmod a+rx $OBJ/ssh-log-wrapper.sh
+REAL_SSH="$SSH"
 SSH="$SSHLOGWRAP"
 
 # Some test data.  We make a copy because some tests will overwrite it.
@@ -411,6 +412,13 @@ cat << EOF > $OBJ/sshd_config
         Subsystem       sftp    $SFTPSERVER
 EOF
 
+# This may be necessary if /usr/src and/or /usr/obj are group-writable,
+# but if you aren't careful with permissions then the unit tests could
+# be abused to locally escalate privileges.
+if [ ! -z "$TEST_SSH_UNSAFE_PERMISSIONS" ]; then
+        echo "StrictModes no" >> $OBJ/sshd_config
+fi
+
 if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
         trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
         echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
diff --git a/regress/unittests/Makefile b/regress/unittests/Makefile
index d3d90823f..0a95d4b20 100644
--- a/regress/unittests/Makefile
+++ b/regress/unittests/Makefile
@@ -1,5 +1,5 @@
-#       $OpenBSD: Makefile,v 1.5 2015/02/16 22:21:03 djm Exp $
+#       $OpenBSD: Makefile,v 1.6 2016/05/26 19:14:25 schwarze Exp $
 REGRESS_FAIL_EARLY= yes
-SUBDIR= test_helper sshbuf sshkey bitmap kex hostkeys
+SUBDIR= test_helper sshbuf sshkey bitmap kex hostkeys utf8
 
 .include <bsd.subdir.mk>
diff --git a/regress/unittests/sshbuf/test_sshbuf_misc.c b/regress/unittests/sshbuf/test_sshbuf_misc.c
index f155491a0..762a6c31c 100644
--- a/regress/unittests/sshbuf/test_sshbuf_misc.c
+++ b/regress/unittests/sshbuf/test_sshbuf_misc.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: test_sshbuf_misc.c,v 1.1 2014/04/30 05:32:00 djm Exp $ */
+/*      $OpenBSD: test_sshbuf_misc.c,v 1.2 2016/05/03 13:48:33 djm Exp $ */
 /*
  * Regress test for sshbuf.h buffer API
  *
@@ -134,5 +134,34 @@ sshbuf_misc_tests(void)
         ASSERT_U32_EQ(PEEK_U32(sshbuf_ptr(p1)), 0xd00fd00f);
         sshbuf_free(p1);
         TEST_DONE();
+
+        TEST_START("sshbuf_dup_string");
+        p1 = sshbuf_new();
+        ASSERT_PTR_NE(p1, NULL);
+        /* Check empty buffer */
+        p = sshbuf_dup_string(p1);
+        ASSERT_PTR_NE(p, NULL);
+        ASSERT_SIZE_T_EQ(strlen(p), 0);
+        free(p);
+        /* Check buffer with string */
+        ASSERT_INT_EQ(sshbuf_put(p1, "quad1", strlen("quad1")), 0);
+        p = sshbuf_dup_string(p1);
+        ASSERT_PTR_NE(p, NULL);
+        ASSERT_SIZE_T_EQ(strlen(p), strlen("quad1"));
+        ASSERT_STRING_EQ(p, "quad1");
+        free(p);
+        /* Check buffer with terminating nul */
+        ASSERT_INT_EQ(sshbuf_put(p1, "\0", 1), 0);
+        p = sshbuf_dup_string(p1);
+        ASSERT_PTR_NE(p, NULL);
+        ASSERT_SIZE_T_EQ(strlen(p), strlen("quad1"));
+        ASSERT_STRING_EQ(p, "quad1");
+        free(p);
+        /* Check buffer with data after nul (expect failure) */
+        ASSERT_INT_EQ(sshbuf_put(p1, "quad2", strlen("quad2")), 0);
+        p = sshbuf_dup_string(p1);
+        ASSERT_PTR_EQ(p, NULL);
+        sshbuf_free(p1);
+        TEST_DONE();
 }
 
diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c
index 1f160d1a7..1476dc2e3 100644
--- a/regress/unittests/sshkey/test_sshkey.c
+++ b/regress/unittests/sshkey/test_sshkey.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: test_sshkey.c,v 1.9 2015/12/07 02:20:46 djm Exp $ */
+/*      $OpenBSD: test_sshkey.c,v 1.10 2016/05/02 09:52:00 djm Exp $ */
 /*
  * Regress test for sshkey.h key management API
  *
@@ -455,7 +455,7 @@ sshkey_tests(void)
         put_opt(k1->cert->extensions, "permit-X11-forwarding", NULL);
         put_opt(k1->cert->extensions, "permit-agent-forwarding", NULL);
         ASSERT_INT_EQ(sshkey_from_private(k2, &k1->cert->signature_key), 0);
-        ASSERT_INT_EQ(sshkey_certify(k1, k2), 0);
+        ASSERT_INT_EQ(sshkey_certify(k1, k2, NULL), 0);
         b = sshbuf_new();
         ASSERT_PTR_NE(b, NULL);
         ASSERT_INT_EQ(sshkey_putb(k1, b), 0);
diff --git a/regress/unittests/test_helper/Makefile b/regress/unittests/test_helper/Makefile
index 5b3894cbf..78026e653 100644
--- a/regress/unittests/test_helper/Makefile
+++ b/regress/unittests/test_helper/Makefile
@@ -1,9 +1,8 @@
-#       $OpenBSD: Makefile,v 1.2 2015/01/20 22:58:57 djm Exp $
+#       $OpenBSD: Makefile,v 1.3 2016/07/04 18:01:44 guenther Exp $
 
 LIB=    test_helper
 SRCS=   test_helper.c fuzz.c
 
-DEBUGLIBS= no
 NOPROFILE= yes
 NOPIC=  yes
 
diff --git a/regress/unittests/utf8/Makefile b/regress/unittests/utf8/Makefile
new file mode 100644
index 000000000..150ea2f2e
--- /dev/null
+++ b/regress/unittests/utf8/Makefile
@@ -0,0 +1,12 @@
+#       $OpenBSD: Makefile,v 1.2 2016/05/30 12:14:08 schwarze Exp $
+
+TEST_ENV=       "MALLOC_OPTIONS=CFGJPRSUX"
+
+PROG=test_utf8
+SRCS=tests.c
+REGRESS_TARGETS=run-regress-${PROG}
+
+run-regress-${PROG}: ${PROG}
+        env ${TEST_ENV} ./${PROG}
+
+.include <bsd.regress.mk>
diff --git a/regress/unittests/utf8/tests.c b/regress/unittests/utf8/tests.c
new file mode 100644
index 000000000..fad2ec279
--- /dev/null
+++ b/regress/unittests/utf8/tests.c
@@ -0,0 +1,82 @@
+/*      $OpenBSD: tests.c,v 1.2 2016/05/30 12:05:56 schwarze Exp $ */
+/*
+ * Regress test for the utf8.h *mprintf() API
+ *
+ * Written by Ingo Schwarze <schwarze@openbsd.org> in 2016
+ * and placed in the public domain.
+ */
+
+#include <locale.h>
+#include <string.h>
+
+#include "test_helper.h"
+
+#include "utf8.h"
+
+void     badarg(void);
+void     one(const char *, const char *, int, int, int, const char *);
+
+void
+badarg(void)
+{
+        char     buf[16];
+        int      len, width;
+
+        width = 1;
+        TEST_START("utf8_badarg");
+        len = snmprintf(buf, sizeof(buf), &width, "\377");
+        ASSERT_INT_EQ(len, -1);
+        ASSERT_STRING_EQ(buf, "");
+        ASSERT_INT_EQ(width, 0);
+        TEST_DONE();
+}
+
+void
+one(const char *name, const char *mbs, int width,
+    int wantwidth, int wantlen, const char *wants)
+{
+        char     buf[16];
+        int     *wp;
+        int      len;
+
+        if (wantlen == -2)
+                wantlen = strlen(wants);
+        (void)strlcpy(buf, "utf8_", sizeof(buf));
+        (void)strlcat(buf, name, sizeof(buf));
+        TEST_START(buf);
+        wp = wantwidth == -2 ? NULL : &width;
+        len = snmprintf(buf, sizeof(buf), wp, "%s", mbs);
+        ASSERT_INT_EQ(len, wantlen);
+        ASSERT_STRING_EQ(buf, wants);
+        ASSERT_INT_EQ(width, wantwidth);
+        TEST_DONE();
+}
+
+void
+tests(void)
+{
+        char    *loc;
+
+        TEST_START("utf8_setlocale");
+        loc = setlocale(LC_CTYPE, "en_US.UTF-8");
+        ASSERT_PTR_NE(loc, NULL);
+        TEST_DONE();
+
+        badarg();
+        one("null", NULL, 8, 6, 6, "(null)");
+        one("empty", "", 2, 0, 0, "");
+        one("ascii", "x", -2, -2, -2, "x");
+        one("newline", "a\nb", -2, -2, -2, "a\nb");
+        one("cr", "a\rb", -2, -2, -2, "a\rb");
+        one("tab", "a\tb", -2, -2, -2, "a\tb");
+        one("esc", "\033x", -2, -2, -2, "\\033x");
+        one("inv_badbyte", "\377x", -2, -2, -2, "\\377x");
+        one("inv_nocont", "\341x", -2, -2, -2, "\\341x");
+        one("inv_nolead", "a\200b", -2, -2, -2, "a\\200b");
+        one("sz_ascii", "1234567890123456", -2, -2, 16, "123456789012345");
+        one("sz_esc", "123456789012\033", -2, -2, 16, "123456789012");
+        one("width_ascii", "123", 2, 2, -1, "12");
+        one("width_double", "a\343\201\201", 2, 1, -1, "a");
+        one("double_fit", "a\343\201\201", 3, 3, 4, "a\343\201\201");
+        one("double_spc", "a\343\201\201", 4, 3, 4, "a\343\201\201");
+}