26 files changed, 174 insertions, 102 deletions

diff --git a/ChangeLog b/ChangeLog
index dbd8b0aa9..f5e2df0d0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,45 @@
+20130516
+ - (djm) [contrib/ssh-copy-id] Fix bug that could cause "rm *" to be
+   executed if mktemp failed; bz#2105 ok dtucker@
+ - (djm) Release 6.2p2
+
+20130510
+ - (djm) OpenBSD CVS Cherrypick
+   - djm@cvs.openbsd.org 2013/04/11 02:27:50
+     [packet.c]
+     quiet disconnect notifications on the server from error() back to logit()
+     if it is a normal client closure; bz#2057 ok+feedback dtucker@
+ - (djm) [version.h contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
+   [contrib/suse/openssh.spec] Crank version numbers for release.
+ - (djm) [README] Update release notes URL
+
+20130404
+ - (dtucker) OpenBSD CVS Sync
+   - dtucker@cvs.openbsd.org 2013/02/17 23:16:57
+     [readconf.c ssh.c readconf.h sshconnect2.c]
+     Keep track of which IndentityFile options were manually supplied and which
+     were default options, and don't warn if the latter are missing.
+     ok markus@
+   - dtucker@cvs.openbsd.org 2013/02/19 02:12:47
+     [krl.c]
+     Remove bogus include.  ok djm
+   - dtucker@cvs.openbsd.org 2013/02/22 04:45:09
+     [ssh.c readconf.c readconf.h]
+     Don't complain if IdentityFiles specified in system-wide configs are
+     missing.  ok djm, deraadt.
+   - markus@cvs.openbsd.org 2013/02/22 19:13:56
+     [sshconnect.c]
+     support ProxyCommand=- (stdin/out already point to the proxy); ok djm@
+   - djm@cvs.openbsd.org 2013/02/22 22:09:01
+     [ssh.c]
+     Allow IdenityFile=none; ok markus deraadt (and dtucker for an earlier
+     version)
+
+20130401
+ - (dtucker) [openbsd-compat/bsd-cygwin_util.{c,h}] Don't include windows.h
+   to avoid conflicting definitions of __int64, adding the required bits.
+   Patch from Corinna Vinschen.
+
 20120322
  - (djm) [contrib/ssh-copy-id contrib/ssh-copy-id.1] Updated to Phil
    Hands' greatly revised version.
diff --git a/README b/README
index 21dc6e1f7..52bb657d6 100644
--- a/README
+++ b/README
@@ -1,4 +1,4 @@
-See http://www.openssh.com/txt/release-6.2 for the release notes.
+See http://www.openssh.com/txt/release-6.2p2 for the release notes.
 
 - A Japanese translation of this document and of the OpenSSH FAQ is
 - available at http://www.unixuser.org/~haruyama/security/openssh/index.html
@@ -62,4 +62,4 @@ References -
 [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9
 [7] http://www.openssh.com/faq.html
 
-$Id: README,v 1.82 2013/02/26 23:48:19 djm Exp $
+$Id: README,v 1.82.2.1 2013/05/10 06:12:54 djm Exp $
diff --git a/contrib/caldera/openssh.spec b/contrib/caldera/openssh.spec
index 196bd7904..ca34bd23a 100644
--- a/contrib/caldera/openssh.spec
+++ b/contrib/caldera/openssh.spec
@@ -16,7 +16,7 @@
 
 #old cvs stuff.  please update before use.  may be deprecated.
 %define use_stable      1
-%define version         6.2p1
+%define version         6.2p2
 %if %{use_stable}
   %define cvs           %{nil}
   %define release       1
@@ -363,4 +363,4 @@ fi
 * Mon Jan 01 1998 ...
 Template Version: 1.31
 
-$Id: openssh.spec,v 1.79 2013/02/26 23:48:20 djm Exp $
+$Id: openssh.spec,v 1.79.2.1 2013/05/10 06:02:21 djm Exp $
diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec
index 3898c6c99..cd5378ed2 100644
--- a/contrib/redhat/openssh.spec
+++ b/contrib/redhat/openssh.spec
@@ -1,4 +1,4 @@
-%define ver 6.2p1
+%define ver 6.2p2
 %define rel 1
 
 # OpenSSH privilege separation requires a user & group ID
diff --git a/contrib/ssh-copy-id b/contrib/ssh-copy-id
index af18a1929..9f2817b6b 100644
--- a/contrib/ssh-copy-id
+++ b/contrib/ssh-copy-id
@@ -165,6 +165,9 @@ done
 
 eval set -- "$SAVEARGS"
 
+if [ $# == 0 ] ; then
+  usage
+fi
 if [ $# != 1 ] ; then
   printf '%s: ERROR: Too many arguments.  Expecting a target hostname, got: %s\n\n' "$0" "$SAVEARGS" >&2
   usage
@@ -196,7 +199,11 @@ populate_new_ids() {
 
   umask 0177
   local L_TMP_ID_FILE=$(mktemp ~/.ssh/ssh-copy-id_id.XXXXXXXXXX)
-  trap "rm -f $L_TMP_ID_FILE*" EXIT TERM INT QUIT
+  if test $? -ne 0 || test "x$L_TMP_ID_FILE" = "x" ; then
+    echo "mktemp failed" 1>&2
+    exit 1
+  fi
+  trap "rm -f $L_TMP_ID_FILE ${L_TMP_ID_FILE}.pub" EXIT TERM INT QUIT
   printf '%s: INFO: attempting to log in with the new key(s), to filter out any that are already installed\n' "$0" >&2
   NEW_IDS=$(
     eval $GET_ID | {
diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec
index 960feae07..bb9e50bd9 100644
--- a/contrib/suse/openssh.spec
+++ b/contrib/suse/openssh.spec
@@ -13,7 +13,7 @@
 
 Summary:        OpenSSH, a free Secure Shell (SSH) protocol implementation
 Name:           openssh
-Version:        6.2p1
+Version:        6.2p2
 URL:            http://www.openssh.com/
 Release:        1
 Source0:        openssh-%{version}.tar.gz
diff --git a/debian/changelog b/debian/changelog
index b63fe90e9..b048e8927 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+openssh (1:6.2p2-1) UNRELEASED; urgency=low
+
+  * New upstream release (http://www.openssh.com/txt/release-6.2p2):
+    - Only warn for missing identity files that were explicitly specified
+      (closes: #708275).
+    - Fix bug in contributed contrib/ssh-copy-id script that could result in
+      "rm *" being called on mktemp failure (closes: #708419).
+
+ -- Colin Watson <cjwatson@debian.org>  Thu, 16 May 2013 13:56:20 +0100
+
 openssh (1:6.2p1-3) unstable; urgency=low
 
   * Renumber Debian-specific additions to enum monitor_reqtype so that they
diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch
index 77e807502..45a8364ca 100644
--- a/debian/patches/debian-config.patch
+++ b/debian/patches/debian-config.patch
@@ -18,13 +18,13 @@ Description: Various Debian-specific configuration changes
 Author: Colin Watson <cjwatson@debian.org>
 Author: Russ Allbery <rra@debian.org>
 Forwarded: not-needed
-Last-Update: 2013-05-07
+Last-Update: 2013-05-16
 
 Index: b/readconf.c
 ===================================================================
 --- a/readconf.c
 +++ b/readconf.c
-@@ -1269,7 +1269,7 @@
+@@ -1288,7 +1288,7 @@
         if (options->forward_x11 == -1)
                 options->forward_x11 = 0;
         if (options->forward_x11_trusted == -1)
diff --git a/debian/patches/gssapi.patch b/debian/patches/gssapi.patch
index ce50db505..416e2f16c 100644
--- a/debian/patches/gssapi.patch
+++ b/debian/patches/gssapi.patch
@@ -13,7 +13,7 @@ Description: GSSAPI key exchange support
  security history.
 Author: Simon Wilkinson <simon@sxw.org.uk>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242
-Last-Updated: 2013-05-13
+Last-Updated: 2013-05-16
 
 Index: b/ChangeLog.gssapi
 ===================================================================
@@ -2327,7 +2327,7 @@ Index: b/readconf.c
  #endif
         { "fallbacktorsh", oDeprecated },
         { "usersh", oDeprecated },
-@@ -483,10 +494,30 @@
+@@ -503,10 +514,30 @@
                 intptr = &options->gss_authentication;
                 goto parse_flag;
  
@@ -2358,7 +2358,7 @@ Index: b/readconf.c
         case oBatchMode:
                 intptr = &options->batch_mode;
                 goto parse_flag;
-@@ -1139,7 +1170,12 @@
+@@ -1158,7 +1189,12 @@
         options->pubkey_authentication = -1;
         options->challenge_response_authentication = -1;
         options->gss_authentication = -1;
@@ -2371,7 +2371,7 @@ Index: b/readconf.c
         options->password_authentication = -1;
         options->kbd_interactive_authentication = -1;
         options->kbd_interactive_devices = NULL;
-@@ -1239,8 +1275,14 @@
+@@ -1258,8 +1294,14 @@
                 options->challenge_response_authentication = 1;
         if (options->gss_authentication == -1)
                 options->gss_authentication = 0;
diff --git a/debian/patches/keepalive-extensions.patch b/debian/patches/keepalive-extensions.patch
index 028bd62e5..98e9f8bdd 100644
--- a/debian/patches/keepalive-extensions.patch
+++ b/debian/patches/keepalive-extensions.patch
@@ -12,7 +12,7 @@ Author: Richard Kettlewell <rjk@greenend.org.uk>
 Author: Ian Jackson <ian@chiark.greenend.org.uk>
 Author: Matthew Vernon <matthew@debian.org>
 Author: Colin Watson <cjwatson@debian.org>
-Last-Update: 2013-05-07
+Last-Update: 2013-05-16
 
 Index: b/readconf.c
 ===================================================================
@@ -35,7 +35,7 @@ Index: b/readconf.c
  
         { NULL, oBadOption }
  };
-@@ -915,6 +918,8 @@
+@@ -933,6 +936,8 @@
                 goto parse_flag;
  
         case oServerAliveInterval:
@@ -44,7 +44,7 @@ Index: b/readconf.c
                 intptr = &options->server_alive_interval;
                 goto parse_time;
  
-@@ -1386,8 +1391,13 @@
+@@ -1392,8 +1397,13 @@
                 options->rekey_limit = 0;
         if (options->verify_host_key_dns == -1)
                 options->verify_host_key_dns = 0;
diff --git a/debian/patches/mention-ssh-keygen-on-keychange.patch b/debian/patches/mention-ssh-keygen-on-keychange.patch
index fa7c725b4..fd1b6f9f5 100644
--- a/debian/patches/mention-ssh-keygen-on-keychange.patch
+++ b/debian/patches/mention-ssh-keygen-on-keychange.patch
@@ -2,13 +2,13 @@ Description: Mention ssh-keygen in ssh fingerprint changed warning
 Author: Scott Moser <smoser@ubuntu.com>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1843
 Bug-Ubuntu: https://bugs.launchpad.net/bugs/686607
-Last-Update: 2013-05-07
+Last-Update: 2013-05-16
 
 Index: b/sshconnect.c
 ===================================================================
 --- a/sshconnect.c
 +++ b/sshconnect.c
-@@ -975,9 +975,12 @@
+@@ -982,9 +982,12 @@
                         error("%s. This could either mean that", key_msg);
                         error("DNS SPOOFING is happening or the IP address for the host");
                         error("and its host key have changed at the same time.");
@@ -22,7 +22,7 @@ Index: b/sshconnect.c
                 }
                 /* The host key has changed. */
                 warn_changed_key(host_key);
-@@ -985,6 +988,8 @@
+@@ -992,6 +995,8 @@
                     user_hostfiles[0]);
                 error("Offending %s key in %s:%lu", key_type(host_found->key),
                     host_found->file, host_found->line);
diff --git a/debian/patches/package-versioning.patch b/debian/patches/package-versioning.patch
index c337ad671..b922a185b 100644
--- a/debian/patches/package-versioning.patch
+++ b/debian/patches/package-versioning.patch
@@ -5,13 +5,13 @@ Description: Include the Debian version in our identification
  vulnerable-looking version strings.  (However, see debian-banner.patch.)
 Author: Matthew Vernon <matthew@debian.org>
 Forwarded: not-needed
-Last-Update: 2013-05-07
+Last-Update: 2013-05-16
 
 Index: b/sshconnect.c
 ===================================================================
 --- a/sshconnect.c
 +++ b/sshconnect.c
-@@ -435,10 +435,10 @@
+@@ -442,10 +442,10 @@
         /* Send our own protocol version identification. */
         if (compat20) {
                 xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
@@ -44,7 +44,7 @@ Index: b/version.h
 @@ -3,4 +3,9 @@
  #define SSH_VERSION    "OpenSSH_6.2"
  
- #define SSH_PORTABLE   "p1"
+ #define SSH_PORTABLE   "p2"
 -#define SSH_RELEASE    SSH_VERSION SSH_PORTABLE
 +#define SSH_RELEASE_MINIMUM    SSH_VERSION SSH_PORTABLE
 +#ifdef SSH_EXTRAVERSION
diff --git a/debian/patches/shell-path.patch b/debian/patches/shell-path.patch
index 4c4532e99..d4cbc3e5f 100644
--- a/debian/patches/shell-path.patch
+++ b/debian/patches/shell-path.patch
@@ -4,13 +4,13 @@ Description: Look for $SHELL on the path for ProxyCommand/LocalCommand
 Author: Colin Watson <cjwatson@debian.org>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1494
 Bug-Debian: http://bugs.debian.org/492728
-Last-Update: 2013-05-07
+Last-Update: 2013-05-16
 
 Index: b/sshconnect.c
 ===================================================================
 --- a/sshconnect.c
 +++ b/sshconnect.c
-@@ -144,7 +144,7 @@
+@@ -151,7 +151,7 @@
                 /* Execute the proxy command.  Note that we gave up any
                    extra privileges above. */
                 signal(SIGPIPE, SIG_DFL);
@@ -19,7 +19,7 @@ Index: b/sshconnect.c
                 perror(argv[0]);
                 exit(1);
         }
-@@ -1292,7 +1292,7 @@
+@@ -1299,7 +1299,7 @@
         if (pid == 0) {
                 signal(SIGPIPE, SIG_DFL);
                 debug3("Executing %s -c \"%s\"", shell, args);
diff --git a/debian/patches/ssh-vulnkey.patch b/debian/patches/ssh-vulnkey.patch
index b7531cce0..03d6f15d9 100644
--- a/debian/patches/ssh-vulnkey.patch
+++ b/debian/patches/ssh-vulnkey.patch
@@ -8,7 +8,7 @@ Description: Reject vulnerable keys to mitigate Debian OpenSSL flaw
  See CVE-2008-0166.
 Author: Colin Watson <cjwatson@ubuntu.com>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1469
-Last-Update: 2013-05-07
+Last-Update: 2013-05-16
 
 Index: b/Makefile.in
 ===================================================================
@@ -420,7 +420,7 @@ Index: b/readconf.c
         { "rsaauthentication", oRSAAuthentication },
         { "pubkeyauthentication", oPubkeyAuthentication },
         { "dsaauthentication", oPubkeyAuthentication },             /* alias */
-@@ -490,6 +492,10 @@
+@@ -510,6 +512,10 @@
                 intptr = &options->challenge_response_authentication;
                 goto parse_flag;
  
@@ -431,7 +431,7 @@ Index: b/readconf.c
         case oGssAuthentication:
                 intptr = &options->gss_authentication;
                 goto parse_flag;
-@@ -1181,6 +1187,7 @@
+@@ -1200,6 +1206,7 @@
         options->kbd_interactive_devices = NULL;
         options->rhosts_rsa_authentication = -1;
         options->hostbased_authentication = -1;
@@ -439,7 +439,7 @@ Index: b/readconf.c
         options->batch_mode = -1;
         options->check_host_ip = -1;
         options->strict_host_key_checking = -1;
-@@ -1291,6 +1298,8 @@
+@@ -1310,6 +1317,8 @@
                 options->rhosts_rsa_authentication = 0;
         if (options->hostbased_authentication == -1)
                 options->hostbased_authentication = 0;
@@ -1247,7 +1247,7 @@ Index: b/ssh.c
 ===================================================================
 --- a/ssh.c
 +++ b/ssh.c
-@@ -1495,7 +1495,7 @@
+@@ -1492,7 +1492,7 @@
  static void
  load_public_identity_files(void)
  {
@@ -1256,7 +1256,7 @@ Index: b/ssh.c
         char *pwdir = NULL, *pwname = NULL;
         int i = 0;
         Key *public;
-@@ -1552,6 +1552,22 @@
+@@ -1550,6 +1550,22 @@
                 public = key_load_public(filename, NULL);
                 debug("identity file %s type %d", filename,
                     public ? public->type : -1);
diff --git a/debian/patches/syslog-level-silent.patch b/debian/patches/syslog-level-silent.patch
index 3dfc89027..2bac7c8cb 100644
--- a/debian/patches/syslog-level-silent.patch
+++ b/debian/patches/syslog-level-silent.patch
@@ -8,7 +8,7 @@ Description: "LogLevel SILENT" compatibility
 Author: Jonathan David Amery <jdamery@ysolde.ucam.org>
 Author: Matthew Vernon <matthew@debian.org>
 Author: Colin Watson <cjwatson@debian.org>
-Last-Update: 2010-03-31
+Last-Update: 2013-05-16
 
 Index: b/log.c
 ===================================================================
@@ -26,7 +26,7 @@ Index: b/ssh.c
 ===================================================================
 --- a/ssh.c
 +++ b/ssh.c
-@@ -714,7 +714,7 @@
+@@ -711,7 +711,7 @@
         /* Do not allocate a tty if stdin is not a tty. */
         if ((!isatty(fileno(stdin)) || stdin_null_flag) &&
             options.request_tty != REQUEST_TTY_FORCE) {
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch
index 64ecbd7c8..d0de9c006 100644
--- a/debian/patches/user-group-modes.patch
+++ b/debian/patches/user-group-modes.patch
@@ -9,7 +9,7 @@ Description: Allow harmless group-writability
 Author: Colin Watson <cjwatson@debian.org>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1060
 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314347
-Last-Update: 2013-05-07
+Last-Update: 2013-05-16
 
 Index: b/readconf.c
 ===================================================================
@@ -24,7 +24,7 @@ Index: b/readconf.c
  
  #include "xmalloc.h"
  #include "ssh.h"
-@@ -1132,8 +1134,7 @@
+@@ -1150,8 +1152,7 @@
  
                 if (fstat(fileno(f), &sb) == -1)
                         fatal("fstat %s: %s", filename, strerror(errno));
diff --git a/krl.c b/krl.c
index 5a6bd14aa..0d9bb5411 100644
--- a/krl.c
+++ b/krl.c
@@ -14,7 +14,7 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $OpenBSD: krl.c,v 1.9 2013/01/27 10:06:12 djm Exp $ */
+/* $OpenBSD: krl.c,v 1.10 2013/02/19 02:12:47 dtucker Exp $ */
 
 #include "includes.h"
 
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index 6befc016f..d3d2d913a 100644
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2001, 2011 Corinna Vinschen <vinschen@redhat.com>
+ * Copyright (c) 2000, 2001, 2011, 2013 Corinna Vinschen <vinschen@redhat.com>
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -27,20 +27,15 @@
  * binary mode on Windows systems.
  */
 
+#define NO_BINARY_OPEN  /* Avoid redefining open to binary_open for this file */
 #include "includes.h"
 
 #ifdef HAVE_CYGWIN
 
-#if defined(open) && open == binary_open
-# undef open
-#endif
-
 #include <sys/types.h>
-
 #include <fcntl.h>
-#include <stdlib.h>
+#include <string.h>
 #include <unistd.h>
-#include <windows.h>
 
 #include "xmalloc.h"
 
diff --git a/openbsd-compat/bsd-cygwin_util.h b/openbsd-compat/bsd-cygwin_util.h
index b4bcd04b7..6061a6b01 100644
--- a/openbsd-compat/bsd-cygwin_util.h
+++ b/openbsd-compat/bsd-cygwin_util.h
@@ -1,7 +1,7 @@
-/* $Id: bsd-cygwin_util.h,v 1.15 2012/08/28 09:57:19 dtucker Exp $ */
+/* $Id: bsd-cygwin_util.h,v 1.15.4.1 2013/04/04 23:53:31 dtucker Exp $ */
 
 /*
- * Copyright (c) 2000, 2001, 2011 Corinna Vinschen <vinschen@redhat.com>
+ * Copyright (c) 2000, 2001, 2011, 2013 Corinna Vinschen <vinschen@redhat.com>
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -36,24 +36,21 @@
 
 #undef ERROR
 
-#define WIN32_LEAN_AND_MEAN
+/* Avoid including windows headers. */
+typedef void *HANDLE;
+#define INVALID_HANDLE_VALUE ((HANDLE) -1)
 
-#include <windows.h>
 #include <sys/cygwin.h>
 #include <io.h>
 
-/* Make sure _WIN32 isn't defined later in the code, otherwise headers from
-   other packages might get the wrong idea about the target system. */
-#ifdef _WIN32
-#undef _WIN32
-#endif
-
 int binary_open(const char *, int , ...);
 int check_ntsec(const char *);
 char **fetch_windows_environment(void);
 void free_windows_environment(char **);
 
+#ifndef NO_BINARY_OPEN
 #define open binary_open
+#endif
 
 #endif /* HAVE_CYGWIN */
 
diff --git a/packet.c b/packet.c
index 9326ddea6..3e835d360 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.181 2013/02/10 23:35:24 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.182 2013/04/11 02:27:50 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1460,7 +1460,11 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p)
                         case SSH2_MSG_DISCONNECT:
                                 reason = packet_get_int();
                                 msg = packet_get_string(NULL);
-                                error("Received disconnect from %s: %u: %.400s",
+                                /* Ignore normal client exit notifications */
+                                do_log2(active_state->server_side &&
+                                    reason == SSH2_DISCONNECT_BY_APPLICATION ?
+                                    SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_ERROR,
+                                    "Received disconnect from %s: %u: %.400s",
                                     get_remote_ipaddr(), reason, msg);
                                 xfree(msg);
                                 cleanup_exit(255);
diff --git a/readconf.c b/readconf.c
index a34cbe707..0b26a6735 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.194 2011/09/23 07:45:05 markus Exp $ */
+/* $OpenBSD: readconf.c,v 1.196 2013/02/22 04:45:08 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -344,6 +344,26 @@ clear_forwardings(Options *options)
         options->tun_open = SSH_TUNMODE_NO;
 }
 
+void
+add_identity_file(Options *options, const char *dir, const char *filename,
+    int userprovided)
+{
+        char *path;
+
+        if (options->num_identity_files >= SSH_MAX_IDENTITY_FILES)
+                fatal("Too many identity files specified (max %d)",
+                    SSH_MAX_IDENTITY_FILES);
+
+        if (dir == NULL) /* no dir, filename is absolute */
+                path = xstrdup(filename);
+        else
+                (void)xasprintf(&path, "%.100s%.100s", dir, filename);
+
+        options->identity_file_userprovided[options->num_identity_files] =
+            userprovided;
+        options->identity_files[options->num_identity_files++] = path;
+}
+
 /*
  * Returns the number of the token pointed to by cp or oBadOption.
  */
@@ -371,7 +391,7 @@ parse_token(const char *cp, const char *filename, int linenum)
 int
 process_config_line(Options *options, const char *host,
                     char *line, const char *filename, int linenum,
-                    int *activep)
+                    int *activep, int userconfig)
 {
         char *s, **charptr, *endofnumber, *keyword, *arg, *arg2;
         char **cpptr, fwdarg[256];
@@ -628,9 +648,7 @@ parse_yesnoask:
                         if (*intptr >= SSH_MAX_IDENTITY_FILES)
                                 fatal("%.200s line %d: Too many identity files specified (max %d).",
                                     filename, linenum, SSH_MAX_IDENTITY_FILES);
-                        charptr = &options->identity_files[*intptr];
-                        *charptr = xstrdup(arg);
-                        *intptr = *intptr + 1;
+                        add_identity_file(options, NULL, arg, userconfig);
                 }
                 break;
 
@@ -1119,7 +1137,7 @@ parse_int:
 
 int
 read_config_file(const char *filename, const char *host, Options *options,
-    int checkperm)
+    int flags)
 {
         FILE *f;
         char line[1024];
@@ -1129,7 +1147,7 @@ read_config_file(const char *filename, const char *host, Options *options,
         if ((f = fopen(filename, "r")) == NULL)
                 return 0;
 
-        if (checkperm) {
+        if (flags & SSHCONF_CHECKPERM) {
                 struct stat sb;
 
                 if (fstat(fileno(f), &sb) == -1)
@@ -1149,7 +1167,8 @@ read_config_file(const char *filename, const char *host, Options *options,
         while (fgets(line, sizeof(line), f)) {
                 /* Update line number counter. */
                 linenum++;
-                if (process_config_line(options, host, line, filename, linenum, &active) != 0)
+                if (process_config_line(options, host, line, filename, linenum,
+                    &active, flags & SSHCONF_USERCONF) != 0)
                         bad_options++;
         }
         fclose(f);
@@ -1337,30 +1356,17 @@ fill_default_options(Options * options)
                 options->protocol = SSH_PROTO_2;
         if (options->num_identity_files == 0) {
                 if (options->protocol & SSH_PROTO_1) {
-                        len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1;
-                        options->identity_files[options->num_identity_files] =
-                            xmalloc(len);
-                        snprintf(options->identity_files[options->num_identity_files++],
-                            len, "~/%.100s", _PATH_SSH_CLIENT_IDENTITY);
+                        add_identity_file(options, "~/",
+                            _PATH_SSH_CLIENT_IDENTITY, 0);
                 }
                 if (options->protocol & SSH_PROTO_2) {
-                        len = 2 + strlen(_PATH_SSH_CLIENT_ID_RSA) + 1;
-                        options->identity_files[options->num_identity_files] =
-                            xmalloc(len);
-                        snprintf(options->identity_files[options->num_identity_files++],
-                            len, "~/%.100s", _PATH_SSH_CLIENT_ID_RSA);
-
-                        len = 2 + strlen(_PATH_SSH_CLIENT_ID_DSA) + 1;
-                        options->identity_files[options->num_identity_files] =
-                            xmalloc(len);
-                        snprintf(options->identity_files[options->num_identity_files++],
-                            len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA);
+                        add_identity_file(options, "~/",
+                            _PATH_SSH_CLIENT_ID_RSA, 0);
+                        add_identity_file(options, "~/",
+                            _PATH_SSH_CLIENT_ID_DSA, 0);
 #ifdef OPENSSL_HAS_ECC
-                        len = 2 + strlen(_PATH_SSH_CLIENT_ID_ECDSA) + 1;
-                        options->identity_files[options->num_identity_files] =
-                            xmalloc(len);
-                        snprintf(options->identity_files[options->num_identity_files++],
-                            len, "~/%.100s", _PATH_SSH_CLIENT_ID_ECDSA);
+                        add_identity_file(options, "~/",
+                            _PATH_SSH_CLIENT_ID_ECDSA, 0);
 #endif
                 }
         }
diff --git a/readconf.h b/readconf.h
index c5cad9ccf..6ecbf281e 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.h,v 1.91 2011/09/23 07:45:05 markus Exp $ */
+/* $OpenBSD: readconf.h,v 1.93 2013/02/22 04:45:09 dtucker Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -102,6 +102,7 @@ typedef struct {
 
         int     num_identity_files;     /* Number of files for RSA/DSA identities. */
         char   *identity_files[SSH_MAX_IDENTITY_FILES];
+        int    identity_file_userprovided[SSH_MAX_IDENTITY_FILES];
         Key    *identity_keys[SSH_MAX_IDENTITY_FILES];
 
         /* Local TCP/IP forward requests. */
@@ -154,15 +155,20 @@ typedef struct {
 #define REQUEST_TTY_YES         2
 #define REQUEST_TTY_FORCE       3
 
+#define SSHCONF_CHECKPERM       1  /* check permissions on config file */
+#define SSHCONF_USERCONF        2  /* user provided config file not system */
+
 void     initialize_options(Options *);
 void     fill_default_options(Options *);
 int      read_config_file(const char *, const char *, Options *, int);
 int      parse_forward(Forward *, const char *, int, int);
 
 int
-process_config_line(Options *, const char *, char *, const char *, int, int *);
+process_config_line(Options *, const char *, char *, const char *, int, int *,
+    int);
 
 void     add_local_forward(Options *, const Forward *);
 void     add_remote_forward(Options *, const Forward *);
+void     add_identity_file(Options *, const char *, const char *, int);
 
 #endif                          /* READCONF_H */
diff --git a/ssh.c b/ssh.c
index 58c04f88f..19732cb4d 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.370 2012/07/06 01:47:38 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.373 2013/02/22 22:09:01 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -405,12 +405,7 @@ main(int ac, char **av)
                                     strerror(errno));
                                 break;
                         }
-                        if (options.num_identity_files >=
-                            SSH_MAX_IDENTITY_FILES)
-                                fatal("Too many identity files specified "
-                                    "(max %d)", SSH_MAX_IDENTITY_FILES);
-                        options.identity_files[options.num_identity_files++] =
-                            xstrdup(optarg);
+                        add_identity_file(&options, NULL, optarg, 1);
                         break;
                 case 'I':
 #ifdef ENABLE_PKCS11
@@ -584,7 +579,8 @@ main(int ac, char **av)
                         dummy = 1;
                         line = xstrdup(optarg);
                         if (process_config_line(&options, host ? host : "",
-                            line, "command-line", 0, &dummy) != 0)
+                            line, "command-line", 0, &dummy, SSHCONF_USERCONF)
+                            != 0)
                                 exit(255);
                         xfree(line);
                         break;
@@ -678,14 +674,15 @@ main(int ac, char **av)
          * file if the user specifies a config file on the command line.
          */
         if (config != NULL) {
-                if (!read_config_file(config, host, &options, 0))
+                if (!read_config_file(config, host, &options, SSHCONF_USERCONF))
                         fatal("Can't open user config file %.100s: "
                             "%.100s", config, strerror(errno));
         } else {
                 r = snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir,
                     _PATH_SSH_USER_CONFFILE);
                 if (r > 0 && (size_t)r < sizeof(buf))
-                        (void)read_config_file(buf, host, &options, 1);
+                        (void)read_config_file(buf, host, &options,
+                             SSHCONF_CHECKPERM|SSHCONF_USERCONF);
 
                 /* Read systemwide configuration file after user config. */
                 (void)read_config_file(_PATH_HOST_CONFIG_FILE, host,
@@ -1539,7 +1536,8 @@ load_public_identity_files(void)
                 fatal("load_public_identity_files: gethostname: %s",
                     strerror(errno));
         for (i = 0; i < options.num_identity_files; i++) {
-                if (n_ids >= SSH_MAX_IDENTITY_FILES) {
+                if (n_ids >= SSH_MAX_IDENTITY_FILES ||
+                    strcasecmp(options.identity_files[i], "none") == 0) {
                         xfree(options.identity_files[i]);
                         continue;
                 }
diff --git a/sshconnect.c b/sshconnect.c
index ed0e78bfd..1fa1d5963 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.236 2012/09/14 16:51:34 markus Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.237 2013/02/22 19:13:56 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -89,6 +89,13 @@ ssh_proxy_connect(const char *host, u_short port, const char *proxy_command)
         pid_t pid;
         char *shell, strport[NI_MAXSERV];
 
+        if (!strcmp(proxy_command, "-")) {
+                packet_set_connection(STDIN_FILENO, STDOUT_FILENO);
+                packet_set_timeout(options.server_alive_interval,
+                    options.server_alive_count_max);
+                return 0;
+        }
+
         if ((shell = getenv("SHELL")) == NULL || *shell == '\0')
                 shell = _PATH_BSHELL;
 
diff --git a/sshconnect2.c b/sshconnect2.c
index 378b3200c..77b02e3bf 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.191 2013/02/15 00:21:01 dtucker Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.192 2013/02/17 23:16:57 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -1502,7 +1502,7 @@ pubkey_prepare(Authctxt *authctxt)
                 id = xcalloc(1, sizeof(*id));
                 id->key = key;
                 id->filename = xstrdup(options.identity_files[i]);
-                id->userprovided = 1;
+                id->userprovided = options.identity_file_userprovided[i];
                 TAILQ_INSERT_TAIL(&files, id, next);
         }
         /* Prefer PKCS11 keys that are explicitly listed */
diff --git a/version.h b/version.h
index 82061d88a..f4f5a68c8 100644
--- a/version.h
+++ b/version.h
@@ -2,7 +2,7 @@
 
 #define SSH_VERSION     "OpenSSH_6.2"
 
-#define SSH_PORTABLE    "p1"
+#define SSH_PORTABLE    "p2"
 #define SSH_RELEASE_MINIMUM     SSH_VERSION SSH_PORTABLE
 #ifdef SSH_EXTRAVERSION
 #define SSH_RELEASE     SSH_RELEASE_MINIMUM " " SSH_EXTRAVERSION