248 files changed, 5857 insertions, 3588 deletions

diff --git a/ChangeLog b/ChangeLog
index f5e2df0d0..1a0d2545e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,17 +1,628 @@
+20130913
+ - (djm) [channels.c] Fix unaligned access on sparc machines in SOCKS5 code;
+   ok dtucker@
+ - (djm) [channels.c] sigh, typo s/buffet_/buffer_/
+ - (djm) Release 6.3p1
+
+20130808
+ - (dtucker) [regress/Makefile regress/test-exec.sh] Don't try to use test -nt
+   since some platforms (eg really old FreeBSD) don't have it.  Instead,
+   run "make clean" before a complete regress run.  ok djm.
+ - (dtucker) [misc.c] Fall back to time(2) at runtime if clock_gettime(
+   CLOCK_MONOTONIC...) fails.  Some older versions of RHEL have the
+   CLOCK_MONOTONIC define but don't actually support it.  Found and tested
+   by Kevin Brott, ok djm.
+ - (dtucker) [misc.c] Remove define added for fallback testing that was
+   mistakenly included in the previous commit.
+ - (dtucker) [regress/Makefile regress/test-exec.sh] Roll back the -nt
+   removal.  The "make clean" removes modpipe which is built by the top-level
+   directory before running the tests.  Spotted by tim@
+
+20130804
+ - (dtucker) [auth-krb5.c configure.ac openbsd-compat/bsd-misc.h] Add support
+   for building with older Heimdal versions.  ok djm.
+
+20130801
+ - (djm) [channels.c channels.h] bz#2135: On Solaris, isatty() on a non-
+   blocking connecting socket will clear any stored errno that might
+   otherwise have been retrievable via getsockopt(). A hack to limit writes
+   to TTYs on AIX was triggering this. Since only AIX needs the hack, wrap
+   it in an #ifdef. Diagnosis and patch from Ivo Raisr.
+ - (djm) [sshlogin.h] Fix prototype merge botch from 2006; bz#2134
+
+20130725
+ - (djm) OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2013/07/20 22:20:42
+     [krl.c]
+     fix verification error in (as-yet usused) KRL signature checking path
+   - djm@cvs.openbsd.org 2013/07/22 05:00:17
+     [umac.c]
+     make MAC key, data to be hashed and nonce for final hash const;
+     checked with -Wcast-qual
+   - djm@cvs.openbsd.org 2013/07/22 12:20:02
+     [umac.h]
+     oops, forgot to commit corresponding header change;
+     spotted by jsg and jasper
+   - djm@cvs.openbsd.org 2013/07/25 00:29:10
+     [ssh.c]
+     daemonise backgrounded (ControlPersist'ed) multiplexing master to ensure
+     it is fully detached from its controlling terminal. based on debugging
+   - djm@cvs.openbsd.org 2013/07/25 00:56:52
+     [sftp-client.c sftp-client.h sftp.1 sftp.c]
+     sftp support for resuming partial downloads; patch mostly by Loganaden
+     Velvindron/AfriNIC with some tweaks by me; feedback and ok dtucker@
+     "Just be careful" deraadt@
+   - djm@cvs.openbsd.org 2013/07/25 00:57:37
+     [version.h]
+     openssh-6.3 for release
+   - dtucker@cvs.openbsd.org 2013/05/30 20:12:32
+     [regress/test-exec.sh]
+     use ssh and sshd as testdata since it needs to be >256k for the rekey test
+   - dtucker@cvs.openbsd.org 2013/06/10 21:56:43
+     [regress/forwarding.sh]
+     Add test for forward config parsing
+   - djm@cvs.openbsd.org 2013/06/21 02:26:26
+     [regress/sftp-cmds.sh regress/test-exec.sh]
+     unbreak sftp-cmds for renamed test data (s/ls/data/)
+ - (tim) [sftp-client.c] Use of a gcc extension trips up native compilers on
+   Solaris and UnixWare. Feedback and OK djm@
+ - (tim) [regress/forwarding.sh] Fix for building outside source tree.
+
+20130720
+ - (djm) OpenBSD CVS Sync
+   - markus@cvs.openbsd.org 2013/07/19 07:37:48
+     [auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c]
+     [servconf.h session.c sshd.c sshd_config.5]
+     add ssh-agent(1) support to sshd(8); allows encrypted hostkeys,
+     or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974
+     ok djm@
+   - djm@cvs.openbsd.org 2013/07/20 01:43:46
+     [umac.c]
+     use a union to ensure correct alignment; ok deraadt
+   - djm@cvs.openbsd.org 2013/07/20 01:44:37
+     [ssh-keygen.c ssh.c]
+     More useful error message on missing current user in /etc/passwd
+   - djm@cvs.openbsd.org 2013/07/20 01:50:20
+     [ssh-agent.c]
+     call cleanup_handler on SIGINT when in debug mode to ensure sockets
+     are cleaned up on manual exit; bz#2120
+   - djm@cvs.openbsd.org 2013/07/20 01:55:13
+     [auth-krb5.c gss-serv-krb5.c gss-serv.c]
+     fix kerberos/GSSAPI deprecation warnings and linking; "looks okay" millert@
+
+20130718
+ - (djm) OpenBSD CVS Sync
+   - dtucker@cvs.openbsd.org 2013/06/10 19:19:44
+     [readconf.c]
+     revert 1.203 while we investigate crashes reported by okan@
+   - guenther@cvs.openbsd.org 2013/06/17 04:48:42
+     [scp.c]
+     Handle time_t values as long long's when formatting them and when
+     parsing them from remote servers.
+     Improve error checking in parsing of 'T' lines.
+     ok dtucker@ deraadt@
+   - markus@cvs.openbsd.org 2013/06/20 19:15:06
+     [krl.c]
+     don't leak the rdata blob on errors; ok djm@
+   - djm@cvs.openbsd.org 2013/06/21 00:34:49
+     [auth-rsa.c auth.h auth2-hostbased.c auth2-pubkey.c monitor.c]
+     for hostbased authentication, print the client host and user on
+     the auth success/failure line; bz#2064, ok dtucker@
+   - djm@cvs.openbsd.org 2013/06/21 00:37:49
+     [ssh_config.5]
+     explicitly mention that IdentitiesOnly can be used with IdentityFile
+     to control which keys are offered from an agent.
+   - djm@cvs.openbsd.org 2013/06/21 05:42:32
+     [dh.c]
+     sprinkle in some error() to explain moduli(5) parse failures
+   - djm@cvs.openbsd.org 2013/06/21 05:43:10
+     [scp.c]
+     make this -Wsign-compare clean after time_t conversion
+   - djm@cvs.openbsd.org 2013/06/22 06:31:57
+     [scp.c]
+     improved time_t overflow check suggested by guenther@
+   - jmc@cvs.openbsd.org 2013/06/27 14:05:37
+     [ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5]
+     do not use Sx for sections outwith the man page - ingo informs me that
+     stuff like html will render with broken links;
+     issue reported by Eric S. Raymond, via djm
+   - markus@cvs.openbsd.org 2013/07/02 12:31:43
+     [dh.c]
+     remove extra whitespace
+   - djm@cvs.openbsd.org 2013/07/12 00:19:59
+     [auth-options.c auth-rsa.c bufaux.c buffer.h channels.c hostfile.c]
+     [hostfile.h mux.c packet.c packet.h roaming_common.c serverloop.c]
+     fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@
+   - djm@cvs.openbsd.org 2013/07/12 00:20:00
+     [sftp.c ssh-keygen.c ssh-pkcs11.c]
+     fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@
+   - djm@cvs.openbsd.org 2013/07/12 00:43:50
+     [misc.c]
+     in ssh_gai_strerror() don't fallback to strerror for EAI_SYSTEM when
+     errno == 0. Avoids confusing error message in some broken resolver
+     cases. bz#2122 patch from plautrba AT redhat.com; ok dtucker
+   - djm@cvs.openbsd.org 2013/07/12 05:42:03
+     [ssh-keygen.c]
+     do_print_resource_record() can never be called with a NULL filename, so
+     don't attempt (and bungle) asking for one if it has not been specified
+     bz#2127 ok dtucker@
+   - djm@cvs.openbsd.org 2013/07/12 05:48:55
+     [ssh.c]
+     set TCP nodelay for connections started with -N; bz#2124 ok dtucker@
+   - schwarze@cvs.openbsd.org 2013/07/16 00:07:52
+     [scp.1 sftp-server.8 ssh-keyscan.1 ssh-keysign.8 ssh-pkcs11-helper.8]
+     use .Mt for email addresses; from Jan Stary <hans at stare dot cz>; ok jmc@
+   - djm@cvs.openbsd.org 2013/07/18 01:12:26
+     [ssh.1]
+     be more exact wrt perms for ~/.ssh/config; bz#2078
+
+20130702
+ - (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-config
+   contrib/cygwin/ssh-user-config] Modernizes and improve readability of
+   the Cygwin README file (which hasn't been updated for ages), drop
+   unsupported OSes from the ssh-host-config help text, and drop an
+   unneeded option from ssh-user-config.  Patch from vinschen at redhat com.
+
+20130610
+ - (djm) OpenBSD CVS Sync
+   - dtucker@cvs.openbsd.org 2013/06/07 15:37:52
+     [channels.c channels.h clientloop.c]
+     Add an "ABANDONED" channel state and use for mux sessions that are
+     disconnected via the ~. escape sequence.  Channels in this state will
+     be able to close if the server responds, but do not count as active channels.
+     This means that if you ~. all of the mux clients when using ControlPersist
+     on a broken network, the backgrounded mux master will exit when the
+     Control Persist time expires rather than hanging around indefinitely.
+     bz#1917, also reported and tested by tedu@.  ok djm@ markus@.
+ - (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupported
+   algorithms (Ciphers, MACs and HostKeyAlgorithms) from man pages.
+ - (dtucker) [myproposal.h] Do not advertise AES GSM ciphers if we don't have
+   the required OpenSSL support.  Patch from naddy at freebsd.
+ - (dtucker) [myproposal.h] Make the conditional algorithm support consistent
+   and add some comments so it's clear what goes where.
+
+20130605
+ - (dtucker) [myproposal.h] Enable sha256 kex methods based on the presence of
+   the necessary functions, not from the openssl version.
+ - (dtucker) [contrib/ssh-copy-id] bz#2117: Use portable operator in test.
+   Patch from cjwatson at debian.
+ - (dtucker) [regress/forwarding.sh] For (as yet unknown) reason, the
+   forwarding test is extremely slow copying data on some machines so switch
+   back to copying the much smaller ls binary until we can figure out why
+   this is.
+ - (dtucker) [Makefile.in] append $CFLAGS to compiler options when building
+   modpipe in case there's anything in there we need.
+ - (dtucker) OpenBSD CVS Sync
+   - dtucker@cvs.openbsd.org 2013/06/02 21:01:51
+     [channels.h]
+     typo in comment
+   - dtucker@cvs.openbsd.org 2013/06/02 23:36:29
+     [clientloop.h clientloop.c mux.c]
+     No need for the mux cleanup callback to be visible so restore it to static
+     and call it through the detach_user function pointer.  ok djm@
+   - dtucker@cvs.openbsd.org 2013/06/03 00:03:18
+     [mac.c]
+     force the MAC output to be 64-bit aligned so umac won't see unaligned
+     accesses on strict-alignment architectures.  bz#2101, patch from
+     tomas.kuthan at oracle.com, ok djm@
+   - dtucker@cvs.openbsd.org 2013/06/04 19:12:23
+     [scp.c]
+     use MAXPATHLEN for buffer size instead of fixed value.  ok markus
+   - dtucker@cvs.openbsd.org 2013/06/04 20:42:36
+     [sftp.c]
+     Make sftp's libedit interface marginally multibyte aware by building up
+     the quoted string by character instead of by byte.  Prevents failures
+     when linked against a libedit built with wide character support (bz#1990).
+     "looks ok" djm
+   - dtucker@cvs.openbsd.org 2013/06/05 02:07:29
+     [mux.c]
+     fix leaks in mux error paths, from Zhenbo Xu, found by Melton. bz#1967,
+     ok djm
+   - dtucker@cvs.openbsd.org 2013/06/05 02:27:50
+     [sshd.c]
+     When running sshd -D, close stderr unless we have explicitly requesting
+     logging to stderr. From james.hunt at ubuntu.com via bz#1976, djm's patch
+     so, err, ok dtucker.
+   - dtucker@cvs.openbsd.org 2013/06/05 12:52:38
+     [sshconnect2.c]
+     Fix memory leaks found by Zhenbo Xu and the Melton tool.  bz#1967, ok djm
+   - dtucker@cvs.openbsd.org 2013/06/05 22:00:28
+     [readconf.c]
+     plug another memleak.  bz#1967, from Zhenbo Xu, detected by Melton, ok djm
+ - (dtucker) [configure.ac sftp.c openbsd-compat/openbsd-compat.h] Cater for
+    platforms that don't have multibyte character support (specifically,
+    mblen).
+
+20130602
+ - (tim) [Makefile.in] Make Solaris, UnixWare, & OpenServer linkers happy
+   linking regress/modpipe.
+ - (dtucker) OpenBSD CVS Sync
+   - dtucker@cvs.openbsd.org 2013/06/02 13:33:05
+     [progressmeter.c]
+     Add misc.h for monotime prototype. (ID sync only).
+   - dtucker@cvs.openbsd.org 2013/06/02 13:35:58
+     [ssh-agent.c]
+     Make parent_alive_interval time_t to avoid signed/unsigned comparison
+ - (dtucker) [configure.ac]  sys/un.h needs sys/socket.h on some platforms
+   to prevent noise from configure. Patch from Nathan Osman. (bz#2114).
+ - (dtucker) [configure.ac] bz#2111: don't try to use lastlog on Android.
+   Patch from Nathan Osman.
+ - (tim) [configure.ac regress/Makefile] With rev 1.47 of test-exec.sh we
+   need a shell that can handle "[ file1 -nt file2 ]". Rather than keep
+   dealing with shell portability issues in regression tests, we let
+   configure find us a capable shell on those platforms with an old /bin/sh.
+ - (tim) [aclocal.m4] Enhance OSSH_CHECK_CFLAG_COMPILE to check stderr.
+   feedback and ok dtucker
+ - (tim) [regress/sftp-chroot.sh] skip if no sudo. ok dtucker
+ - (dtucker) [configure.ac] Some platforms need sys/types.h before sys/un.h.
+ - (dtucker) [configure.ac] Some other platforms need sys/types.h before
+   sys/socket.h.
+
+20130601
+ - (dtucker) [configure.ac openbsd-compat/xcrypt.c] bz#2112: fall back to
+   using openssl's DES_crypt function on platorms that don't have a native
+   one, eg Android.  Based on a patch from Nathan Osman.
+ - (dtucker) [configure.ac defines.h] Test for fd_mask, howmany and NFDBITS
+   rather than trying to enumerate the plaforms that don't have them.
+   Based on a patch from Nathan Osman, with help from tim@.
+ - (dtucker) OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2013/05/17 00:13:13
+     [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
+     ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
+     gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
+     auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
+     servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
+     auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
+     sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
+     kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
+     kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
+     monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
+     ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
+     sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
+     ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
+     dns.c packet.c readpass.c authfd.c moduli.c]
+     bye, bye xfree(); ok markus@
+   - djm@cvs.openbsd.org 2013/05/19 02:38:28
+     [auth2-pubkey.c]
+     fix failure to recognise cert-authority keys if a key of a different type
+     appeared in authorized_keys before it; ok markus@
+   - djm@cvs.openbsd.org 2013/05/19 02:42:42
+     [auth.h auth.c key.c monitor.c auth-rsa.c auth2.c auth1.c key.h]
+     Standardise logging of supplemental information during userauth. Keys
+     and ruser is now logged in the auth success/failure message alongside
+     the local username, remote host/port and protocol in use. Certificates
+     contents and CA are logged too.
+     Pushing all logging onto a single line simplifies log analysis as it is
+     no longer necessary to relate information scattered across multiple log
+     entries. "I like it" markus@
+   - dtucker@cvs.openbsd.org 2013/05/31 12:28:10
+     [ssh-agent.c]
+     Use time_t where appropriate.  ok djm
+   - dtucker@cvs.openbsd.org 2013/06/01 13:15:52
+     [ssh-agent.c clientloop.c misc.h packet.c progressmeter.c misc.c
+     channels.c sandbox-systrace.c]
+     Use clock_gettime(CLOCK_MONOTONIC ...) for ssh timers so that things like
+     keepalives and rekeying will work properly over clock steps.  Suggested by
+     markus@, "looks good" djm@.
+   - dtucker@cvs.openbsd.org 2013/06/01 20:59:25
+     [scp.c sftp-client.c]
+     Replace S_IWRITE, which isn't standardized, with S_IWUSR, which is.  Patch
+     from Nathan Osman via bz#2085.  ok deraadt.
+   - dtucker@cvs.openbsd.org 2013/06/01 22:34:50
+     [sftp-client.c]
+     Update progressmeter when data is acked, not when it's sent.  bz#2108, from
+     Debian via Colin Watson, ok djm@
+ - (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c cipher-ctr.c
+   groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c
+   sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c
+   openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c
+   openbsd-compat/port-linux.c] Replace portable-specific instances of xfree
+   with the equivalent calls to free.
+ - (dtucker) [configure.ac misc.c] Look for clock_gettime in librt and fall
+   back to time(NULL) if we can't find it anywhere.
+ - (dtucker) [sandbox-seccomp-filter.c] Allow clock_gettimeofday.
+
+20130529
+  - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] bz#2087: Add a null
+    implementation of endgrent for platforms that don't have it (eg Android).
+    Loosely based on a patch from Nathan Osman, ok djm
+
+ 20130517
+ - (dtucker) OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2013/03/07 00:20:34
+     [regress/proxy-connect.sh]
+     repeat test with a style appended to the username
+   - dtucker@cvs.openbsd.org 2013/03/23 11:09:43
+     [regress/test-exec.sh]
+     Only regenerate host keys if they don't exist or if ssh-keygen has changed
+     since they were.  Reduces test runtime by 5-30% depending on machine
+     speed.
+   - dtucker@cvs.openbsd.org 2013/04/06 06:00:22
+     [regress/rekey.sh regress/test-exec.sh regress/integrity.sh
+     regress/multiplex.sh Makefile regress/cfgmatch.sh]
+     Split the regress log into 3 parts: the debug output from ssh, the debug
+     log from sshd and the output from the client command (ssh, scp or sftp).
+     Somewhat functional now, will become more useful when ssh/sshd -E is added.
+   - dtucker@cvs.openbsd.org 2013/04/07 02:16:03
+     [regress/Makefile regress/rekey.sh regress/integrity.sh
+     regress/sshd-log-wrapper.sh regress/forwarding.sh regress/test-exec.sh]
+     use -E option for ssh and sshd to write debuging logs to ssh{,d}.log and
+     save the output from any failing tests.  If a test fails the debug output
+     from ssh and sshd for the failing tests (and only the failing tests) should
+     be available in failed-ssh{,d}.log.
+   - djm@cvs.openbsd.org 2013/04/18 02:46:12
+     [regress/Makefile regress/sftp-chroot.sh]
+     test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@
+   - dtucker@cvs.openbsd.org 2013/04/22 07:23:08
+     [regress/multiplex.sh]
+     Write mux master logs to regress.log instead of ssh.log to keep separate
+   - djm@cvs.openbsd.org 2013/05/10 03:46:14
+     [regress/modpipe.c]
+     sync some portability changes from portable OpenSSH (id sync only)
+   - dtucker@cvs.openbsd.org 2013/05/16 02:10:35
+     [regress/rekey.sh]
+     Add test for time-based rekeying
+   - dtucker@cvs.openbsd.org 2013/05/16 03:33:30
+     [regress/rekey.sh]
+     test rekeying when there's no data being transferred
+   - dtucker@cvs.openbsd.org 2013/05/16 04:26:10
+     [regress/rekey.sh]
+     add server-side rekey test
+   - dtucker@cvs.openbsd.org 2013/05/16 05:48:31
+     [regress/rekey.sh]
+     add tests for RekeyLimit parsing
+   - dtucker@cvs.openbsd.org 2013/05/17 00:37:40
+     [regress/agent.sh regress/keytype.sh regress/cfgmatch.sh
+     regress/forcecommand.sh regress/proto-version.sh regress/test-exec.sh
+     regress/cipher-speed.sh regress/cert-hostkey.sh regress/cert-userkey.sh
+     regress/ssh-com.sh]
+     replace 'echo -n' with 'printf' since it's more portable
+     also remove "echon" hack.
+   - dtucker@cvs.openbsd.org 2013/05/17 01:16:09
+     [regress/agent-timeout.sh]
+     Pull back some portability changes from -portable:
+      - TIMEOUT is a read-only variable in some shells
+      - not all greps have -q so redirect to /dev/null instead.
+     (ID sync only)
+   - dtucker@cvs.openbsd.org 2013/05/17 01:32:11
+     [regress/integrity.sh]
+     don't print output from ssh before getting it (it's available in ssh.log)
+   - dtucker@cvs.openbsd.org 2013/05/17 04:29:14
+     [regress/sftp.sh regress/putty-ciphers.sh regress/cipher-speed.sh
+     regress/test-exec.sh regress/sftp-batch.sh regress/dynamic-forward.sh
+     regress/putty-transfer.sh regress/conch-ciphers.sh regress/sftp-cmds.sh
+     regress/scp.sh regress/ssh-com-sftp.sh regress/rekey.sh
+     regress/putty-kex.sh regress/stderr-data.sh regress/stderr-after-eof.sh
+     regress/sftp-badcmds.sh regress/reexec.sh regress/ssh-com-client.sh
+     regress/sftp-chroot.sh regress/forwarding.sh regress/transfer.sh
+     regress/multiplex.sh]
+     Move the setting of DATA and COPY into test-exec.sh
+   - dtucker@cvs.openbsd.org 2013/05/17 10:16:26
+     [regress/try-ciphers.sh]
+     use expr for math to keep diffs vs portable down
+     (id sync only)
+   - dtucker@cvs.openbsd.org 2013/05/17 10:23:52
+     [regress/login-timeout.sh regress/reexec.sh regress/test-exec.sh]
+     Use SUDO when cat'ing pid files and running the sshd log wrapper so that
+     it works with a restrictive umask and the pid files are not world readable.
+     Changes from -portable.  (id sync only)
+   - dtucker@cvs.openbsd.org 2013/05/17 10:24:48
+     [regress/localcommand.sh]
+     use backticks for portability. (id sync only)
+   - dtucker@cvs.openbsd.org 2013/05/17 10:26:26
+     [regress/sftp-badcmds.sh]
+     remove unused BATCH variable. (id sync only)
+   - dtucker@cvs.openbsd.org 2013/05/17 10:28:11
+     [regress/sftp.sh]
+     only compare copied data if sftp succeeds.  from portable (id sync only)
+   - dtucker@cvs.openbsd.org 2013/05/17 10:30:07
+     [regress/test-exec.sh]
+     wait a bit longer for startup and use case for absolute path.
+     from portable (id sync only)
+   - dtucker@cvs.openbsd.org 2013/05/17 10:33:09
+     [regress/agent-getpeereid.sh]
+     don't redirect stdout from sudo.  from portable (id sync only)
+   - dtucker@cvs.openbsd.org 2013/05/17 10:34:30
+     [regress/portnum.sh]
+     use a more portable negated if structure.  from portable (id sync only)
+   - dtucker@cvs.openbsd.org 2013/05/17 10:35:43
+     [regress/scp.sh]
+     use a file extention that's not special on some platforms.  from portable
+     (id sync only)
+ - (dtucker) [regress/bsd.regress.mk] Remove unused file.  We've never used it
+   in portable and it's long gone in openbsd.
+ - (dtucker) [regress/integrity.sh].  Force fixed Diffie-Hellman key exchange
+   methods.  When the openssl version doesn't support ECDH then next one on
+   the list is DH group exchange, but that causes a bit more traffic which can
+   mean that the tests flip bits in the initial exchange rather than the MACed
+   traffic and we get different errors to what the tests look for.
+ - (dtucker) [openbsd-compat/getopt.h] Remove unneeded bits.
+ - (dtucker) [regress/cfgmatch.sh] Resync config file setup with openbsd.
+ - (dtucker) [regress/agent-getpeereid.sh] Resync spaces with openbsd.
+ - (dtucker) [regress/integrity.sh regress/krl.sh regress/test-exec.sh]
+   Move the jot helper function to portable-specific part of test-exec.sh.
+ - (dtucker) [regress/test-exec.sh] Move the portable-specific functions
+   together and add a couple of missing lines from openbsd.
+ - (dtucker) [regress/stderr-after-eof.sh regress/test-exec.sh] Move the md5
+   helper function to the portable part of test-exec.sh.
+ - (dtucker) [regress/runtests.sh] Remove obsolete test driver script.
+ - (dtucker) [regress/cfgmatch.sh] Remove unneeded sleep renderd obsolete by
+   rev 1.6 which calls wait.
+
 20130516
- - (djm) [contrib/ssh-copy-id] Fix bug that could cause "rm *" to be
-   executed if mktemp failed; bz#2105 ok dtucker@
- - (djm) Release 6.2p2
+ - (djm) [contrib/ssh-copy-id] Fix bug that could cause "rm *" to be 
+    executed if mktemp failed; bz#2105 ok dtucker@
+ - (dtucker) OpenBSD CVS Sync
+   - tedu@cvs.openbsd.org 2013/04/23 17:49:45
+     [misc.c]
+     use xasprintf instead of a series of strlcats and strdup. ok djm
+   - tedu@cvs.openbsd.org 2013/04/24 16:01:46
+     [misc.c]
+     remove extra parens noticed by nicm
+   - dtucker@cvs.openbsd.org 2013/05/06 07:35:12
+     [sftp-server.8]
+     Reference the version of the sftp draft we actually implement.  ok djm@
+   - djm@cvs.openbsd.org 2013/05/10 03:40:07
+     [sshconnect2.c]
+     fix bzero(ptr_to_struct, sizeof(ptr_to_struct)); bz#2100 from
+     Colin Watson
+   - djm@cvs.openbsd.org 2013/05/10 04:08:01
+     [key.c]
+     memleak in cert_free(), wasn't actually freeing the struct;
+     bz#2096 from shm AT digitalsun.pl
+   - dtucker@cvs.openbsd.org 2013/05/10 10:13:50
+     [ssh-pkcs11-helper.c]
+     remove unused extern optarg.  ok markus@
+   - dtucker@cvs.openbsd.org 2013/05/16 02:00:34
+     [ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c
+     ssh_config.5 packet.h]
+     Add an optional second argument to RekeyLimit in the client to allow
+     rekeying based on elapsed time in addition to amount of traffic.
+     with djm@ jmc@, ok djm
+   - dtucker@cvs.openbsd.org 2013/05/16 04:09:14
+     [sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config
+     sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing
+     rekeying based on traffic volume or time.  ok djm@, help & ok jmc@ for the man
+     page.
+   - djm@cvs.openbsd.org 2013/05/16 04:27:50
+     [ssh_config.5 readconf.h readconf.c]
+     add the ability to ignore specific unrecognised ssh_config options;
+     bz#866; ok markus@
+   - jmc@cvs.openbsd.org 2013/05/16 06:28:45
+     [ssh_config.5]
+     put IgnoreUnknown in the right place;
+   - jmc@cvs.openbsd.org 2013/05/16 06:30:06
+     [sshd_config.5]
+     oops! avoid Xr to self;
+   - dtucker@cvs.openbsd.org 2013/05/16 09:08:41
+     [log.c scp.c sshd.c serverloop.c schnorr.c sftp.c]
+     Fix some "unused result" warnings found via clang and -portable.
+     ok markus@
+   - dtucker@cvs.openbsd.org 2013/05/16 09:12:31
+     [readconf.c servconf.c]
+     switch RekeyLimit traffic volume parsing to scan_scaled.  ok djm@
+   - dtucker@cvs.openbsd.org 2013/05/16 10:43:34
+     [servconf.c readconf.c]
+     remove now-unused variables
+   - dtucker@cvs.openbsd.org 2013/05/16 10:44:06
+     [servconf.c]
+     remove another now-unused variable
+ - (dtucker) [configure.ac readconf.c servconf.c
+     openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled.
 
 20130510
- - (djm) OpenBSD CVS Cherrypick
+ - (dtucker) [configure.ac] Enable -Wsizeof-pointer-memaccess if the compiler
+   supports it.  Mentioned by Colin Watson in bz#2100, ok djm.
+ - (dtucker) [openbsd-compat/getopt.c] Factor out portibility changes to
+   getopt.c.  Preprocessed source is identical other than line numbers.
+ - (dtucker) [openbsd-compat/getopt_long.c] Import from OpenBSD.  No
+   portability changes yet.
+ - (dtucker) [openbsd-compat/Makefile.in openbsd-compat/getopt.c
+   openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add
+   portability code to getopt_long.c and switch over Makefile and the ugly
+   hack in modpipe.c.  Fixes bz#1448.
+ - (dtucker) [openbsd-compat/getopt.h openbsd-compat/getopt_long.c
+   openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb
+   in to use it when we're using our own getopt.
+ - (dtucker) [kex.c] Only include sha256 and ECC key exchange methods when the
+   underlying libraries support them.
+ - (dtucker) [configure.ac] Add -Werror to the -Qunused-arguments test so
+   we don't get a warning on compilers that *don't* support it.  Add
+   -Wno-unknown-warning-option.  Move both to the start of the list for
+   maximum noise suppression.  Tested with gcc 4.6.3, gcc 2.95.4 and clang 2.9.
+
+20130423
+ - (djm) [auth.c configure.ac misc.c monitor.c monitor_wrap.c] Support
+   platforms, such as Android, that lack struct passwd.pw_gecos. Report
+   and initial patch from Nathan Osman bz#2086; feedback tim@ ok dtucker@
+ - (djm) OpenBSD CVS Sync
+   - markus@cvs.openbsd.org 2013/03/05 20:16:09
+     [sshconnect2.c]
+     reset pubkey order on partial success; ok djm@
+   - djm@cvs.openbsd.org 2013/03/06 23:35:23
+     [session.c]
+     fatal() when ChrootDirectory specified by running without root privileges;
+     ok markus@
+   - djm@cvs.openbsd.org 2013/03/06 23:36:53
+     [readconf.c]
+     g/c unused variable (-Wunused)
+   - djm@cvs.openbsd.org 2013/03/07 00:19:59
+     [auth2-pubkey.c monitor.c]
+     reconstruct the original username that was sent by the client, which may
+     have included a style (e.g. "root:skey") when checking public key
+     signatures. Fixes public key and hostbased auth when the client specified
+     a style; ok markus@
+   - markus@cvs.openbsd.org 2013/03/07 19:27:25
+     [auth.h auth2-chall.c auth2.c monitor.c sshd_config.5]
+     add submethod support to AuthenticationMethods; ok and freedback djm@
+   - djm@cvs.openbsd.org 2013/03/08 06:32:58
+     [ssh.c]
+     allow "ssh -f none ..." ok markus@
+   - djm@cvs.openbsd.org 2013/04/05 00:14:00
+     [auth2-gss.c krl.c sshconnect2.c]
+     hush some {unused, printf type} warnings
+   - djm@cvs.openbsd.org 2013/04/05 00:31:49
+     [pathnames.h]
+     use the existing _PATH_SSH_USER_RC define to construct the other
+     pathnames; bz#2077, ok dtucker@ (no binary change)
+   - djm@cvs.openbsd.org 2013/04/05 00:58:51
+     [mux.c]
+     cleanup mux-created channels that are in SSH_CHANNEL_OPENING state too
+     (in addition to ones already in OPEN); bz#2079, ok dtucker@
+   - markus@cvs.openbsd.org 2013/04/06 16:07:00
+     [channels.c sshd.c]
+     handle ECONNABORTED for accept(); ok deraadt some time ago...
+   - dtucker@cvs.openbsd.org 2013/04/07 02:10:33
+     [log.c log.h ssh.1 ssh.c sshd.8 sshd.c]
+     Add -E option to ssh and sshd to append debugging logs to a specified file
+     instead of stderr or syslog.  ok markus@, man page help jmc@
+   - dtucker@cvs.openbsd.org 2013/04/07 09:40:27
+     [sshd.8]
+     clarify -e text. suggested by & ok jmc@
    - djm@cvs.openbsd.org 2013/04/11 02:27:50
      [packet.c]
      quiet disconnect notifications on the server from error() back to logit()
      if it is a normal client closure; bz#2057 ok+feedback dtucker@
- - (djm) [version.h contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
-   [contrib/suse/openssh.spec] Crank version numbers for release.
- - (djm) [README] Update release notes URL
+   - dtucker@cvs.openbsd.org 2013/04/17 09:04:09
+     [session.c]
+     revert rev 1.262; it fails because uid is already set here.  ok djm@
+   - djm@cvs.openbsd.org 2013/04/18 02:16:07
+     [sftp.c]
+     make "sftp -q" do what it says on the sticker: hush everything but errors;
+     ok dtucker@
+   - djm@cvs.openbsd.org 2013/04/19 01:00:10
+     [sshd_config.5]
+     document the requirment that the AuthorizedKeysCommand be owned by root;
+     ok dtucker@ markus@
+   - djm@cvs.openbsd.org 2013/04/19 01:01:00
+     [ssh-keygen.c]
+     fix some memory leaks; bz#2088 ok dtucker@
+   - djm@cvs.openbsd.org 2013/04/19 01:03:01
+     [session.c]
+     reintroduce 1.262 without the connection-killing bug:
+     fatal() when ChrootDirectory specified by running without root privileges;
+     ok markus@
+   - djm@cvs.openbsd.org 2013/04/19 01:06:50
+     [authfile.c cipher.c cipher.h kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c]
+     [key.c key.h mac.c mac.h packet.c ssh.1 ssh.c]
+     add the ability to query supported ciphers, MACs, key type and KEX
+     algorithms to ssh. Includes some refactoring of KEX and key type handling
+     to be table-driven; ok markus@
+   - djm@cvs.openbsd.org 2013/04/19 11:10:18
+     [ssh.c]
+     add -Q to usage; reminded by jmc@
+   - djm@cvs.openbsd.org 2013/04/19 12:07:08
+     [kex.c]
+     remove duplicated list entry pointed out by naddy@
+   - dtucker@cvs.openbsd.org 2013/04/22 01:17:18
+     [mux.c]
+     typo in debug output: evitval->exitval
+
+20130418
+ - (djm) [config.guess config.sub] Update to last versions before they switch
+   to GPL3. ok dtucker@
+ - (dtucker) [configure.ac] Use -Qunused-arguments to suppress warnings from
+   unused argument warnings (in particular, -fno-builtin-memset) from clang.
 
 20130404
  - (dtucker) OpenBSD CVS Sync
@@ -40,10 +651,16 @@
    to avoid conflicting definitions of __int64, adding the required bits.
    Patch from Corinna Vinschen.
 
+20120323
+ - (tim) [Makefile.in] remove some duplication introduced in 20130220 commit.
+
 20120322
  - (djm) [contrib/ssh-copy-id contrib/ssh-copy-id.1] Updated to Phil
    Hands' greatly revised version.
  - (djm) Release 6.2p1
+ - (dtucker) [configure.ac] Add stdlib.h to zlib check for exit() prototype.
+ - (dtucker) [includes.h] Check if _GNU_SOURCE is already defined before
+   defining it again.  Prevents warnings if someone, eg, sets it in CFLAGS.
 
 20120318
  - (djm) [configure.ac log.c scp.c sshconnect2.c openbsd-compat/vis.c]
diff --git a/Makefile.in b/Makefile.in
index 5b2431d4a..839abbd48 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.336 2013/03/07 15:37:13 tim Exp $
+# $Id: Makefile.in,v 1.340 2013/06/11 01:26:10 dtucker Exp $
 
 # uncomment if you run a non bourne compatable shell. Ie. csh
 #SHELL = @SH@
@@ -125,6 +125,8 @@ PATHSUBS	= \
         -e 's|/usr/bin:/bin:/usr/sbin:/sbin|@user_path@|g'
 
 FIXPATHSCMD     = $(SED) $(PATHSUBS)
+FIXALGORITHMSCMD= $(SHELL) $(srcdir)/fixalgorithms $(SED) \
+                     @UNSUPPORTED_ALGORITHMS@
 
 all: $(CONFIGFILES) $(MANPAGES) $(TARGETS)
 
@@ -191,9 +193,10 @@ $(MANPAGES): $(MANPAGES_IN)
                 manpage=$(srcdir)/`echo $@ | sed 's/\.out$$//'`; \
         fi; \
         if test "$(MANTYPE)" = "man"; then \
-                $(FIXPATHSCMD) $${manpage} | $(AWK) -f $(srcdir)/mdoc2man.awk > $@; \
+                $(FIXPATHSCMD) $${manpage} | $(FIXALGORITHMSCMD) | \
+                    $(AWK) -f $(srcdir)/mdoc2man.awk > $@; \
         else \
-                $(FIXPATHSCMD) $${manpage} > $@; \
+                $(FIXPATHSCMD) $${manpage} | $(FIXALGORITHMSCMD) > $@; \
         fi
 
 $(CONFIGFILES): $(CONFIGFILES_IN)
@@ -394,15 +397,14 @@ uninstall:
         -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
 
 regress/modpipe$(EXEEXT): $(srcdir)/regress/modpipe.c
-        [ -d `pwd`/regress ]  ||  mkdir -p `pwd`/regress; \
-        $(CC) $(CPPFLAGS) -o $@ $? \
-        $(LDFLAGS) -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
+        [ -d `pwd`/regress ]  ||  mkdir -p `pwd`/regress
+        [ -f `pwd`/regress/Makefile ]  || \
+            ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile
+        $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $? \
+        $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
 
 tests interop-tests:    $(TARGETS) regress/modpipe$(EXEEXT)
         BUILDDIR=`pwd`; \
-        [ -d `pwd`/regress ]  ||  mkdir -p `pwd`/regress; \
-        [ -f `pwd`/regress/Makefile ]  || \
-            ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile ; \
         TEST_SHELL="@TEST_SHELL@"; \
         TEST_SSH_SSH="$${BUILDDIR}/ssh"; \
         TEST_SSH_SSHD="$${BUILDDIR}/sshd"; \
diff --git a/README b/README
index 52bb657d6..ece2dba19 100644
--- a/README
+++ b/README
@@ -1,4 +1,4 @@
-See http://www.openssh.com/txt/release-6.2p2 for the release notes.
+See http://www.openssh.com/txt/release-6.3 for the release notes.
 
 - A Japanese translation of this document and of the OpenSSH FAQ is
 - available at http://www.unixuser.org/~haruyama/security/openssh/index.html
@@ -62,4 +62,4 @@ References -
 [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9
 [7] http://www.openssh.com/faq.html
 
-$Id: README,v 1.82.2.1 2013/05/10 06:12:54 djm Exp $
+$Id: README,v 1.83 2013/07/25 02:34:00 djm Exp $
diff --git a/aclocal.m4 b/aclocal.m4
index 9bdea5ec2..1b3bed790 100644
--- a/aclocal.m4
+++ b/aclocal.m4
@@ -1,4 +1,4 @@
-dnl $Id: aclocal.m4,v 1.8 2011/05/20 01:45:25 djm Exp $
+dnl $Id: aclocal.m4,v 1.9 2013/06/02 21:31:27 tim Exp $
 dnl
 dnl OpenSSH-specific autoconf macros
 dnl
@@ -14,8 +14,15 @@ AC_DEFUN([OSSH_CHECK_CFLAG_COMPILE], [{
         _define_flag="$2"
         test "x$_define_flag" = "x" && _define_flag="$1"
         AC_COMPILE_IFELSE([AC_LANG_SOURCE([[int main(void) { return 0; }]])],
-                [ AC_MSG_RESULT([yes])
-                  CFLAGS="$saved_CFLAGS $_define_flag"],
+                [
+if `grep -i "unrecognized option" conftest.err >/dev/null`
+then
+                AC_MSG_RESULT([no])
+                CFLAGS="$saved_CFLAGS"
+else
+                AC_MSG_RESULT([yes])
+                 CFLAGS="$saved_CFLAGS $_define_flag"
+fi],
                 [ AC_MSG_RESULT([no])
                   CFLAGS="$saved_CFLAGS" ]
         )
diff --git a/addrmatch.c b/addrmatch.c
index 388603cae..fb6de92e7 100644
--- a/addrmatch.c
+++ b/addrmatch.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: addrmatch.c,v 1.6 2012/06/21 00:16:07 dtucker Exp $ */
+/*      $OpenBSD: addrmatch.c,v 1.7 2013/05/17 00:13:13 djm Exp $ */
 
 /*
  * Copyright (c) 2004-2008 Damien Miller <djm@mindrot.org>
@@ -420,7 +420,7 @@ addr_match_list(const char *addr, const char *_list)
                                 goto foundit;
                 }
         }
-        xfree(o);
+        free(o);
 
         return ret;
 }
@@ -494,7 +494,7 @@ addr_match_cidr_list(const char *addr, const char *_list)
                         continue;
                 }
         }
-        xfree(o);
+        free(o);
 
         return ret;
 }
diff --git a/auth-chall.c b/auth-chall.c
index 919b1eaa4..0005aa88b 100644
--- a/auth-chall.c
+++ b/auth-chall.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-chall.c,v 1.12 2006/08/03 03:34:41 deraadt Exp $ */
+/* $OpenBSD: auth-chall.c,v 1.13 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -69,11 +69,11 @@ get_challenge(Authctxt *authctxt)
                 fatal("get_challenge: numprompts < 1");
         challenge = xstrdup(prompts[0]);
         for (i = 0; i < numprompts; i++)
-                xfree(prompts[i]);
-        xfree(prompts);
-        xfree(name);
-        xfree(echo_on);
-        xfree(info);
+                free(prompts[i]);
+        free(prompts);
+        free(name);
+        free(echo_on);
+        free(info);
 
         return (challenge);
 }
@@ -102,11 +102,11 @@ verify_response(Authctxt *authctxt, const char *response)
                         authenticated = 1;
 
                 for (i = 0; i < numprompts; i++)
-                        xfree(prompts[i]);
-                xfree(prompts);
-                xfree(name);
-                xfree(echo_on);
-                xfree(info);
+                        free(prompts[i]);
+                free(prompts);
+                free(name);
+                free(echo_on);
+                free(info);
                 break;
         }
         device->free_ctx(authctxt->kbdintctxt);
diff --git a/auth-krb5.c b/auth-krb5.c
index 4c2375462..5613b5772 100644
--- a/auth-krb5.c
+++ b/auth-krb5.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-krb5.c,v 1.19 2006/08/03 03:34:41 deraadt Exp $ */
+/* $OpenBSD: auth-krb5.c,v 1.20 2013/07/20 01:55:13 djm Exp $ */
 /*
  *    Kerberos v5 authentication and ticket-passing routines.
  *
@@ -79,6 +79,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
         krb5_ccache ccache = NULL;
         int len;
         char *client, *platform_client;
+        const char *errmsg;
 
         /* get platform-specific kerberos client principal name (if it exists) */
         platform_client = platform_krb5_get_principal_name(authctxt->pw->pw_name);
@@ -96,7 +97,12 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
                 goto out;
 
 #ifdef HEIMDAL
+# ifdef HAVE_KRB5_CC_NEW_UNIQUE
+        problem = krb5_cc_new_unique(authctxt->krb5_ctx,
+             krb5_mcc_ops.prefix, NULL, &ccache);
+# else
         problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_mcc_ops, &ccache);
+# endif
         if (problem)
                 goto out;
 
@@ -115,8 +121,13 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
         if (problem)
                 goto out;
 
+# ifdef HAVE_KRB5_CC_NEW_UNIQUE
+        problem = krb5_cc_new_unique(authctxt->krb5_ctx,
+             krb5_fcc_ops.prefix, NULL, &authctxt->krb5_fwd_ccache);
+# else
         problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops,
             &authctxt->krb5_fwd_ccache);
+# endif
         if (problem)
                 goto out;
 
@@ -186,17 +197,19 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
  out:
         restore_uid();
         
-        if (platform_client != NULL)
-                xfree(platform_client);
+        free(platform_client);
 
         if (problem) {
                 if (ccache)
                         krb5_cc_destroy(authctxt->krb5_ctx, ccache);
 
-                if (authctxt->krb5_ctx != NULL && problem!=-1)
-                        debug("Kerberos password authentication failed: %s",
-                            krb5_get_err_text(authctxt->krb5_ctx, problem));
-                else
+                if (authctxt->krb5_ctx != NULL && problem!=-1) {
+                        errmsg = krb5_get_error_message(authctxt->krb5_ctx,
+                            problem);
+                        debug("Kerberos password authentication failed: %s",
+                            errmsg);
+                        krb5_free_error_message(authctxt->krb5_ctx, errmsg);
+                } else
                         debug("Kerberos password authentication failed: %d",
                             problem);
 
diff --git a/auth-options.c b/auth-options.c
index 78e8f3955..73e330bf5 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-options.c,v 1.57 2012/12/02 20:46:11 djm Exp $ */
+/* $OpenBSD: auth-options.c,v 1.59 2013/07/12 00:19:58 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -83,15 +83,15 @@ auth_clear_options(void)
         while (custom_environment) {
                 struct envstring *ce = custom_environment;
                 custom_environment = ce->next;
-                xfree(ce->s);
-                xfree(ce);
+                free(ce->s);
+                free(ce);
         }
         if (forced_command) {
-                xfree(forced_command);
+                free(forced_command);
                 forced_command = NULL;
         }
         if (authorized_principals) {
-                xfree(authorized_principals);
+                free(authorized_principals);
                 authorized_principals = NULL;
         }
         forced_tun_device = -1;
@@ -160,7 +160,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                 if (strncasecmp(opts, cp, strlen(cp)) == 0) {
                         opts += strlen(cp);
                         if (forced_command != NULL)
-                                xfree(forced_command);
+                                free(forced_command);
                         forced_command = xmalloc(strlen(opts) + 1);
                         i = 0;
                         while (*opts) {
@@ -178,7 +178,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                                     file, linenum);
                                 auth_debug_add("%.100s, line %lu: missing end quote",
                                     file, linenum);
-                                xfree(forced_command);
+                                free(forced_command);
                                 forced_command = NULL;
                                 goto bad_option;
                         }
@@ -191,7 +191,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                 if (strncasecmp(opts, cp, strlen(cp)) == 0) {
                         opts += strlen(cp);
                         if (authorized_principals != NULL)
-                                xfree(authorized_principals);
+                                free(authorized_principals);
                         authorized_principals = xmalloc(strlen(opts) + 1);
                         i = 0;
                         while (*opts) {
@@ -209,7 +209,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                                     file, linenum);
                                 auth_debug_add("%.100s, line %lu: missing end quote",
                                     file, linenum);
-                                xfree(authorized_principals);
+                                free(authorized_principals);
                                 authorized_principals = NULL;
                                 goto bad_option;
                         }
@@ -243,7 +243,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                                     file, linenum);
                                 auth_debug_add("%.100s, line %lu: missing end quote",
                                     file, linenum);
-                                xfree(s);
+                                free(s);
                                 goto bad_option;
                         }
                         s[i] = '\0';
@@ -280,7 +280,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                                     file, linenum);
                                 auth_debug_add("%.100s, line %lu: missing end quote",
                                     file, linenum);
-                                xfree(patterns);
+                                free(patterns);
                                 goto bad_option;
                         }
                         patterns[i] = '\0';
@@ -288,7 +288,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                         switch (match_host_and_ip(remote_host, remote_ip,
                             patterns)) {
                         case 1:
-                                xfree(patterns);
+                                free(patterns);
                                 /* Host name matches. */
                                 goto next_option;
                         case -1:
@@ -298,7 +298,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                                     "invalid criteria", file, linenum);
                                 /* FALLTHROUGH */
                         case 0:
-                                xfree(patterns);
+                                free(patterns);
                                 if (!logged_from_hostip) {
                                         logit("Authentication tried for %.100s with "
                                             "correct key but not from a permitted "
@@ -337,7 +337,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                                     file, linenum);
                                 auth_debug_add("%.100s, line %lu: missing "
                                     "end quote", file, linenum);
-                                xfree(patterns);
+                                free(patterns);
                                 goto bad_option;
                         }
                         patterns[i] = '\0';
@@ -351,7 +351,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                                 auth_debug_add("%.100s, line %lu: "
                                     "Bad permitopen specification", file,
                                     linenum);
-                                xfree(patterns);
+                                free(patterns);
                                 goto bad_option;
                         }
                         host = cleanhostname(host);
@@ -360,12 +360,12 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                                     "<%.100s>", file, linenum, p ? p : "");
                                 auth_debug_add("%.100s, line %lu: "
                                     "Bad permitopen port", file, linenum);
-                                xfree(patterns);
+                                free(patterns);
                                 goto bad_option;
                         }
                         if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0)
                                 channel_add_permitted_opens(host, port);
-                        xfree(patterns);
+                        free(patterns);
                         goto next_option;
                 }
                 cp = "tunnel=\"";
@@ -384,13 +384,13 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                                     file, linenum);
                                 auth_debug_add("%.100s, line %lu: missing end quote",
                                     file, linenum);
-                                xfree(tun);
+                                free(tun);
                                 forced_tun_device = -1;
                                 goto bad_option;
                         }
                         tun[i] = '\0';
                         forced_tun_device = a2tun(tun, NULL);
-                        xfree(tun);
+                        free(tun);
                         if (forced_tun_device == SSH_TUNID_ERR) {
                                 debug("%.100s, line %lu: invalid tun device",
                                     file, linenum);
@@ -446,7 +446,8 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
 {
         char *command, *allowed;
         const char *remote_ip;
-        u_char *name = NULL, *data_blob = NULL;
+        char *name = NULL;
+        u_char *data_blob = NULL;
         u_int nlen, dlen, clen;
         Buffer c, data;
         int ret = -1, found;
@@ -498,7 +499,7 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
                                 if (*cert_forced_command != NULL) {
                                         error("Certificate has multiple "
                                             "force-command options");
-                                        xfree(command);
+                                        free(command);
                                         goto out;
                                 }
                                 *cert_forced_command = command;
@@ -514,7 +515,7 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
                                 if ((*cert_source_address_done)++) {
                                         error("Certificate has multiple "
                                             "source-address options");
-                                        xfree(allowed);
+                                        free(allowed);
                                         goto out;
                                 }
                                 remote_ip = get_remote_ipaddr();
@@ -522,7 +523,7 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
                                     allowed)) {
                                 case 1:
                                         /* accepted */
-                                        xfree(allowed);
+                                        free(allowed);
                                         break;
                                 case 0:
                                         /* no match */
@@ -538,12 +539,12 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
                                             "is not permitted to use this "
                                             "certificate for login.",
                                             remote_ip);
-                                        xfree(allowed);
+                                        free(allowed);
                                         goto out;
                                 case -1:
                                         error("Certificate source-address "
                                             "contents invalid");
-                                        xfree(allowed);
+                                        free(allowed);
                                         goto out;
                                 }
                                 found = 1;
@@ -565,9 +566,10 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
                         goto out;
                 }
                 buffer_clear(&data);
-                xfree(name);
-                xfree(data_blob);
-                name = data_blob = NULL;
+                free(name);
+                free(data_blob);
+                name = NULL;
+                data_blob = NULL;
         }
         /* successfully parsed all options */
         ret = 0;
@@ -576,13 +578,13 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
         if (ret != 0 &&
             cert_forced_command != NULL &&
             *cert_forced_command != NULL) {
-                xfree(*cert_forced_command);
+                free(*cert_forced_command);
                 *cert_forced_command = NULL;
         }
         if (name != NULL)
-                xfree(name);
+                free(name);
         if (data_blob != NULL)
-                xfree(data_blob);
+                free(data_blob);
         buffer_free(&data);
         buffer_free(&c);
         return ret;
@@ -644,7 +646,7 @@ auth_cert_options(Key *k, struct passwd *pw)
         /* CA-specified forced command supersedes key option */
         if (cert_forced_command != NULL) {
                 if (forced_command != NULL)
-                        xfree(forced_command);
+                        free(forced_command);
                 forced_command = cert_forced_command;
         }
         return 0;
diff --git a/auth-pam.c b/auth-pam.c
index 675006e6f..d51318b3a 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -412,10 +412,9 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg,
 
  fail:
         for(i = 0; i < n; i++) {
-                if (reply[i].resp != NULL)
-                        xfree(reply[i].resp);
+                free(reply[i].resp);
         }
-        xfree(reply);
+        free(reply);
         buffer_free(&buffer);
         return (PAM_CONV_ERR);
 }
@@ -586,10 +585,9 @@ sshpam_store_conv(int n, sshpam_const struct pam_message **msg,
 
  fail:
         for(i = 0; i < n; i++) {
-                if (reply[i].resp != NULL)
-                        xfree(reply[i].resp);
+                free(reply[i].resp);
         }
-        xfree(reply);
+        free(reply);
         return (PAM_CONV_ERR);
 }
 
@@ -693,7 +691,7 @@ sshpam_init_ctx(Authctxt *authctxt)
         /* Start the authentication thread */
         if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, socks) == -1) {
                 error("PAM: failed create sockets: %s", strerror(errno));
-                xfree(ctxt);
+                free(ctxt);
                 return (NULL);
         }
         ctxt->pam_psock = socks[0];
@@ -703,7 +701,7 @@ sshpam_init_ctx(Authctxt *authctxt)
                     strerror(errno));
                 close(socks[0]);
                 close(socks[1]);
-                xfree(ctxt);
+                free(ctxt);
                 return (NULL);
         }
         cleanup_ctxt = ctxt;
@@ -742,7 +740,7 @@ sshpam_query(void *ctx, char **name, char **info,
                         strlcpy(**prompts + plen, msg, len - plen);
                         plen += mlen;
                         **echo_on = (type == PAM_PROMPT_ECHO_ON);
-                        xfree(msg);
+                        free(msg);
                         return (0);
                 case PAM_ERROR_MSG:
                 case PAM_TEXT_INFO:
@@ -753,7 +751,7 @@ sshpam_query(void *ctx, char **name, char **info,
                         plen += mlen;
                         strlcat(**prompts + plen, "\n", len - plen);
                         plen++;
-                        xfree(msg);
+                        free(msg);
                         break;
                 case PAM_ACCT_EXPIRED:
                         sshpam_account_status = 0;
@@ -766,7 +764,7 @@ sshpam_query(void *ctx, char **name, char **info,
                                 *num = 0;
                                 **echo_on = 0;
                                 ctxt->pam_done = -1;
-                                xfree(msg);
+                                free(msg);
                                 return 0;
                         }
                         /* FALLTHROUGH */
@@ -776,7 +774,7 @@ sshpam_query(void *ctx, char **name, char **info,
                                 debug("PAM: %s", **prompts);
                                 buffer_append(&loginmsg, **prompts,
                                     strlen(**prompts));
-                                xfree(**prompts);
+                                free(**prompts);
                                 **prompts = NULL;
                         }
                         if (type == PAM_SUCCESS) {
@@ -790,7 +788,7 @@ sshpam_query(void *ctx, char **name, char **info,
                                 *num = 0;
                                 **echo_on = 0;
                                 ctxt->pam_done = 1;
-                                xfree(msg);
+                                free(msg);
                                 return (0);
                         }
                         error("PAM: %s for %s%.100s from %.100s", msg,
@@ -801,7 +799,7 @@ sshpam_query(void *ctx, char **name, char **info,
                 default:
                         *num = 0;
                         **echo_on = 0;
-                        xfree(msg);
+                        free(msg);
                         ctxt->pam_done = -1;
                         return (-1);
                 }
@@ -852,7 +850,7 @@ sshpam_free_ctx(void *ctxtp)
 
         debug3("PAM: %s entering", __func__);
         sshpam_thread_cleanup();
-        xfree(ctxt);
+        free(ctxt);
         /*
          * We don't call sshpam_cleanup() here because we may need the PAM
          * handle at a later stage, e.g. when setting up a session.  It's
@@ -1006,10 +1004,9 @@ sshpam_tty_conv(int n, sshpam_const struct pam_message **msg,
 
  fail:
         for(i = 0; i < n; i++) {
-                if (reply[i].resp != NULL)
-                        xfree(reply[i].resp);
+                free(reply[i].resp);
         }
-        xfree(reply);
+        free(reply);
         return (PAM_CONV_ERR);
 }
 
@@ -1081,7 +1078,7 @@ do_pam_putenv(char *name, char *value)
 
         snprintf(compound, len, "%s=%s", name, value);
         ret = pam_putenv(sshpam_handle, compound);
-        xfree(compound);
+        free(compound);
 #endif
 
         return (ret);
@@ -1108,8 +1105,8 @@ free_pam_environment(char **env)
                 return;
 
         for (envp = env; *envp; envp++)
-                xfree(*envp);
-        xfree(env);
+                free(*envp);
+        free(env);
 }
 
 /*
@@ -1165,10 +1162,9 @@ sshpam_passwd_conv(int n, sshpam_const struct pam_message **msg,
 
  fail:
         for(i = 0; i < n; i++) {
-                if (reply[i].resp != NULL)
-                        xfree(reply[i].resp);
+                free(reply[i].resp);
         }
-        xfree(reply);
+        free(reply);
         return (PAM_CONV_ERR);
 }
 
diff --git a/auth-rsa.c b/auth-rsa.c
index 33cdb5dae..9b139c928 100644
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-rsa.c,v 1.81 2012/10/30 21:29:54 djm Exp $ */
+/* $OpenBSD: auth-rsa.c,v 1.85 2013/07/12 00:19:58 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -164,9 +164,8 @@ static int
 rsa_key_allowed_in_file(struct passwd *pw, char *file,
     const BIGNUM *client_n, Key **rkey)
 {
-        char line[SSH_MAX_PUBKEY_BYTES];
-        int allowed = 0;
-        u_int bits;
+        char *fp, line[SSH_MAX_PUBKEY_BYTES];
+        int allowed = 0, bits;
         FILE *f;
         u_long linenum = 0;
         Key *key;
@@ -229,11 +228,16 @@ rsa_key_allowed_in_file(struct passwd *pw, char *file,
 
                 /* check the real bits  */
                 keybits = BN_num_bits(key->rsa->n);
-                if (keybits < 0 || bits != (u_int)keybits)
+                if (keybits < 0 || bits != keybits)
                         logit("Warning: %s, line %lu: keysize mismatch: "
                             "actual %d vs. announced %d.",
                             file, linenum, BN_num_bits(key->rsa->n), bits);
 
+                fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
+                debug("matching key found: file %s, line %lu %s %s",
+                    file, linenum, key_type(key), fp);
+                free(fp);
+
                 /* Never accept a revoked key */
                 if (auth_key_is_revoked(key, 0))
                         break;
@@ -283,7 +287,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
                 file = expand_authorized_keys(
                     options.authorized_keys_files[i], pw);
                 allowed = rsa_key_allowed_in_file(pw, file, client_n, rkey);
-                xfree(file);
+                free(file);
         }
 
         restore_uid();
@@ -300,7 +304,6 @@ int
 auth_rsa(Authctxt *authctxt, BIGNUM *client_n)
 {
         Key *key;
-        char *fp;
         struct passwd *pw = authctxt->pw;
 
         /* no user given */
@@ -330,11 +333,7 @@ auth_rsa(Authctxt *authctxt, BIGNUM *client_n)
          * options; this will be reset if the options cause the
          * authentication to be rejected.
          */
-        fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
-        verbose("Found matching %s key: %s",
-            key_type(key), fp);
-        xfree(fp);
-        key_free(key);
+        pubkey_auth_info(authctxt, key, NULL);
 
         packet_send_debug("RSA authentication accepted.");
         return (1);
diff --git a/auth.c b/auth.c
index 514602a0c..7f6c6c8ad 100644
--- a/auth.c
+++ b/auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.c,v 1.101 2013/02/06 00:22:21 dtucker Exp $ */
+/* $OpenBSD: auth.c,v 1.103 2013/05/19 02:42:42 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -73,6 +73,7 @@
 #include "authfile.h"
 #include "monitor_wrap.h"
 #include "krl.h"
+#include "compat.h"
 
 /* import */
 extern ServerOptions options;
@@ -166,17 +167,17 @@ allowed_user(struct passwd * pw)
                 if (stat(shell, &st) != 0) {
                         logit("User %.100s not allowed because shell %.100s "
                             "does not exist", pw->pw_name, shell);
-                        xfree(shell);
+                        free(shell);
                         return 0;
                 }
                 if (S_ISREG(st.st_mode) == 0 ||
                     (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) {
                         logit("User %.100s not allowed because shell %.100s "
                             "is not executable", pw->pw_name, shell);
-                        xfree(shell);
+                        free(shell);
                         return 0;
                 }
-                xfree(shell);
+                free(shell);
         }
 
         if (options.num_deny_users > 0 || options.num_allow_users > 0 ||
@@ -253,8 +254,25 @@ allowed_user(struct passwd * pw)
 }
 
 void
+auth_info(Authctxt *authctxt, const char *fmt, ...)
+{
+        va_list ap;
+        int i;
+
+        free(authctxt->info);
+        authctxt->info = NULL;
+
+        va_start(ap, fmt);
+        i = vasprintf(&authctxt->info, fmt, ap);
+        va_end(ap);
+
+        if (i < 0 || authctxt->info == NULL)
+                fatal("vasprintf failed");
+}
+
+void
 auth_log(Authctxt *authctxt, int authenticated, int partial,
-    const char *method, const char *submethod, const char *info)
+    const char *method, const char *submethod)
 {
         void (*authlog) (const char *fmt,...) = verbose;
         char *authmsg;
@@ -276,7 +294,7 @@ auth_log(Authctxt *authctxt, int authenticated, int partial,
         else
                 authmsg = authenticated ? "Accepted" : "Failed";
 
-        authlog("%s %s%s%s for %s%.100s from %.200s port %d%s",
+        authlog("%s %s%s%s for %s%.100s from %.200s port %d %s%s%s",
             authmsg,
             method,
             submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod,
@@ -284,7 +302,11 @@ auth_log(Authctxt *authctxt, int authenticated, int partial,
             authctxt->user,
             get_remote_ipaddr(),
             get_remote_port(),
-            info);
+            compat20 ? "ssh2" : "ssh1",
+            authctxt->info != NULL ? ": " : "",
+            authctxt->info != NULL ? authctxt->info : "");
+        free(authctxt->info);
+        authctxt->info = NULL;
 
 #ifdef CUSTOM_FAILED_LOGIN
         if (authenticated == 0 && !authctxt->postponed &&
@@ -356,7 +378,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw)
         i = snprintf(ret, sizeof(ret), "%s/%s", pw->pw_dir, file);
         if (i < 0 || (size_t)i >= sizeof(ret))
                 fatal("expand_authorized_keys: path too long");
-        xfree(file);
+        free(file);
         return (xstrdup(ret));
 }
 
@@ -397,7 +419,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
                         load_hostkeys(hostkeys, host, user_hostfile);
                         restore_uid();
                 }
-                xfree(user_hostfile);
+                free(user_hostfile);
         }
         host_status = check_key_in_hostkeys(hostkeys, key, &found);
         if (host_status == HOST_REVOKED)
@@ -647,7 +669,7 @@ auth_key_is_revoked(Key *key, int hostkey)
                                 logit("Public key %s from %s blacklisted (see "
                                     "ssh-vulnkey(1)); continuing anyway",
                                     key_fp, get_remote_ipaddr());
-                        xfree(key_fp);
+                        free(key_fp);
                 } else {
                         if (hostkey)
                                 error("Host key %s blacklisted (see "
@@ -656,7 +678,7 @@ auth_key_is_revoked(Key *key, int hostkey)
                                 logit("Public key %s from %s blacklisted (see "
                                     "ssh-vulnkey(1))",
                                     key_fp, get_remote_ipaddr());
-                        xfree(key_fp);
+                        free(key_fp);
                         return 1;
                 }
         }
@@ -688,7 +710,7 @@ auth_key_is_revoked(Key *key, int hostkey)
                 key_fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
                 error("WARNING: authentication attempt with a revoked "
                     "%s key %s ", key_type(key), key_fp);
-                xfree(key_fp);
+                free(key_fp);
                 return 1;
         }
         fatal("key_in_file returned junk");
@@ -719,7 +741,7 @@ auth_debug_send(void)
         while (buffer_len(&auth_debug)) {
                 msg = buffer_get_string(&auth_debug, NULL);
                 packet_send_debug("%s", msg);
-                xfree(msg);
+                free(msg);
         }
 }
 
@@ -743,10 +765,12 @@ fakepw(void)
         fake.pw_name = "NOUSER";
         fake.pw_passwd =
             "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK";
+#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
         fake.pw_gecos = "NOUSER";
+#endif
         fake.pw_uid = privsep_pw == NULL ? (uid_t)-1 : privsep_pw->pw_uid;
         fake.pw_gid = privsep_pw == NULL ? (gid_t)-1 : privsep_pw->pw_gid;
-#ifdef HAVE_PW_CLASS_IN_PASSWD
+#ifdef HAVE_STRUCT_PASSWD_PW_CLASS
         fake.pw_class = "";
 #endif
         fake.pw_dir = "/nonexist";
diff --git a/auth.h b/auth.h
index c2328f05b..ec95460cf 100644
--- a/auth.h
+++ b/auth.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.h,v 1.72 2012/12/02 20:34:09 djm Exp $ */
+/* $OpenBSD: auth.h,v 1.76 2013/07/19 07:37:48 markus Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -61,6 +61,7 @@ struct Authctxt {
         char            *style;
         char            *role;
         void            *kbdintctxt;
+        char            *info;          /* Extra info for next auth_log */
         void            *jpake_ctx;
 #ifdef BSD_AUTH
         auth_session_t  *as;
@@ -122,6 +123,8 @@ int	 auth_rsa_key_allowed(struct passwd *, BIGNUM *, Key **);
 int      auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *);
 int      hostbased_key_allowed(struct passwd *, const char *, char *, Key *);
 int      user_key_allowed(struct passwd *, Key *);
+void     pubkey_auth_info(Authctxt *, const Key *, const char *, ...)
+            __attribute__((__format__ (printf, 3, 4)));
 
 struct stat;
 int      auth_secure_path(const char *, struct stat *, const char *, uid_t,
@@ -149,8 +152,10 @@ void disable_forwarding(void);
 void    do_authentication(Authctxt *);
 void    do_authentication2(Authctxt *);
 
-void    auth_log(Authctxt *, int, int, const char *, const char *,
-    const char *);
+void    auth_info(Authctxt *authctxt, const char *, ...)
+            __attribute__((__format__ (printf, 2, 3)))
+            __attribute__((__nonnull__ (2)));
+void    auth_log(Authctxt *, int, int, const char *, const char *);
 void    userauth_finish(Authctxt *, int, const char *, const char *);
 int     auth_root_allowed(const char *);
 
@@ -158,8 +163,9 @@ void	userauth_send_banner(const char *);
 
 char    *auth2_read_banner(void);
 int      auth2_methods_valid(const char *, int);
-int      auth2_update_methods_lists(Authctxt *, const char *);
+int      auth2_update_methods_lists(Authctxt *, const char *, const char *);
 int      auth2_setup_methods_lists(Authctxt *);
+int      auth2_method_allowed(Authctxt *, const char *, const char *);
 
 void    privsep_challenge_enable(void);
 
@@ -193,10 +199,12 @@ check_key_in_hostfiles(struct passwd *, Key *, const char *,
 
 /* hostkey handling */
 Key     *get_hostkey_by_index(int);
+Key     *get_hostkey_public_by_index(int);
 Key     *get_hostkey_public_by_type(int);
 Key     *get_hostkey_private_by_type(int);
 int      get_hostkey_index(Key *);
 int      ssh1_session_key(BIGNUM *);
+void     sshd_hostkey_sign(Key *, Key *, u_char **, u_int *, u_char *, u_int);
 
 /* debug messages during authentication */
 void     auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2)));
diff --git a/auth1.c b/auth1.c
index de49b172d..2803a3c97 100644
--- a/auth1.c
+++ b/auth1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth1.c,v 1.77 2012/12/02 20:34:09 djm Exp $ */
+/* $OpenBSD: auth1.c,v 1.79 2013/05/19 02:42:42 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -45,11 +45,11 @@
 extern ServerOptions options;
 extern Buffer loginmsg;
 
-static int auth1_process_password(Authctxt *, char *, size_t);
-static int auth1_process_rsa(Authctxt *, char *, size_t);
-static int auth1_process_rhosts_rsa(Authctxt *, char *, size_t);
-static int auth1_process_tis_challenge(Authctxt *, char *, size_t);
-static int auth1_process_tis_response(Authctxt *, char *, size_t);
+static int auth1_process_password(Authctxt *);
+static int auth1_process_rsa(Authctxt *);
+static int auth1_process_rhosts_rsa(Authctxt *);
+static int auth1_process_tis_challenge(Authctxt *);
+static int auth1_process_tis_response(Authctxt *);
 
 static char *client_user = NULL;    /* Used to fill in remote user for PAM */
 
@@ -57,7 +57,7 @@ struct AuthMethod1 {
         int type;
         char *name;
         int *enabled;
-        int (*method)(Authctxt *, char *, size_t);
+        int (*method)(Authctxt *);
 };
 
 const struct AuthMethod1 auth1_methods[] = {
@@ -112,7 +112,7 @@ get_authname(int type)
 
 /*ARGSUSED*/
 static int
-auth1_process_password(Authctxt *authctxt, char *info, size_t infolen)
+auth1_process_password(Authctxt *authctxt)
 {
         int authenticated = 0;
         char *password;
@@ -130,14 +130,14 @@ auth1_process_password(Authctxt *authctxt, char *info, size_t infolen)
         authenticated = PRIVSEP(auth_password(authctxt, password));
 
         memset(password, 0, dlen);
-        xfree(password);
+        free(password);
 
         return (authenticated);
 }
 
 /*ARGSUSED*/
 static int
-auth1_process_rsa(Authctxt *authctxt, char *info, size_t infolen)
+auth1_process_rsa(Authctxt *authctxt)
 {
         int authenticated = 0;
         BIGNUM *n;
@@ -155,7 +155,7 @@ auth1_process_rsa(Authctxt *authctxt, char *info, size_t infolen)
 
 /*ARGSUSED*/
 static int
-auth1_process_rhosts_rsa(Authctxt *authctxt, char *info, size_t infolen)
+auth1_process_rhosts_rsa(Authctxt *authctxt)
 {
         int keybits, authenticated = 0;
         u_int bits;
@@ -187,14 +187,14 @@ auth1_process_rhosts_rsa(Authctxt *authctxt, char *info, size_t infolen)
             client_host_key);
         key_free(client_host_key);
 
-        snprintf(info, infolen, " ruser %.100s", client_user);
+        auth_info(authctxt, "ruser %.100s", client_user);
 
         return (authenticated);
 }
 
 /*ARGSUSED*/
 static int
-auth1_process_tis_challenge(Authctxt *authctxt, char *info, size_t infolen)
+auth1_process_tis_challenge(Authctxt *authctxt)
 {
         char *challenge;
 
@@ -204,7 +204,7 @@ auth1_process_tis_challenge(Authctxt *authctxt, char *info, size_t infolen)
         debug("sending challenge '%s'", challenge);
         packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE);
         packet_put_cstring(challenge);
-        xfree(challenge);
+        free(challenge);
         packet_send();
         packet_write_wait();
 
@@ -213,7 +213,7 @@ auth1_process_tis_challenge(Authctxt *authctxt, char *info, size_t infolen)
 
 /*ARGSUSED*/
 static int
-auth1_process_tis_response(Authctxt *authctxt, char *info, size_t infolen)
+auth1_process_tis_response(Authctxt *authctxt)
 {
         int authenticated = 0;
         char *response;
@@ -223,7 +223,7 @@ auth1_process_tis_response(Authctxt *authctxt, char *info, size_t infolen)
         packet_check_eom();
         authenticated = verify_response(authctxt, response);
         memset(response, 'r', dlen);
-        xfree(response);
+        free(response);
 
         return (authenticated);
 }
@@ -236,7 +236,6 @@ static void
 do_authloop(Authctxt *authctxt)
 {
         int authenticated = 0;
-        char info[1024];
         int prev = 0, type = 0;
         const struct AuthMethod1 *meth;
 
@@ -254,7 +253,7 @@ do_authloop(Authctxt *authctxt)
 #endif
                 {
                         auth_log(authctxt, 1, 0, "without authentication",
-                            NULL, "");
+                            NULL);
                         return;
                 }
         }
@@ -268,7 +267,6 @@ do_authloop(Authctxt *authctxt)
                 /* default to fail */
                 authenticated = 0;
 
-                info[0] = '\0';
 
                 /* Get a packet from the client. */
                 prev = type;
@@ -298,7 +296,7 @@ do_authloop(Authctxt *authctxt)
                         goto skip;
                 }
 
-                authenticated = meth->method(authctxt, info, sizeof(info));
+                authenticated = meth->method(authctxt);
                 if (authenticated == -1)
                         continue; /* "postponed" */
 
@@ -353,13 +351,10 @@ do_authloop(Authctxt *authctxt)
 
  skip:
                 /* Log before sending the reply */
-                auth_log(authctxt, authenticated, 0, get_authname(type),
-                    NULL, info);
+                auth_log(authctxt, authenticated, 0, get_authname(type), NULL);
 
-                if (client_user != NULL) {
-                        xfree(client_user);
-                        client_user = NULL;
-                }
+                free(client_user);
+                client_user = NULL;
 
                 if (authenticated)
                         return;
diff --git a/auth2-chall.c b/auth2-chall.c
index 6505d4009..98f3093ce 100644
--- a/auth2-chall.c
+++ b/auth2-chall.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-chall.c,v 1.36 2012/12/03 00:14:06 djm Exp $ */
+/* $OpenBSD: auth2-chall.c,v 1.38 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2001 Per Allansson.  All rights reserved.
@@ -147,15 +147,13 @@ kbdint_free(KbdintAuthctxt *kbdintctxt)
 {
         if (kbdintctxt->device)
                 kbdint_reset_device(kbdintctxt);
-        if (kbdintctxt->devices) {
-                xfree(kbdintctxt->devices);
-                kbdintctxt->devices = NULL;
-        }
-        xfree(kbdintctxt);
+        free(kbdintctxt->devices);
+        bzero(kbdintctxt, sizeof(*kbdintctxt));
+        free(kbdintctxt);
 }
 /* get next device */
 static int
-kbdint_next_device(KbdintAuthctxt *kbdintctxt)
+kbdint_next_device(Authctxt *authctxt, KbdintAuthctxt *kbdintctxt)
 {
         size_t len;
         char *t;
@@ -169,12 +167,16 @@ kbdint_next_device(KbdintAuthctxt *kbdintctxt)
 
                 if (len == 0)
                         break;
-                for (i = 0; devices[i]; i++)
+                for (i = 0; devices[i]; i++) {
+                        if (!auth2_method_allowed(authctxt,
+                            "keyboard-interactive", devices[i]->name))
+                                continue;
                         if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0)
                                 kbdintctxt->device = devices[i];
+                }
                 t = kbdintctxt->devices;
                 kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL;
-                xfree(t);
+                free(t);
                 debug2("kbdint_next_device: devices %s", kbdintctxt->devices ?
                     kbdintctxt->devices : "<empty>");
         } while (kbdintctxt->devices && !kbdintctxt->device);
@@ -221,7 +223,7 @@ auth2_challenge_start(Authctxt *authctxt)
         debug2("auth2_challenge_start: devices %s",
             kbdintctxt->devices ?  kbdintctxt->devices : "<empty>");
 
-        if (kbdint_next_device(kbdintctxt) == 0) {
+        if (kbdint_next_device(authctxt, kbdintctxt) == 0) {
                 auth2_challenge_stop(authctxt);
                 return 0;
         }
@@ -268,11 +270,11 @@ send_userauth_info_request(Authctxt *authctxt)
         packet_write_wait();
 
         for (i = 0; i < kbdintctxt->nreq; i++)
-                xfree(prompts[i]);
-        xfree(prompts);
-        xfree(echo_on);
-        xfree(name);
-        xfree(instr);
+                free(prompts[i]);
+        free(prompts);
+        free(echo_on);
+        free(name);
+        free(instr);
         return 1;
 }
 
@@ -311,10 +313,9 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt)
 
         for (i = 0; i < nresp; i++) {
                 memset(response[i], 'r', strlen(response[i]));
-                xfree(response[i]);
+                free(response[i]);
         }
-        if (response)
-                xfree(response);
+        free(response);
 
         switch (res) {
         case 0:
diff --git a/auth2-gss.c b/auth2-gss.c
index 17d4a3a84..b8db8204f 100644
--- a/auth2-gss.c
+++ b/auth2-gss.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-gss.c,v 1.18 2012/12/02 20:34:09 djm Exp $ */
+/* $OpenBSD: auth2-gss.c,v 1.20 2013/05/17 00:13:13 djm Exp $ */
 
 /*
  * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
@@ -81,7 +81,7 @@ userauth_gsskeyex(Authctxt *authctxt)
                     authctxt->pw));
         
         buffer_free(&b);
-        xfree(mic.value);
+        free(mic.value);
 
         return (authenticated);
 }
@@ -115,8 +115,7 @@ userauth_gssapi(Authctxt *authctxt)
         do {
                 mechs--;
 
-                if (doid)
-                        xfree(doid);
+                free(doid);
 
                 present = 0;
                 doid = packet_get_string(&len);
@@ -135,7 +134,7 @@ userauth_gssapi(Authctxt *authctxt)
         gss_release_oid_set(&ms, &supported);
 
         if (!present) {
-                xfree(doid);
+                free(doid);
                 authctxt->server_caused_failure = 1;
                 return (0);
         }
@@ -143,7 +142,7 @@ userauth_gssapi(Authctxt *authctxt)
         if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, &goid)))) {
                 if (ctxt != NULL)
                         ssh_gssapi_delete_ctx(&ctxt);
-                xfree(doid);
+                free(doid);
                 authctxt->server_caused_failure = 1;
                 return (0);
         }
@@ -156,7 +155,7 @@ userauth_gssapi(Authctxt *authctxt)
         packet_put_string(doid, len);
 
         packet_send();
-        xfree(doid);
+        free(doid);
 
         dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, &input_gssapi_token);
         dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, &input_gssapi_errtok);
@@ -187,7 +186,7 @@ input_gssapi_token(int type, u_int32_t plen, void *ctxt)
         maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok,
             &send_tok, &flags));
 
-        xfree(recv_tok.value);
+        free(recv_tok.value);
 
         if (GSS_ERROR(maj_status)) {
                 if (send_tok.length != 0) {
@@ -242,7 +241,7 @@ input_gssapi_errtok(int type, u_int32_t plen, void *ctxt)
         maj_status = PRIVSEP(ssh_gssapi_accept_ctx(gssctxt, &recv_tok,
             &send_tok, NULL));
 
-        xfree(recv_tok.value);
+        free(recv_tok.value);
 
         /* We can't return anything to the client, even if we wanted to */
         dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
@@ -263,14 +262,11 @@ static void
 input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt)
 {
         Authctxt *authctxt = ctxt;
-        Gssctxt *gssctxt;
         int authenticated;
 
         if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
                 fatal("No authentication or GSSAPI context");
 
-        gssctxt = authctxt->methoddata;
-
         /*
          * We don't need to check the status, because we're only enabled in
          * the dispatcher once the exchange is complete
@@ -320,7 +316,7 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt)
                 logit("GSSAPI MIC check failed");
 
         buffer_free(&b);
-        xfree(mic.value);
+        free(mic.value);
 
         authctxt->postponed = 0;
         dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
diff --git a/auth2-hostbased.c b/auth2-hostbased.c
index 700631558..3a17f1bf2 100644
--- a/auth2-hostbased.c
+++ b/auth2-hostbased.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-hostbased.c,v 1.14 2010/08/04 05:42:47 djm Exp $ */
+/* $OpenBSD: auth2-hostbased.c,v 1.16 2013/06/21 00:34:49 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -116,6 +116,10 @@ userauth_hostbased(Authctxt *authctxt)
 #ifdef DEBUG_PK
         buffer_dump(&b);
 #endif
+
+        pubkey_auth_info(authctxt, key,
+            "client user \"%.100s\", client host \"%.100s\"", cuser, chost);
+
         /* test for allowed key and correct signature */
         authenticated = 0;
         if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) &&
@@ -128,11 +132,11 @@ done:
         debug2("userauth_hostbased: authenticated %d", authenticated);
         if (key != NULL)
                 key_free(key);
-        xfree(pkalg);
-        xfree(pkblob);
-        xfree(cuser);
-        xfree(chost);
-        xfree(sig);
+        free(pkalg);
+        free(pkblob);
+        free(cuser);
+        free(chost);
+        free(sig);
         return authenticated;
 }
 
@@ -207,7 +211,7 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
                         verbose("Accepted %s public key %s from %s@%s",
                             key_type(key), fp, cuser, lookup);
                 }
-                xfree(fp);
+                free(fp);
         }
 
         return (host_status == HOST_OK);
diff --git a/auth2-jpake.c b/auth2-jpake.c
index ed0eba47b..78a6b8817 100644
--- a/auth2-jpake.c
+++ b/auth2-jpake.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-jpake.c,v 1.5 2012/12/02 20:34:09 djm Exp $ */
+/* $OpenBSD: auth2-jpake.c,v 1.6 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
  *
@@ -179,7 +179,7 @@ derive_rawsalt(const char *username, u_char *rawsalt, u_int len)
                     __func__, len, digest_len);
         memcpy(rawsalt, digest, len);
         bzero(digest, digest_len);
-        xfree(digest);
+        free(digest);
 }
 
 /* ASCII an integer [0, 64) for inclusion in a password/salt */
@@ -258,7 +258,7 @@ fake_salt_and_scheme(Authctxt *authctxt, char **salt, char **scheme)
                     makesalt(22, authctxt->user));
                 *scheme = xstrdup("bcrypt");
         }
-        xfree(style);
+        free(style);
         debug3("%s: fake %s salt for user %s: %s",
             __func__, *scheme, authctxt->user, *salt);
 }
@@ -361,7 +361,7 @@ auth2_jpake_get_pwdata(Authctxt *authctxt, BIGNUM **s,
         JPAKE_DEBUG_BN((*s, "%s: s = ", __func__));
 #endif
         bzero(secret, secret_len);
-        xfree(secret);
+        free(secret);
 }
 
 /*
@@ -403,12 +403,12 @@ auth2_jpake_start(Authctxt *authctxt)
 
         bzero(hash_scheme, strlen(hash_scheme));
         bzero(salt, strlen(salt));
-        xfree(hash_scheme);
-        xfree(salt);
+        free(hash_scheme);
+        free(salt);
         bzero(x3_proof, x3_proof_len);
         bzero(x4_proof, x4_proof_len);
-        xfree(x3_proof);
-        xfree(x4_proof);
+        free(x3_proof);
+        free(x4_proof);
 
         /* Expect step 1 packet from peer */
         dispatch_set(SSH2_MSG_USERAUTH_JPAKE_CLIENT_STEP1,
@@ -455,8 +455,8 @@ input_userauth_jpake_client_step1(int type, u_int32_t seq, void *ctxt)
 
         bzero(x1_proof, x1_proof_len);
         bzero(x2_proof, x2_proof_len);
-        xfree(x1_proof);
-        xfree(x2_proof);
+        free(x1_proof);
+        free(x2_proof);
 
         if (!use_privsep)
                 JPAKE_DEBUG_CTX((pctx, "step 2 sending in %s", __func__));
@@ -469,7 +469,7 @@ input_userauth_jpake_client_step1(int type, u_int32_t seq, void *ctxt)
         packet_write_wait();
 
         bzero(x4_s_proof, x4_s_proof_len);
-        xfree(x4_s_proof);
+        free(x4_s_proof);
 
         /* Expect step 2 packet from peer */
         dispatch_set(SSH2_MSG_USERAUTH_JPAKE_CLIENT_STEP2,
@@ -510,7 +510,7 @@ input_userauth_jpake_client_step2(int type, u_int32_t seq, void *ctxt)
             &pctx->h_k_sid_sessid, &pctx->h_k_sid_sessid_len));
 
         bzero(x2_s_proof, x2_s_proof_len);
-        xfree(x2_s_proof);
+        free(x2_s_proof);
 
         if (!use_privsep)
                 JPAKE_DEBUG_CTX((pctx, "confirm sending in %s", __func__));
diff --git a/auth2-kbdint.c b/auth2-kbdint.c
index fae67da6e..c39bdc62d 100644
--- a/auth2-kbdint.c
+++ b/auth2-kbdint.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-kbdint.c,v 1.5 2006/08/03 03:34:41 deraadt Exp $ */
+/* $OpenBSD: auth2-kbdint.c,v 1.6 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -56,8 +56,8 @@ userauth_kbdint(Authctxt *authctxt)
         if (options.challenge_response_authentication)
                 authenticated = auth2_challenge(authctxt, devs);
 
-        xfree(devs);
-        xfree(lang);
+        free(devs);
+        free(lang);
         return authenticated;
 }
 
diff --git a/auth2-passwd.c b/auth2-passwd.c
index 5f1f3635f..21bc5047d 100644
--- a/auth2-passwd.c
+++ b/auth2-passwd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-passwd.c,v 1.9 2006/08/03 03:34:41 deraadt Exp $ */
+/* $OpenBSD: auth2-passwd.c,v 1.10 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -60,7 +60,7 @@ userauth_passwd(Authctxt *authctxt)
                 /* discard new password from packet */
                 newpass = packet_get_string(&newlen);
                 memset(newpass, 0, newlen);
-                xfree(newpass);
+                free(newpass);
         }
         packet_check_eom();
 
@@ -69,7 +69,7 @@ userauth_passwd(Authctxt *authctxt)
         else if (PRIVSEP(auth_password(authctxt, password)) == 1)
                 authenticated = 1;
         memset(password, 0, len);
-        xfree(password);
+        free(password);
         return authenticated;
 }
 
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index f980b0dad..7c0ceee55 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.34 2013/02/14 21:35:59 djm Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.38 2013/06/21 00:34:49 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -75,7 +75,7 @@ userauth_pubkey(Authctxt *authctxt)
 {
         Buffer b;
         Key *key = NULL;
-        char *pkalg;
+        char *pkalg, *userstyle;
         u_char *pkblob, *sig;
         u_int alen, blen, slen;
         int have_sig, pktype;
@@ -127,7 +127,11 @@ userauth_pubkey(Authctxt *authctxt)
                 }
                 /* reconstruct packet */
                 buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
-                buffer_put_cstring(&b, authctxt->user);
+                xasprintf(&userstyle, "%s%s%s", authctxt->user,
+                    authctxt->style ? ":" : "",
+                    authctxt->style ? authctxt->style : "");
+                buffer_put_cstring(&b, userstyle);
+                free(userstyle);
                 buffer_put_cstring(&b,
                     datafellows & SSH_BUG_PKSERVICE ?
                     "ssh-userauth" :
@@ -143,6 +147,8 @@ userauth_pubkey(Authctxt *authctxt)
 #ifdef DEBUG_PK
                 buffer_dump(&b);
 #endif
+                pubkey_auth_info(authctxt, key, NULL);
+
                 /* test for correct signature */
                 authenticated = 0;
                 if (PRIVSEP(user_key_allowed(authctxt->pw, key)) &&
@@ -150,7 +156,7 @@ userauth_pubkey(Authctxt *authctxt)
                     buffer_len(&b))) == 1)
                         authenticated = 1;
                 buffer_free(&b);
-                xfree(sig);
+                free(sig);
         } else {
                 debug("test whether pkalg/pkblob are acceptable");
                 packet_check_eom();
@@ -178,11 +184,45 @@ done:
         debug2("userauth_pubkey: authenticated %d pkalg %s", authenticated, pkalg);
         if (key != NULL)
                 key_free(key);
-        xfree(pkalg);
-        xfree(pkblob);
+        free(pkalg);
+        free(pkblob);
         return authenticated;
 }
 
+void
+pubkey_auth_info(Authctxt *authctxt, const Key *key, const char *fmt, ...)
+{
+        char *fp, *extra;
+        va_list ap;
+        int i;
+
+        extra = NULL;
+        if (fmt != NULL) {
+                va_start(ap, fmt);
+                i = vasprintf(&extra, fmt, ap);
+                va_end(ap);
+                if (i < 0 || extra == NULL)
+                        fatal("%s: vasprintf failed", __func__);        
+        }
+
+        if (key_is_cert(key)) {
+                fp = key_fingerprint(key->cert->signature_key,
+                    SSH_FP_MD5, SSH_FP_HEX);
+                auth_info(authctxt, "%s ID %s (serial %llu) CA %s %s%s%s", 
+                    key_type(key), key->cert->key_id,
+                    (unsigned long long)key->cert->serial,
+                    key_type(key->cert->signature_key), fp,
+                    extra == NULL ? "" : ", ", extra == NULL ? "" : extra);
+                free(fp);
+        } else {
+                fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
+                auth_info(authctxt, "%s %s%s%s", key_type(key), fp,
+                    extra == NULL ? "" : ", ", extra == NULL ? "" : extra);
+                free(fp);
+        }
+        free(extra);
+}
+
 static int
 match_principals_option(const char *principal_list, struct KeyCert *cert)
 {
@@ -196,7 +236,7 @@ match_principals_option(const char *principal_list, struct KeyCert *cert)
                     principal_list, NULL)) != NULL) {
                         debug3("matched principal from key options \"%.100s\"",
                             result);
-                        xfree(result);
+                        free(result);
                         return 1;
                 }
         }
@@ -277,13 +317,14 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)
         char *fp;
 
         found_key = 0;
-        found = key_new(key_is_cert(key) ? KEY_UNSPEC : key->type);
 
+        found = NULL;
         auth_start_parse_options();
-
         while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
                 char *cp, *key_options = NULL;
-
+                if (found != NULL)
+                        key_free(found);
+                found = key_new(key_is_cert(key) ? KEY_UNSPEC : key->type);
                 auth_clear_options();
 
                 /* Skip leading whitespace, empty and comment lines. */
@@ -335,7 +376,7 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)
                                 reason = "Certificate does not contain an "
                                     "authorized principal";
  fail_reason:
-                                xfree(fp);
+                                free(fp);
                                 error("%s", reason);
                                 auth_debug_add("%s", reason);
                                 continue;
@@ -345,13 +386,13 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)
                             &reason) != 0)
                                 goto fail_reason;
                         if (auth_cert_options(key, pw) != 0) {
-                                xfree(fp);
+                                free(fp);
                                 continue;
                         }
                         verbose("Accepted certificate ID \"%s\" "
                             "signed by %s CA %s via %s", key->cert->key_id,
                             key_type(found), fp, file);
-                        xfree(fp);
+                        free(fp);
                         found_key = 1;
                         break;
                 } else if (key_equal(found, key)) {
@@ -361,16 +402,15 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)
                         if (key_is_cert_authority)
                                 continue;
                         found_key = 1;
-                        debug("matching key found: file %s, line %lu",
-                            file, linenum);
                         fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX);
-                        verbose("Found matching %s key: %s",
-                            key_type(found), fp);
-                        xfree(fp);
+                        debug("matching key found: file %s, line %lu %s %s",
+                            file, linenum, key_type(found), fp);
+                        free(fp);
                         break;
                 }
         }
-        key_free(found);
+        if (found != NULL)
+                key_free(found);
         if (!found_key)
                 debug2("key not found");
         return found_key;
@@ -425,10 +465,8 @@ user_cert_trusted_ca(struct passwd *pw, Key *key)
         ret = 1;
 
  out:
-        if (principals_file != NULL)
-                xfree(principals_file);
-        if (ca_fp != NULL)
-                xfree(ca_fp);
+        free(principals_file);
+        free(ca_fp);
         return ret;
 }
 
@@ -634,7 +672,7 @@ user_key_allowed(struct passwd *pw, Key *key)
                     options.authorized_keys_files[i], pw);
 
                 success = user_key_allowed2(pw, key, file);
-                xfree(file);
+                free(file);
         }
 
         return success;
diff --git a/auth2.c b/auth2.c
index f00f14764..b55bbcd95 100644
--- a/auth2.c
+++ b/auth2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2.c,v 1.126 2012/12/02 20:34:09 djm Exp $ */
+/* $OpenBSD: auth2.c,v 1.129 2013/05/19 02:42:42 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -100,8 +100,12 @@ static void input_userauth_request(int, u_int32_t, void *);
 /* helper */
 static Authmethod *authmethod_lookup(Authctxt *, const char *);
 static char *authmethods_get(Authctxt *authctxt);
-static int method_allowed(Authctxt *, const char *);
-static int list_starts_with(const char *, const char *);
+
+#define MATCH_NONE      0       /* method or submethod mismatch */
+#define MATCH_METHOD    1       /* method matches (no submethod specified) */
+#define MATCH_BOTH      2       /* method and submethod match */
+#define MATCH_PARTIAL   3       /* method matches, submethod can't be checked */
+static int list_starts_with(const char *, const char *, const char *);
 
 char *
 auth2_read_banner(void)
@@ -128,7 +132,7 @@ auth2_read_banner(void)
         close(fd);
 
         if (n != len) {
-                xfree(banner);
+                free(banner);
                 return (NULL);
         }
         banner[n] = '\0';
@@ -164,8 +168,7 @@ userauth_banner(void)
         userauth_send_banner(banner);
 
 done:
-        if (banner)
-                xfree(banner);
+        free(banner);
 }
 
 /*
@@ -210,7 +213,7 @@ input_service_request(int type, u_int32_t seq, void *ctxt)
                 debug("bad service request %s", service);
                 packet_disconnect("bad service request %s", service);
         }
-        xfree(service);
+        free(service);
 }
 
 /*ARGSUSED*/
@@ -296,9 +299,9 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
         }
         userauth_finish(authctxt, authenticated, method, NULL);
 
-        xfree(service);
-        xfree(user);
-        xfree(method);
+        free(service);
+        free(user);
+        free(method);
 }
 
 void
@@ -324,14 +327,14 @@ userauth_finish(Authctxt *authctxt, int authenticated, const char *method,
         }
 
         if (authenticated && options.num_auth_methods != 0) {
-                if (!auth2_update_methods_lists(authctxt, method)) {
+                if (!auth2_update_methods_lists(authctxt, method, submethod)) {
                         authenticated = 0;
                         partial = 1;
                 }
         }
 
         /* Log before sending the reply */
-        auth_log(authctxt, authenticated, partial, method, submethod, " ssh2");
+        auth_log(authctxt, authenticated, partial, method, submethod);
 
         if (authctxt->postponed)
                 return;
@@ -386,7 +389,7 @@ userauth_finish(Authctxt *authctxt, int authenticated, const char *method,
                 packet_put_char(partial);
                 packet_send();
                 packet_write_wait();
-                xfree(methods);
+                free(methods);
         }
 }
 
@@ -395,8 +398,9 @@ userauth_finish(Authctxt *authctxt, int authenticated, const char *method,
  * methods list. Returns 1 if allowed, or no methods lists configured.
  * 0 otherwise.
  */
-static int
-method_allowed(Authctxt *authctxt, const char *method)
+int
+auth2_method_allowed(Authctxt *authctxt, const char *method,
+    const char *submethod)
 {
         u_int i;
 
@@ -407,7 +411,8 @@ method_allowed(Authctxt *authctxt, const char *method)
         if (options.num_auth_methods == 0)
                 return 1;
         for (i = 0; i < authctxt->num_auth_methods; i++) {
-                if (list_starts_with(authctxt->auth_methods[i], method))
+                if (list_starts_with(authctxt->auth_methods[i], method,
+                    submethod) != MATCH_NONE)
                         return 1;
         }
         return 0;
@@ -427,7 +432,8 @@ authmethods_get(Authctxt *authctxt)
                 if (authmethods[i]->enabled == NULL ||
                     *(authmethods[i]->enabled) == 0)
                         continue;
-                if (!method_allowed(authctxt, authmethods[i]->name))
+                if (!auth2_method_allowed(authctxt, authmethods[i]->name,
+                    NULL))
                         continue;
                 if (buffer_len(&b) > 0)
                         buffer_append(&b, ",", 1);
@@ -450,7 +456,8 @@ authmethod_lookup(Authctxt *authctxt, const char *name)
                         if (authmethods[i]->enabled != NULL &&
                             *(authmethods[i]->enabled) != 0 &&
                             strcmp(name, authmethods[i]->name) == 0 &&
-                            method_allowed(authctxt, authmethods[i]->name))
+                            auth2_method_allowed(authctxt,
+                            authmethods[i]->name, NULL))
                                 return authmethods[i];
         debug2("Unrecognized authentication method name: %s",
             name ? name : "NULL");
@@ -465,7 +472,7 @@ authmethod_lookup(Authctxt *authctxt, const char *name)
 int
 auth2_methods_valid(const char *_methods, int need_enable)
 {
-        char *methods, *omethods, *method;
+        char *methods, *omethods, *method, *p;
         u_int i, found;
         int ret = -1;
 
@@ -476,6 +483,8 @@ auth2_methods_valid(const char *_methods, int need_enable)
         omethods = methods = xstrdup(_methods);
         while ((method = strsep(&methods, ",")) != NULL) {
                 for (found = i = 0; !found && authmethods[i] != NULL; i++) {
+                        if ((p = strchr(method, ':')) != NULL)
+                                *p = '\0';
                         if (strcmp(method, authmethods[i]->name) != 0)
                                 continue;
                         if (need_enable) {
@@ -541,15 +550,30 @@ auth2_setup_methods_lists(Authctxt *authctxt)
 }
 
 static int
-list_starts_with(const char *methods, const char *method)
+list_starts_with(const char *methods, const char *method,
+    const char *submethod)
 {
         size_t l = strlen(method);
+        int match;
+        const char *p;
 
         if (strncmp(methods, method, l) != 0)
-                return 0;
-        if (methods[l] != ',' && methods[l] != '\0')
-                return 0;
-        return 1;
+                return MATCH_NONE;
+        p = methods + l;
+        match = MATCH_METHOD;
+        if (*p == ':') {
+                if (!submethod)
+                        return MATCH_PARTIAL;
+                l = strlen(submethod);
+                p += 1;
+                if (strncmp(submethod, p, l))
+                        return MATCH_NONE;
+                p += l;
+                match = MATCH_BOTH;
+        }
+        if (*p != ',' && *p != '\0')
+                return MATCH_NONE;
+        return match;
 }
 
 /*
@@ -558,14 +582,21 @@ list_starts_with(const char *methods, const char *method)
  * if it did.
  */
 static int
-remove_method(char **methods, const char *method)
+remove_method(char **methods, const char *method, const char *submethod)
 {
-        char *omethods = *methods;
+        char *omethods = *methods, *p;
         size_t l = strlen(method);
+        int match;
 
-        if (!list_starts_with(omethods, method))
+        match = list_starts_with(omethods, method, submethod);
+        if (match != MATCH_METHOD && match != MATCH_BOTH)
                 return 0;
-        *methods = xstrdup(omethods + l + (omethods[l] == ',' ? 1 : 0));
+        p = omethods + l;
+        if (submethod && match == MATCH_BOTH)
+                p += 1 + strlen(submethod); /* include colon */
+        if (*p == ',')
+                p++;
+        *methods = xstrdup(p);
         free(omethods);
         return 1;
 }
@@ -577,13 +608,15 @@ remove_method(char **methods, const char *method)
  * Returns 1 if the method completed any authentication list or 0 otherwise.
  */
 int
-auth2_update_methods_lists(Authctxt *authctxt, const char *method)
+auth2_update_methods_lists(Authctxt *authctxt, const char *method,
+    const char *submethod)
 {
         u_int i, found = 0;
 
         debug3("%s: updating methods list after \"%s\"", __func__, method);
         for (i = 0; i < authctxt->num_auth_methods; i++) {
-                if (!remove_method(&(authctxt->auth_methods[i]), method))
+                if (!remove_method(&(authctxt->auth_methods[i]), method,
+                    submethod))
                         continue;
                 found = 1;
                 if (*authctxt->auth_methods[i] == '\0') {
diff --git a/authfd.c b/authfd.c
index f037e838b..775786bee 100644
--- a/authfd.c
+++ b/authfd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.c,v 1.86 2011/07/06 18:09:21 tedu Exp $ */
+/* $OpenBSD: authfd.c,v 1.87 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -224,7 +224,7 @@ ssh_close_authentication_connection(AuthenticationConnection *auth)
 {
         buffer_free(&auth->identities);
         close(auth->fd);
-        xfree(auth);
+        free(auth);
 }
 
 /* Lock/unlock agent */
@@ -343,7 +343,7 @@ ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int versio
                 blob = buffer_get_string(&auth->identities, &blen);
                 *comment = buffer_get_string(&auth->identities, NULL);
                 key = key_from_blob(blob, blen);
-                xfree(blob);
+                free(blob);
                 break;
         default:
                 return NULL;
@@ -436,7 +436,7 @@ ssh_agent_sign(AuthenticationConnection *auth,
         buffer_put_string(&msg, blob, blen);
         buffer_put_string(&msg, data, datalen);
         buffer_put_int(&msg, flags);
-        xfree(blob);
+        free(blob);
 
         if (ssh_request_reply(auth, &msg, &msg) == 0) {
                 buffer_free(&msg);
@@ -612,7 +612,7 @@ ssh_remove_identity(AuthenticationConnection *auth, Key *key)
                 key_to_blob(key, &blob, &blen);
                 buffer_put_char(&msg, SSH2_AGENTC_REMOVE_IDENTITY);
                 buffer_put_string(&msg, blob, blen);
-                xfree(blob);
+                free(blob);
         } else {
                 buffer_free(&msg);
                 return 0;
diff --git a/authfile.c b/authfile.c
index 1ecbda8b1..cb95cfcb8 100644
--- a/authfile.c
+++ b/authfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfile.c,v 1.95 2013/01/08 18:49:04 markus Exp $ */
+/* $OpenBSD: authfile.c,v 1.97 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -90,7 +90,7 @@ key_private_rsa1_to_blob(Key *key, Buffer *blob, const char *passphrase,
         u_char buf[100], *cp;
         int i, cipher_num;
         CipherContext ciphercontext;
-        Cipher *cipher;
+        const Cipher *cipher;
         u_int32_t rnd;
 
         /*
@@ -422,7 +422,7 @@ key_parse_private_rsa1(Buffer *blob, const char *passphrase, char **commentp)
         Buffer decrypted;
         u_char *cp;
         CipherContext ciphercontext;
-        Cipher *cipher;
+        const Cipher *cipher;
         Key *prv = NULL;
         Buffer copy;
 
@@ -510,8 +510,8 @@ key_parse_private_rsa1(Buffer *blob, const char *passphrase, char **commentp)
         return prv;
 
 fail:
-        if (commentp)
-                xfree(*commentp);
+        if (commentp != NULL)
+                free(*commentp);
         key_free(prv);
         return NULL;
 }
@@ -833,10 +833,10 @@ key_load_cert(const char *filename)
         pub = key_new(KEY_UNSPEC);
         xasprintf(&file, "%s-cert.pub", filename);
         if (key_try_load_public(pub, file, NULL) == 1) {
-                xfree(file);
+                free(file);
                 return pub;
         }
-        xfree(file);
+        free(file);
         key_free(pub);
         return NULL;
 }
@@ -1034,10 +1034,9 @@ blacklisted_key_in_file(Key *key, const char *blacklist_file, char **fp)
         }
 
 out:
-        if (dgst_packed)
-                xfree(dgst_packed);
+        free(dgst_packed);
         if (ret != 1 && dgst_hex) {
-                xfree(dgst_hex);
+                free(dgst_hex);
                 dgst_hex = NULL;
         }
         if (fp)
@@ -1065,7 +1064,7 @@ blacklisted_key(Key *key, char **fp)
         xasprintf(&blacklist_file, "%s.%s-%u",
             _PATH_BLACKLIST, key_type(public), key_size(public));
         ret = blacklisted_key_in_file(public, blacklist_file, fp);
-        xfree(blacklist_file);
+        free(blacklist_file);
         if (ret > 0) {
                 key_free(public);
                 return ret;
@@ -1074,7 +1073,7 @@ blacklisted_key(Key *key, char **fp)
         xasprintf(&blacklist_file, "%s.%s-%u",
             _PATH_BLACKLIST_CONFIG, key_type(public), key_size(public));
         ret2 = blacklisted_key_in_file(public, blacklist_file, fp);
-        xfree(blacklist_file);
+        free(blacklist_file);
         if (ret2 > ret)
                 ret = ret2;
 
diff --git a/bufaux.c b/bufaux.c
index 00208ca27..de5b3ca1a 100644
--- a/bufaux.c
+++ b/bufaux.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bufaux.c,v 1.50 2010/08/31 09:58:37 djm Exp $ */
+/* $OpenBSD: bufaux.c,v 1.52 2013/07/12 00:19:58 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -181,7 +181,7 @@ buffer_get_string_ret(Buffer *buffer, u_int *length_ptr)
         /* Get the string. */
         if (buffer_get_ret(buffer, value, len) == -1) {
                 error("buffer_get_string_ret: buffer_get failed");
-                xfree(value);
+                free(value);
                 return (NULL);
         }
         /* Append a null character to make processing easier. */
@@ -216,7 +216,7 @@ buffer_get_cstring_ret(Buffer *buffer, u_int *length_ptr)
                         error("buffer_get_cstring_ret: string contains \\0");
                 else {
                         bzero(ret, length);
-                        xfree(ret);
+                        free(ret);
                         return NULL;
                 }
         }
@@ -285,7 +285,7 @@ buffer_put_cstring(Buffer *buffer, const char *s)
  * Returns a character from the buffer (0 - 255).
  */
 int
-buffer_get_char_ret(char *ret, Buffer *buffer)
+buffer_get_char_ret(u_char *ret, Buffer *buffer)
 {
         if (buffer_get_ret(buffer, ret, 1) == -1) {
                 error("buffer_get_char_ret: buffer_get_ret failed");
@@ -297,11 +297,11 @@ buffer_get_char_ret(char *ret, Buffer *buffer)
 int
 buffer_get_char(Buffer *buffer)
 {
-        char ch;
+        u_char ch;
 
         if (buffer_get_char_ret(&ch, buffer) == -1)
                 fatal("buffer_get_char: buffer error");
-        return (u_char) ch;
+        return ch;
 }
 
 /*
diff --git a/bufbn.c b/bufbn.c
index 251cd0951..1fbfbbcc9 100644
--- a/bufbn.c
+++ b/bufbn.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bufbn.c,v 1.6 2007/06/02 09:04:58 djm Exp $*/
+/* $OpenBSD: bufbn.c,v 1.7 2013/05/17 00:13:13 djm Exp $*/
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -69,7 +69,7 @@ buffer_put_bignum_ret(Buffer *buffer, const BIGNUM *value)
         if (oi != bin_size) {
                 error("buffer_put_bignum_ret: BN_bn2bin() failed: oi %d != bin_size %d",
                     oi, bin_size);
-                xfree(buf);
+                free(buf);
                 return (-1);
         }
 
@@ -80,7 +80,7 @@ buffer_put_bignum_ret(Buffer *buffer, const BIGNUM *value)
         buffer_append(buffer, buf, oi);
 
         memset(buf, 0, bin_size);
-        xfree(buf);
+        free(buf);
 
         return (0);
 }
@@ -167,13 +167,13 @@ buffer_put_bignum2_ret(Buffer *buffer, const BIGNUM *value)
         if (oi < 0 || (u_int)oi != bytes - 1) {
                 error("buffer_put_bignum2_ret: BN_bn2bin() failed: "
                     "oi %d != bin_size %d", oi, bytes);
-                xfree(buf);
+                free(buf);
                 return (-1);
         }
         hasnohigh = (buf[1] & 0x80) ? 0 : 1;
         buffer_put_string(buffer, buf+hasnohigh, bytes-hasnohigh);
         memset(buf, 0, bytes);
-        xfree(buf);
+        free(buf);
         return (0);
 }
 
@@ -197,21 +197,21 @@ buffer_get_bignum2_ret(Buffer *buffer, BIGNUM *value)
 
         if (len > 0 && (bin[0] & 0x80)) {
                 error("buffer_get_bignum2_ret: negative numbers not supported");
-                xfree(bin);
+                free(bin);
                 return (-1);
         }
         if (len > 8 * 1024) {
                 error("buffer_get_bignum2_ret: cannot handle BN of size %d",
                     len);
-                xfree(bin);
+                free(bin);
                 return (-1);
         }
         if (BN_bin2bn(bin, len, value) == NULL) {
                 error("buffer_get_bignum2_ret: BN_bin2bn failed");
-                xfree(bin);
+                free(bin);
                 return (-1);
         }
-        xfree(bin);
+        free(bin);
         return (0);
 }
 
diff --git a/bufec.c b/bufec.c
index 3dcb49477..6c0048978 100644
--- a/bufec.c
+++ b/bufec.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bufec.c,v 1.1 2010/08/31 11:54:45 djm Exp $ */
+/* $OpenBSD: bufec.c,v 1.2 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Copyright (c) 2010 Damien Miller <djm@mindrot.org>
  *
@@ -78,7 +78,7 @@ buffer_put_ecpoint_ret(Buffer *buffer, const EC_GROUP *curve,
  out:
         if (buf != NULL) {
                 bzero(buf, len);
-                xfree(buf);
+                free(buf);
         }
         BN_CTX_free(bnctx);
         return ret;
@@ -131,7 +131,7 @@ buffer_get_ecpoint_ret(Buffer *buffer, const EC_GROUP *curve,
  out:
         BN_CTX_free(bnctx);
         bzero(buf, len);
-        xfree(buf);
+        free(buf);
         return ret;
 }
 
diff --git a/buffer.c b/buffer.c
index ae9700344..007e7f94e 100644
--- a/buffer.c
+++ b/buffer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: buffer.c,v 1.32 2010/02/09 03:56:28 djm Exp $ */
+/* $OpenBSD: buffer.c,v 1.33 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -50,7 +50,7 @@ buffer_free(Buffer *buffer)
         if (buffer->alloc > 0) {
                 memset(buffer->buf, 0, buffer->alloc);
                 buffer->alloc = 0;
-                xfree(buffer->buf);
+                free(buffer->buf);
         }
 }
 
diff --git a/buffer.h b/buffer.h
index e2a9dd100..4fa2ca112 100644
--- a/buffer.h
+++ b/buffer.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: buffer.h,v 1.21 2010/08/31 11:54:45 djm Exp $ */
+/* $OpenBSD: buffer.h,v 1.22 2013/07/12 00:19:58 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -84,7 +84,7 @@ int	buffer_get_int64_ret(u_int64_t *, Buffer *);
 void    *buffer_get_string_ret(Buffer *, u_int *);
 char    *buffer_get_cstring_ret(Buffer *, u_int *);
 void    *buffer_get_string_ptr_ret(Buffer *, u_int *);
-int     buffer_get_char_ret(char *, Buffer *);
+int     buffer_get_char_ret(u_char *, Buffer *);
 
 #ifdef OPENSSL_HAS_ECC
 #include <openssl/ec.h>
diff --git a/canohost.c b/canohost.c
index dabd8a31a..69e8e6f6d 100644
--- a/canohost.c
+++ b/canohost.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: canohost.c,v 1.66 2010/01/13 01:20:20 dtucker Exp $ */
+/* $OpenBSD: canohost.c,v 1.67 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -41,7 +41,7 @@ static int cached_port = -1;
 
 /*
  * Return the canonical name of the host at the other end of the socket. The
- * caller should free the returned string with xfree.
+ * caller should free the returned string.
  */
 
 static char *
@@ -323,10 +323,8 @@ get_local_name(int fd)
 void
 clear_cached_addr(void)
 {
-        if (canonical_host_ip != NULL) {
-                xfree(canonical_host_ip);
-                canonical_host_ip = NULL;
-        }
+        free(canonical_host_ip);
+        canonical_host_ip = NULL;
         cached_port = -1;
 }
 
diff --git a/channels.c b/channels.c
index 9cf85a38d..ac675c742 100644
--- a/channels.c
+++ b/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.319 2012/12/02 20:46:11 djm Exp $ */
+/* $OpenBSD: channels.c,v 1.324 2013/07/12 00:19:58 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -213,6 +213,7 @@ channel_lookup(int id)
         case SSH_CHANNEL_OPEN:
         case SSH_CHANNEL_INPUT_DRAINING:
         case SSH_CHANNEL_OUTPUT_DRAINING:
+        case SSH_CHANNEL_ABANDONED:
                 return (c);
         }
         logit("Non-public channel %d, type %d.", id, c->type);
@@ -247,7 +248,10 @@ channel_register_fds(Channel *c, int rfd, int wfd, int efd,
 
         if ((c->isatty = is_tty) != 0)
                 debug2("channel %d: rfd %d isatty", c->self, c->rfd);
+#ifdef _AIX
+        /* XXX: Later AIX versions can't push as much data to tty */
         c->wfd_isatty = is_tty || isatty(c->wfd);
+#endif
 
         /* enable nonblocking mode */
         if (nonblock) {
@@ -401,7 +405,7 @@ channel_free(Channel *c)
 
         s = channel_open_message();
         debug3("channel %d: status: %s", c->self, s);
-        xfree(s);
+        free(s);
 
         if (c->sock != -1)
                 shutdown(c->sock, SHUT_RDWR);
@@ -409,29 +413,23 @@ channel_free(Channel *c)
         buffer_free(&c->input);
         buffer_free(&c->output);
         buffer_free(&c->extended);
-        if (c->remote_name) {
-                xfree(c->remote_name);
-                c->remote_name = NULL;
-        }
-        if (c->path) {
-                xfree(c->path);
-                c->path = NULL;
-        }
-        if (c->listening_addr) {
-                xfree(c->listening_addr);
-                c->listening_addr = NULL;
-        }
+        free(c->remote_name);
+        c->remote_name = NULL;
+        free(c->path);
+        c->path = NULL;
+        free(c->listening_addr);
+        c->listening_addr = NULL;
         while ((cc = TAILQ_FIRST(&c->status_confirms)) != NULL) {
                 if (cc->abandon_cb != NULL)
                         cc->abandon_cb(c, cc->ctx);
                 TAILQ_REMOVE(&c->status_confirms, cc, entry);
                 bzero(cc, sizeof(*cc));
-                xfree(cc);
+                free(cc);
         }
         if (c->filter_cleanup != NULL && c->filter_ctx != NULL)
                 c->filter_cleanup(c->self, c->filter_ctx);
         channels[c->self] = NULL;
-        xfree(c);
+        free(c);
 }
 
 void
@@ -536,6 +534,7 @@ channel_still_open(void)
                 case SSH_CHANNEL_DYNAMIC:
                 case SSH_CHANNEL_CONNECTING:
                 case SSH_CHANNEL_ZOMBIE:
+                case SSH_CHANNEL_ABANDONED:
                         continue;
                 case SSH_CHANNEL_LARVAL:
                         if (!compat20)
@@ -581,6 +580,7 @@ channel_find_open(void)
                 case SSH_CHANNEL_OPENING:
                 case SSH_CHANNEL_CONNECTING:
                 case SSH_CHANNEL_ZOMBIE:
+                case SSH_CHANNEL_ABANDONED:
                         continue;
                 case SSH_CHANNEL_LARVAL:
                 case SSH_CHANNEL_AUTH_SOCKET:
@@ -628,6 +628,7 @@ channel_open_message(void)
                 case SSH_CHANNEL_CLOSED:
                 case SSH_CHANNEL_AUTH_SOCKET:
                 case SSH_CHANNEL_ZOMBIE:
+                case SSH_CHANNEL_ABANDONED:
                 case SSH_CHANNEL_MUX_CLIENT:
                 case SSH_CHANNEL_MUX_LISTENER:
                         continue;
@@ -1080,10 +1081,8 @@ channel_decode_socks4(Channel *c, fd_set *readset, fd_set *writeset)
         strlcpy(username, p, sizeof(username));
         buffer_consume(&c->input, len);
 
-        if (c->path != NULL) {
-                xfree(c->path);
-                c->path = NULL;
-        }
+        free(c->path);
+        c->path = NULL;
         if (need == 1) {                        /* SOCKS4: one string */
                 host = inet_ntoa(s4_req.dest_addr);
                 c->path = xstrdup(host);
@@ -1143,7 +1142,8 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset)
                 u_int8_t atyp;
         } s5_req, s5_rsp;
         u_int16_t dest_port;
-        u_char *p, dest_addr[255+1], ntop[INET6_ADDRSTRLEN];
+        char dest_addr[255+1], ntop[INET6_ADDRSTRLEN];
+        u_char *p;
         u_int have, need, i, found, nmethods, addrlen, af;
 
         debug2("channel %d: decode socks5", c->self);
@@ -1213,13 +1213,11 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset)
         buffer_consume(&c->input, sizeof(s5_req));
         if (s5_req.atyp == SSH_SOCKS5_DOMAIN)
                 buffer_consume(&c->input, 1);    /* host string length */
-        buffer_get(&c->input, (char *)&dest_addr, addrlen);
+        buffer_get(&c->input, &dest_addr, addrlen);
         buffer_get(&c->input, (char *)&dest_port, 2);
         dest_addr[addrlen] = '\0';
-        if (c->path != NULL) {
-                xfree(c->path);
-                c->path = NULL;
-        }
+        free(c->path);
+        c->path = NULL;
         if (s5_req.atyp == SSH_SOCKS5_DOMAIN) {
                 if (addrlen >= NI_MAXHOST) {
                         error("channel %d: dynamic request: socks5 hostname "
@@ -1241,11 +1239,10 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset)
         s5_rsp.command = SSH_SOCKS5_SUCCESS;
         s5_rsp.reserved = 0;                    /* ignored */
         s5_rsp.atyp = SSH_SOCKS5_IPV4;
-        ((struct in_addr *)&dest_addr)->s_addr = INADDR_ANY;
         dest_port = 0;                          /* ignored */
 
         buffer_append(&c->output, &s5_rsp, sizeof(s5_rsp));
-        buffer_append(&c->output, &dest_addr, sizeof(struct in_addr));
+        buffer_put_int(&c->output, ntohl(INADDR_ANY)); /* bind address */
         buffer_append(&c->output, &dest_port, sizeof(dest_port));
         return 1;
 }
@@ -1324,7 +1321,7 @@ channel_post_x11_listener(Channel *c, fd_set *readset, fd_set *writeset)
 {
         Channel *nc;
         struct sockaddr_storage addr;
-        int newsock;
+        int newsock, oerrno;
         socklen_t addrlen;
         char buf[16384], *remote_ipaddr;
         int remote_port;
@@ -1334,14 +1331,18 @@ channel_post_x11_listener(Channel *c, fd_set *readset, fd_set *writeset)
                 addrlen = sizeof(addr);
                 newsock = accept(c->sock, (struct sockaddr *)&addr, &addrlen);
                 if (c->single_connection) {
+                        oerrno = errno;
                         debug2("single_connection: closing X11 listener.");
                         channel_close_fd(&c->sock);
                         chan_mark_dead(c);
+                        errno = oerrno;
                 }
                 if (newsock < 0) {
-                        error("accept: %.100s", strerror(errno));
+                        if (errno != EINTR && errno != EWOULDBLOCK &&
+                            errno != ECONNABORTED)
+                                error("accept: %.100s", strerror(errno));
                         if (errno == EMFILE || errno == ENFILE)
-                                c->notbefore = time(NULL) + 1;
+                                c->notbefore = monotime() + 1;
                         return;
                 }
                 set_nodelay(newsock);
@@ -1375,7 +1376,7 @@ channel_post_x11_listener(Channel *c, fd_set *readset, fd_set *writeset)
                                 packet_put_cstring(buf);
                         packet_send();
                 }
-                xfree(remote_ipaddr);
+                free(remote_ipaddr);
         }
 }
 
@@ -1389,7 +1390,7 @@ port_open_helper(Channel *c, char *rtype)
 
         if (remote_port == -1) {
                 /* Fake addr/port to appease peers that validate it (Tectia) */
-                xfree(remote_ipaddr);
+                free(remote_ipaddr);
                 remote_ipaddr = xstrdup("127.0.0.1");
                 remote_port = 65535;
         }
@@ -1402,7 +1403,7 @@ port_open_helper(Channel *c, char *rtype)
             rtype, c->listening_port, c->path, c->host_port,
             remote_ipaddr, remote_port);
 
-        xfree(c->remote_name);
+        free(c->remote_name);
         c->remote_name = xstrdup(buf);
 
         if (compat20) {
@@ -1434,7 +1435,7 @@ port_open_helper(Channel *c, char *rtype)
                         packet_put_cstring(c->remote_name);
                 packet_send();
         }
-        xfree(remote_ipaddr);
+        free(remote_ipaddr);
 }
 
 static void
@@ -1484,9 +1485,11 @@ channel_post_port_listener(Channel *c, fd_set *readset, fd_set *writeset)
                 addrlen = sizeof(addr);
                 newsock = accept(c->sock, (struct sockaddr *)&addr, &addrlen);
                 if (newsock < 0) {
-                        error("accept: %.100s", strerror(errno));
+                        if (errno != EINTR && errno != EWOULDBLOCK &&
+                            errno != ECONNABORTED)
+                                error("accept: %.100s", strerror(errno));
                         if (errno == EMFILE || errno == ENFILE)
-                                c->notbefore = time(NULL) + 1;
+                                c->notbefore = monotime() + 1;
                         return;
                 }
                 set_nodelay(newsock);
@@ -1522,7 +1525,7 @@ channel_post_auth_listener(Channel *c, fd_set *readset, fd_set *writeset)
                         error("accept from auth socket: %.100s",
                             strerror(errno));
                         if (errno == EMFILE || errno == ENFILE)
-                                c->notbefore = time(NULL) + 1;
+                                c->notbefore = monotime() + 1;
                         return;
                 }
                 nc = channel_new("accepted auth socket",
@@ -1685,7 +1688,7 @@ channel_handle_wfd(Channel *c, fd_set *readset, fd_set *writeset)
                 if (c->datagram) {
                         /* ignore truncated writes, datagrams might get lost */
                         len = write(c->wfd, buf, dlen);
-                        xfree(data);
+                        free(data);
                         if (len < 0 && (errno == EINTR || errno == EAGAIN ||
                             errno == EWOULDBLOCK))
                                 return 1;
@@ -1926,7 +1929,7 @@ channel_post_mux_listener(Channel *c, fd_set *readset, fd_set *writeset)
             &addrlen)) == -1) {
                 error("%s accept: %s", __func__, strerror(errno));
                 if (errno == EMFILE || errno == ENFILE)
-                        c->notbefore = time(NULL) + 1;
+                        c->notbefore = monotime() + 1;
                 return;
         }
 
@@ -2089,7 +2092,7 @@ channel_handler(chan_fn *ftab[], fd_set *readset, fd_set *writeset,
                 channel_handler_init();
                 did_init = 1;
         }
-        now = time(NULL);
+        now = monotime();
         if (unpause_secs != NULL)
                 *unpause_secs = 0;
         for (i = 0, oalloc = channels_alloc; i < oalloc; i++) {
@@ -2219,7 +2222,7 @@ channel_output_poll(void)
                                                 debug("channel %d: datagram "
                                                     "too big for channel",
                                                     c->self);
-                                                xfree(data);
+                                                free(data);
                                                 continue;
                                         }
                                         packet_start(SSH2_MSG_CHANNEL_DATA);
@@ -2227,7 +2230,7 @@ channel_output_poll(void)
                                         packet_put_string(data, dlen);
                                         packet_send();
                                         c->remote_window -= dlen + 4;
-                                        xfree(data);
+                                        free(data);
                                 }
                                 continue;
                         }
@@ -2399,13 +2402,13 @@ channel_input_extended_data(int type, u_int32_t seq, void *ctxt)
         if (data_len > c->local_window) {
                 logit("channel %d: rcvd too much extended_data %d, win %d",
                     c->self, data_len, c->local_window);
-                xfree(data);
+                free(data);
                 return;
         }
         debug2("channel %d: rcvd ext data %d", c->self, data_len);
         c->local_window -= data_len;
         buffer_append(&c->extended, data, data_len);
-        xfree(data);
+        free(data);
 }
 
 /* ARGSUSED */
@@ -2495,7 +2498,7 @@ channel_input_close_confirmation(int type, u_int32_t seq, void *ctxt)
         if (c == NULL)
                 packet_disconnect("Received close confirmation for "
                     "out-of-range channel %d.", id);
-        if (c->type != SSH_CHANNEL_CLOSED)
+        if (c->type != SSH_CHANNEL_CLOSED && c->type != SSH_CHANNEL_ABANDONED)
                 packet_disconnect("Received close confirmation for "
                     "non-closed channel %d (type %d).", id, c->type);
         channel_free(c);
@@ -2571,10 +2574,8 @@ channel_input_open_failure(int type, u_int32_t seq, void *ctxt)
                 }
                 logit("channel %d: open failed: %s%s%s", id,
                     reason2txt(reason), msg ? ": ": "", msg ? msg : "");
-                if (msg != NULL)
-                        xfree(msg);
-                if (lang != NULL)
-                        xfree(lang);
+                free(msg);
+                free(lang);
                 if (c->open_confirm) {
                         debug2("callback start");
                         c->open_confirm(c->self, 0, c->open_confirm_ctx);
@@ -2632,8 +2633,8 @@ channel_input_port_open(int type, u_int32_t seq, void *ctxt)
         packet_check_eom();
         c = channel_connect_to(host, host_port,
             "connected socket", originator_string);
-        xfree(originator_string);
-        xfree(host);
+        free(originator_string);
+        free(host);
         if (c == NULL) {
                 packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
                 packet_put_int(remote_id);
@@ -2668,7 +2669,7 @@ channel_input_status_confirm(int type, u_int32_t seq, void *ctxt)
         cc->cb(type, c, cc->ctx);
         TAILQ_REMOVE(&c->status_confirms, cc, entry);
         bzero(cc, sizeof(*cc));
-        xfree(cc);
+        free(cc);
 }
 
 /* -- tcp forwarding */
@@ -3048,7 +3049,7 @@ channel_request_rforward_cancel(const char *host, u_short port)
 
         permitted_opens[i].listen_port = 0;
         permitted_opens[i].port_to_connect = 0;
-        xfree(permitted_opens[i].host_to_connect);
+        free(permitted_opens[i].host_to_connect);
         permitted_opens[i].host_to_connect = NULL;
 
         return 0;
@@ -3089,7 +3090,7 @@ channel_input_port_forward_request(int is_root, int gateway_ports)
             host_port, gateway_ports);
 
         /* Free the argument string. */
-        xfree(hostname);
+        free(hostname);
 
         return (success ? 0 : -1);
 }
@@ -3144,7 +3145,7 @@ channel_update_permitted_opens(int idx, int newport)
         } else {
                 permitted_opens[idx].listen_port = 0;
                 permitted_opens[idx].port_to_connect = 0;
-                xfree(permitted_opens[idx].host_to_connect);
+                free(permitted_opens[idx].host_to_connect);
                 permitted_opens[idx].host_to_connect = NULL;
         }
 }
@@ -3177,12 +3178,9 @@ channel_clear_permitted_opens(void)
         int i;
 
         for (i = 0; i < num_permitted_opens; i++)
-                if (permitted_opens[i].host_to_connect != NULL)
-                        xfree(permitted_opens[i].host_to_connect);
-        if (num_permitted_opens > 0) {
-                xfree(permitted_opens);
-                permitted_opens = NULL;
-        }
+                free(permitted_opens[i].host_to_connect);
+        free(permitted_opens);
+        permitted_opens = NULL;
         num_permitted_opens = 0;
 }
 
@@ -3192,12 +3190,9 @@ channel_clear_adm_permitted_opens(void)
         int i;
 
         for (i = 0; i < num_adm_permitted_opens; i++)
-                if (permitted_adm_opens[i].host_to_connect != NULL)
-                        xfree(permitted_adm_opens[i].host_to_connect);
-        if (num_adm_permitted_opens > 0) {
-                xfree(permitted_adm_opens);
-                permitted_adm_opens = NULL;
-        }
+                free(permitted_adm_opens[i].host_to_connect);
+        free(permitted_adm_opens);
+        permitted_adm_opens = NULL;
         num_adm_permitted_opens = 0;
 }
 
@@ -3291,7 +3286,7 @@ connect_next(struct channel_connect *cctx)
 static void
 channel_connect_ctx_free(struct channel_connect *cctx)
 {
-        xfree(cctx->host);
+        free(cctx->host);
         if (cctx->aitop)
                 freeaddrinfo(cctx->aitop);
         bzero(cctx, sizeof(*cctx));
@@ -3686,7 +3681,7 @@ x11_input_open(int type, u_int32_t seq, void *ctxt)
                 c->remote_id = remote_id;
                 c->force_drain = 1;
         }
-        xfree(remote_host);
+        free(remote_host);
         if (c == NULL) {
                 /* Send refusal to the remote host. */
                 packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
@@ -3794,7 +3789,7 @@ x11_request_forwarding_with_spoofing(int client_session_id, const char *disp,
         packet_put_int(screen_number);
         packet_send();
         packet_write_wait();
-        xfree(new_data);
+        free(new_data);
 }
 
 
diff --git a/channels.h b/channels.h
index d75b800f7..4fab9d7c4 100644
--- a/channels.h
+++ b/channels.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.h,v 1.111 2012/04/11 13:16:19 djm Exp $ */
+/* $OpenBSD: channels.h,v 1.113 2013/06/07 15:37:52 dtucker Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -55,7 +55,8 @@
 #define SSH_CHANNEL_ZOMBIE              14      /* Almost dead. */
 #define SSH_CHANNEL_MUX_LISTENER        15      /* Listener for mux conn. */
 #define SSH_CHANNEL_MUX_CLIENT          16      /* Conn. to mux slave */
-#define SSH_CHANNEL_MAX_TYPE            17
+#define SSH_CHANNEL_ABANDONED           17      /* Abandoned session, eg mux */
+#define SSH_CHANNEL_MAX_TYPE            18
 
 #define CHANNEL_CANCEL_PORT_STATIC      -1
 
@@ -102,7 +103,9 @@ struct Channel {
         int     sock;           /* sock fd */
         int     ctl_chan;       /* control channel (multiplexed connections) */
         int     isatty;         /* rfd is a tty */
+#ifdef _AIX
         int     wfd_isatty;     /* wfd is a tty */
+#endif
         int     client_tty;     /* (client) TTY has been requested */
         int     force_drain;    /* force close on iEOF */
         time_t  notbefore;      /* Pause IO until deadline (time_t) */
@@ -110,7 +113,7 @@ struct Channel {
                                  * channels are delayed until the first call
                                  * to a matching pre-select handler. 
                                  * this way post-select handlers are not
-                                 * accidenly called if a FD gets reused */
+                                 * accidentally called if a FD gets reused */
         Buffer  input;          /* data read from socket, to be sent over
                                  * encrypted connection */
         Buffer  output;         /* data received over encrypted connection for
diff --git a/cipher-3des1.c b/cipher-3des1.c
index b7aa588cd..c8a70244b 100644
--- a/cipher-3des1.c
+++ b/cipher-3des1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher-3des1.c,v 1.7 2010/10/01 23:05:32 djm Exp $ */
+/* $OpenBSD: cipher-3des1.c,v 1.8 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Copyright (c) 2003 Markus Friedl.  All rights reserved.
  *
@@ -94,7 +94,7 @@ ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv,
             EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 ||
             EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) {
                 memset(c, 0, sizeof(*c));
-                xfree(c);
+                free(c);
                 EVP_CIPHER_CTX_set_app_data(ctx, NULL);
                 return (0);
         }
@@ -135,7 +135,7 @@ ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx)
                 EVP_CIPHER_CTX_cleanup(&c->k2);
                 EVP_CIPHER_CTX_cleanup(&c->k3);
                 memset(c, 0, sizeof(*c));
-                xfree(c);
+                free(c);
                 EVP_CIPHER_CTX_set_app_data(ctx, NULL);
         }
         return (1);
diff --git a/cipher-aes.c b/cipher-aes.c
index 07ec7aa5d..8b1017272 100644
--- a/cipher-aes.c
+++ b/cipher-aes.c
@@ -120,7 +120,7 @@ ssh_rijndael_cleanup(EVP_CIPHER_CTX *ctx)
 
         if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) {
                 memset(c, 0, sizeof(*c));
-                xfree(c);
+                free(c);
                 EVP_CIPHER_CTX_set_app_data(ctx, NULL);
         }
         return (1);
diff --git a/cipher-ctr.c b/cipher-ctr.c
index d1fe69f57..ea0f9b3b7 100644
--- a/cipher-ctr.c
+++ b/cipher-ctr.c
@@ -104,7 +104,7 @@ ssh_aes_ctr_cleanup(EVP_CIPHER_CTX *ctx)
 
         if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) {
                 memset(c, 0, sizeof(*c));
-                xfree(c);
+                free(c);
                 EVP_CIPHER_CTX_set_app_data(ctx, NULL);
         }
         return (1);
diff --git a/cipher.c b/cipher.c
index 9ca1d0065..a2cbe2bea 100644
--- a/cipher.c
+++ b/cipher.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher.c,v 1.87 2013/01/26 06:11:05 djm Exp $ */
+/* $OpenBSD: cipher.c,v 1.89 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -65,7 +65,9 @@ struct Cipher {
         u_int   discard_len;
         u_int   cbc_mode;
         const EVP_CIPHER        *(*evptype)(void);
-} ciphers[] = {
+};
+
+static const struct Cipher ciphers[] = {
         { "none",       SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null },
         { "des",        SSH_CIPHER_DES, 8, 8, 0, 0, 0, 1, EVP_des_cbc },
         { "3des",       SSH_CIPHER_3DES, 8, 16, 0, 0, 0, 1, evp_ssh1_3des },
@@ -98,6 +100,27 @@ struct Cipher {
 
 /*--*/
 
+/* Returns a comma-separated list of supported ciphers. */
+char *
+cipher_alg_list(void)
+{
+        char *ret = NULL;
+        size_t nlen, rlen = 0;
+        const Cipher *c;
+
+        for (c = ciphers; c->name != NULL; c++) {
+                if (c->number != SSH_CIPHER_SSH2)
+                        continue;
+                if (ret != NULL)
+                        ret[rlen++] = '\n';
+                nlen = strlen(c->name);
+                ret = xrealloc(ret, 1, rlen + nlen + 2);
+                memcpy(ret + rlen, c->name, nlen + 1);
+                rlen += nlen;
+        }
+        return ret;
+}
+
 u_int
 cipher_blocksize(const Cipher *c)
 {
@@ -146,20 +169,20 @@ cipher_mask_ssh1(int client)
         return mask;
 }
 
-Cipher *
+const Cipher *
 cipher_by_name(const char *name)
 {
-        Cipher *c;
+        const Cipher *c;
         for (c = ciphers; c->name != NULL; c++)
                 if (strcmp(c->name, name) == 0)
                         return c;
         return NULL;
 }
 
-Cipher *
+const Cipher *
 cipher_by_number(int id)
 {
-        Cipher *c;
+        const Cipher *c;
         for (c = ciphers; c->name != NULL; c++)
                 if (c->number == id)
                         return c;
@@ -170,7 +193,7 @@ cipher_by_number(int id)
 int
 ciphers_valid(const char *names)
 {
-        Cipher *c;
+        const Cipher *c;
         char *cipher_list, *cp;
         char *p;
 
@@ -182,14 +205,14 @@ ciphers_valid(const char *names)
                 c = cipher_by_name(p);
                 if (c == NULL || c->number != SSH_CIPHER_SSH2) {
                         debug("bad cipher %s [%s]", p, names);
-                        xfree(cipher_list);
+                        free(cipher_list);
                         return 0;
                 } else {
                         debug3("cipher ok: %s [%s]", p, names);
                 }
         }
         debug3("ciphers ok: [%s]", names);
-        xfree(cipher_list);
+        free(cipher_list);
         return 1;
 }
 
@@ -201,7 +224,7 @@ ciphers_valid(const char *names)
 int
 cipher_number(const char *name)
 {
-        Cipher *c;
+        const Cipher *c;
         if (name == NULL)
                 return -1;
         for (c = ciphers; c->name != NULL; c++)
@@ -213,12 +236,12 @@ cipher_number(const char *name)
 char *
 cipher_name(int id)
 {
-        Cipher *c = cipher_by_number(id);
+        const Cipher *c = cipher_by_number(id);
         return (c==NULL) ? "<unknown>" : c->name;
 }
 
 void
-cipher_init(CipherContext *cc, Cipher *cipher,
+cipher_init(CipherContext *cc, const Cipher *cipher,
     const u_char *key, u_int keylen, const u_char *iv, u_int ivlen,
     int do_encrypt)
 {
@@ -291,8 +314,8 @@ cipher_init(CipherContext *cc, Cipher *cipher,
                     cipher->discard_len) == 0)
                         fatal("evp_crypt: EVP_Cipher failed during discard");
                 memset(discard, 0, cipher->discard_len);
-                xfree(junk);
-                xfree(discard);
+                free(junk);
+                free(discard);
         }
 }
 
@@ -364,7 +387,7 @@ cipher_cleanup(CipherContext *cc)
  */
 
 void
-cipher_set_key_string(CipherContext *cc, Cipher *cipher,
+cipher_set_key_string(CipherContext *cc, const Cipher *cipher,
     const char *passphrase, int do_encrypt)
 {
         MD5_CTX md;
@@ -389,7 +412,7 @@ cipher_set_key_string(CipherContext *cc, Cipher *cipher,
 int
 cipher_get_keyiv_len(const CipherContext *cc)
 {
-        Cipher *c = cc->cipher;
+        const Cipher *c = cc->cipher;
         int ivlen;
 
         if (c->number == SSH_CIPHER_3DES)
@@ -402,7 +425,7 @@ cipher_get_keyiv_len(const CipherContext *cc)
 void
 cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
 {
-        Cipher *c = cc->cipher;
+        const Cipher *c = cc->cipher;
         int evplen;
 
         switch (c->number) {
@@ -438,7 +461,7 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
 void
 cipher_set_keyiv(CipherContext *cc, u_char *iv)
 {
-        Cipher *c = cc->cipher;
+        const Cipher *c = cc->cipher;
         int evplen = 0;
 
         switch (c->number) {
@@ -471,7 +494,7 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv)
 int
 cipher_get_keycontext(const CipherContext *cc, u_char *dat)
 {
-        Cipher *c = cc->cipher;
+        const Cipher *c = cc->cipher;
         int plen = 0;
 
         if (c->evptype == EVP_rc4) {
@@ -486,7 +509,7 @@ cipher_get_keycontext(const CipherContext *cc, u_char *dat)
 void
 cipher_set_keycontext(CipherContext *cc, u_char *dat)
 {
-        Cipher *c = cc->cipher;
+        const Cipher *c = cc->cipher;
         int plen;
 
         if (c->evptype == EVP_rc4) {
diff --git a/cipher.h b/cipher.h
index 8cb57c3e5..b878d50f4 100644
--- a/cipher.h
+++ b/cipher.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher.h,v 1.39 2013/01/08 18:49:04 markus Exp $ */
+/* $OpenBSD: cipher.h,v 1.40 2013/04/19 01:06:50 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -66,21 +66,22 @@ struct CipherContext {
         int     plaintext;
         int     encrypt;
         EVP_CIPHER_CTX evp;
-        Cipher *cipher;
+        const Cipher *cipher;
 };
 
 u_int    cipher_mask_ssh1(int);
-Cipher  *cipher_by_name(const char *);
-Cipher  *cipher_by_number(int);
+const Cipher    *cipher_by_name(const char *);
+const Cipher    *cipher_by_number(int);
 int      cipher_number(const char *);
 char    *cipher_name(int);
 int      ciphers_valid(const char *);
-void     cipher_init(CipherContext *, Cipher *, const u_char *, u_int,
+char    *cipher_alg_list(void);
+void     cipher_init(CipherContext *, const Cipher *, const u_char *, u_int,
     const u_char *, u_int, int);
 void     cipher_crypt(CipherContext *, u_char *, const u_char *,
     u_int, u_int, u_int);
 void     cipher_cleanup(CipherContext *);
-void     cipher_set_key_string(CipherContext *, Cipher *, const char *, int);
+void     cipher_set_key_string(CipherContext *, const Cipher *, const char *, int);
 u_int    cipher_blocksize(const Cipher *);
 u_int    cipher_keylen(const Cipher *);
 u_int    cipher_authlen(const Cipher *);
diff --git a/clientloop.c b/clientloop.c
index 1a16b2525..35550eb4d 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.248 2013/01/02 00:32:07 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.253 2013/06/07 15:37:52 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -277,7 +277,7 @@ set_control_persist_exit_time(void)
                 control_persist_exit_time = 0;
         } else if (control_persist_exit_time <= 0) {
                 /* a client connection has recently closed */
-                control_persist_exit_time = time(NULL) +
+                control_persist_exit_time = monotime() +
                         (time_t)options.control_persist_timeout;
                 debug2("%s: schedule exit in %d seconds", __func__,
                     options.control_persist_timeout);
@@ -360,7 +360,7 @@ client_x11_get_proto(const char *display, const char *xauth_path,
                                 if (system(cmd) == 0)
                                         generated = 1;
                                 if (x11_refuse_time == 0) {
-                                        now = time(NULL) + 1;
+                                        now = monotime() + 1;
                                         if (UINT_MAX - timeout < now)
                                                 x11_refuse_time = UINT_MAX;
                                         else
@@ -397,10 +397,8 @@ client_x11_get_proto(const char *display, const char *xauth_path,
                 unlink(xauthfile);
                 rmdir(xauthdir);
         }
-        if (xauthdir)
-                xfree(xauthdir);
-        if (xauthfile)
-                xfree(xauthfile);
+        free(xauthdir);
+        free(xauthfile);
 
         /*
          * If we didn't get authentication data, just make up some
@@ -556,7 +554,7 @@ client_global_request_reply(int type, u_int32_t seq, void *ctxt)
         if (--gc->ref_count <= 0) {
                 TAILQ_REMOVE(&global_confirms, gc, entry);
                 bzero(gc, sizeof(*gc));
-                xfree(gc);
+                free(gc);
         }
 
         packet_set_alive_timeouts(0);
@@ -592,7 +590,7 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
 {
         struct timeval tv, *tvp;
         int timeout_secs;
-        time_t minwait_secs = 0;
+        time_t minwait_secs = 0, server_alive_time = 0, now = monotime();
         int ret;
 
         /* Add any selections by the channel mechanism. */
@@ -641,12 +639,16 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
          */
 
         timeout_secs = INT_MAX; /* we use INT_MAX to mean no timeout */
-        if (options.server_alive_interval > 0)
+        if (options.server_alive_interval > 0) {
                 timeout_secs = options.server_alive_interval;
+                server_alive_time = now + options.server_alive_interval;
+        }
+        if (options.rekey_interval > 0 && compat20 && !rekeying)
+                timeout_secs = MIN(timeout_secs, packet_get_rekey_timeout());
         set_control_persist_exit_time();
         if (control_persist_exit_time > 0) {
                 timeout_secs = MIN(timeout_secs,
-                        control_persist_exit_time - time(NULL));
+                        control_persist_exit_time - now);
                 if (timeout_secs < 0)
                         timeout_secs = 0;
         }
@@ -678,8 +680,15 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
                 snprintf(buf, sizeof buf, "select: %s\r\n", strerror(errno));
                 buffer_append(&stderr_buffer, buf, strlen(buf));
                 quit_pending = 1;
-        } else if (ret == 0)
-                server_alive_check();
+        } else if (ret == 0) {
+                /*
+                 * Timeout.  Could have been either keepalive or rekeying.
+                 * Keepalive we check here, rekeying is checked in clientloop.
+                 */
+                if (server_alive_time != 0 && server_alive_time <= monotime())
+                        server_alive_check();
+        }
+
 }
 
 static void
@@ -824,13 +833,13 @@ client_status_confirm(int type, Channel *c, void *ctx)
                         chan_write_failed(c);
                 }
         }
-        xfree(cr);
+        free(cr);
 }
 
 static void
 client_abandon_status_confirm(Channel *c, void *ctx)
 {
-        xfree(ctx);
+        free(ctx);
 }
 
 void
@@ -997,12 +1006,9 @@ process_cmdline(void)
 out:
         signal(SIGINT, handler);
         enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
-        if (cmd)
-                xfree(cmd);
-        if (fwd.listen_host != NULL)
-                xfree(fwd.listen_host);
-        if (fwd.connect_host != NULL)
-                xfree(fwd.connect_host);
+        free(cmd);
+        free(fwd.listen_host);
+        free(fwd.connect_host);
 }
 
 /* reasons to suppress output of an escape command in help output */
@@ -1112,8 +1118,11 @@ process_escapes(Channel *c, Buffer *bin, Buffer *bout, Buffer *berr,
                                 if (c && c->ctl_chan != -1) {
                                         chan_read_failed(c);
                                         chan_write_failed(c);
-                                        mux_master_session_cleanup_cb(c->self,
-                                            NULL);
+                                        if (c->detach_user)
+                                                c->detach_user(c->self, NULL);
+                                        c->type = SSH_CHANNEL_ABANDONED;
+                                        buffer_clear(&c->input);
+                                        chan_ibuf_empty(c);
                                         return 0;
                                 } else
                                         quit_pending = 1;
@@ -1259,7 +1268,7 @@ process_escapes(Channel *c, Buffer *bin, Buffer *bout, Buffer *berr,
                                 buffer_append(berr, string, strlen(string));
                                 s = channel_open_message();
                                 buffer_append(berr, s, strlen(s));
-                                xfree(s);
+                                free(s);
                                 continue;
 
                         case 'C':
@@ -1448,7 +1457,7 @@ client_new_escape_filter_ctx(int escape_char)
 void
 client_filter_cleanup(int cid, void *ctx)
 {
-        xfree(ctx);
+        free(ctx);
 }
 
 int
@@ -1662,16 +1671,14 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
                  * connections, then quit.
                  */
                 if (control_persist_exit_time > 0) {
-                        if (time(NULL) >= control_persist_exit_time) {
+                        if (monotime() >= control_persist_exit_time) {
                                 debug("ControlPersist timeout expired");
                                 break;
                         }
                 }
         }
-        if (readset)
-                xfree(readset);
-        if (writeset)
-                xfree(writeset);
+        free(readset);
+        free(writeset);
 
         /* Terminate the session. */
 
@@ -1775,7 +1782,7 @@ client_input_stdout_data(int type, u_int32_t seq, void *ctxt)
         packet_check_eom();
         buffer_append(&stdout_buffer, data, data_len);
         memset(data, 0, data_len);
-        xfree(data);
+        free(data);
 }
 static void
 client_input_stderr_data(int type, u_int32_t seq, void *ctxt)
@@ -1785,7 +1792,7 @@ client_input_stderr_data(int type, u_int32_t seq, void *ctxt)
         packet_check_eom();
         buffer_append(&stderr_buffer, data, data_len);
         memset(data, 0, data_len);
-        xfree(data);
+        free(data);
 }
 static void
 client_input_exit_status(int type, u_int32_t seq, void *ctxt)
@@ -1865,8 +1872,8 @@ client_request_forwarded_tcpip(const char *request_type, int rchan)
         c = channel_connect_by_listen_address(listen_port,
             "forwarded-tcpip", originator_address);
 
-        xfree(originator_address);
-        xfree(listen_address);
+        free(originator_address);
+        free(listen_address);
         return c;
 }
 
@@ -1884,7 +1891,7 @@ client_request_x11(const char *request_type, int rchan)
                     "malicious server.");
                 return NULL;
         }
-        if (x11_refuse_time != 0 && time(NULL) >= x11_refuse_time) {
+        if (x11_refuse_time != 0 && monotime() >= x11_refuse_time) {
                 verbose("Rejected X11 connection after ForwardX11Timeout "
                     "expired");
                 return NULL;
@@ -1900,7 +1907,7 @@ client_request_x11(const char *request_type, int rchan)
         /* XXX check permission */
         debug("client_request_x11: request from %s %d", originator,
             originator_port);
-        xfree(originator);
+        free(originator);
         sock = x11_connect_display();
         if (sock < 0)
                 return NULL;
@@ -2027,7 +2034,7 @@ client_input_channel_open(int type, u_int32_t seq, void *ctxt)
                 }
                 packet_send();
         }
-        xfree(ctype);
+        free(ctype);
 }
 static void
 client_input_channel_req(int type, u_int32_t seq, void *ctxt)
@@ -2073,7 +2080,7 @@ client_input_channel_req(int type, u_int32_t seq, void *ctxt)
                 packet_put_int(c->remote_id);
                 packet_send();
         }
-        xfree(rtype);
+        free(rtype);
 }
 static void
 client_input_global_request(int type, u_int32_t seq, void *ctxt)
@@ -2092,7 +2099,7 @@ client_input_global_request(int type, u_int32_t seq, void *ctxt)
                 packet_send();
                 packet_write_wait();
         }
-        xfree(rtype);
+        free(rtype);
 }
 
 void
@@ -2142,7 +2149,7 @@ client_session2_setup(int id, int want_tty, int want_subsystem,
                         /* Split */
                         name = xstrdup(env[i]);
                         if ((val = strchr(name, '=')) == NULL) {
-                                xfree(name);
+                                free(name);
                                 continue;
                         }
                         *val++ = '\0';
@@ -2156,7 +2163,7 @@ client_session2_setup(int id, int want_tty, int want_subsystem,
                         }
                         if (!matched) {
                                 debug3("Ignored env %s", name);
-                                xfree(name);
+                                free(name);
                                 continue;
                         }
 
@@ -2165,7 +2172,7 @@ client_session2_setup(int id, int want_tty, int want_subsystem,
                         packet_put_cstring(name);
                         packet_put_cstring(val);
                         packet_send();
-                        xfree(name);
+                        free(name);
                 }
         }
 
diff --git a/clientloop.h b/clientloop.h
index d2baa0324..338d45186 100644
--- a/clientloop.h
+++ b/clientloop.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.h,v 1.30 2012/08/17 00:45:45 dtucker Exp $ */
+/* $OpenBSD: clientloop.h,v 1.31 2013/06/02 23:36:29 dtucker Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -76,5 +76,4 @@ void	muxserver_listen(void);
 void    muxclient(const char *);
 void    mux_exit_message(Channel *, int);
 void    mux_tty_alloc_failed(Channel *);
-void    mux_master_session_cleanup_cb(int, void *);
 
diff --git a/compat.c b/compat.c
index f680f4fe3..ac353a706 100644
--- a/compat.c
+++ b/compat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: compat.c,v 1.80 2012/08/17 01:30:00 djm Exp $ */
+/* $OpenBSD: compat.c,v 1.81 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl.  All rights reserved.
  *
@@ -204,7 +204,7 @@ proto_spec(const char *spec)
                         break;
                 }
         }
-        xfree(s);
+        free(s);
         return ret;
 }
 
@@ -230,7 +230,7 @@ compat_cipher_proposal(char *cipher_prop)
         buffer_append(&b, "\0", 1);
         fix_ciphers = xstrdup(buffer_ptr(&b));
         buffer_free(&b);
-        xfree(orig_prop);
+        free(orig_prop);
         debug2("Original cipher proposal: %s", cipher_prop);
         debug2("Compat cipher proposal: %s", fix_ciphers);
         if (!*fix_ciphers)
diff --git a/config.guess b/config.guess
index 78553c4ea..b94cde8ef 100755
--- a/config.guess
+++ b/config.guess
@@ -2,9 +2,9 @@
 # Attempt to guess a canonical system name.
 #   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
 #   2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
-#   2011 Free Software Foundation, Inc.
+#   2011, 2012, 2013 Free Software Foundation, Inc.
 
-timestamp='2011-01-23'
+timestamp='2012-12-23'
 
 # This file is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License as published by
@@ -17,9 +17,7 @@ timestamp='2011-01-23'
 # General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
-# 02110-1301, USA.
+# along with this program; if not, see <http://www.gnu.org/licenses/>.
 #
 # As a special exception to the GNU General Public License, if you
 # distribute this file as part of a program that contains a
@@ -57,8 +55,8 @@ GNU config.guess ($timestamp)
 
 Originally written by Per Bothner.
 Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
-2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free
-Software Foundation, Inc.
+2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011,
+2012, 2013 Free Software Foundation, Inc.
 
 This is free software; see the source for copying conditions.  There is NO
 warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
@@ -145,7 +143,7 @@ UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown
 case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
     *:NetBSD:*:*)
         # NetBSD (nbsd) targets should (where applicable) match one or
-        # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*,
+        # more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*,
         # *-*-netbsdecoff* and *-*-netbsd*.  For targets that recently
         # switched to ELF, *-*-netbsd* would select the old
         # object file format.  This provides both forward
@@ -181,7 +179,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
                 fi
                 ;;
             *)
-                os=netbsd
+                os=netbsd
                 ;;
         esac
         # The OS release
@@ -202,6 +200,10 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
         # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used.
         echo "${machine}-${os}${release}"
         exit ;;
+    *:Bitrig:*:*)
+        UNAME_MACHINE_ARCH=`arch | sed 's/Bitrig.//'`
+        echo ${UNAME_MACHINE_ARCH}-unknown-bitrig${UNAME_RELEASE}
+        exit ;;
     *:OpenBSD:*:*)
         UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'`
         echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE}
@@ -224,7 +226,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
                 UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'`
                 ;;
         *5.*)
-                UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'`
+                UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'`
                 ;;
         esac
         # According to Compaq, /usr/sbin/psrinfo has been available on
@@ -299,12 +301,12 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
         echo s390-ibm-zvmoe
         exit ;;
     *:OS400:*:*)
-        echo powerpc-ibm-os400
+        echo powerpc-ibm-os400
         exit ;;
     arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*)
         echo arm-acorn-riscix${UNAME_RELEASE}
         exit ;;
-    arm:riscos:*:*|arm:RISCOS:*:*)
+    arm*:riscos:*:*|arm*:RISCOS:*:*)
         echo arm-unknown-riscos
         exit ;;
     SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*)
@@ -398,23 +400,23 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
     # MiNT.  But MiNT is downward compatible to TOS, so this should
     # be no problem.
     atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*)
-        echo m68k-atari-mint${UNAME_RELEASE}
+        echo m68k-atari-mint${UNAME_RELEASE}
         exit ;;
     atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*)
         echo m68k-atari-mint${UNAME_RELEASE}
-        exit ;;
+        exit ;;
     *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*)
-        echo m68k-atari-mint${UNAME_RELEASE}
+        echo m68k-atari-mint${UNAME_RELEASE}
         exit ;;
     milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*)
-        echo m68k-milan-mint${UNAME_RELEASE}
-        exit ;;
+        echo m68k-milan-mint${UNAME_RELEASE}
+        exit ;;
     hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*)
-        echo m68k-hades-mint${UNAME_RELEASE}
-        exit ;;
+        echo m68k-hades-mint${UNAME_RELEASE}
+        exit ;;
     *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*)
-        echo m68k-unknown-mint${UNAME_RELEASE}
-        exit ;;
+        echo m68k-unknown-mint${UNAME_RELEASE}
+        exit ;;
     m68k:machten:*:*)
         echo m68k-apple-machten${UNAME_RELEASE}
         exit ;;
@@ -484,8 +486,8 @@ EOF
         echo m88k-motorola-sysv3
         exit ;;
     AViiON:dgux:*:*)
-        # DG/UX returns AViiON for all architectures
-        UNAME_PROCESSOR=`/usr/bin/uname -p`
+        # DG/UX returns AViiON for all architectures
+        UNAME_PROCESSOR=`/usr/bin/uname -p`
         if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ]
         then
             if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \
@@ -498,7 +500,7 @@ EOF
         else
             echo i586-dg-dgux${UNAME_RELEASE}
         fi
-        exit ;;
+        exit ;;
     M88*:DolphinOS:*:*) # DolphinOS (SVR3)
         echo m88k-dolphin-sysv3
         exit ;;
@@ -598,52 +600,52 @@ EOF
             9000/[678][0-9][0-9])
                 if [ -x /usr/bin/getconf ]; then
                     sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null`
-                    sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null`
-                    case "${sc_cpu_version}" in
-                      523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0
-                      528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1
-                      532)                      # CPU_PA_RISC2_0
-                        case "${sc_kernel_bits}" in
-                          32) HP_ARCH="hppa2.0n" ;;
-                          64) HP_ARCH="hppa2.0w" ;;
+                    sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null`
+                    case "${sc_cpu_version}" in
+                      523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0
+                      528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1
+                      532)                      # CPU_PA_RISC2_0
+                        case "${sc_kernel_bits}" in
+                          32) HP_ARCH="hppa2.0n" ;;
+                          64) HP_ARCH="hppa2.0w" ;;
                           '') HP_ARCH="hppa2.0" ;;   # HP-UX 10.20
-                        esac ;;
-                    esac
+                        esac ;;
+                    esac
                 fi
                 if [ "${HP_ARCH}" = "" ]; then
                     eval $set_cc_for_build
-                    sed 's/^              //' << EOF >$dummy.c
+                    sed 's/^            //' << EOF >$dummy.c
 
-              #define _HPUX_SOURCE
-              #include <stdlib.h>
-              #include <unistd.h>
+                #define _HPUX_SOURCE
+                #include <stdlib.h>
+                #include <unistd.h>
 
-              int main ()
-              {
-              #if defined(_SC_KERNEL_BITS)
-                  long bits = sysconf(_SC_KERNEL_BITS);
-              #endif
-                  long cpu  = sysconf (_SC_CPU_VERSION);
+                int main ()
+                {
+                #if defined(_SC_KERNEL_BITS)
+                    long bits = sysconf(_SC_KERNEL_BITS);
+                #endif
+                    long cpu  = sysconf (_SC_CPU_VERSION);
 
-                  switch (cpu)
-                {
-                case CPU_PA_RISC1_0: puts ("hppa1.0"); break;
-                case CPU_PA_RISC1_1: puts ("hppa1.1"); break;
-                case CPU_PA_RISC2_0:
-              #if defined(_SC_KERNEL_BITS)
-                    switch (bits)
-                        {
-                        case 64: puts ("hppa2.0w"); break;
-                        case 32: puts ("hppa2.0n"); break;
-                        default: puts ("hppa2.0"); break;
-                        } break;
-              #else  /* !defined(_SC_KERNEL_BITS) */
-                    puts ("hppa2.0"); break;
-              #endif
-                default: puts ("hppa1.0"); break;
-                }
-                  exit (0);
-              }
+                    switch (cpu)
+                        {
+                        case CPU_PA_RISC1_0: puts ("hppa1.0"); break;
+                        case CPU_PA_RISC1_1: puts ("hppa1.1"); break;
+                        case CPU_PA_RISC2_0:
+                #if defined(_SC_KERNEL_BITS)
+                            switch (bits)
+                                {
+                                case 64: puts ("hppa2.0w"); break;
+                                case 32: puts ("hppa2.0n"); break;
+                                default: puts ("hppa2.0"); break;
+                                } break;
+                #else  /* !defined(_SC_KERNEL_BITS) */
+                            puts ("hppa2.0"); break;
+                #endif
+                        default: puts ("hppa1.0"); break;
+                        }
+                    exit (0);
+                }
 EOF
                     (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy`
                     test -z "$HP_ARCH" && HP_ARCH=hppa
@@ -734,22 +736,22 @@ EOF
         exit ;;
     C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*)
         echo c1-convex-bsd
-        exit ;;
+        exit ;;
     C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*)
         if getsysinfo -f scalar_acc
         then echo c32-convex-bsd
         else echo c2-convex-bsd
         fi
-        exit ;;
+        exit ;;
     C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*)
         echo c34-convex-bsd
-        exit ;;
+        exit ;;
     C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*)
         echo c38-convex-bsd
-        exit ;;
+        exit ;;
     C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*)
         echo c4-convex-bsd
-        exit ;;
+        exit ;;
     CRAY*Y-MP:*:*:*)
         echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
         exit ;;
@@ -773,14 +775,14 @@ EOF
         exit ;;
     F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*)
         FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
-        FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
-        FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'`
-        echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
-        exit ;;
+        FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
+        FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'`
+        echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
+        exit ;;
     5000:UNIX_System_V:4.*:*)
-        FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
-        FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'`
-        echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
+        FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
+        FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'`
+        echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
         exit ;;
     i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*)
         echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE}
@@ -792,30 +794,35 @@ EOF
         echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE}
         exit ;;
     *:FreeBSD:*:*)
-        case ${UNAME_MACHINE} in
-            pc98)
-                echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
+        UNAME_PROCESSOR=`/usr/bin/uname -p`
+        case ${UNAME_PROCESSOR} in
             amd64)
                 echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
             *)
-                echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
+                echo ${UNAME_PROCESSOR}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
         esac
         exit ;;
     i*:CYGWIN*:*)
         echo ${UNAME_MACHINE}-pc-cygwin
         exit ;;
+    *:MINGW64*:*)
+        echo ${UNAME_MACHINE}-pc-mingw64
+        exit ;;
     *:MINGW*:*)
         echo ${UNAME_MACHINE}-pc-mingw32
         exit ;;
+    i*:MSYS*:*)
+        echo ${UNAME_MACHINE}-pc-msys
+        exit ;;
     i*:windows32*:*)
-        # uname -m includes "-pc" on this system.
-        echo ${UNAME_MACHINE}-mingw32
+        # uname -m includes "-pc" on this system.
+        echo ${UNAME_MACHINE}-mingw32
         exit ;;
     i*:PW*:*)
         echo ${UNAME_MACHINE}-pc-pw32
         exit ;;
     *:Interix*:*)
-        case ${UNAME_MACHINE} in
+        case ${UNAME_MACHINE} in
             x86)
                 echo i586-pc-interix${UNAME_RELEASE}
                 exit ;;
@@ -861,6 +868,13 @@ EOF
     i*86:Minix:*:*)
         echo ${UNAME_MACHINE}-pc-minix
         exit ;;
+    aarch64:Linux:*:*)
+        echo ${UNAME_MACHINE}-unknown-linux-gnu
+        exit ;;
+    aarch64_be:Linux:*:*)
+        UNAME_MACHINE=aarch64_be
+        echo ${UNAME_MACHINE}-unknown-linux-gnu
+        exit ;;
     alpha:Linux:*:*)
         case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
           EV5)   UNAME_MACHINE=alphaev5 ;;
@@ -870,7 +884,7 @@ EOF
           EV6)   UNAME_MACHINE=alphaev6 ;;
           EV67)  UNAME_MACHINE=alphaev67 ;;
           EV68*) UNAME_MACHINE=alphaev68 ;;
-        esac
+        esac
         objdump --private-headers /bin/sh | grep -q ld.so.1
         if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi
         echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC}
@@ -882,20 +896,29 @@ EOF
         then
             echo ${UNAME_MACHINE}-unknown-linux-gnu
         else
-            echo ${UNAME_MACHINE}-unknown-linux-gnueabi
+            if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \
+                | grep -q __ARM_PCS_VFP
+            then
+                echo ${UNAME_MACHINE}-unknown-linux-gnueabi
+            else
+                echo ${UNAME_MACHINE}-unknown-linux-gnueabihf
+            fi
         fi
         exit ;;
     avr32*:Linux:*:*)
         echo ${UNAME_MACHINE}-unknown-linux-gnu
         exit ;;
     cris:Linux:*:*)
-        echo cris-axis-linux-gnu
+        echo ${UNAME_MACHINE}-axis-linux-gnu
         exit ;;
     crisv32:Linux:*:*)
-        echo crisv32-axis-linux-gnu
+        echo ${UNAME_MACHINE}-axis-linux-gnu
         exit ;;
     frv:Linux:*:*)
-        echo frv-unknown-linux-gnu
+        echo ${UNAME_MACHINE}-unknown-linux-gnu
+        exit ;;
+    hexagon:Linux:*:*)
+        echo ${UNAME_MACHINE}-unknown-linux-gnu
         exit ;;
     i*86:Linux:*:*)
         LIBC=gnu
@@ -937,7 +960,7 @@ EOF
         test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; }
         ;;
     or32:Linux:*:*)
-        echo or32-unknown-linux-gnu
+        echo ${UNAME_MACHINE}-unknown-linux-gnu
         exit ;;
     padre:Linux:*:*)
         echo sparc-unknown-linux-gnu
@@ -963,7 +986,7 @@ EOF
         echo ${UNAME_MACHINE}-ibm-linux
         exit ;;
     sh64*:Linux:*:*)
-        echo ${UNAME_MACHINE}-unknown-linux-gnu
+        echo ${UNAME_MACHINE}-unknown-linux-gnu
         exit ;;
     sh*:Linux:*:*)
         echo ${UNAME_MACHINE}-unknown-linux-gnu
@@ -972,16 +995,16 @@ EOF
         echo ${UNAME_MACHINE}-unknown-linux-gnu
         exit ;;
     tile*:Linux:*:*)
-        echo ${UNAME_MACHINE}-tilera-linux-gnu
+        echo ${UNAME_MACHINE}-unknown-linux-gnu
         exit ;;
     vax:Linux:*:*)
         echo ${UNAME_MACHINE}-dec-linux-gnu
         exit ;;
     x86_64:Linux:*:*)
-        echo x86_64-unknown-linux-gnu
+        echo ${UNAME_MACHINE}-unknown-linux-gnu
         exit ;;
     xtensa*:Linux:*:*)
-        echo ${UNAME_MACHINE}-unknown-linux-gnu
+        echo ${UNAME_MACHINE}-unknown-linux-gnu
         exit ;;
     i*86:DYNIX/ptx:4*:*)
         # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.
@@ -990,11 +1013,11 @@ EOF
         echo i386-sequent-sysv4
         exit ;;
     i*86:UNIX_SV:4.2MP:2.*)
-        # Unixware is an offshoot of SVR4, but it has its own version
-        # number series starting with 2...
-        # I am not positive that other SVR4 systems won't match this,
+        # Unixware is an offshoot of SVR4, but it has its own version
+        # number series starting with 2...
+        # I am not positive that other SVR4 systems won't match this,
         # I just have to hope.  -- rms.
-        # Use sysv4.2uw... so that sysv4* matches it.
+        # Use sysv4.2uw... so that sysv4* matches it.
         echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION}
         exit ;;
     i*86:OS/2:*:*)
@@ -1026,7 +1049,7 @@ EOF
         fi
         exit ;;
     i*86:*:5:[678]*)
-        # UnixWare 7.x, OpenUNIX and OpenServer 6.
+        # UnixWare 7.x, OpenUNIX and OpenServer 6.
         case `/bin/uname -X | grep "^Machine"` in
             *486*)           UNAME_MACHINE=i486 ;;
             *Pentium)        UNAME_MACHINE=i586 ;;
@@ -1054,13 +1077,13 @@ EOF
         exit ;;
     pc:*:*:*)
         # Left here for compatibility:
-        # uname -m prints for DJGPP always 'pc', but it prints nothing about
-        # the processor, so we play safe by assuming i586.
+        # uname -m prints for DJGPP always 'pc', but it prints nothing about
+        # the processor, so we play safe by assuming i586.
         # Note: whatever this is, it MUST be the same as what config.sub
         # prints for the "djgpp" host, or else GDB configury will decide that
         # this is a cross-build.
         echo i586-pc-msdosdjgpp
-        exit ;;
+        exit ;;
     Intel:Mach:3*:*)
         echo i386-pc-mach3
         exit ;;
@@ -1095,8 +1118,8 @@ EOF
         /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
           && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;;
     3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
-        /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
-          && { echo i486-ncr-sysv4; exit; } ;;
+        /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+          && { echo i486-ncr-sysv4; exit; } ;;
     NCR*:*:4.2:* | MPRAS*:*:4.2:*)
         OS_REL='.3'
         test -r /etc/.relid \
@@ -1139,10 +1162,10 @@ EOF
                 echo ns32k-sni-sysv
         fi
         exit ;;
-    PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort
-                      # says <Richard.M.Bartel@ccMail.Census.GOV>
-        echo i586-unisys-sysv4
-        exit ;;
+    PENTIUM:*:4.0*:*)   # Unisys `ClearPath HMP IX 4000' SVR4/MP effort
+                        # says <Richard.M.Bartel@ccMail.Census.GOV>
+        echo i586-unisys-sysv4
+        exit ;;
     *:UNIX_System_V:4*:FTX*)
         # From Gerald Hewes <hewes@openmarket.com>.
         # How about differentiating between stratus architectures? -djm
@@ -1168,11 +1191,11 @@ EOF
         exit ;;
     R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*)
         if [ -d /usr/nec ]; then
-                echo mips-nec-sysv${UNAME_RELEASE}
+                echo mips-nec-sysv${UNAME_RELEASE}
         else
-                echo mips-unknown-sysv${UNAME_RELEASE}
+                echo mips-unknown-sysv${UNAME_RELEASE}
         fi
-        exit ;;
+        exit ;;
     BeBox:BeOS:*:*)     # BeOS running on hardware made by Be, PPC only.
         echo powerpc-be-beos
         exit ;;
@@ -1185,6 +1208,9 @@ EOF
     BePC:Haiku:*:*)     # Haiku running on Intel PC compatible.
         echo i586-pc-haiku
         exit ;;
+    x86_64:Haiku:*:*)
+        echo x86_64-unknown-haiku
+        exit ;;
     SX-4:SUPER-UX:*:*)
         echo sx4-nec-superux${UNAME_RELEASE}
         exit ;;
@@ -1240,7 +1266,7 @@ EOF
     NEO-?:NONSTOP_KERNEL:*:*)
         echo neo-tandem-nsk${UNAME_RELEASE}
         exit ;;
-    NSE-?:NONSTOP_KERNEL:*:*)
+    NSE-*:NONSTOP_KERNEL:*:*)
         echo nse-tandem-nsk${UNAME_RELEASE}
         exit ;;
     NSR-?:NONSTOP_KERNEL:*:*)
@@ -1285,13 +1311,13 @@ EOF
         echo pdp10-unknown-its
         exit ;;
     SEI:*:*:SEIUX)
-        echo mips-sei-seiux${UNAME_RELEASE}
+        echo mips-sei-seiux${UNAME_RELEASE}
         exit ;;
     *:DragonFly:*:*)
         echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
         exit ;;
     *:*VMS:*:*)
-        UNAME_MACHINE=`(uname -p) 2>/dev/null`
+        UNAME_MACHINE=`(uname -p) 2>/dev/null`
         case "${UNAME_MACHINE}" in
             A*) echo alpha-dec-vms ; exit ;;
             I*) echo ia64-dec-vms ; exit ;;
@@ -1309,11 +1335,11 @@ EOF
     i*86:AROS:*:*)
         echo ${UNAME_MACHINE}-pc-aros
         exit ;;
+    x86_64:VMkernel:*:*)
+        echo ${UNAME_MACHINE}-unknown-esx
+        exit ;;
 esac
 
-#echo '(No uname command or uname output not recognized.)' 1>&2
-#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2
-
 eval $set_cc_for_build
 cat >$dummy.c <<EOF
 #ifdef _SEQUENT_
@@ -1331,11 +1357,11 @@ main ()
 #include <sys/param.h>
   printf ("m68k-sony-newsos%s\n",
 #ifdef NEWSOS4
-          "4"
+        "4"
 #else
-          ""
+        ""
 #endif
-         ); exit (0);
+        ); exit (0);
 #endif
 #endif
 
diff --git a/config.h.in b/config.h.in
index 67858ef6d..34f1c9c53 100644
--- a/config.h.in
+++ b/config.h.in
@@ -230,6 +230,9 @@
 /* Define to 1 if you have the `clock' function. */
 #undef HAVE_CLOCK
 
+/* Have clock_gettime */
+#undef HAVE_CLOCK_GETTIME
+
 /* define if you have clock_t data type */
 #undef HAVE_CLOCK_T
 
@@ -242,6 +245,9 @@
 /* Define if your system uses ancillary data style file descriptor passing */
 #undef HAVE_CONTROL_IN_MSGHDR
 
+/* Define to 1 if you have the `crypt' function. */
+#undef HAVE_CRYPT
+
 /* Define to 1 if you have the <crypto/sha2.h> header file. */
 #undef HAVE_CRYPTO_SHA2_H
 
@@ -266,6 +272,10 @@
    and to 0 if you don't. */
 #undef HAVE_DECL_GSS_C_NT_HOSTBASED_SERVICE
 
+/* Define to 1 if you have the declaration of `howmany', and to 0 if you
+   don't. */
+#undef HAVE_DECL_HOWMANY
+
 /* Define to 1 if you have the declaration of `h_errno', and to 0 if you
    don't. */
 #undef HAVE_DECL_H_ERRNO
@@ -286,6 +296,10 @@
    don't. */
 #undef HAVE_DECL_MAXSYMLINKS
 
+/* Define to 1 if you have the declaration of `NFDBITS', and to 0 if you
+   don't. */
+#undef HAVE_DECL_NFDBITS
+
 /* Define to 1 if you have the declaration of `offsetof', and to 0 if you
    don't. */
 #undef HAVE_DECL_OFFSETOF
@@ -318,6 +332,9 @@
    don't. */
 #undef HAVE_DECL__GETSHORT
 
+/* Define to 1 if you have the `DES_crypt' function. */
+#undef HAVE_DES_CRYPT
+
 /* Define if you have /dev/ptmx */
 #undef HAVE_DEV_PTMX
 
@@ -339,6 +356,9 @@
 /* Define to 1 if you have the <elf.h> header file. */
 #undef HAVE_ELF_H
 
+/* Define to 1 if you have the `endgrent' function. */
+#undef HAVE_ENDGRENT
+
 /* Define to 1 if you have the <endian.h> header file. */
 #undef HAVE_ENDIAN_H
 
@@ -372,6 +392,9 @@
 /* Define to 1 if you have the <fcntl.h> header file. */
 #undef HAVE_FCNTL_H
 
+/* Define to 1 if the system has the type `fd_mask'. */
+#undef HAVE_FD_MASK
+
 /* Define to 1 if you have the <features.h> header file. */
 #undef HAVE_FEATURES_H
 
@@ -576,6 +599,15 @@
 /* Define if you have isblank(3C). */
 #undef HAVE_ISBLANK
 
+/* Define to 1 if you have the `krb5_cc_new_unique' function. */
+#undef HAVE_KRB5_CC_NEW_UNIQUE
+
+/* Define to 1 if you have the `krb5_free_error_message' function. */
+#undef HAVE_KRB5_FREE_ERROR_MESSAGE
+
+/* Define to 1 if you have the `krb5_get_error_message' function. */
+#undef HAVE_KRB5_GET_ERROR_MESSAGE
+
 /* Define to 1 if you have the <lastlog.h> header file. */
 #undef HAVE_LASTLOG_H
 
@@ -636,6 +668,9 @@
 /* Define to 1 if you have the <linux/seccomp.h> header file. */
 #undef HAVE_LINUX_SECCOMP_H
 
+/* Define to 1 if you have the <locale.h> header file. */
+#undef HAVE_LOCALE_H
+
 /* Define to 1 if you have the `login' function. */
 #undef HAVE_LOGIN
 
@@ -663,6 +698,9 @@
 /* Define to 1 if you have the <maillock.h> header file. */
 #undef HAVE_MAILLOCK_H
 
+/* Define to 1 if you have the `mblen' function. */
+#undef HAVE_MBLEN
+
 /* Define to 1 if you have the `md5_crypt' function. */
 #undef HAVE_MD5_CRYPT
 
@@ -769,15 +807,6 @@
 /* Define to 1 if you have the `pututxline' function. */
 #undef HAVE_PUTUTXLINE
 
-/* Define if your password has a pw_change field */
-#undef HAVE_PW_CHANGE_IN_PASSWD
-
-/* Define if your password has a pw_class field */
-#undef HAVE_PW_CLASS_IN_PASSWD
-
-/* Define if your password has a pw_expire field */
-#undef HAVE_PW_EXPIRE_IN_PASSWD
-
 /* Define to 1 if you have the `readpassphrase' function. */
 #undef HAVE_READPASSPHRASE
 
@@ -814,6 +843,9 @@
 /* define if you have sa_family_t data type */
 #undef HAVE_SA_FAMILY_T
 
+/* Define to 1 if you have the `scan_scaled' function. */
+#undef HAVE_SCAN_SCALED
+
 /* Define if you have SecureWare-based protected password database */
 #undef HAVE_SECUREWARE
 
@@ -1003,6 +1035,18 @@
 /* define if you have struct in6_addr data type */
 #undef HAVE_STRUCT_IN6_ADDR
 
+/* Define to 1 if `pw_change' is a member of `struct passwd'. */
+#undef HAVE_STRUCT_PASSWD_PW_CHANGE
+
+/* Define to 1 if `pw_class' is a member of `struct passwd'. */
+#undef HAVE_STRUCT_PASSWD_PW_CLASS
+
+/* Define to 1 if `pw_expire' is a member of `struct passwd'. */
+#undef HAVE_STRUCT_PASSWD_PW_EXPIRE
+
+/* Define to 1 if `pw_gecos' is a member of `struct passwd'. */
+#undef HAVE_STRUCT_PASSWD_PW_GECOS
+
 /* define if you have struct sockaddr_in6 data type */
 #undef HAVE_STRUCT_SOCKADDR_IN6
 
@@ -1323,15 +1367,6 @@
 /* Set this to your mail directory if you do not have _PATH_MAILDIR */
 #undef MAIL_DIRECTORY
 
-/* Define on *nto-qnx systems */
-#undef MISSING_FD_MASK
-
-/* Define on *nto-qnx systems */
-#undef MISSING_HOWMANY
-
-/* Define on *nto-qnx systems */
-#undef MISSING_NFDBITS
-
 /* Need setpgrp to acquire controlling tty */
 #undef NEED_SETPGRP
 
diff --git a/config.sub b/config.sub
index 2d8169626..eee8dccb0 100755
--- a/config.sub
+++ b/config.sub
@@ -2,9 +2,9 @@
 # Configuration validation subroutine script.
 #   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
 #   2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
-#   2011 Free Software Foundation, Inc.
+#   2011, 2012, 2013 Free Software Foundation, Inc.
 
-timestamp='2011-01-01'
+timestamp='2012-12-23'
 
 # This file is (in principle) common to ALL GNU software.
 # The presence of a machine in this file suggests that SOME GNU software
@@ -21,9 +21,7 @@ timestamp='2011-01-01'
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
-# 02110-1301, USA.
+# along with this program; if not, see <http://www.gnu.org/licenses/>.
 #
 # As a special exception to the GNU General Public License, if you
 # distribute this file as part of a program that contains a
@@ -76,8 +74,8 @@ version="\
 GNU config.sub ($timestamp)
 
 Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
-2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free
-Software Foundation, Inc.
+2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011,
+2012, 2013 Free Software Foundation, Inc.
 
 This is free software; see the source for copying conditions.  There is NO
 warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
@@ -125,13 +123,17 @@ esac
 maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
 case $maybe_os in
   nto-qnx* | linux-gnu* | linux-android* | linux-dietlibc | linux-newlib* | \
-  linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \
+  linux-musl* | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \
   knetbsd*-gnu* | netbsd*-gnu* | \
   kopensolaris*-gnu* | \
   storm-chaos* | os2-emx* | rtmk-nova*)
     os=-$maybe_os
     basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
     ;;
+  android-linux)
+    os=-linux-android
+    basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`-unknown
+    ;;
   *)
     basic_machine=`echo $1 | sed 's/-[^-]*$//'`
     if [ $basic_machine != $1 ]
@@ -154,12 +156,12 @@ case $os in
         -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
         -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
         -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
-        -apple | -axis | -knuth | -cray | -microblaze)
+        -apple | -axis | -knuth | -cray | -microblaze*)
                 os=
                 basic_machine=$1
                 ;;
-        -bluegene*)
-                os=-cnk
+        -bluegene*)
+                os=-cnk
                 ;;
         -sim | -cisco | -oki | -wec | -winbond)
                 os=
@@ -175,10 +177,10 @@ case $os in
                 os=-chorusos
                 basic_machine=$1
                 ;;
-        -chorusrdb)
-                os=-chorusrdb
+        -chorusrdb)
+                os=-chorusrdb
                 basic_machine=$1
-                ;;
+                ;;
         -hiux*)
                 os=-hiuxwe2
                 ;;
@@ -223,6 +225,12 @@ case $os in
         -isc*)
                 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
                 ;;
+        -lynx*178)
+                os=-lynxos178
+                ;;
+        -lynx*5)
+                os=-lynxos5
+                ;;
         -lynx*)
                 os=-lynxos
                 ;;
@@ -247,20 +255,27 @@ case $basic_machine in
         # Some are omitted here because they have special meanings below.
         1750a | 580 \
         | a29k \
+        | aarch64 | aarch64_be \
         | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \
         | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \
         | am33_2.0 \
-        | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \
+        | arc \
+        | arm | arm[bl]e | arme[lb] | armv[2-8] | armv[3-8][lb] | armv7[arm] \
+        | avr | avr32 \
+        | be32 | be64 \
         | bfin \
         | c4x | clipper \
         | d10v | d30v | dlx | dsp16xx \
+        | epiphany \
         | fido | fr30 | frv \
         | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
+        | hexagon \
         | i370 | i860 | i960 | ia64 \
         | ip2k | iq2000 \
+        | le32 | le64 \
         | lm32 \
         | m32c | m32r | m32rle | m68000 | m68k | m88k \
-        | maxq | mb | microblaze | mcore | mep | metag \
+        | maxq | mb | microblaze | microblazeel | mcore | mep | metag \
         | mips | mipsbe | mipseb | mipsel | mipsle \
         | mips16 \
         | mips64 | mips64el \
@@ -286,22 +301,23 @@ case $basic_machine in
         | nds32 | nds32le | nds32be \
         | nios | nios2 \
         | ns16k | ns32k \
+        | open8 \
         | or32 \
         | pdp10 | pdp11 | pj | pjl \
-        | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
+        | powerpc | powerpc64 | powerpc64le | powerpcle \
         | pyramid \
-        | rx \
+        | rl78 | rx \
         | score \
         | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
         | sh64 | sh64le \
         | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \
         | sparcv8 | sparcv9 | sparcv9b | sparcv9v \
-        | spu | strongarm \
-        | tahoe | thumb | tic4x | tic54x | tic55x | tic6x | tic80 | tron \
+        | spu \
+        | tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \
         | ubicom32 \
-        | v850 | v850e \
+        | v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \
         | we32k \
-        | x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \
+        | x86 | xc16x | xstormy16 | xtensa \
         | z8k | z80)
                 basic_machine=$basic_machine-unknown
                 ;;
@@ -314,8 +330,7 @@ case $basic_machine in
         c6x)
                 basic_machine=tic6x-unknown
                 ;;
-        m6811 | m68hc11 | m6812 | m68hc12 | picochip)
-                # Motorola 68HC11/12.
+        m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | picochip)
                 basic_machine=$basic_machine-unknown
                 os=-none
                 ;;
@@ -325,6 +340,21 @@ case $basic_machine in
                 basic_machine=mt-unknown
                 ;;
 
+        strongarm | thumb | xscale)
+                basic_machine=arm-unknown
+                ;;
+        xgate)
+                basic_machine=$basic_machine-unknown
+                os=-none
+                ;;
+        xscaleeb)
+                basic_machine=armeb-unknown
+                ;;
+
+        xscaleel)
+                basic_machine=armel-unknown
+                ;;
+
         # We use `pc' rather than `unknown'
         # because (1) that's what they normally are, and
         # (2) the word "unknown" tends to confuse beginning users.
@@ -339,11 +369,13 @@ case $basic_machine in
         # Recognize the basic CPU types with company name.
         580-* \
         | a29k-* \
+        | aarch64-* | aarch64_be-* \
         | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \
         | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \
         | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \
         | arm-*  | armbe-* | armle-* | armeb-* | armv*-* \
         | avr-* | avr32-* \
+        | be32-* | be64-* \
         | bfin-* | bs2000-* \
         | c[123]* | c30-* | [cjt]90-* | c4x-* \
         | clipper-* | craynv-* | cydra-* \
@@ -352,12 +384,15 @@ case $basic_machine in
         | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \
         | h8300-* | h8500-* \
         | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
+        | hexagon-* \
         | i*86-* | i860-* | i960-* | ia64-* \
         | ip2k-* | iq2000-* \
+        | le32-* | le64-* \
         | lm32-* \
         | m32c-* | m32r-* | m32rle-* \
         | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
-        | m88110-* | m88k-* | maxq-* | mcore-* | metag-* | microblaze-* \
+        | m88110-* | m88k-* | maxq-* | mcore-* | metag-* \
+        | microblaze-* | microblazeel-* \
         | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
         | mips16-* \
         | mips64-* | mips64el-* \
@@ -382,24 +417,26 @@ case $basic_machine in
         | nds32-* | nds32le-* | nds32be-* \
         | nios-* | nios2-* \
         | none-* | np1-* | ns16k-* | ns32k-* \
+        | open8-* \
         | orion-* \
         | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
-        | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
+        | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \
         | pyramid-* \
-        | romp-* | rs6000-* | rx-* \
+        | rl78-* | romp-* | rs6000-* | rx-* \
         | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
         | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
         | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \
         | sparclite-* \
-        | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \
-        | tahoe-* | thumb-* \
+        | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx?-* \
+        | tahoe-* \
         | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
-        | tile-* | tilegx-* \
+        | tile*-* \
         | tron-* \
         | ubicom32-* \
-        | v850-* | v850e-* | vax-* \
+        | v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \
+        | vax-* \
         | we32k-* \
-        | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \
+        | x86-* | x86_64-* | xc16x-* | xps100-* \
         | xstormy16-* | xtensa*-* \
         | ymp-* \
         | z8k-* | z80-*)
@@ -424,7 +461,7 @@ case $basic_machine in
                 basic_machine=a29k-amd
                 os=-udi
                 ;;
-        abacus)
+        abacus)
                 basic_machine=abacus-unknown
                 ;;
         adobe68k)
@@ -507,7 +544,7 @@ case $basic_machine in
                 basic_machine=c90-cray
                 os=-unicos
                 ;;
-        cegcc)
+        cegcc)
                 basic_machine=arm-unknown
                 os=-cegcc
                 ;;
@@ -697,7 +734,6 @@ case $basic_machine in
         i370-ibm* | ibm*)
                 basic_machine=i370-ibm
                 ;;
-# I'm not sure what "Sysv32" means.  Should this be sysv3.2?
         i*86v32)
                 basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
                 os=-sysv32
@@ -755,9 +791,13 @@ case $basic_machine in
                 basic_machine=ns32k-utek
                 os=-sysv
                 ;;
-        microblaze)
+        microblaze*)
                 basic_machine=microblaze-xilinx
                 ;;
+        mingw64)
+                basic_machine=x86_64-pc
+                os=-mingw64
+                ;;
         mingw32)
                 basic_machine=i386-pc
                 os=-mingw32
@@ -794,10 +834,18 @@ case $basic_machine in
         ms1-*)
                 basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'`
                 ;;
+        msys)
+                basic_machine=i386-pc
+                os=-msys
+                ;;
         mvs)
                 basic_machine=i370-ibm
                 os=-mvs
                 ;;
+        nacl)
+                basic_machine=le32-unknown
+                os=-nacl
+                ;;
         ncr3000)
                 basic_machine=i486-ncr
                 os=-sysv4
@@ -862,10 +910,10 @@ case $basic_machine in
         np1)
                 basic_machine=np1-gould
                 ;;
-        neo-tandem)
+        neo-tandem)
                 basic_machine=neo-tandem
                 ;;
-        nse-tandem)
+        nse-tandem)
                 basic_machine=nse-tandem
                 ;;
         nsr-tandem)
@@ -950,9 +998,10 @@ case $basic_machine in
                 ;;
         power)  basic_machine=power-ibm
                 ;;
-        ppc)    basic_machine=powerpc-unknown
+        ppc | ppcbe)    basic_machine=powerpc-unknown
                 ;;
-        ppc-*)  basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
+        ppc-* | ppcbe-*)
+                basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
                 ;;
         ppcle | powerpclittle | ppc-le | powerpc-little)
                 basic_machine=powerpcle-unknown
@@ -977,7 +1026,11 @@ case $basic_machine in
                 basic_machine=i586-unknown
                 os=-pw32
                 ;;
-        rdos)
+        rdos | rdos64)
+                basic_machine=x86_64-pc
+                os=-rdos
+                ;;
+        rdos32)
                 basic_machine=i386-pc
                 os=-rdos
                 ;;
@@ -1046,6 +1099,9 @@ case $basic_machine in
                 basic_machine=i860-stratus
                 os=-sysv4
                 ;;
+        strongarm-* | thumb-*)
+                basic_machine=arm-`echo $basic_machine | sed 's/^[^-]*-//'`
+                ;;
         sun2)
                 basic_machine=m68000-sun
                 ;;
@@ -1102,13 +1158,8 @@ case $basic_machine in
                 basic_machine=t90-cray
                 os=-unicos
                 ;;
-        # This must be matched before tile*.
-        tilegx*)
-                basic_machine=tilegx-unknown
-                os=-linux-gnu
-                ;;
         tile*)
-                basic_machine=tile-unknown
+                basic_machine=$basic_machine-unknown
                 os=-linux-gnu
                 ;;
         tx39)
@@ -1178,6 +1229,9 @@ case $basic_machine in
         xps | xps100)
                 basic_machine=xps100-honeywell
                 ;;
+        xscale-* | xscalee[bl]-*)
+                basic_machine=`echo $basic_machine | sed 's/^xscale/arm/'`
+                ;;
         ymp)
                 basic_machine=ymp-cray
                 os=-unicos
@@ -1275,11 +1329,11 @@ esac
 if [ x"$os" != x"" ]
 then
 case $os in
-        # First match some system type aliases
-        # that might get confused with valid system types.
+        # First match some system type aliases
+        # that might get confused with valid system types.
         # -solaris* is a basic system type, with this one exception.
-        -auroraux)
-                os=-auroraux
+        -auroraux)
+                os=-auroraux
                 ;;
         -solaris1 | -solaris1.*)
                 os=`echo $os | sed -e 's|solaris1|sunos4|'`
@@ -1309,15 +1363,15 @@ case $os in
               | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
               | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
               | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \
-              | -openbsd* | -solidbsd* \
+              | -bitrig* | -openbsd* | -solidbsd* \
               | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \
               | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
               | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
               | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
               | -chorusos* | -chorusrdb* | -cegcc* \
-              | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
-              | -mingw32* | -linux-gnu* | -linux-android* \
-              | -linux-newlib* | -linux-uclibc* \
+              | -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
+              | -mingw32* | -mingw64* | -linux-gnu* | -linux-android* \
+              | -linux-newlib* | -linux-musl* | -linux-uclibc* \
               | -uxpv* | -beos* | -mpeix* | -udk* \
               | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \
               | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \
@@ -1364,7 +1418,7 @@ case $os in
         -opened*)
                 os=-openedition
                 ;;
-        -os400*)
+        -os400*)
                 os=-os400
                 ;;
         -wince*)
@@ -1413,7 +1467,7 @@ case $os in
         -sinix*)
                 os=-sysv4
                 ;;
-        -tpf*)
+        -tpf*)
                 os=-tpf
                 ;;
         -triton*)
@@ -1458,8 +1512,8 @@ case $os in
         -dicos*)
                 os=-dicos
                 ;;
-        -nacl*)
-                ;;
+        -nacl*)
+                ;;
         -none)
                 ;;
         *)
@@ -1482,10 +1536,10 @@ else
 # system, and we'll never get to this point.
 
 case $basic_machine in
-        score-*)
+        score-*)
                 os=-elf
                 ;;
-        spu-*)
+        spu-*)
                 os=-elf
                 ;;
         *-acorn)
@@ -1497,8 +1551,11 @@ case $basic_machine in
         arm*-semi)
                 os=-aout
                 ;;
-        c4x-* | tic4x-*)
-                os=-coff
+        c4x-* | tic4x-*)
+                os=-coff
+                ;;
+        hexagon-*)
+                os=-elf
                 ;;
         tic54x-*)
                 os=-coff
@@ -1527,14 +1584,11 @@ case $basic_machine in
                 ;;
         m68000-sun)
                 os=-sunos3
-                # This also exists in the configure program, but was not the
-                # default.
-                # os=-sunos4
                 ;;
         m68*-cisco)
                 os=-aout
                 ;;
-        mep-*)
+        mep-*)
                 os=-elf
                 ;;
         mips*-cisco)
@@ -1561,7 +1615,7 @@ case $basic_machine in
         *-ibm)
                 os=-aix
                 ;;
-        *-knuth)
+        *-knuth)
                 os=-mmixware
                 ;;
         *-wec)
diff --git a/configure b/configure
index 4eeed9d09..78bbcd008 100755
--- a/configure
+++ b/configure
@@ -1,5 +1,5 @@
 #! /bin/sh
-# From configure.ac Revision: 1.518 .
+# From configure.ac Revision: 1.536 .
 # Guess values for system-dependent variables and create Makefiles.
 # Generated by GNU Autoconf 2.68 for OpenSSH Portable.
 #
@@ -605,6 +605,7 @@ ac_includes_default="\
 
 ac_subst_vars='LTLIBOBJS
 LIBOBJS
+UNSUPPORTED_ALGORITHMS
 TEST_SSH_IPV6
 piddir
 user_path
@@ -5605,6 +5606,68 @@ fi
 
 if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
         {
+        { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports -Qunused-arguments -Werror" >&5
+$as_echo_n "checking if $CC supports -Qunused-arguments -Werror... " >&6; }
+        saved_CFLAGS="$CFLAGS"
+        CFLAGS="$CFLAGS -Qunused-arguments -Werror"
+        _define_flag="-Qunused-arguments"
+        test "x$_define_flag" = "x" && _define_flag="-Qunused-arguments -Werror"
+        cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+int main(void) { return 0; }
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+if `grep -i "unrecognized option" conftest.err >/dev/null`
+then
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+                CFLAGS="$saved_CFLAGS"
+else
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+                 CFLAGS="$saved_CFLAGS $_define_flag"
+fi
+else
+   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+                  CFLAGS="$saved_CFLAGS"
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+}
+        {
+        { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports -Wunknown-warning-option -Werror" >&5
+$as_echo_n "checking if $CC supports -Wunknown-warning-option -Werror... " >&6; }
+        saved_CFLAGS="$CFLAGS"
+        CFLAGS="$CFLAGS -Wunknown-warning-option -Werror"
+        _define_flag="-Wno-unknown-warning-option"
+        test "x$_define_flag" = "x" && _define_flag="-Wunknown-warning-option -Werror"
+        cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+int main(void) { return 0; }
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+if `grep -i "unrecognized option" conftest.err >/dev/null`
+then
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+                CFLAGS="$saved_CFLAGS"
+else
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+                 CFLAGS="$saved_CFLAGS $_define_flag"
+fi
+else
+   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+                  CFLAGS="$saved_CFLAGS"
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+}
+        {
         { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports -Wall" >&5
 $as_echo_n "checking if $CC supports -Wall... " >&6; }
         saved_CFLAGS="$CFLAGS"
@@ -5616,9 +5679,17 @@ $as_echo_n "checking if $CC supports -Wall... " >&6; }
 int main(void) { return 0; }
 _ACEOF
 if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+
+if `grep -i "unrecognized option" conftest.err >/dev/null`
+then
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+                CFLAGS="$saved_CFLAGS"
+else
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
 $as_echo "yes" >&6; }
-                  CFLAGS="$saved_CFLAGS $_define_flag"
+                 CFLAGS="$saved_CFLAGS $_define_flag"
+fi
 else
    { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
@@ -5639,9 +5710,17 @@ $as_echo_n "checking if $CC supports -Wpointer-arith... " >&6; }
 int main(void) { return 0; }
 _ACEOF
 if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+
+if `grep -i "unrecognized option" conftest.err >/dev/null`
+then
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+                CFLAGS="$saved_CFLAGS"
+else
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
 $as_echo "yes" >&6; }
-                  CFLAGS="$saved_CFLAGS $_define_flag"
+                 CFLAGS="$saved_CFLAGS $_define_flag"
+fi
 else
    { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
@@ -5662,9 +5741,17 @@ $as_echo_n "checking if $CC supports -Wuninitialized... " >&6; }
 int main(void) { return 0; }
 _ACEOF
 if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+
+if `grep -i "unrecognized option" conftest.err >/dev/null`
+then
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+                CFLAGS="$saved_CFLAGS"
+else
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
 $as_echo "yes" >&6; }
-                  CFLAGS="$saved_CFLAGS $_define_flag"
+                 CFLAGS="$saved_CFLAGS $_define_flag"
+fi
 else
    { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
@@ -5685,9 +5772,17 @@ $as_echo_n "checking if $CC supports -Wsign-compare... " >&6; }
 int main(void) { return 0; }
 _ACEOF
 if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+
+if `grep -i "unrecognized option" conftest.err >/dev/null`
+then
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+                CFLAGS="$saved_CFLAGS"
+else
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
 $as_echo "yes" >&6; }
-                  CFLAGS="$saved_CFLAGS $_define_flag"
+                 CFLAGS="$saved_CFLAGS $_define_flag"
+fi
 else
    { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
@@ -5708,9 +5803,48 @@ $as_echo_n "checking if $CC supports -Wformat-security... " >&6; }
 int main(void) { return 0; }
 _ACEOF
 if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+
+if `grep -i "unrecognized option" conftest.err >/dev/null`
+then
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+                CFLAGS="$saved_CFLAGS"
+else
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+                 CFLAGS="$saved_CFLAGS $_define_flag"
+fi
+else
+   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+                  CFLAGS="$saved_CFLAGS"
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+}
+        {
+        { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports -Wsizeof-pointer-memaccess" >&5
+$as_echo_n "checking if $CC supports -Wsizeof-pointer-memaccess... " >&6; }
+        saved_CFLAGS="$CFLAGS"
+        CFLAGS="$CFLAGS -Wsizeof-pointer-memaccess"
+        _define_flag=""
+        test "x$_define_flag" = "x" && _define_flag="-Wsizeof-pointer-memaccess"
+        cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+int main(void) { return 0; }
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+if `grep -i "unrecognized option" conftest.err >/dev/null`
+then
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+                CFLAGS="$saved_CFLAGS"
+else
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
 $as_echo "yes" >&6; }
-                  CFLAGS="$saved_CFLAGS $_define_flag"
+                 CFLAGS="$saved_CFLAGS $_define_flag"
+fi
 else
    { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
@@ -5731,9 +5865,17 @@ $as_echo_n "checking if $CC supports -Wpointer-sign... " >&6; }
 int main(void) { return 0; }
 _ACEOF
 if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+
+if `grep -i "unrecognized option" conftest.err >/dev/null`
+then
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+                CFLAGS="$saved_CFLAGS"
+else
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
 $as_echo "yes" >&6; }
-                  CFLAGS="$saved_CFLAGS $_define_flag"
+                 CFLAGS="$saved_CFLAGS $_define_flag"
+fi
 else
    { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
@@ -5754,9 +5896,17 @@ $as_echo_n "checking if $CC supports -Wunused-result... " >&6; }
 int main(void) { return 0; }
 _ACEOF
 if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+
+if `grep -i "unrecognized option" conftest.err >/dev/null`
+then
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+                CFLAGS="$saved_CFLAGS"
+else
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
 $as_echo "yes" >&6; }
-                  CFLAGS="$saved_CFLAGS $_define_flag"
+                 CFLAGS="$saved_CFLAGS $_define_flag"
+fi
 else
    { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
@@ -5777,9 +5927,17 @@ $as_echo_n "checking if $CC supports -fno-strict-aliasing... " >&6; }
 int main(void) { return 0; }
 _ACEOF
 if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+
+if `grep -i "unrecognized option" conftest.err >/dev/null`
+then
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+                CFLAGS="$saved_CFLAGS"
+else
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
 $as_echo "yes" >&6; }
-                  CFLAGS="$saved_CFLAGS $_define_flag"
+                 CFLAGS="$saved_CFLAGS $_define_flag"
+fi
 else
    { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
@@ -5800,9 +5958,17 @@ $as_echo_n "checking if $CC supports -D_FORTIFY_SOURCE=2... " >&6; }
 int main(void) { return 0; }
 _ACEOF
 if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+
+if `grep -i "unrecognized option" conftest.err >/dev/null`
+then
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+                CFLAGS="$saved_CFLAGS"
+else
+                { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
 $as_echo "yes" >&6; }
-                  CFLAGS="$saved_CFLAGS $_define_flag"
+                 CFLAGS="$saved_CFLAGS $_define_flag"
+fi
 else
    { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
@@ -6074,6 +6240,7 @@ for ac_header in  \
         ia.h \
         iaf.h \
         limits.h \
+        locale.h \
         login.h \
         maillock.h \
         ndir.h \
@@ -6112,7 +6279,6 @@ for ac_header in  \
         sys/sysmacros.h \
         sys/time.h \
         sys/timers.h \
-        sys/un.h \
         time.h \
         tmpdir.h \
         ttyent.h \
@@ -6210,6 +6376,24 @@ fi
 done
 
 
+# Android requires sys/socket.h to be included before sys/un.h
+for ac_header in sys/un.h
+do :
+  ac_fn_c_check_header_compile "$LINENO" "sys/un.h" "ac_cv_header_sys_un_h" "
+#include <sys/types.h>
+#include <sys/socket.h>
+
+"
+if test "x$ac_cv_header_sys_un_h" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_SYS_UN_H 1
+_ACEOF
+
+fi
+
+done
+
+
 # Messages for features tested for in target-specific section
 SIA_MSG="no"
 SPC_MSG="no"
@@ -6496,6 +6680,14 @@ $as_echo "#define PTY_ZEROREAD 1" >>confdefs.h
 $as_echo "#define PLATFORM_SYS_DIR_UID 2" >>confdefs.h
 
         ;;
+*-*-android*)
+
+$as_echo "#define DISABLE_UTMP 1" >>confdefs.h
+
+
+$as_echo "#define DISABLE_WTMP 1" >>confdefs.h
+
+        ;;
 *-*-cygwin*)
         check_for_libcrypt_later=1
         LIBS="$LIBS /usr/lib/textreadmode.o"
@@ -7257,6 +7449,7 @@ fi
 
 fi
 
+        TEST_SHELL=$SHELL       # let configure find us a capable shell
         ;;
 *-*-sunos4*)
         CPPFLAGS="$CPPFLAGS -DSUNOS4"
@@ -7413,6 +7606,7 @@ $as_echo "#define PASSWD_NEEDS_USERNAME 1" >>confdefs.h
 
         $as_echo "#define LOCKED_PASSWD_STRING \"*LK*\"" >>confdefs.h
 
+        TEST_SHELL=$SHELL       # let configure find us a capable shell
         ;;
 # UnixWare 7.x, OpenUNIX 8
 *-*-sysv5*)
@@ -7432,10 +7626,10 @@ $as_echo "#define UNIXWARE_LONG_PASSWORDS 1" >>confdefs.h
 
         $as_echo "#define PASSWD_NEEDS_USERNAME 1" >>confdefs.h
 
+        TEST_SHELL=$SHELL       # let configure find us a capable shell
         case "$host" in
         *-*-sysv5SCO_SV*)       # SCO OpenServer 6.x
                 maildir=/var/spool/mail
-                TEST_SHELL=/u95/bin/sh
 
 $as_echo "#define BROKEN_LIBIAF 1" >>confdefs.h
 
@@ -7553,7 +7747,7 @@ fi
 done
 
         MANTYPE=man
-        TEST_SHELL=ksh
+        TEST_SHELL=$SHELL       # let configure find us a capable shell
         SKIP_DISABLE_LASTLOG_DEFINE=yes
         ;;
 *-*-unicosmk*)
@@ -7664,15 +7858,6 @@ $as_echo "#define BROKEN_READV_COMPARISON 1" >>confdefs.h
 
         $as_echo "#define NO_X11_UNIX_SOCKETS 1" >>confdefs.h
 
-
-$as_echo "#define MISSING_NFDBITS 1" >>confdefs.h
-
-
-$as_echo "#define MISSING_HOWMANY 1" >>confdefs.h
-
-
-$as_echo "#define MISSING_FD_MASK 1" >>confdefs.h
-
         $as_echo "#define DISABLE_LASTLOG 1" >>confdefs.h
 
         $as_echo "#define SSHD_ACQUIRES_CTTY 1" >>confdefs.h
@@ -7705,8 +7890,6 @@ $as_echo "#define HAVE_SYS_SYSLOG_H 1" >>confdefs.h
 
 *-*-lynxos)
         CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
-        $as_echo "#define MISSING_HOWMANY 1" >>confdefs.h
-
 
 $as_echo "#define BROKEN_SETVBUF 1" >>confdefs.h
 
@@ -8231,6 +8414,7 @@ else
 /* end confdefs.h.  */
 
 #include <stdio.h>
+#include <stdlib.h>
 #include <zlib.h>
 
 int
@@ -8455,6 +8639,62 @@ if test "$ac_res" != no; then :
 
 fi
 
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing scan_scaled" >&5
+$as_echo_n "checking for library containing scan_scaled... " >&6; }
+if ${ac_cv_search_scan_scaled+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_func_search_save_LIBS=$LIBS
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char scan_scaled ();
+int
+main ()
+{
+return scan_scaled ();
+  ;
+  return 0;
+}
+_ACEOF
+for ac_lib in '' util bsd; do
+  if test -z "$ac_lib"; then
+    ac_res="none required"
+  else
+    ac_res=-l$ac_lib
+    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
+  fi
+  if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_search_scan_scaled=$ac_res
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext
+  if ${ac_cv_search_scan_scaled+:} false; then :
+  break
+fi
+done
+if ${ac_cv_search_scan_scaled+:} false; then :
+
+else
+  ac_cv_search_scan_scaled=no
+fi
+rm conftest.$ac_ext
+LIBS=$ac_func_search_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_scan_scaled" >&5
+$as_echo "$ac_cv_search_scan_scaled" >&6; }
+ac_res=$ac_cv_search_scan_scaled
+if test "$ac_res" != no; then :
+  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
+
+fi
+
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing login" >&5
 $as_echo_n "checking for library containing login... " >&6; }
 if ${ac_cv_search_login+:} false; then :
@@ -8735,7 +8975,7 @@ if test "$ac_res" != no; then :
 
 fi
 
-for ac_func in fmt_scaled login logout openpty updwtmp logwtmp
+for ac_func in fmt_scaled scan_scaled login logout openpty updwtmp logwtmp
 do :
   as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
 ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
@@ -9570,6 +9810,7 @@ for ac_func in  \
         clock \
         closefrom \
         dirfd \
+        endgrent \
         fchmod \
         fchown \
         freeaddrinfo \
@@ -9594,6 +9835,7 @@ for ac_func in  \
         inet_ntop \
         innetgr \
         login_getcapbool \
+        mblen \
         md5_crypt \
         memmove \
         mkdtemp \
@@ -9852,6 +10094,65 @@ $as_echo "#define HAVE_NANOSLEEP 1" >>confdefs.h
 fi
 
 
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing clock_gettime" >&5
+$as_echo_n "checking for library containing clock_gettime... " >&6; }
+if ${ac_cv_search_clock_gettime+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_func_search_save_LIBS=$LIBS
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char clock_gettime ();
+int
+main ()
+{
+return clock_gettime ();
+  ;
+  return 0;
+}
+_ACEOF
+for ac_lib in '' rt; do
+  if test -z "$ac_lib"; then
+    ac_res="none required"
+  else
+    ac_res=-l$ac_lib
+    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
+  fi
+  if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_search_clock_gettime=$ac_res
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext
+  if ${ac_cv_search_clock_gettime+:} false; then :
+  break
+fi
+done
+if ${ac_cv_search_clock_gettime+:} false; then :
+
+else
+  ac_cv_search_clock_gettime=no
+fi
+rm conftest.$ac_ext
+LIBS=$ac_func_search_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_clock_gettime" >&5
+$as_echo "$ac_cv_search_clock_gettime" >&6; }
+ac_res=$ac_cv_search_clock_gettime
+if test "$ac_res" != no; then :
+  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
+
+$as_echo "#define HAVE_CLOCK_GETTIME 1" >>confdefs.h
+
+fi
+
+
 ac_fn_c_check_decl "$LINENO" "getrusage" "ac_cv_have_decl_getrusage" "$ac_includes_default"
 if test "x$ac_cv_have_decl_getrusage" = xyes; then :
   for ac_func in getrusage
@@ -10006,6 +10307,84 @@ cat >>confdefs.h <<_ACEOF
 _ACEOF
 
 
+# extra bits for select(2)
+ac_fn_c_check_decl "$LINENO" "howmany" "ac_cv_have_decl_howmany" "
+#include <sys/param.h>
+#include <sys/types.h>
+#ifdef HAVE_SYS_SYSMACROS_H
+#include <sys/sysmacros.h>
+#endif
+#ifdef HAVE_SYS_SELECT_H
+#include <sys/select.h>
+#endif
+#ifdef HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+
+"
+if test "x$ac_cv_have_decl_howmany" = xyes; then :
+  ac_have_decl=1
+else
+  ac_have_decl=0
+fi
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_DECL_HOWMANY $ac_have_decl
+_ACEOF
+ac_fn_c_check_decl "$LINENO" "NFDBITS" "ac_cv_have_decl_NFDBITS" "
+#include <sys/param.h>
+#include <sys/types.h>
+#ifdef HAVE_SYS_SYSMACROS_H
+#include <sys/sysmacros.h>
+#endif
+#ifdef HAVE_SYS_SELECT_H
+#include <sys/select.h>
+#endif
+#ifdef HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+
+"
+if test "x$ac_cv_have_decl_NFDBITS" = xyes; then :
+  ac_have_decl=1
+else
+  ac_have_decl=0
+fi
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_DECL_NFDBITS $ac_have_decl
+_ACEOF
+
+ac_fn_c_check_type "$LINENO" "fd_mask" "ac_cv_type_fd_mask" "
+#include <sys/param.h>
+#include <sys/types.h>
+#ifdef HAVE_SYS_SELECT_H
+#include <sys/select.h>
+#endif
+#ifdef HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+
+"
+if test "x$ac_cv_type_fd_mask" = xyes; then :
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_FD_MASK 1
+_ACEOF
+
+
+fi
+
+
 for ac_func in setresuid
 do :
   ac_fn_c_check_func "$LINENO" "setresuid" "ac_cv_func_setresuid"
@@ -11336,6 +11715,8 @@ else
 
                 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
+                unsupported_algorithms="$unsupported_cipers \
+                   aes128-gcm@openssh.com aes256-gcm@openssh.com"
 
 
 fi
@@ -11532,6 +11913,18 @@ if test "x$ac_cv_lib_crypt_crypt" = xyes; then :
 fi
 
 fi
+for ac_func in crypt DES_crypt
+do :
+  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
+if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
+  cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
 
 # Search for SHA256 support in libc and/or OpenSSL
 for ac_func in SHA256_Update EVP_sha256
@@ -11545,6 +11938,12 @@ _ACEOF
  TEST_SSH_SHA256=yes
 else
   TEST_SSH_SHA256=no
+     unsupported_algorithms="$unsupported_algorithms \
+        hmac-sha2-256 hmac-sha2-512 \
+        diffie-hellman-group-exchange-sha256 \
+        hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com"
+
+
 fi
 done
 
@@ -11593,6 +11992,12 @@ else
 $as_echo "no" >&6; }
                 TEST_SSH_ECC=no
                 COMMENT_OUT_ECC="#no ecc#"
+                unsupported_algorithms="$unsupported_algorithms \
+                    ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 \
+                    ecdsa-sha2-nistp256-cert-v01@openssh.com \
+                    ecdsa-sha2-nistp384-cert-v01@openssh.com \
+                    ecdsa-sha2-nistp521-cert-v01@openssh.com \
+                    ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521"
 
 
 fi
@@ -14345,6 +14750,60 @@ _ACEOF
 
 fi
 
+ac_fn_c_check_member "$LINENO" "struct passwd" "pw_gecos" "ac_cv_member_struct_passwd_pw_gecos" "
+#include <sys/types.h>
+#include <pwd.h>
+
+"
+if test "x$ac_cv_member_struct_passwd_pw_gecos" = xyes; then :
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_STRUCT_PASSWD_PW_GECOS 1
+_ACEOF
+
+
+fi
+ac_fn_c_check_member "$LINENO" "struct passwd" "pw_class" "ac_cv_member_struct_passwd_pw_class" "
+#include <sys/types.h>
+#include <pwd.h>
+
+"
+if test "x$ac_cv_member_struct_passwd_pw_class" = xyes; then :
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_STRUCT_PASSWD_PW_CLASS 1
+_ACEOF
+
+
+fi
+ac_fn_c_check_member "$LINENO" "struct passwd" "pw_change" "ac_cv_member_struct_passwd_pw_change" "
+#include <sys/types.h>
+#include <pwd.h>
+
+"
+if test "x$ac_cv_member_struct_passwd_pw_change" = xyes; then :
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_STRUCT_PASSWD_PW_CHANGE 1
+_ACEOF
+
+
+fi
+ac_fn_c_check_member "$LINENO" "struct passwd" "pw_expire" "ac_cv_member_struct_passwd_pw_expire" "
+#include <sys/types.h>
+#include <pwd.h>
+
+"
+if test "x$ac_cv_member_struct_passwd_pw_expire" = xyes; then :
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_STRUCT_PASSWD_PW_EXPIRE 1
+_ACEOF
+
+
+fi
+
+
 ac_fn_c_check_member "$LINENO" "struct __res_state" "retrans" "ac_cv_member_struct___res_state_retrans" "
 #include <stdio.h>
 #if HAVE_SYS_TYPES_H
@@ -14437,108 +14896,6 @@ $as_echo "#define HAVE___SS_FAMILY_IN_SS 1" >>confdefs.h
 
 fi
 
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for pw_class field in struct passwd" >&5
-$as_echo_n "checking for pw_class field in struct passwd... " >&6; }
-if ${ac_cv_have_pw_class_in_struct_passwd+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-        cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <pwd.h>
-int
-main ()
-{
- struct passwd p; p.pw_class = 0;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_pw_class_in_struct_passwd="yes"
-else
-   ac_cv_have_pw_class_in_struct_passwd="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_pw_class_in_struct_passwd" >&5
-$as_echo "$ac_cv_have_pw_class_in_struct_passwd" >&6; }
-if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
-
-$as_echo "#define HAVE_PW_CLASS_IN_PASSWD 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for pw_expire field in struct passwd" >&5
-$as_echo_n "checking for pw_expire field in struct passwd... " >&6; }
-if ${ac_cv_have_pw_expire_in_struct_passwd+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-        cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <pwd.h>
-int
-main ()
-{
- struct passwd p; p.pw_expire = 0;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_pw_expire_in_struct_passwd="yes"
-else
-   ac_cv_have_pw_expire_in_struct_passwd="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_pw_expire_in_struct_passwd" >&5
-$as_echo "$ac_cv_have_pw_expire_in_struct_passwd" >&6; }
-if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
-
-$as_echo "#define HAVE_PW_EXPIRE_IN_PASSWD 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for pw_change field in struct passwd" >&5
-$as_echo_n "checking for pw_change field in struct passwd... " >&6; }
-if ${ac_cv_have_pw_change_in_struct_passwd+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-        cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <pwd.h>
-int
-main ()
-{
- struct passwd p; p.pw_change = 0;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_pw_change_in_struct_passwd="yes"
-else
-   ac_cv_have_pw_change_in_struct_passwd="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_pw_change_in_struct_passwd" >&5
-$as_echo "$ac_cv_have_pw_change_in_struct_passwd" >&6; }
-if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
-
-$as_echo "#define HAVE_PW_CHANGE_IN_PASSWD 1" >>confdefs.h
-
-fi
-
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for msg_accrights field in struct msghdr" >&5
 $as_echo_n "checking for msg_accrights field in struct msghdr... " >&6; }
 if ${ac_cv_have_accrights_in_msghdr+:} false; then :
@@ -15996,6 +16353,22 @@ cat >>confdefs.h <<_ACEOF
 #define HAVE_DECL_GSS_C_NT_HOSTBASED_SERVICE $ac_have_decl
 _ACEOF
 
+                saved_LIBS="$LIBS"
+                LIBS="$LIBS $K5LIBS"
+                for ac_func in krb5_cc_new_unique krb5_get_error_message krb5_free_error_message
+do :
+  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
+if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
+  cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+                LIBS="$saved_LIBS"
+
         fi
 
 
@@ -17307,6 +17680,8 @@ fi
 
 TEST_SSH_IPV6=$TEST_SSH_IPV6
 
+UNSUPPORTED_ALGORITHMS=$unsupported_algorithms
+
 
 
 ac_config_files="$ac_config_files Makefile buildpkg.sh opensshd.init openssh.xml openbsd-compat/Makefile openbsd-compat/regress/Makefile survey.sh"
diff --git a/configure.ac b/configure.ac
index 198a2056e..d7d500a33 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-# $Id: configure.ac,v 1.518 2013/03/20 01:55:15 djm Exp $
+# $Id: configure.ac,v 1.536 2013/08/04 11:48:41 dtucker Exp $
 #
 # Copyright (c) 1999-2004 Damien Miller
 #
@@ -15,7 +15,7 @@
 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 
 AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org])
-AC_REVISION($Revision: 1.518 $)
+AC_REVISION($Revision: 1.536 $)
 AC_CONFIG_SRCDIR([ssh.c])
 AC_LANG([C])
 
@@ -129,11 +129,16 @@ AC_ARG_WITH([stackprotect],
 
 
 if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
+        OSSH_CHECK_CFLAG_COMPILE([-Qunused-arguments -Werror],
+            [-Qunused-arguments])
+        OSSH_CHECK_CFLAG_COMPILE([-Wunknown-warning-option -Werror],
+            [-Wno-unknown-warning-option])
         OSSH_CHECK_CFLAG_COMPILE([-Wall])
         OSSH_CHECK_CFLAG_COMPILE([-Wpointer-arith])
         OSSH_CHECK_CFLAG_COMPILE([-Wuninitialized])
         OSSH_CHECK_CFLAG_COMPILE([-Wsign-compare])
         OSSH_CHECK_CFLAG_COMPILE([-Wformat-security])
+        OSSH_CHECK_CFLAG_COMPILE([-Wsizeof-pointer-memaccess])
         OSSH_CHECK_CFLAG_COMPILE([-Wpointer-sign], [-Wno-pointer-sign])
         OSSH_CHECK_CFLAG_COMPILE([-Wunused-result], [-Wno-unused-result])
         OSSH_CHECK_CFLAG_COMPILE([-fno-strict-aliasing])
@@ -305,6 +310,7 @@ AC_CHECK_HEADERS([ \
         ia.h \
         iaf.h \
         limits.h \
+        locale.h \
         login.h \
         maillock.h \
         ndir.h \
@@ -343,7 +349,6 @@ AC_CHECK_HEADERS([ \
         sys/sysmacros.h \
         sys/time.h \
         sys/timers.h \
-        sys/un.h \
         time.h \
         tmpdir.h \
         ttyent.h \
@@ -381,6 +386,12 @@ AC_CHECK_HEADERS([sys/mount.h], [], [], [
 #include <sys/param.h>
 ])
 
+# Android requires sys/socket.h to be included before sys/un.h
+AC_CHECK_HEADERS([sys/un.h], [], [], [
+#include <sys/types.h>
+#include <sys/socket.h>
+])
+
 # Messages for features tested for in target-specific section
 SIA_MSG="no"
 SPC_MSG="no"
@@ -482,6 +493,10 @@ case "$host" in
         AC_DEFINE([PTY_ZEROREAD], [1], [read(1) can return 0 for a non-closed fd])
         AC_DEFINE([PLATFORM_SYS_DIR_UID], 2, [System dirs owned by bin (uid 2)])
         ;;
+*-*-android*)
+        AC_DEFINE([DISABLE_UTMP], [1], [Define if you don't want to use utmp])
+        AC_DEFINE([DISABLE_WTMP], [1], [Define if you don't want to use wtmp])
+        ;;
 *-*-cygwin*)
         check_for_libcrypt_later=1
         LIBS="$LIBS /usr/lib/textreadmode.o"
@@ -823,6 +838,7 @@ mips-sony-bsd|mips-sony-newsos4)
                         SP_MSG="yes" ], )
                 ],
         )
+        TEST_SHELL=$SHELL       # let configure find us a capable shell
         ;;
 *-*-sunos4*)
         CPPFLAGS="$CPPFLAGS -DSUNOS4"
@@ -866,6 +882,7 @@ mips-sony-bsd|mips-sony-newsos4)
         AC_DEFINE([BROKEN_SETREGID])
         AC_DEFINE([PASSWD_NEEDS_USERNAME], [1], [must supply username to passwd])
         AC_DEFINE([LOCKED_PASSWD_STRING], ["*LK*"])
+        TEST_SHELL=$SHELL       # let configure find us a capable shell
         ;;
 # UnixWare 7.x, OpenUNIX 8
 *-*-sysv5*)
@@ -877,10 +894,10 @@ mips-sony-bsd|mips-sony-newsos4)
         AC_DEFINE([BROKEN_SETREUID])
         AC_DEFINE([BROKEN_SETREGID])
         AC_DEFINE([PASSWD_NEEDS_USERNAME])
+        TEST_SHELL=$SHELL       # let configure find us a capable shell
         case "$host" in
         *-*-sysv5SCO_SV*)       # SCO OpenServer 6.x
                 maildir=/var/spool/mail
-                TEST_SHELL=/u95/bin/sh
                 AC_DEFINE([BROKEN_LIBIAF], [1],
                         [ia_uinfo routines not supported by OS yet])
                 AC_DEFINE([BROKEN_UPDWTMPX])
@@ -921,7 +938,7 @@ mips-sony-bsd|mips-sony-newsos4)
         AC_DEFINE([PASSWD_NEEDS_USERNAME])
         AC_CHECK_FUNCS([getluid setluid])
         MANTYPE=man
-        TEST_SHELL=ksh
+        TEST_SHELL=$SHELL       # let configure find us a capable shell
         SKIP_DISABLE_LASTLOG_DEFINE=yes
         ;;
 *-*-unicosmk*)
@@ -998,9 +1015,6 @@ mips-sony-bsd|mips-sony-newsos4)
 *-*-nto-qnx*)
         AC_DEFINE([USE_PIPES])
         AC_DEFINE([NO_X11_UNIX_SOCKETS])
-        AC_DEFINE([MISSING_NFDBITS], [1], [Define on *nto-qnx systems])
-        AC_DEFINE([MISSING_HOWMANY], [1], [Define on *nto-qnx systems])
-        AC_DEFINE([MISSING_FD_MASK], [1], [Define on *nto-qnx systems])
         AC_DEFINE([DISABLE_LASTLOG])
         AC_DEFINE([SSHD_ACQUIRES_CTTY])
         AC_DEFINE([BROKEN_SHADOW_EXPIRE], [1], [QNX shadow support is broken])
@@ -1021,7 +1035,6 @@ mips-sony-bsd|mips-sony-newsos4)
 
 *-*-lynxos)
         CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
-        AC_DEFINE([MISSING_HOWMANY])
         AC_DEFINE([BROKEN_SETVBUF], [1], [LynxOS has broken setvbuf() implementation])
         ;;
 esac
@@ -1144,6 +1157,7 @@ AC_ARG_WITH([zlib-version-check],
 AC_MSG_CHECKING([for possibly buggy zlib])
 AC_RUN_IFELSE([AC_LANG_PROGRAM([[
 #include <stdio.h>
+#include <stdlib.h>
 #include <zlib.h>
         ]],
         [[
@@ -1193,12 +1207,13 @@ AC_CHECK_FUNCS([utimes],
 dnl    Checks for libutil functions
 AC_CHECK_HEADERS([bsd/libutil.h libutil.h])
 AC_SEARCH_LIBS([fmt_scaled], [util bsd])
+AC_SEARCH_LIBS([scan_scaled], [util bsd])
 AC_SEARCH_LIBS([login], [util bsd])
 AC_SEARCH_LIBS([logout], [util bsd])
 AC_SEARCH_LIBS([logwtmp], [util bsd])
 AC_SEARCH_LIBS([openpty], [util bsd])
 AC_SEARCH_LIBS([updwtmp], [util bsd])
-AC_CHECK_FUNCS([fmt_scaled login logout openpty updwtmp logwtmp])
+AC_CHECK_FUNCS([fmt_scaled scan_scaled login logout openpty updwtmp logwtmp])
 
 AC_FUNC_STRFTIME
 
@@ -1548,6 +1563,7 @@ AC_CHECK_FUNCS([ \
         clock \
         closefrom \
         dirfd \
+        endgrent \
         fchmod \
         fchown \
         freeaddrinfo \
@@ -1572,6 +1588,7 @@ AC_CHECK_FUNCS([ \
         inet_ntop \
         innetgr \
         login_getcapbool \
+        mblen \
         md5_crypt \
         memmove \
         mkdtemp \
@@ -1668,6 +1685,9 @@ const char *gai_strerror(int);
 AC_SEARCH_LIBS([nanosleep], [rt posix4], [AC_DEFINE([HAVE_NANOSLEEP], [1],
         [Some systems put nanosleep outside of libc])])
 
+AC_SEARCH_LIBS([clock_gettime], [rt],
+        [AC_DEFINE([HAVE_CLOCK_GETTIME], [1], [Have clock_gettime])])
+
 dnl Make sure prototypes are defined for these before using them.
 AC_CHECK_DECL([getrusage], [AC_CHECK_FUNCS([getrusage])])
 AC_CHECK_DECL([strsep],
@@ -1719,6 +1739,37 @@ AC_CHECK_DECLS([offsetof], , , [
 #include <stddef.h>
         ])
 
+# extra bits for select(2)
+AC_CHECK_DECLS([howmany, NFDBITS], [], [], [[
+#include <sys/param.h>
+#include <sys/types.h>
+#ifdef HAVE_SYS_SYSMACROS_H
+#include <sys/sysmacros.h>
+#endif
+#ifdef HAVE_SYS_SELECT_H
+#include <sys/select.h>
+#endif
+#ifdef HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+        ]])
+AC_CHECK_TYPES([fd_mask], [], [], [[
+#include <sys/param.h>
+#include <sys/types.h>
+#ifdef HAVE_SYS_SELECT_H
+#include <sys/select.h>
+#endif
+#ifdef HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+        ]])
+
 AC_CHECK_FUNCS([setresuid], [
         dnl Some platorms have setresuid that isn't implemented, test for this
         AC_MSG_CHECKING([if setresuid seems to work])
@@ -2367,6 +2418,8 @@ AC_LINK_IFELSE(
         ],
         [
                 AC_MSG_RESULT([no])
+                unsupported_algorithms="$unsupported_cipers \
+                   aes128-gcm@openssh.com aes256-gcm@openssh.com"
         ]
 )
 
@@ -2404,10 +2457,18 @@ fi
 if test "x$check_for_libcrypt_later" = "x1"; then
         AC_CHECK_LIB([crypt], [crypt], [LIBS="$LIBS -lcrypt"])
 fi
+AC_CHECK_FUNCS([crypt DES_crypt])
 
 # Search for SHA256 support in libc and/or OpenSSL
-AC_CHECK_FUNCS([SHA256_Update EVP_sha256], [TEST_SSH_SHA256=yes],
-    [TEST_SSH_SHA256=no])
+AC_CHECK_FUNCS([SHA256_Update EVP_sha256],
+    [TEST_SSH_SHA256=yes],
+    [TEST_SSH_SHA256=no
+     unsupported_algorithms="$unsupported_algorithms \
+        hmac-sha2-256 hmac-sha2-512 \
+        diffie-hellman-group-exchange-sha256 \
+        hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com"
+     ]
+)
 AC_SUBST([TEST_SSH_SHA256])
 
 # Check complete ECC support in OpenSSL
@@ -2438,6 +2499,12 @@ AC_LINK_IFELSE(
                 AC_MSG_RESULT([no])
                 TEST_SSH_ECC=no
                 COMMENT_OUT_ECC="#no ecc#"
+                unsupported_algorithms="$unsupported_algorithms \
+                    ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 \
+                    ecdsa-sha2-nistp256-cert-v01@openssh.com \
+                    ecdsa-sha2-nistp384-cert-v01@openssh.com \
+                    ecdsa-sha2-nistp521-cert-v01@openssh.com \
+                    ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521"
         ]
 )
 AC_SUBST([TEST_SSH_ECC])
@@ -3325,9 +3392,16 @@ OSSH_CHECK_HEADER_FOR_FIELD([ut_time], [utmpx.h], [HAVE_TIME_IN_UTMPX])
 OSSH_CHECK_HEADER_FOR_FIELD([ut_tv], [utmpx.h], [HAVE_TV_IN_UTMPX])
 
 AC_CHECK_MEMBERS([struct stat.st_blksize])
+AC_CHECK_MEMBERS([struct passwd.pw_gecos, struct passwd.pw_class,
+struct passwd.pw_change, struct passwd.pw_expire],
+[], [], [[
+#include <sys/types.h>
+#include <pwd.h>
+]])
+
 AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE([__res_state], [state],
         [Define if we don't have struct __res_state in resolv.h])],
-[
+[[
 #include <stdio.h>
 #if HAVE_SYS_TYPES_H
 # include <sys/types.h>
@@ -3335,7 +3409,7 @@ AC_CHECK_MEMBER([struct __res_state.retrans], [], [AC_DEFINE([__res_state], [sta
 #include <netinet/in.h>
 #include <arpa/nameser.h>
 #include <resolv.h>
-])
+]])
 
 AC_CACHE_CHECK([for ss_family field in struct sockaddr_storage],
                 ac_cv_have_ss_family_in_struct_ss, [
@@ -3365,45 +3439,6 @@ if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
                 [Fields in struct sockaddr_storage])
 fi
 
-AC_CACHE_CHECK([for pw_class field in struct passwd],
-                ac_cv_have_pw_class_in_struct_passwd, [
-        AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <pwd.h> ]],
-        [[ struct passwd p; p.pw_class = 0; ]])],
-        [ ac_cv_have_pw_class_in_struct_passwd="yes" ],
-        [ ac_cv_have_pw_class_in_struct_passwd="no" 
-        ])
-])
-if test "x$ac_cv_have_pw_class_in_struct_passwd" = "xyes" ; then
-        AC_DEFINE([HAVE_PW_CLASS_IN_PASSWD], [1],
-                [Define if your password has a pw_class field])
-fi
-
-AC_CACHE_CHECK([for pw_expire field in struct passwd],
-                ac_cv_have_pw_expire_in_struct_passwd, [
-        AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <pwd.h> ]],
-        [[ struct passwd p; p.pw_expire = 0; ]])],
-        [ ac_cv_have_pw_expire_in_struct_passwd="yes" ],
-        [ ac_cv_have_pw_expire_in_struct_passwd="no" 
-        ])
-])
-if test "x$ac_cv_have_pw_expire_in_struct_passwd" = "xyes" ; then
-        AC_DEFINE([HAVE_PW_EXPIRE_IN_PASSWD], [1],
-                [Define if your password has a pw_expire field])
-fi
-
-AC_CACHE_CHECK([for pw_change field in struct passwd],
-                ac_cv_have_pw_change_in_struct_passwd, [
-        AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <pwd.h> ]],
-        [[ struct passwd p; p.pw_change = 0; ]])],
-        [ ac_cv_have_pw_change_in_struct_passwd="yes" ],
-        [ ac_cv_have_pw_change_in_struct_passwd="no" 
-        ])
-])
-if test "x$ac_cv_have_pw_change_in_struct_passwd" = "xyes" ; then
-        AC_DEFINE([HAVE_PW_CHANGE_IN_PASSWD], [1],
-                [Define if your password has a pw_change field])
-fi
-
 dnl make sure we're using the real structure members and not defines
 AC_CACHE_CHECK([for msg_accrights field in struct msghdr],
                 ac_cv_have_accrights_in_msghdr, [
@@ -3795,6 +3830,11 @@ AC_ARG_WITH([kerberos5],
 # include <gssapi/gssapi_generic.h>
 #endif
                 ]])
+                saved_LIBS="$LIBS"
+                LIBS="$LIBS $K5LIBS"
+                AC_CHECK_FUNCS([krb5_cc_new_unique krb5_get_error_message krb5_free_error_message])
+                LIBS="$saved_LIBS"
+
         fi
         ]
 )
@@ -4569,6 +4609,7 @@ else
 fi
 AC_CHECK_DECL([BROKEN_GETADDRINFO],  [TEST_SSH_IPV6=no])
 AC_SUBST([TEST_SSH_IPV6], [$TEST_SSH_IPV6])
+AC_SUBST([UNSUPPORTED_ALGORITHMS], [$unsupported_algorithms])
 
 AC_EXEEXT
 AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
diff --git a/contrib/caldera/openssh.spec b/contrib/caldera/openssh.spec
index ca34bd23a..b460bfff0 100644
--- a/contrib/caldera/openssh.spec
+++ b/contrib/caldera/openssh.spec
@@ -16,7 +16,7 @@
 
 #old cvs stuff.  please update before use.  may be deprecated.
 %define use_stable      1
-%define version         6.2p2
+%define version         6.3p1
 %if %{use_stable}
   %define cvs           %{nil}
   %define release       1
@@ -363,4 +363,4 @@ fi
 * Mon Jan 01 1998 ...
 Template Version: 1.31
 
-$Id: openssh.spec,v 1.79.2.1 2013/05/10 06:02:21 djm Exp $
+$Id: openssh.spec,v 1.80 2013/07/25 02:34:00 djm Exp $
diff --git a/contrib/cygwin/README b/contrib/cygwin/README
index 5f911e924..2562b6186 100644
--- a/contrib/cygwin/README
+++ b/contrib/cygwin/README
@@ -4,115 +4,18 @@ The binary package is usually built for recent Cygwin versions and might
 not run on older versions.  Please check http://cygwin.com/ for information
 about current Cygwin releases.
 
-Build instructions are at the end of the file.
-
-===========================================================================
-Important change since 3.7.1p2-2:
-
-The ssh-host-config file doesn't create the /etc/ssh_config and
-/etc/sshd_config files from builtin here-scripts anymore, but it uses
-skeleton files installed in /etc/defaults/etc.
-
-Also it now tries hard to create appropriate permissions on files.
-Same applies for ssh-user-config.
-
-After creating the sshd service with ssh-host-config, it's advisable to
-call ssh-user-config for all affected users, also already exising user
-configurations.  In the latter case, file and directory permissions are
-checked and changed, if requireed to match the host configuration.
-
-Important note for Windows 2003 Server users:
----------------------------------------------
-
-2003 Server has a funny new feature.  When starting services under SYSTEM
-account, these services have nearly all user rights which SYSTEM holds...
-except for the "Create a token object" right, which is needed to allow
-public key authentication :-(
-
-There's no way around this, except for creating a substitute account which
-has the appropriate privileges.  Basically, this account should be member
-of the administrators group, plus it should have the following user rights:
-
-        Create a token object
-        Logon as a service
-        Replace a process level token
-        Increase Quota
-
-The ssh-host-config script asks you, if it should create such an account,
-called "sshd_server".  If you say "no" here, you're on your own.  Please
-follow the instruction in ssh-host-config exactly if possible.  Note that
-ssh-user-config sets the permissions on 2003 Server machines dependent of
-whether a sshd_server account exists or not.
-===========================================================================
-
-===========================================================================
-Important change since 3.4p1-2:
-
-This version adds privilege separation as default setting, see
-/usr/doc/openssh/README.privsep.  According to that document the
-privsep feature requires a non-privileged account called 'sshd'.
-
-The new ssh-host-config file which is part of this version asks
-to create 'sshd' as local user if you want to use privilege
-separation.  If you confirm, it creates that NT user and adds
-the necessary entry to /etc/passwd.
-
-On 9x/Me systems the script just sets UsePrivilegeSeparation to "no"
-since that feature doesn't make any sense on a system which doesn't
-differ between privileged and unprivileged users.
-
-The new ssh-host-config script also adds the /var/empty directory
-needed by privilege separation.  When creating the /var/empty directory
-by yourself, please note that in contrast to the README.privsep document
-the owner sshould not be "root" but the user which is running sshd.  So,
-in the standard configuration this is SYSTEM.  The ssh-host-config script
-chowns /var/empty accordingly.
-===========================================================================
-
-===========================================================================
-Important change since 3.0.1p1-2:
-
-This version introduces the ability to register sshd as service on
-Windows 9x/Me systems.  This is done only when the options -D and/or
--d are not given.
-===========================================================================
-
-===========================================================================
-Important change since 2.9p2:
-
-Since Cygwin is able to switch user context without password beginning
-with version 1.3.2, OpenSSH now allows to do so when it's running under
-a version >= 1.3.2. Keep in mind that `ntsec' has to be activated to
-allow that feature.
-===========================================================================
-
-===========================================================================
-Important change since 2.3.0p1:
-
-When using `ntea' or `ntsec' you now have to care for the ownership
-and permission bits of your host key files and your private key files.
-The host key files have to be owned by the NT account which starts
-sshd. The user key files have to be owned by the user. The permission
-bits of the private key files (host and user) have to be at least
-rw------- (0600)!
-
-Note that this is forced under `ntsec' only if the files are on a NTFS
-filesystem (which is recommended) due to the lack of any basic security
-features of the FAT/FAT32 filesystems.
-===========================================================================
+==================
+Host configuration
+==================
 
 If you are installing OpenSSH the first time, you can generate global config
-files and server keys by running
+files and server keys, as well as installing sshd as a service, by running
 
    /usr/bin/ssh-host-config
 
 Note that this binary archive doesn't contain default config files in /etc.
 That files are only created if ssh-host-config is started.
 
-If you are updating your installation you may run the above ssh-host-config
-as well to move your configuration files to the new location and to
-erase the files at the old location.
-
 To support testing and unattended installation ssh-host-config got
 some options:
 
@@ -123,16 +26,25 @@ Options:
     --no     -n            Answer all questions with "no" automatically.
     --cygwin -c <options>  Use "options" as value for CYGWIN environment var.
     --port   -p <n>        sshd listens on port n.
-    --pwd    -w <passwd>   Use "pwd" as password for user 'sshd_server'.
+    --user   -u <account>  privileged user for service, default 'cyg_server'.
+    --pwd    -w <passwd>   Use "pwd" as password for privileged user.
+    --privileged           On Windows XP, require privileged user
+                           instead of LocalSystem for sshd service.
 
-Additionally ssh-host-config now asks if it should install sshd as a
-service when running under NT/W2K. This requires cygrunsrv installed.
+Installing sshd as daemon via ssh-host-config is recommended.
 
-You can create the private and public keys for a user now by running
+Alternatively you can start sshd via inetd, if you have the inetutils
+package installed.  Just run ssh-host-config, but answer "no" when asked
+to install sshd as service.  The ssh-host-config script also adds the
+required lines to /etc/inetd.conf and /etc/services.
 
-  /usr/bin/ssh-user-config
+==================
+User configuration
+==================
+
+Any user can simplify creating the own private and public keys by running
 
-under the users account.
+  /usr/bin/ssh-user-config
 
 To support testing and unattended installation ssh-user-config got
 some options as well:
@@ -144,88 +56,30 @@ Options:
     --no         -n        Answer all questions with "no" automatically.
     --passphrase -p word   Use "word" as passphrase automatically.
 
-Install sshd as daemon via cygrunsrv.exe (recommended on NT/W2K), via inetd
-(results in very slow deamon startup!) or from the command line (recommended
-on 9X/ME).
-
-If you start sshd as deamon via cygrunsrv.exe you MUST give the
-"-D" option to sshd. Otherwise the service can't get started at all.
-
-If starting via inetd, copy sshd to eg. /usr/sbin/in.sshd and add the
-following line to your inetd.conf file:
-
-ssh stream tcp nowait root /usr/sbin/in.sshd sshd -i
-
-Moreover you'll have to add the following line to your
-${SYSTEMROOT}/system32/drivers/etc/services file:
-
-   ssh         22/tcp          #SSH daemon
-
 Please note that OpenSSH does never use the value of $HOME to
 search for the users configuration files! It always uses the
 value of the pw_dir field in /etc/passwd as the home directory.
 If no home diretory is set in /etc/passwd, the root directory
 is used instead!
 
-You may use all features of the CYGWIN=ntsec setting the same
-way as they are used by Cygwin's login(1) port:
-
-  The pw_gecos field may contain an additional field, that begins
-  with (upper case!) "U-", followed by the domain and the username
-  separated by a backslash.
-  CAUTION: The SID _must_ remain the _last_ field in pw_gecos!
-  BTW: The field separator in pw_gecos is the comma.
-  The username in pw_name itself may be any nice name:
-
-    domuser::1104:513:John Doe,U-domain\user,S-1-5-21-...
-
-  Now you may use `domuser' as your login name with telnet!
-  This is possible additionally for local users, if you don't like
-  your NT login name ;-) You only have to leave out the domain:
-
-    locuser::1104:513:John Doe,U-user,S-1-5-21-...
-
-Note that the CYGWIN=ntsec setting is required for public key authentication.
-
-SSH2 server and user keys are generated by the `ssh-*-config' scripts
-as well.
-
-If you want to build from source, the following options to
-configure are used for the Cygwin binary distribution:
-
-        --prefix=/usr \
-        --sysconfdir=/etc \
-        --libexecdir='${sbindir}' \
-        --localstatedir=/var \
-        --datadir='${prefix}/share' \
-        --mandir='${datadir}/man' \
-        --infodir='${datadir}/info'
-        --with-tcp-wrappers
-        --with-libedit
-
-If you want to create a Cygwin package, equivalent to the one
-in the Cygwin binary distribution, install like this:
-
-        mkdir /tmp/cygwin-ssh
-        cd ${builddir}
-        make install DESTDIR=/tmp/cygwin-ssh
-        cd ${srcdir}/contrib/cygwin
-        make cygwin-postinstall DESTDIR=/tmp/cygwin-ssh
-        cd /tmp/cygwin-ssh
-        find * \! -type d | tar cvjfT my-openssh.tar.bz2 -
-
-You must have installed the following packages to be able to build OpenSSH:
-
-- zlib
-- openssl-devel
+================
+Building OpenSSH
+================
 
-If you want to build with --with-tcp-wrappers, you also need the package
+Building from source is easy.  Just unpack the source archive, cd to that
+directory, and call cygport:
 
-- tcp_wrappers
+        cygport openssh.cygport almostall
 
-If you want to build with --with-libedit, you also need the package
+You must have installed the following packages to be able to build OpenSSH
+with the aforementioned cygport script:
 
-- libedit-devel
+  zlib
+  crypt
+  openssl-devel
+  libwrap-devel
+  libedit-devel
+  libkrb5-devel
 
 Please send requests, error reports etc. to cygwin@cygwin.com.
 
diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config
index 3c9046f5f..c542d5cb6 100644
--- a/contrib/cygwin/ssh-host-config
+++ b/contrib/cygwin/ssh-host-config
@@ -606,9 +606,9 @@ do
     echo "  --no     -n            Answer all questions with \"no\" automatically."
     echo "  --cygwin -c <options>  Use \"options\" as value for CYGWIN environment var."
     echo "  --port   -p <n>        sshd listens on port n."
-    echo "  --user   -u <account>  privileged user for service."
+    echo "  --user   -u <account>  privileged user for service, default 'cyg_server'."
     echo "  --pwd    -w <passwd>   Use \"pwd\" as password for privileged user."
-    echo "  --privileged           On Windows NT/2k/XP, require privileged user"
+    echo "  --privileged           On Windows XP, require privileged user"
     echo "                         instead of LocalSystem for sshd service."
     echo
     exit 1
diff --git a/contrib/cygwin/ssh-user-config b/contrib/cygwin/ssh-user-config
index 027ae6032..8708b7a58 100644
--- a/contrib/cygwin/ssh-user-config
+++ b/contrib/cygwin/ssh-user-config
@@ -222,10 +222,6 @@ do
     shift
     ;;
 
-  --privileged )
-    csih_FORCE_PRIVILEGED_USER=yes
-    ;;
-
   *)
     echo "usage: ${PROGNAME} [OPTION]..."
     echo
@@ -236,8 +232,6 @@ do
     echo "    --yes        -y        Answer all questions with \"yes\" automatically."
     echo "    --no         -n        Answer all questions with \"no\" automatically."
     echo "    --passphrase -p word   Use \"word\" as passphrase automatically."
-    echo "    --privileged           On Windows NT/2k/XP, assume privileged user"
-    echo "                           instead of LocalSystem for sshd service."
     echo
     exit 1
     ;;
diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec
index cd5378ed2..d1191f4e1 100644
--- a/contrib/redhat/openssh.spec
+++ b/contrib/redhat/openssh.spec
@@ -1,4 +1,4 @@
-%define ver 6.2p2
+%define ver 6.3p1
 %define rel 1
 
 # OpenSSH privilege separation requires a user & group ID
diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec
index bb9e50bd9..2866039d1 100644
--- a/contrib/suse/openssh.spec
+++ b/contrib/suse/openssh.spec
@@ -13,7 +13,7 @@
 
 Summary:        OpenSSH, a free Secure Shell (SSH) protocol implementation
 Name:           openssh
-Version:        6.2p2
+Version:        6.3p1
 URL:            http://www.openssh.com/
 Release:        1
 Source0:        openssh-%{version}.tar.gz
diff --git a/debian/changelog b/debian/changelog
index 9ed26d33d..a7359c9c5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,16 @@
-openssh (1:6.2p2-7) UNRELEASED; urgency=low
-
+openssh (1:6.3p1-1) UNRELEASED; urgency=low
+
+  * New upstream release (http://www.openssh.com/txt/release-6.3).
+    - sftp(1): add support for resuming partial downloads using the "reget"
+      command and on the sftp commandline or on the "get" commandline using
+      the "-a" (append) option (closes: #158590).
+    - ssh(1): add an "IgnoreUnknown" configuration option to selectively
+      suppress errors arising from unknown configuration directives (closes:
+      #436052).
+    - sftp(1): update progressmeter when data is acknowledged, not when it's
+      sent (partially addresses #708372).
+    - ssh(1): do not fatally exit when attempting to cleanup multiplexing-
+      created channels that are incompletely opened (closes: #651357).
   * When running under Upstart, only consider the daemon started once it is
     ready to accept connections (by raising SIGSTOP at that point and using
     "expect stop").
diff --git a/debian/patches/auth-log-verbosity.patch b/debian/patches/auth-log-verbosity.patch
index 206967bc9..a6a842ecd 100644
--- a/debian/patches/auth-log-verbosity.patch
+++ b/debian/patches/auth-log-verbosity.patch
@@ -2,7 +2,7 @@ Description: Quieten logs when multiple from= restrictions are used
 Author: Colin Watson <cjwatson@debian.org>
 Bug-Debian: http://bugs.debian.org/630606
 Forwarded: no
-Last-Update: 2013-05-07
+Last-Update: 2013-09-14
 
 Index: b/auth-options.c
 ===================================================================
@@ -32,7 +32,7 @@ Index: b/auth-options.c
 @@ -288,10 +299,13 @@
                                 /* FALLTHROUGH */
                         case 0:
-                                xfree(patterns);
+                                free(patterns);
 -                               logit("Authentication tried for %.100s with "
 -                                   "correct key but not from a permitted "
 -                                   "host (host=%.200s, ip=%.200s).",
@@ -47,7 +47,7 @@ Index: b/auth-options.c
                                 auth_debug_add("Your host '%.200s' is not "
                                     "permitted to use this key for login.",
                                     remote_host);
-@@ -512,11 +526,14 @@
+@@ -513,11 +527,14 @@
                                         break;
                                 case 0:
                                         /* no match */
@@ -83,7 +83,7 @@ Index: b/auth-rsa.c
 ===================================================================
 --- a/auth-rsa.c
 +++ b/auth-rsa.c
-@@ -175,6 +175,8 @@
+@@ -174,6 +174,8 @@
         if ((f = auth_openkeyfile(file, pw, options.strict_modes)) == NULL)
                 return 0;
  
@@ -96,7 +96,7 @@ Index: b/auth2-pubkey.c
 ===================================================================
 --- a/auth2-pubkey.c
 +++ b/auth2-pubkey.c
-@@ -217,6 +217,7 @@
+@@ -257,6 +257,7 @@
                 restore_uid();
                 return 0;
         }
@@ -104,16 +104,15 @@ Index: b/auth2-pubkey.c
         while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
                 /* Skip leading whitespace. */
                 for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
-@@ -278,6 +279,8 @@
+@@ -318,6 +319,7 @@
         found_key = 0;
-        found = key_new(key_is_cert(key) ? KEY_UNSPEC : key->type);
  
+        found = NULL;
 +       auth_start_parse_options();
-+
         while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
                 char *cp, *key_options = NULL;
- 
-@@ -412,6 +415,7 @@
+                if (found != NULL)
+@@ -453,6 +455,7 @@
         if (key_cert_check_authority(key, 0, 1,
             principals_file == NULL ? pw->pw_name : NULL, &reason) != 0)
                 goto fail_reason;
diff --git a/debian/patches/authorized-keys-man-symlink.patch b/debian/patches/authorized-keys-man-symlink.patch
index c6a4b64c6..e48a3cb3e 100644
--- a/debian/patches/authorized-keys-man-symlink.patch
+++ b/debian/patches/authorized-keys-man-symlink.patch
@@ -2,13 +2,13 @@ Description: Install authorized_keys(5) as a symlink to sshd(8)
 Author: Tomas Pospisek <tpo_deb@sourcepole.ch>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1720
 Bug-Debian: http://bugs.debian.org/441817
-Last-Update: 2013-05-07
+Last-Update: 2013-09-14
 
 Index: b/Makefile.in
 ===================================================================
 --- a/Makefile.in
 +++ b/Makefile.in
-@@ -286,6 +286,7 @@
+@@ -289,6 +289,7 @@
         $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
         $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5
         $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
diff --git a/debian/patches/consolekit.patch b/debian/patches/consolekit.patch
index 36b3805b9..fd064a848 100644
--- a/debian/patches/consolekit.patch
+++ b/debian/patches/consolekit.patch
@@ -1,7 +1,7 @@
 Description: Add support for registering ConsoleKit sessions on login
 Author: Colin Watson <cjwatson@ubuntu.com>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1450
-Last-Updated: 2013-05-13
+Last-Updated: 2013-09-14
 
 Index: b/Makefile.in
 ===================================================================
@@ -21,7 +21,7 @@ Index: b/configure.ac
 ===================================================================
 --- a/configure.ac
 +++ b/configure.ac
-@@ -3801,6 +3801,30 @@
+@@ -3841,6 +3841,30 @@
  AC_SUBST([GSSLIBS])
  AC_SUBST([K5LIBS])
  
@@ -52,7 +52,7 @@ Index: b/configure.ac
  # Looking for programs, paths and files
  
  PRIVSEP_PATH=/var/empty
-@@ -4600,6 +4624,7 @@
+@@ -4641,6 +4665,7 @@
  echo "                   libedit support: $LIBEDIT_MSG"
  echo "  Solaris process contract support: $SPC_MSG"
  echo "           Solaris project support: $SP_MSG"
@@ -64,7 +64,7 @@ Index: b/configure
 ===================================================================
 --- a/configure
 +++ b/configure
-@@ -737,6 +737,7 @@
+@@ -738,6 +738,7 @@
  with_sandbox
  with_selinux
  with_kerberos5
@@ -72,7 +72,7 @@ Index: b/configure
  with_privsep_path
  with_xauth
  enable_strip
-@@ -1427,6 +1428,7 @@
+@@ -1428,6 +1429,7 @@
    --with-sandbox=style    Specify privilege separation sandbox (no, darwin, rlimit, systrace, seccomp_filter)
    --with-selinux          Enable SELinux support
    --with-kerberos5=PATH   Enable Kerberos 5 support
@@ -80,7 +80,7 @@ Index: b/configure
    --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)
    --with-xauth=PATH       Specify path to xauth program
    --with-maildir=/path/to/mail    Specify your system mail directory
-@@ -16002,6 +16004,135 @@
+@@ -16375,6 +16377,135 @@
  
  
  
@@ -216,7 +216,7 @@ Index: b/configure
  # Looking for programs, paths and files
  
  PRIVSEP_PATH=/var/empty
-@@ -18527,6 +18658,7 @@
+@@ -18902,6 +19033,7 @@
  echo "                   libedit support: $LIBEDIT_MSG"
  echo "  Solaris process contract support: $SPC_MSG"
  echo "           Solaris project support: $SP_MSG"
@@ -502,17 +502,17 @@ Index: b/monitor.c
 ===================================================================
 --- a/monitor.c
 +++ b/monitor.c
-@@ -97,6 +97,9 @@
- #include "ssh2.h"
+@@ -98,6 +98,9 @@
  #include "jpake.h"
  #include "roaming.h"
+ #include "authfd.h"
 +#ifdef USE_CONSOLEKIT
 +#include "consolekit.h"
 +#endif
  
  #ifdef GSSAPI
  static Gssctxt *gsscontext = NULL;
-@@ -192,6 +195,10 @@
+@@ -193,6 +196,10 @@
  
  static int monitor_read_log(struct monitor *);
  
@@ -523,7 +523,7 @@ Index: b/monitor.c
  static Authctxt *authctxt;
  static BIGNUM *ssh1_challenge = NULL;  /* used for ssh1 rsa auth */
  
-@@ -284,6 +291,9 @@
+@@ -285,6 +292,9 @@
      {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},
      {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT, mm_answer_audit_command},
  #endif
@@ -533,7 +533,7 @@ Index: b/monitor.c
      {0, 0, NULL}
  };
  
-@@ -326,6 +336,9 @@
+@@ -327,6 +337,9 @@
      {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},
      {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT|MON_ONCE, mm_answer_audit_command},
  #endif
@@ -553,7 +553,7 @@ Index: b/monitor.c
  
         for (;;)
                 monitor_read(pmonitor, mon_dispatch, NULL);
-@@ -2472,3 +2488,31 @@
+@@ -2492,3 +2508,30 @@
  }
  
  #endif /* JPAKE */
@@ -577,10 +577,9 @@ Index: b/monitor.c
 +       buffer_put_cstring(m, cookie != NULL ? cookie : "");
 +       mm_request_send(sock, MONITOR_ANS_CONSOLEKIT_REGISTER, m);
 +
-+       if (cookie != NULL)
-+               xfree(cookie);
-+       xfree(display);
-+       xfree(tty);
++       free(cookie);
++       free(display);
++       free(tty);
 +
 +       return (0);
 +}
@@ -602,7 +601,7 @@ Index: b/monitor_wrap.c
 ===================================================================
 --- a/monitor_wrap.c
 +++ b/monitor_wrap.c
-@@ -1514,3 +1514,34 @@
+@@ -1516,3 +1516,34 @@
         return success;
  }
  #endif /* JPAKE */
@@ -631,7 +630,7 @@ Index: b/monitor_wrap.c
 +
 +       /* treat empty cookie as missing cookie */
 +       if (strlen(cookie) == 0) {
-+               xfree(cookie);
++               free(cookie);
 +               cookie = NULL;
 +       }
 +       return (cookie);
@@ -654,7 +653,7 @@ Index: b/session.c
 ===================================================================
 --- a/session.c
 +++ b/session.c
-@@ -91,6 +91,7 @@
+@@ -92,6 +92,7 @@
  #include "kex.h"
  #include "monitor_wrap.h"
  #include "sftp.h"
@@ -684,7 +683,7 @@ Index: b/session.c
  #ifdef USE_PAM
         /*
          * Pull in any environment variables that may have
-@@ -2308,6 +2317,10 @@
+@@ -2320,6 +2329,10 @@
  
         debug("session_pty_cleanup: session %d release %s", s->self, s->tty);
  
diff --git a/debian/patches/debian-banner.patch b/debian/patches/debian-banner.patch
index d96f2cc59..981cdd697 100644
--- a/debian/patches/debian-banner.patch
+++ b/debian/patches/debian-banner.patch
@@ -4,13 +4,13 @@ Description: Add DebianBanner server configuration option
 Author: Kees Cook <kees@debian.org>
 Bug-Debian: http://bugs.debian.org/562048
 Forwarded: not-needed
-Last-Update: 2013-05-07
+Last-Update: 2013-09-14
 
 Index: b/servconf.c
 ===================================================================
 --- a/servconf.c
 +++ b/servconf.c
-@@ -150,6 +150,7 @@
+@@ -157,6 +157,7 @@
         options->ip_qos_interactive = -1;
         options->ip_qos_bulk = -1;
         options->version_addendum = NULL;
@@ -18,7 +18,7 @@ Index: b/servconf.c
  }
  
  void
-@@ -299,6 +300,8 @@
+@@ -310,6 +311,8 @@
                 options->ip_qos_bulk = IPTOS_THROUGHPUT;
         if (options->version_addendum == NULL)
                 options->version_addendum = xstrdup("");
@@ -27,15 +27,15 @@ Index: b/servconf.c
         /* Turn privilege separation on by default */
         if (use_privsep == -1)
                 use_privsep = PRIVSEP_NOSANDBOX;
-@@ -349,6 +352,7 @@
+@@ -360,6 +363,7 @@
         sKexAlgorithms, sIPQoS, sVersionAddendum,
         sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,
-        sAuthenticationMethods,
+        sAuthenticationMethods, sHostKeyAgent,
 +       sDebianBanner,
         sDeprecated, sUnsupported
  } ServerOpCodes;
  
-@@ -488,6 +492,7 @@
+@@ -501,6 +505,7 @@
         { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL },
         { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL },
         { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL },
@@ -43,7 +43,7 @@ Index: b/servconf.c
         { NULL, sBadOption, 0 }
  };
  
-@@ -1593,6 +1598,10 @@
+@@ -1648,6 +1653,10 @@
                 }
                 return 0;
  
@@ -58,7 +58,7 @@ Index: b/servconf.h
 ===================================================================
 --- a/servconf.h
 +++ b/servconf.h
-@@ -184,6 +184,8 @@
+@@ -188,6 +188,8 @@
  
         u_int   num_auth_methods;
         char   *auth_methods[MAX_AUTH_METHODS];
@@ -71,7 +71,7 @@ Index: b/sshd.c
 ===================================================================
 --- a/sshd.c
 +++ b/sshd.c
-@@ -434,7 +434,8 @@
+@@ -440,7 +440,8 @@
         }
  
         xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s%s",
@@ -85,7 +85,7 @@ Index: b/sshd_config.5
 ===================================================================
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -397,6 +397,11 @@
+@@ -404,6 +404,11 @@
  .Dq no .
  The default is
  .Dq delayed .
diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch
index 45a8364ca..d005bdc2e 100644
--- a/debian/patches/debian-config.patch
+++ b/debian/patches/debian-config.patch
@@ -18,13 +18,13 @@ Description: Various Debian-specific configuration changes
 Author: Colin Watson <cjwatson@debian.org>
 Author: Russ Allbery <rra@debian.org>
 Forwarded: not-needed
-Last-Update: 2013-05-16
+Last-Update: 2013-09-14
 
 Index: b/readconf.c
 ===================================================================
 --- a/readconf.c
 +++ b/readconf.c
-@@ -1288,7 +1288,7 @@
+@@ -1298,7 +1298,7 @@
         if (options->forward_x11 == -1)
                 options->forward_x11 = 0;
         if (options->forward_x11_trusted == -1)
@@ -49,10 +49,10 @@ Index: b/ssh_config
  #   RhostsRSAAuthentication no
  #   RSAAuthentication yes
  #   PasswordAuthentication yes
-@@ -47,3 +48,7 @@
- #   PermitLocalCommand no
+@@ -48,3 +49,7 @@
  #   VisualHostKey no
  #   ProxyCommand ssh -q -W %h:%p gateway.example.com
+ #   RekeyLimit 1G 1h
 +    SendEnv LANG LC_*
 +    HashKnownHosts yes
 +    GSSAPIAuthentication yes
@@ -84,7 +84,7 @@ Index: b/ssh_config.5
  The configuration file has the following format:
  .Pp
  Empty lines and lines starting with
-@@ -502,7 +518,8 @@
+@@ -501,7 +517,8 @@
  Remote clients will be refused access after this time.
  .Pp
  The default is
@@ -98,7 +98,7 @@ Index: b/sshd_config
 ===================================================================
 --- a/sshd_config
 +++ b/sshd_config
-@@ -37,6 +37,7 @@
+@@ -40,6 +40,7 @@
  # Authentication:
  
  #LoginGraceTime 2m
diff --git a/debian/patches/doc-hash-tab-completion.patch b/debian/patches/doc-hash-tab-completion.patch
index 25201a7d4..4c197323c 100644
--- a/debian/patches/doc-hash-tab-completion.patch
+++ b/debian/patches/doc-hash-tab-completion.patch
@@ -2,13 +2,13 @@ Description: Document that HashKnownHosts may break tab-completion
 Author: Colin Watson <cjwatson@debian.org>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1727
 Bug-Debian: http://bugs.debian.org/430154
-Last-Update: 2013-05-07
+Last-Update: 2013-09-14
 
 Index: b/ssh_config.5
 ===================================================================
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -588,6 +588,9 @@
+@@ -587,6 +587,9 @@
  will not be converted automatically,
  but may be manually hashed using
  .Xr ssh-keygen 1 .
diff --git a/debian/patches/doc-upstart.patch b/debian/patches/doc-upstart.patch
index 5f35ac0c8..a471f9c4c 100644
--- a/debian/patches/doc-upstart.patch
+++ b/debian/patches/doc-upstart.patch
@@ -1,13 +1,13 @@
 Description: Refer to ssh's Upstart job as well as its init script
 Author: Colin Watson <cjwatson@ubuntu.com>
 Forwarded: not-needed
-Last-Update: 2012-11-26
+Last-Update: 2013-09-14
 
 Index: b/sshd.8
 ===================================================================
 --- a/sshd.8
 +++ b/sshd.8
-@@ -69,7 +69,10 @@
+@@ -70,7 +70,10 @@
  .Nm
  listens for connections from clients.
  It is normally started at boot from
diff --git a/debian/patches/gssapi.patch b/debian/patches/gssapi.patch
index 416e2f16c..85c6722f0 100644
--- a/debian/patches/gssapi.patch
+++ b/debian/patches/gssapi.patch
@@ -13,7 +13,7 @@ Description: GSSAPI key exchange support
  security history.
 Author: Simon Wilkinson <simon@sxw.org.uk>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242
-Last-Updated: 2013-05-16
+Last-Updated: 2013-09-14
 
 Index: b/ChangeLog.gssapi
 ===================================================================
@@ -158,7 +158,7 @@ Index: b/auth-krb5.c
 ===================================================================
 --- a/auth-krb5.c
 +++ b/auth-krb5.c
-@@ -170,8 +170,13 @@
+@@ -181,8 +181,13 @@
  
         len = strlen(authctxt->krb5_ticket_file) + 6;
         authctxt->krb5_ccname = xmalloc(len);
@@ -172,7 +172,7 @@ Index: b/auth-krb5.c
  
  #ifdef USE_PAM
         if (options.use_pam)
-@@ -226,15 +231,22 @@
+@@ -239,15 +244,22 @@
  #ifndef HEIMDAL
  krb5_error_code
  ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) {
@@ -197,7 +197,7 @@ Index: b/auth-krb5.c
         old_umask = umask(0177);
         tmpfd = mkstemp(ccname + strlen("FILE:"));
         oerrno = errno;
-@@ -251,6 +263,7 @@
+@@ -264,6 +276,7 @@
                 return oerrno;
         }
         close(tmpfd);
@@ -210,7 +210,7 @@ Index: b/auth2-gss.c
 --- a/auth2-gss.c
 +++ b/auth2-gss.c
 @@ -1,7 +1,7 @@
- /* $OpenBSD: auth2-gss.c,v 1.18 2012/12/02 20:34:09 djm Exp $ */
+ /* $OpenBSD: auth2-gss.c,v 1.20 2013/05/17 00:13:13 djm Exp $ */
  
  /*
 - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -251,7 +251,7 @@ Index: b/auth2-gss.c
 +                   authctxt->pw));
 +       
 +       buffer_free(&b);
-+       xfree(mic.value);
++       free(mic.value);
 +
 +       return (authenticated);
 +}
@@ -259,7 +259,7 @@ Index: b/auth2-gss.c
  /*
   * We only support those mechanisms that we know about (ie ones that we know
   * how to check local user kuserok and the like)
-@@ -244,7 +278,8 @@
+@@ -240,7 +274,8 @@
  
         packet_check_eom();
  
@@ -269,7 +269,7 @@ Index: b/auth2-gss.c
  
         authctxt->postponed = 0;
         dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
-@@ -279,7 +314,8 @@
+@@ -275,7 +310,8 @@
         gssbuf.length = buffer_len(&b);
  
         if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic))))
@@ -279,7 +279,7 @@ Index: b/auth2-gss.c
         else
                 logit("GSSAPI MIC check failed");
  
-@@ -294,6 +330,12 @@
+@@ -290,6 +326,12 @@
         userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL);
  }
  
@@ -327,7 +327,7 @@ Index: b/clientloop.c
  /* import options */
  extern Options options;
  
-@@ -1599,6 +1603,15 @@
+@@ -1608,6 +1612,15 @@
                 /* Do channel operations unless rekeying in progress. */
                 if (!rekeying) {
                         channel_after_select(readset, writeset);
@@ -347,7 +347,7 @@ Index: b/config.h.in
 ===================================================================
 --- a/config.h.in
 +++ b/config.h.in
-@@ -1511,6 +1511,9 @@
+@@ -1546,6 +1546,9 @@
  /* Use btmp to log bad logins */
  #undef USE_BTMP
  
@@ -357,7 +357,7 @@ Index: b/config.h.in
  /* Use libedit for sftp */
  #undef USE_LIBEDIT
  
-@@ -1526,6 +1529,9 @@
+@@ -1561,6 +1564,9 @@
  /* Use PIPES instead of a socketpair() */
  #undef USE_PIPES
  
@@ -371,7 +371,7 @@ Index: b/configure
 ===================================================================
 --- a/configure
 +++ b/configure
-@@ -6588,6 +6588,63 @@
+@@ -6780,6 +6780,63 @@
  
  $as_echo "#define SSH_TUN_PREPEND_AF 1" >>confdefs.h
  
@@ -439,7 +439,7 @@ Index: b/configure.ac
 ===================================================================
 --- a/configure.ac
 +++ b/configure.ac
-@@ -533,6 +533,30 @@
+@@ -548,6 +548,30 @@
             [Use tunnel device compatibility to OpenBSD])
         AC_DEFINE([SSH_TUN_PREPEND_AF], [1],
             [Prepend the address family to IP tunnel traffic])
@@ -475,7 +475,7 @@ Index: b/gss-genr.c
 --- a/gss-genr.c
 +++ b/gss-genr.c
 @@ -1,7 +1,7 @@
- /* $OpenBSD: gss-genr.c,v 1.20 2009/06/22 05:39:28 dtucker Exp $ */
+ /* $OpenBSD: gss-genr.c,v 1.21 2013/05/17 00:13:13 djm Exp $ */
  
  /*
 - * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
@@ -549,8 +549,8 @@ Index: b/gss-genr.c
 +
 +       if (gss_enc2oid != NULL) {
 +               for (i = 0; gss_enc2oid[i].encoded != NULL; i++)
-+                       xfree(gss_enc2oid[i].encoded);
-+               xfree(gss_enc2oid);
++                       free(gss_enc2oid[i].encoded);
++               free(gss_enc2oid);
 +       }
 +
 +       gss_enc2oid = xmalloc(sizeof(ssh_gss_kex_mapping) *
@@ -607,7 +607,7 @@ Index: b/gss-genr.c
 +       buffer_free(&buf);
 +
 +       if (strlen(mechs) == 0) {
-+               xfree(mechs);
++               free(mechs);
 +               mechs = NULL;
 +       }
 +       
@@ -826,7 +826,7 @@ Index: b/gss-serv-krb5.c
 --- a/gss-serv-krb5.c
 +++ b/gss-serv-krb5.c
 @@ -1,7 +1,7 @@
- /* $OpenBSD: gss-serv-krb5.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */
+ /* $OpenBSD: gss-serv-krb5.c,v 1.8 2013/07/20 01:55:13 djm Exp $ */
  
  /*
 - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -834,15 +834,15 @@ Index: b/gss-serv-krb5.c
   *
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
-@@ -120,6 +120,7 @@
-        krb5_principal princ;
+@@ -122,6 +122,7 @@
         OM_uint32 maj_status, min_status;
         int len;
+        const char *errmsg;
 +       const char *new_ccname;
  
         if (client->creds == NULL) {
                 debug("No credentials stored");
-@@ -168,11 +169,16 @@
+@@ -174,11 +175,16 @@
                 return;
         }
  
@@ -863,7 +863,7 @@ Index: b/gss-serv-krb5.c
  
  #ifdef USE_PAM
         if (options.use_pam)
-@@ -184,6 +190,71 @@
+@@ -190,6 +196,71 @@
         return;
  }
  
@@ -935,7 +935,7 @@ Index: b/gss-serv-krb5.c
  ssh_gssapi_mech gssapi_kerberos_mech = {
         "toWM5Slw5Ew8Mqkay+al2g==",
         "Kerberos",
-@@ -191,7 +262,8 @@
+@@ -197,7 +268,8 @@
         NULL,
         &ssh_gssapi_krb5_userok,
         NULL,
@@ -950,7 +950,7 @@ Index: b/gss-serv.c
 --- a/gss-serv.c
 +++ b/gss-serv.c
 @@ -1,7 +1,7 @@
- /* $OpenBSD: gss-serv.c,v 1.23 2011/08/01 19:18:15 markus Exp $ */
+ /* $OpenBSD: gss-serv.c,v 1.24 2013/07/20 01:55:13 djm Exp $ */
  
  /*
 - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -958,7 +958,7 @@ Index: b/gss-serv.c
   *
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
-@@ -45,15 +45,20 @@
+@@ -45,15 +45,21 @@
  #include "channels.h"
  #include "session.h"
  #include "misc.h"
@@ -972,8 +972,9 @@ Index: b/gss-serv.c
  
  static ssh_gssapi_client gssapi_client =
      { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER,
--    GSS_C_NO_CREDENTIAL, NULL, {NULL, NULL, NULL}};
-+    GSS_C_NO_CREDENTIAL, GSS_C_NO_NAME,  NULL, {NULL, NULL, NULL}, 0, 0};
+-    GSS_C_NO_CREDENTIAL, NULL, {NULL, NULL, NULL, NULL}};
++    GSS_C_NO_CREDENTIAL, GSS_C_NO_NAME,  NULL,
++    {NULL, NULL, NULL, NULL, NULL}, 0, 0};
  
  ssh_gssapi_mech gssapi_null_mech =
 -    { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL};
@@ -981,7 +982,7 @@ Index: b/gss-serv.c
  
  #ifdef KRB5
  extern ssh_gssapi_mech gssapi_kerberos_mech;
-@@ -81,25 +86,32 @@
+@@ -81,25 +87,32 @@
         char lname[MAXHOSTNAMELEN];
         gss_OID_set oidset;
  
@@ -1028,7 +1029,7 @@ Index: b/gss-serv.c
  }
  
  /* Privileged */
-@@ -114,6 +126,29 @@
+@@ -114,6 +127,29 @@
  }
  
  /* Unprivileged */
@@ -1058,7 +1059,7 @@ Index: b/gss-serv.c
  void
  ssh_gssapi_supported_oids(gss_OID_set *oidset)
  {
-@@ -123,7 +158,9 @@
+@@ -123,7 +159,9 @@
         gss_OID_set supported;
  
         gss_create_empty_oid_set(&min_status, oidset);
@@ -1069,7 +1070,7 @@ Index: b/gss-serv.c
  
         while (supported_mechs[i]->name != NULL) {
                 if (GSS_ERROR(gss_test_oid_set_member(&min_status,
-@@ -249,8 +286,48 @@
+@@ -249,8 +287,48 @@
  ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
  {
         int i = 0;
@@ -1119,7 +1120,7 @@ Index: b/gss-serv.c
  
         client->mech = NULL;
  
-@@ -265,6 +342,13 @@
+@@ -265,6 +343,13 @@
         if (client->mech == NULL)
                 return GSS_S_FAILURE;
  
@@ -1133,7 +1134,7 @@ Index: b/gss-serv.c
         if ((ctx->major = gss_display_name(&ctx->minor, ctx->client,
             &client->displayname, NULL))) {
                 ssh_gssapi_error(ctx);
-@@ -282,6 +366,8 @@
+@@ -282,6 +367,8 @@
                 return (ctx->major);
         }
  
@@ -1142,7 +1143,7 @@ Index: b/gss-serv.c
         /* We can't copy this structure, so we just move the pointer to it */
         client->creds = ctx->client_creds;
         ctx->client_creds = GSS_C_NO_CREDENTIAL;
-@@ -329,7 +415,7 @@
+@@ -329,7 +416,7 @@
  
  /* Privileged */
  int
@@ -1151,7 +1152,7 @@ Index: b/gss-serv.c
  {
         OM_uint32 lmin;
  
-@@ -339,9 +425,11 @@
+@@ -339,9 +426,11 @@
                 return 0;
         }
         if (gssapi_client.mech && gssapi_client.mech->userok)
@@ -1165,7 +1166,7 @@ Index: b/gss-serv.c
                         /* Destroy delegated credentials if userok fails */
                         gss_release_buffer(&lmin, &gssapi_client.displayname);
                         gss_release_buffer(&lmin, &gssapi_client.exportedname);
-@@ -354,14 +442,90 @@
+@@ -354,14 +443,90 @@
         return (0);
  }
  
@@ -1277,32 +1278,37 @@ Index: b/kex.c
  #if OPENSSL_VERSION_NUMBER >= 0x00907000L
  # if defined(HAVE_EVP_SHA256)
  # define evp_ssh_sha256 EVP_sha256
-@@ -369,6 +373,20 @@
-                k->kex_type = KEX_ECDH_SHA2;
-                k->evp_md = kex_ecdh_name_to_evpmd(k->name);
+@@ -82,6 +86,14 @@
  #endif
+        { NULL, -1, -1, NULL},
+ };
++static const struct kexalg kexalg_prefixes[] = {
 +#ifdef GSSAPI
-+       } else if (strncmp(k->name, KEX_GSS_GEX_SHA1_ID,
-+           sizeof(KEX_GSS_GEX_SHA1_ID) - 1) == 0) {
-+               k->kex_type = KEX_GSS_GEX_SHA1;
-+               k->evp_md = EVP_sha1();
-+       } else if (strncmp(k->name, KEX_GSS_GRP1_SHA1_ID,
-+           sizeof(KEX_GSS_GRP1_SHA1_ID) - 1) == 0) {
-+               k->kex_type = KEX_GSS_GRP1_SHA1;
-+               k->evp_md = EVP_sha1();
-+       } else if (strncmp(k->name, KEX_GSS_GRP14_SHA1_ID,
-+           sizeof(KEX_GSS_GRP14_SHA1_ID) - 1) == 0) {
-+               k->kex_type = KEX_GSS_GRP14_SHA1;
-+               k->evp_md = EVP_sha1();
++       { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, EVP_sha1 },
++       { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, EVP_sha1 },
++       { KEX_GSS_GRP14_SHA1_ID, KEX_GSS_GRP14_SHA1, 0, EVP_sha1 },
 +#endif
-        } else
-                fatal("bad kex alg %s", k->name);
++       { NULL, -1, -1, NULL },
++};
+ 
+ char *
+ kex_alg_list(void)
+@@ -110,6 +122,10 @@
+                if (strcmp(k->name, name) == 0)
+                        return k;
+        }
++       for (k = kexalg_prefixes; k->name != NULL; k++) {
++               if (strncmp(k->name, name, strlen(k->name)) == 0)
++                       return k;
++       }
+        return NULL;
  }
+ 
 Index: b/kex.h
 ===================================================================
 --- a/kex.h
 +++ b/kex.h
-@@ -73,6 +73,9 @@
+@@ -74,6 +74,9 @@
         KEX_DH_GEX_SHA1,
         KEX_DH_GEX_SHA256,
         KEX_ECDH_SHA2,
@@ -1312,10 +1318,10 @@ Index: b/kex.h
         KEX_MAX
  };
  
-@@ -131,6 +134,12 @@
-        sig_atomic_t done;
+@@ -133,6 +136,12 @@
         int     flags;
         const EVP_MD *evp_md;
+        int     ec_nid;
 +#ifdef GSSAPI
 +       int     gss_deleg_creds;
 +       int     gss_trust_dns;
@@ -1325,7 +1331,7 @@ Index: b/kex.h
         char    *client_version_string;
         char    *server_version_string;
         int     (*verify_host_key)(Key *);
-@@ -158,6 +167,11 @@
+@@ -162,6 +171,11 @@
  void    kexecdh_client(Kex *);
  void    kexecdh_server(Kex *);
  
@@ -1341,7 +1347,7 @@ Index: b/kexgssc.c
 ===================================================================
 --- /dev/null
 +++ b/kexgssc.c
-@@ -0,0 +1,334 @@
+@@ -0,0 +1,333 @@
 +/*
 + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
 + *
@@ -1488,7 +1494,7 @@ Index: b/kexgssc.c
 +
 +               /* If we've got an old receive buffer get rid of it */
 +               if (token_ptr != GSS_C_NO_BUFFER)
-+                       xfree(recv_tok.value);
++                       free(recv_tok.value);
 +
 +               if (maj_status == GSS_S_COMPLETE) {
 +                       /* If mutual state flag is not true, kex fails */
@@ -1605,7 +1611,7 @@ Index: b/kexgssc.c
 +               fatal("kexdh_client: BN_bin2bn failed");
 +
 +       memset(kbuf, 0, klen);
-+       xfree(kbuf);
++       free(kbuf);
 +
 +       switch (kex->kex_type) {
 +       case KEX_GSS_GRP1_SHA1:
@@ -1648,11 +1654,10 @@ Index: b/kexgssc.c
 +       if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok)))
 +               packet_disconnect("Hash's MIC didn't verify");
 +
-+       xfree(msg_tok.value);
++       free(msg_tok.value);
 +
 +       DH_free(dh);
-+       if (serverhostkey)
-+               xfree(serverhostkey);
++       free(serverhostkey);
 +       BN_clear_free(dh_server_pub);
 +
 +       /* save session id */
@@ -1680,7 +1685,7 @@ Index: b/kexgsss.c
 ===================================================================
 --- /dev/null
 +++ b/kexgsss.c
-@@ -0,0 +1,288 @@
+@@ -0,0 +1,289 @@
 +/*
 + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
 + *
@@ -1761,9 +1766,10 @@ Index: b/kexgsss.c
 +        * in the GSSAPI code are no longer available. This kludges them back
 +        * into life
 +        */
-+       if (!ssh_gssapi_oid_table_ok()) 
-+               if ((mechs = ssh_gssapi_server_mechanisms()))
-+                       xfree(mechs);
++       if (!ssh_gssapi_oid_table_ok()) {
++               mechs = ssh_gssapi_server_mechanisms();
++               free(mechs);
++       }
 +
 +       debug2("%s: Identifying %s", __func__, kex->name);
 +       oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type);
@@ -1841,7 +1847,7 @@ Index: b/kexgsss.c
 +               maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, 
 +                   &send_tok, &ret_flags));
 +
-+               xfree(recv_tok.value);
++               free(recv_tok.value);
 +
 +               if (maj_status != GSS_S_COMPLETE && send_tok.length == 0)
 +                       fatal("Zero length token output when incomplete");
@@ -1890,7 +1896,7 @@ Index: b/kexgsss.c
 +               fatal("kexgss_server: BN_bin2bn failed");
 +
 +       memset(kbuf, 0, klen);
-+       xfree(kbuf);
++       free(kbuf);
 +
 +       switch (kex->kex_type) {
 +       case KEX_GSS_GRP1_SHA1:
@@ -1973,24 +1979,14 @@ Index: b/key.c
 ===================================================================
 --- a/key.c
 +++ b/key.c
-@@ -976,6 +976,8 @@
-                }
-                break;
- #endif /* OPENSSL_HAS_ECC */
-+       case KEY_NULL:
-+               return "null";
-        }
-        return "ssh-unknown";
- }
-@@ -1281,6 +1283,8 @@
-            strcmp(name, "ecdsa-sha2-nistp521-cert-v01@openssh.com") == 0) {
-                return KEY_ECDSA_CERT;
- #endif
-+       } else if (strcmp(name, "null") == 0) {
-+               return KEY_NULL;
-        }
+@@ -933,6 +933,7 @@
+            KEY_RSA_CERT_V00, 0, 1 },
+        { "ssh-dss-cert-v00@openssh.com", "DSA-CERT-V00",
+            KEY_DSA_CERT_V00, 0, 1 },
++       { "null", "null", KEY_NULL, 0, 0 },
+        { NULL, NULL, -1, -1, 0 }
+ };
  
-        debug2("key_type_from_name: unknown key type '%s'", name);
 Index: b/key.h
 ===================================================================
 --- a/key.h
@@ -2007,7 +2003,7 @@ Index: b/monitor.c
 ===================================================================
 --- a/monitor.c
 +++ b/monitor.c
-@@ -180,6 +180,8 @@
+@@ -181,6 +181,8 @@
  int mm_answer_gss_accept_ctx(int, Buffer *);
  int mm_answer_gss_userok(int, Buffer *);
  int mm_answer_gss_checkmic(int, Buffer *);
@@ -2016,7 +2012,7 @@ Index: b/monitor.c
  #endif
  
  #ifdef SSH_AUDIT_EVENTS
-@@ -252,6 +254,7 @@
+@@ -253,6 +255,7 @@
      {MONITOR_REQ_GSSSTEP, MON_ISAUTH, mm_answer_gss_accept_ctx},
      {MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok},
      {MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic},
@@ -2024,7 +2020,7 @@ Index: b/monitor.c
  #endif
  #ifdef JPAKE
      {MONITOR_REQ_JPAKE_GET_PWDATA, MON_ONCE, mm_answer_jpake_get_pwdata},
-@@ -264,6 +267,12 @@
+@@ -265,6 +268,12 @@
  };
  
  struct mon_table mon_dispatch_postauth20[] = {
@@ -2037,7 +2033,7 @@ Index: b/monitor.c
      {MONITOR_REQ_MODULI, 0, mm_answer_moduli},
      {MONITOR_REQ_SIGN, 0, mm_answer_sign},
      {MONITOR_REQ_PTY, 0, mm_answer_pty},
-@@ -372,6 +381,10 @@
+@@ -373,6 +382,10 @@
                 /* Permit requests for moduli and signatures */
                 monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
                 monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
@@ -2059,7 +2055,7 @@ Index: b/monitor.c
         } else {
                 mon_dispatch = mon_dispatch_postauth15;
                 monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
-@@ -1836,6 +1853,13 @@
+@@ -1855,6 +1872,13 @@
         kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
         kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
         kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
@@ -2073,7 +2069,7 @@ Index: b/monitor.c
         kex->server = 1;
         kex->hostkey_type = buffer_get_int(m);
         kex->kex_type = buffer_get_int(m);
-@@ -2042,6 +2066,9 @@
+@@ -2062,6 +2086,9 @@
         OM_uint32 major;
         u_int len;
  
@@ -2083,7 +2079,7 @@ Index: b/monitor.c
         goid.elements = buffer_get_string(m, &len);
         goid.length = len;
  
-@@ -2069,6 +2096,9 @@
+@@ -2089,6 +2116,9 @@
         OM_uint32 flags = 0; /* GSI needs this */
         u_int len;
  
@@ -2093,7 +2089,7 @@ Index: b/monitor.c
         in.value = buffer_get_string(m, &len);
         in.length = len;
         major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags);
-@@ -2086,6 +2116,7 @@
+@@ -2106,6 +2136,7 @@
                 monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0);
                 monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);
                 monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1);
@@ -2101,7 +2097,7 @@ Index: b/monitor.c
         }
         return (0);
  }
-@@ -2097,6 +2128,9 @@
+@@ -2117,6 +2148,9 @@
         OM_uint32 ret;
         u_int len;
  
@@ -2111,7 +2107,7 @@ Index: b/monitor.c
         gssbuf.value = buffer_get_string(m, &len);
         gssbuf.length = len;
         mic.value = buffer_get_string(m, &len);
-@@ -2123,7 +2157,11 @@
+@@ -2143,7 +2177,11 @@
  {
         int authenticated;
  
@@ -2124,7 +2120,7 @@ Index: b/monitor.c
  
         buffer_clear(m);
         buffer_put_int(m, authenticated);
-@@ -2136,6 +2174,74 @@
+@@ -2156,6 +2194,74 @@
         /* Monitor loop will terminate if authenticated */
         return (authenticated);
  }
@@ -2154,7 +2150,7 @@ Index: b/monitor.c
 +       }
 +       major = ssh_gssapi_sign(gsscontext, &data, &hash);
 +
-+       xfree(data.value);
++       free(data.value);
 +
 +       buffer_clear(m);
 +       buffer_put_int(m, major);
@@ -2184,9 +2180,9 @@ Index: b/monitor.c
 +
 +       ok = ssh_gssapi_update_creds(&store);
 +
-+       xfree(store.filename);
-+       xfree(store.envvar);
-+       xfree(store.envval);
++       free(store.filename);
++       free(store.envvar);
++       free(store.envval);
 +
 +       buffer_clear(m);
 +       buffer_put_int(m, ok);
@@ -2217,7 +2213,7 @@ Index: b/monitor_wrap.c
 ===================================================================
 --- a/monitor_wrap.c
 +++ b/monitor_wrap.c
-@@ -1271,7 +1271,7 @@
+@@ -1273,7 +1273,7 @@
  }
  
  int
@@ -2226,7 +2222,7 @@ Index: b/monitor_wrap.c
  {
         Buffer m;
         int authenticated = 0;
-@@ -1288,6 +1288,51 @@
+@@ -1290,6 +1290,51 @@
         debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not ");
         return (authenticated);
  }
@@ -2298,7 +2294,7 @@ Index: b/readconf.c
 ===================================================================
 --- a/readconf.c
 +++ b/readconf.c
-@@ -129,6 +129,8 @@
+@@ -132,6 +132,8 @@
         oClearAllForwardings, oNoHostAuthenticationForLocalhost,
         oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
         oAddressFamily, oGssAuthentication, oGssDelegateCreds,
@@ -2307,7 +2303,7 @@ Index: b/readconf.c
         oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
         oSendEnv, oControlPath, oControlMaster, oControlPersist,
         oHashKnownHosts,
-@@ -169,10 +171,19 @@
+@@ -172,10 +174,19 @@
         { "afstokenpassing", oUnsupported },
  #if defined(GSSAPI)
         { "gssapiauthentication", oGssAuthentication },
@@ -2327,7 +2323,7 @@ Index: b/readconf.c
  #endif
         { "fallbacktorsh", oDeprecated },
         { "usersh", oDeprecated },
-@@ -503,10 +514,30 @@
+@@ -516,10 +527,30 @@
                 intptr = &options->gss_authentication;
                 goto parse_flag;
  
@@ -2358,7 +2354,7 @@ Index: b/readconf.c
         case oBatchMode:
                 intptr = &options->batch_mode;
                 goto parse_flag;
-@@ -1158,7 +1189,12 @@
+@@ -1168,7 +1199,12 @@
         options->pubkey_authentication = -1;
         options->challenge_response_authentication = -1;
         options->gss_authentication = -1;
@@ -2371,7 +2367,7 @@ Index: b/readconf.c
         options->password_authentication = -1;
         options->kbd_interactive_authentication = -1;
         options->kbd_interactive_devices = NULL;
-@@ -1258,8 +1294,14 @@
+@@ -1268,8 +1304,14 @@
                 options->challenge_response_authentication = 1;
         if (options->gss_authentication == -1)
                 options->gss_authentication = 0;
@@ -2407,7 +2403,7 @@ Index: b/servconf.c
 ===================================================================
 --- a/servconf.c
 +++ b/servconf.c
-@@ -102,7 +102,10 @@
+@@ -107,7 +107,10 @@
         options->kerberos_ticket_cleanup = -1;
         options->kerberos_get_afs_token = -1;
         options->gss_authentication=-1;
@@ -2418,7 +2414,7 @@ Index: b/servconf.c
         options->password_authentication = -1;
         options->kbd_interactive_authentication = -1;
         options->challenge_response_authentication = -1;
-@@ -233,8 +236,14 @@
+@@ -240,8 +243,14 @@
                 options->kerberos_get_afs_token = 0;
         if (options->gss_authentication == -1)
                 options->gss_authentication = 0;
@@ -2433,7 +2429,7 @@ Index: b/servconf.c
         if (options->password_authentication == -1)
                 options->password_authentication = 1;
         if (options->kbd_interactive_authentication == -1)
-@@ -327,7 +336,9 @@
+@@ -338,7 +347,9 @@
         sBanner, sUseDNS, sHostbasedAuthentication,
         sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
         sClientAliveCountMax, sAuthorizedKeysFile,
@@ -2444,7 +2440,7 @@ Index: b/servconf.c
         sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
         sUsePrivilegeSeparation, sAllowAgentForwarding,
         sZeroKnowledgePasswordAuthentication, sHostCertificate,
-@@ -393,10 +404,20 @@
+@@ -405,10 +416,20 @@
  #ifdef GSSAPI
         { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },
         { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },
@@ -2465,7 +2461,7 @@ Index: b/servconf.c
         { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
         { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
         { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL },
-@@ -1049,10 +1070,22 @@
+@@ -1073,10 +1094,22 @@
                 intptr = &options->gss_authentication;
                 goto parse_flag;
  
@@ -2488,7 +2484,7 @@ Index: b/servconf.c
         case sPasswordAuthentication:
                 intptr = &options->password_authentication;
                 goto parse_flag;
-@@ -1927,7 +1960,10 @@
+@@ -1983,7 +2016,10 @@
  #endif
  #ifdef GSSAPI
         dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
@@ -2503,7 +2499,7 @@ Index: b/servconf.h
 ===================================================================
 --- a/servconf.h
 +++ b/servconf.h
-@@ -110,7 +110,10 @@
+@@ -111,7 +111,10 @@
         int     kerberos_get_afs_token;         /* If true, try to get AFS token if
                                                  * authenticated with Kerberos. */
         int     gss_authentication;     /* If true, permit GSSAPI authentication */
@@ -2632,7 +2628,7 @@ Index: b/ssh_config.5
 ===================================================================
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -530,11 +530,43 @@
+@@ -529,11 +529,43 @@
  The default is
  .Dq no .
  Note that this option applies to protocol version 2 only.
@@ -2727,14 +2723,14 @@ Index: b/sshconnect2.c
 +               orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS];
 +               xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS], 
 +                   "%s,null", orig);
-+               xfree(gss);
++               free(gss);
 +       }
 +#endif
 +
-        if (options.rekey_limit)
-                packet_set_rekey_limit((u_int32_t)options.rekey_limit);
- 
-@@ -207,10 +243,30 @@
+        if (options.rekey_limit || options.rekey_interval)
+                packet_set_rekey_limits((u_int32_t)options.rekey_limit,
+                    (time_t)options.rekey_interval);
+@@ -208,10 +244,30 @@
         kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
         kex->kex[KEX_DH_GEX_SHA256] = kexgex_client;
         kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
@@ -2765,7 +2761,7 @@ Index: b/sshconnect2.c
         xxx_kex = kex;
  
         dispatch_run(DISPATCH_BLOCK, &kex->done, kex);
-@@ -306,6 +362,7 @@
+@@ -307,6 +363,7 @@
  void   input_gssapi_hash(int type, u_int32_t, void *);
  void   input_gssapi_error(int, u_int32_t, void *);
  void   input_gssapi_errtok(int, u_int32_t, void *);
@@ -2773,7 +2769,7 @@ Index: b/sshconnect2.c
  #endif
  
  void   userauth(Authctxt *, char *);
-@@ -321,6 +378,11 @@
+@@ -322,6 +379,11 @@
  
  Authmethod authmethods[] = {
  #ifdef GSSAPI
@@ -2785,7 +2781,7 @@ Index: b/sshconnect2.c
         {"gssapi-with-mic",
                 userauth_gssapi,
                 NULL,
-@@ -627,19 +689,31 @@
+@@ -625,19 +687,31 @@
         static u_int mech = 0;
         OM_uint32 min;
         int ok = 0;
@@ -2819,7 +2815,7 @@ Index: b/sshconnect2.c
                         ok = 1; /* Mechanism works */
                 } else {
                         mech++;
-@@ -736,8 +810,8 @@
+@@ -734,8 +808,8 @@
  {
         Authctxt *authctxt = ctxt;
         Gssctxt *gssctxt;
@@ -2830,9 +2826,9 @@ Index: b/sshconnect2.c
  
         if (authctxt == NULL)
                 fatal("input_gssapi_response: no authentication context");
-@@ -847,6 +921,48 @@
-        xfree(msg);
-        xfree(lang);
+@@ -844,6 +918,48 @@
+        free(msg);
+        free(lang);
  }
 +
 +int
@@ -2883,7 +2879,7 @@ Index: b/sshd.c
 ===================================================================
 --- a/sshd.c
 +++ b/sshd.c
-@@ -121,6 +121,10 @@
+@@ -122,6 +122,10 @@
  #include "ssh-sandbox.h"
  #include "version.h"
  
@@ -2894,7 +2890,7 @@ Index: b/sshd.c
  #ifdef LIBWRAP
  #include <tcpd.h>
  #include <syslog.h>
-@@ -1645,10 +1649,13 @@
+@@ -1703,10 +1707,13 @@
                 logit("Disabling protocol version 1. Could not load host key");
                 options.protocol &= ~SSH_PROTO_1;
         }
@@ -2908,7 +2904,7 @@ Index: b/sshd.c
         if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) {
                 logit("sshd: no hostkeys available -- exiting.");
                 exit(1);
-@@ -1976,6 +1983,60 @@
+@@ -2035,6 +2042,60 @@
         /* Log the connection. */
         verbose("Connection from %.500s port %d", remote_ip, remote_port);
  
@@ -2969,7 +2965,7 @@ Index: b/sshd.c
         /*
          * We don't want to listen forever unless the other side
          * successfully authenticates itself.  So we set up an alarm which is
-@@ -2357,6 +2418,48 @@
+@@ -2439,6 +2500,48 @@
  
         myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types();
  
@@ -3018,7 +3014,7 @@ Index: b/sshd.c
         /* start key exchange */
         kex = kex_setup(myproposal);
         kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
-@@ -2364,6 +2467,13 @@
+@@ -2446,6 +2549,13 @@
         kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
         kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
         kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
@@ -3036,7 +3032,7 @@ Index: b/sshd_config
 ===================================================================
 --- a/sshd_config
 +++ b/sshd_config
-@@ -80,6 +80,8 @@
+@@ -83,6 +83,8 @@
  # GSSAPI options
  #GSSAPIAuthentication no
  #GSSAPICleanupCredentials yes
@@ -3049,7 +3045,7 @@ Index: b/sshd_config.5
 ===================================================================
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -481,12 +481,40 @@
+@@ -484,12 +484,40 @@
  The default is
  .Dq no .
  Note that this option applies to protocol version 2 only.
diff --git a/debian/patches/keepalive-extensions.patch b/debian/patches/keepalive-extensions.patch
index 98e9f8bdd..a851a91bf 100644
--- a/debian/patches/keepalive-extensions.patch
+++ b/debian/patches/keepalive-extensions.patch
@@ -12,30 +12,30 @@ Author: Richard Kettlewell <rjk@greenend.org.uk>
 Author: Ian Jackson <ian@chiark.greenend.org.uk>
 Author: Matthew Vernon <matthew@debian.org>
 Author: Colin Watson <cjwatson@debian.org>
-Last-Update: 2013-05-16
+Last-Update: 2013-09-14
 
 Index: b/readconf.c
 ===================================================================
 --- a/readconf.c
 +++ b/readconf.c
-@@ -138,6 +138,7 @@
+@@ -141,6 +141,7 @@
         oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
         oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
-        oKexAlgorithms, oIPQoS, oRequestTTY,
+        oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown,
 +       oProtocolKeepAlives, oSetupTimeOut,
-        oDeprecated, oUnsupported
+        oIgnoredUnknownOption, oDeprecated, oUnsupported
  } OpCodes;
  
-@@ -259,6 +260,8 @@
-        { "kexalgorithms", oKexAlgorithms },
+@@ -263,6 +264,8 @@
         { "ipqos", oIPQoS },
         { "requesttty", oRequestTTY },
+        { "ignoreunknown", oIgnoreUnknown },
 +       { "protocolkeepalives", oProtocolKeepAlives },
 +       { "setuptimeout", oSetupTimeOut },
  
         { NULL, oBadOption }
  };
-@@ -933,6 +936,8 @@
+@@ -939,6 +942,8 @@
                 goto parse_flag;
  
         case oServerAliveInterval:
@@ -44,8 +44,8 @@ Index: b/readconf.c
                 intptr = &options->server_alive_interval;
                 goto parse_time;
  
-@@ -1392,8 +1397,13 @@
-                options->rekey_limit = 0;
+@@ -1404,8 +1409,13 @@
+                options->rekey_interval = 0;
         if (options->verify_host_key_dns == -1)
                 options->verify_host_key_dns = 0;
 -       if (options->server_alive_interval == -1)
@@ -78,7 +78,7 @@ Index: b/ssh_config.5
  The argument must be
  .Dq yes
  or
-@@ -1113,8 +1117,15 @@
+@@ -1141,8 +1145,15 @@
  will send a message through the encrypted
  channel to request a response from the server.
  The default
@@ -95,7 +95,7 @@ Index: b/ssh_config.5
  .It Cm StrictHostKeyChecking
  If this flag is set to
  .Dq yes ,
-@@ -1153,6 +1164,12 @@
+@@ -1181,6 +1192,12 @@
  other side.
  If they are sent, death of the connection or crash of one
  of the machines will be properly noticed.
@@ -112,7 +112,7 @@ Index: b/sshd_config.5
 ===================================================================
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -1122,6 +1122,9 @@
+@@ -1161,6 +1161,9 @@
  .Pp
  To disable TCP keepalive messages, the value should be set to
  .Dq no .
diff --git a/debian/patches/lintian-symlink-pickiness.patch b/debian/patches/lintian-symlink-pickiness.patch
index 8afabfaba..19ae33b22 100644
--- a/debian/patches/lintian-symlink-pickiness.patch
+++ b/debian/patches/lintian-symlink-pickiness.patch
@@ -3,13 +3,13 @@ Description: Fix picky lintian errors about slogin symlinks
  either way and opted to keep the status quo.  We need this patch anyway.
 Author: Colin Watson <cjwatson@debian.org>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1728
-Last-Update: 2013-05-07
+Last-Update: 2013-09-14
 
 Index: b/Makefile.in
 ===================================================================
 --- a/Makefile.in
 +++ b/Makefile.in
-@@ -293,9 +293,9 @@
+@@ -296,9 +296,9 @@
         $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8
         $(INSTALL) -m 644 ssh-vulnkey.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-vulnkey.1
         -rm -f $(DESTDIR)$(bindir)/slogin
diff --git a/debian/patches/mention-ssh-keygen-on-keychange.patch b/debian/patches/mention-ssh-keygen-on-keychange.patch
index fd1b6f9f5..55c277031 100644
--- a/debian/patches/mention-ssh-keygen-on-keychange.patch
+++ b/debian/patches/mention-ssh-keygen-on-keychange.patch
@@ -2,13 +2,13 @@ Description: Mention ssh-keygen in ssh fingerprint changed warning
 Author: Scott Moser <smoser@ubuntu.com>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1843
 Bug-Ubuntu: https://bugs.launchpad.net/bugs/686607
-Last-Update: 2013-05-16
+Last-Update: 2013-09-14
 
 Index: b/sshconnect.c
 ===================================================================
 --- a/sshconnect.c
 +++ b/sshconnect.c
-@@ -982,9 +982,12 @@
+@@ -981,9 +981,12 @@
                         error("%s. This could either mean that", key_msg);
                         error("DNS SPOOFING is happening or the IP address for the host");
                         error("and its host key have changed at the same time.");
@@ -22,7 +22,7 @@ Index: b/sshconnect.c
                 }
                 /* The host key has changed. */
                 warn_changed_key(host_key);
-@@ -992,6 +995,8 @@
+@@ -991,6 +994,8 @@
                     user_hostfiles[0]);
                 error("Offending %s key in %s:%lu", key_type(host_found->key),
                     host_found->file, host_found->line);
diff --git a/debian/patches/openbsd-docs.patch b/debian/patches/openbsd-docs.patch
index 48c3ff598..d4eeee6e8 100644
--- a/debian/patches/openbsd-docs.patch
+++ b/debian/patches/openbsd-docs.patch
@@ -6,7 +6,7 @@ Description: Adjust various OpenBSD-specific references in manual pages
   https://bugs.launchpad.net/bugs/456660 (ssl(8))
 Author: Colin Watson <cjwatson@debian.org>
 Forwarded: not-needed
-Last-Update: 2013-05-07
+Last-Update: 2013-09-14
 
 Index: b/moduli.5
 ===================================================================
@@ -56,7 +56,7 @@ Index: b/ssh-keygen.1
  .It Fl a Ar trials
  Specifies the number of primality tests to perform when screening DH-GEX
  candidates using the
-@@ -606,7 +602,7 @@
+@@ -605,7 +601,7 @@
  Valid generator values are 2, 3, and 5.
  .Pp
  Screened DH groups may be installed in
@@ -65,7 +65,7 @@ Index: b/ssh-keygen.1
  It is important that this file contains moduli of a range of bit lengths and
  that both ends of a connection share common moduli.
  .Sh CERTIFICATES
-@@ -801,7 +797,7 @@
+@@ -800,7 +796,7 @@
  where the user wishes to log in using public key authentication.
  There is no need to keep the contents of this file secret.
  .Pp
@@ -78,9 +78,9 @@ Index: b/ssh.1
 ===================================================================
 --- a/ssh.1
 +++ b/ssh.1
-@@ -736,6 +736,10 @@
- .Sx HISTORY
- section of
+@@ -756,6 +756,10 @@
+ but protocol 2 may use any.
+ The HISTORY section of
  .Xr ssl 8
 +(on non-OpenBSD systems, see
 +.nh
@@ -93,7 +93,7 @@ Index: b/sshd.8
 ===================================================================
 --- a/sshd.8
 +++ b/sshd.8
-@@ -69,7 +69,7 @@
+@@ -70,7 +70,7 @@
  .Nm
  listens for connections from clients.
  It is normally started at boot from
@@ -102,7 +102,7 @@ Index: b/sshd.8
  It forks a new
  daemon for each incoming connection.
  The forked daemons handle
-@@ -858,7 +858,7 @@
+@@ -859,7 +859,7 @@
  .Xr ssh 1 ) .
  It should only be writable by root.
  .Pp
@@ -111,7 +111,7 @@ Index: b/sshd.8
  Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange".
  The file format is described in
  .Xr moduli 5 .
-@@ -956,7 +956,6 @@
+@@ -957,7 +957,6 @@
  .Xr ssh-vulnkey 1 ,
  .Xr chroot 2 ,
  .Xr hosts_access 5 ,
@@ -123,7 +123,7 @@ Index: b/sshd_config.5
 ===================================================================
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -276,8 +276,7 @@
+@@ -283,8 +283,7 @@
  By default, no banner is displayed.
  .It Cm ChallengeResponseAuthentication
  Specifies whether challenge-response authentication is allowed (e.g. via
diff --git a/debian/patches/package-versioning.patch b/debian/patches/package-versioning.patch
index b922a185b..2be45ebf8 100644
--- a/debian/patches/package-versioning.patch
+++ b/debian/patches/package-versioning.patch
@@ -5,7 +5,7 @@ Description: Include the Debian version in our identification
  vulnerable-looking version strings.  (However, see debian-banner.patch.)
 Author: Matthew Vernon <matthew@debian.org>
 Forwarded: not-needed
-Last-Update: 2013-05-16
+Last-Update: 2013-09-14
 
 Index: b/sshconnect.c
 ===================================================================
@@ -28,7 +28,7 @@ Index: b/sshd.c
 ===================================================================
 --- a/sshd.c
 +++ b/sshd.c
-@@ -434,7 +434,7 @@
+@@ -440,7 +440,7 @@
         }
  
         xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s%s",
@@ -42,9 +42,9 @@ Index: b/version.h
 --- a/version.h
 +++ b/version.h
 @@ -3,4 +3,9 @@
- #define SSH_VERSION    "OpenSSH_6.2"
+ #define SSH_VERSION    "OpenSSH_6.3"
  
- #define SSH_PORTABLE   "p2"
+ #define SSH_PORTABLE   "p1"
 -#define SSH_RELEASE    SSH_VERSION SSH_PORTABLE
 +#define SSH_RELEASE_MINIMUM    SSH_VERSION SSH_PORTABLE
 +#ifdef SSH_EXTRAVERSION
diff --git a/debian/patches/quieter-signals.patch b/debian/patches/quieter-signals.patch
index f25ff89d0..32f4cfc67 100644
--- a/debian/patches/quieter-signals.patch
+++ b/debian/patches/quieter-signals.patch
@@ -10,13 +10,13 @@ Author: Peter Samuelson <peter@p12n.org>
 Author: Colin Watson <cjwatson@debian.org>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1118
 Bug-Debian: http://bugs.debian.org/313371
-Last-Update: 2013-05-07
+Last-Update: 2013-09-14
 
 Index: b/clientloop.c
 ===================================================================
 --- a/clientloop.c
 +++ b/clientloop.c
-@@ -1710,8 +1710,10 @@
+@@ -1717,8 +1717,10 @@
                 exit_status = 0;
         }
  
diff --git a/debian/patches/selinux-role.patch b/debian/patches/selinux-role.patch
index c41c78b3b..f3376c20a 100644
--- a/debian/patches/selinux-role.patch
+++ b/debian/patches/selinux-role.patch
@@ -5,7 +5,7 @@ Description: Handle SELinux authorisation roles
 Author: Manoj Srivastava <srivasta@debian.org>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641
 Bug-Debian: http://bugs.debian.org/394795
-Last-Update: 2013-05-13
+Last-Update: 2013-09-14
 
 Index: b/auth.h
 ===================================================================
@@ -17,13 +17,13 @@ Index: b/auth.h
         char            *style;
 +       char            *role;
         void            *kbdintctxt;
+        char            *info;          /* Extra info for next auth_log */
         void            *jpake_ctx;
- #ifdef BSD_AUTH
 Index: b/auth1.c
 ===================================================================
 --- a/auth1.c
 +++ b/auth1.c
-@@ -385,7 +385,7 @@
+@@ -380,7 +380,7 @@
  do_authentication(Authctxt *authctxt)
  {
         u_int ulen;
@@ -32,7 +32,7 @@ Index: b/auth1.c
  
         /* Get the name of the user that we wish to log in as. */
         packet_read_expect(SSH_CMSG_USER);
-@@ -394,11 +394,17 @@
+@@ -389,11 +389,17 @@
         user = packet_get_cstring(&ulen);
         packet_check_eom();
  
@@ -54,7 +54,7 @@ Index: b/auth2.c
 ===================================================================
 --- a/auth2.c
 +++ b/auth2.c
-@@ -219,7 +219,7 @@
+@@ -222,7 +222,7 @@
  {
         Authctxt *authctxt = ctxt;
         Authmethod *m = NULL;
@@ -63,7 +63,7 @@ Index: b/auth2.c
         int authenticated = 0;
  
         if (authctxt == NULL)
-@@ -231,8 +231,13 @@
+@@ -234,8 +234,13 @@
         debug("userauth-request for user %s service %s method %s", user, service, method);
         debug("attempt %d failures %d", authctxt->attempt, authctxt->failures);
  
@@ -77,7 +77,7 @@ Index: b/auth2.c
  
         if (authctxt->attempt++ == 0) {
                 /* setup auth context */
-@@ -256,8 +261,9 @@
+@@ -259,8 +264,9 @@
                     use_privsep ? " [net]" : "");
                 authctxt->service = xstrdup(service);
                 authctxt->style = style ? xstrdup(style) : NULL;
@@ -92,7 +92,7 @@ Index: b/monitor.c
 ===================================================================
 --- a/monitor.c
 +++ b/monitor.c
-@@ -145,6 +145,7 @@
+@@ -146,6 +146,7 @@
  int mm_answer_pwnamallow(int, Buffer *);
  int mm_answer_auth2_read_banner(int, Buffer *);
  int mm_answer_authserv(int, Buffer *);
@@ -100,7 +100,7 @@ Index: b/monitor.c
  int mm_answer_authpassword(int, Buffer *);
  int mm_answer_bsdauthquery(int, Buffer *);
  int mm_answer_bsdauthrespond(int, Buffer *);
-@@ -226,6 +227,7 @@
+@@ -227,6 +228,7 @@
      {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign},
      {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow},
      {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv},
@@ -108,7 +108,7 @@ Index: b/monitor.c
      {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner},
      {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},
  #ifdef USE_PAM
-@@ -837,6 +839,7 @@
+@@ -844,6 +846,7 @@
         else {
                 /* Allow service/style information on the auth context */
                 monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1);
@@ -116,7 +116,7 @@ Index: b/monitor.c
                 monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1);
         }
  #ifdef USE_PAM
-@@ -869,14 +872,37 @@
+@@ -874,14 +877,37 @@
  
         authctxt->service = buffer_get_string(m, NULL);
         authctxt->style = buffer_get_string(m, NULL);
@@ -127,12 +127,12 @@ Index: b/monitor.c
 +           __func__, authctxt->service, authctxt->style, authctxt->role);
  
         if (strlen(authctxt->style) == 0) {
-                xfree(authctxt->style);
+                free(authctxt->style);
                 authctxt->style = NULL;
         }
  
 +       if (strlen(authctxt->role) == 0) {
-+               xfree(authctxt->role);
++               free(authctxt->role);
 +               authctxt->role = NULL;
 +       }
 +
@@ -149,14 +149,14 @@ Index: b/monitor.c
 +           __func__, authctxt->role);
 +
 +       if (strlen(authctxt->role) == 0) {
-+               xfree(authctxt->role);
++               free(authctxt->role);
 +               authctxt->role = NULL;
 +       }
 +
         return (0);
  }
  
-@@ -1471,7 +1497,7 @@
+@@ -1486,7 +1512,7 @@
         res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty));
         if (res == 0)
                 goto error;
@@ -182,7 +182,7 @@ Index: b/monitor_wrap.c
 ===================================================================
 --- a/monitor_wrap.c
 +++ b/monitor_wrap.c
-@@ -318,10 +318,10 @@
+@@ -320,10 +320,10 @@
         return (banner);
  }
  
@@ -195,7 +195,7 @@ Index: b/monitor_wrap.c
  {
         Buffer m;
  
-@@ -330,11 +330,29 @@
+@@ -332,11 +332,29 @@
         buffer_init(&m);
         buffer_put_cstring(&m, service);
         buffer_put_cstring(&m, style ? style : "");
@@ -284,7 +284,7 @@ Index: b/openbsd-compat/port-linux.c
  #endif
  
         if (r != 0) {
-@@ -107,7 +120,7 @@
+@@ -105,7 +118,7 @@
  
  /* Set the execution context to the default for the specified user */
  void
@@ -293,7 +293,7 @@ Index: b/openbsd-compat/port-linux.c
  {
         security_context_t user_ctx = NULL;
  
-@@ -116,7 +129,7 @@
+@@ -114,7 +127,7 @@
  
         debug3("%s: setting execution context", __func__);
  
@@ -302,7 +302,7 @@ Index: b/openbsd-compat/port-linux.c
         if (setexeccon(user_ctx) != 0) {
                 switch (security_getenforce()) {
                 case -1:
-@@ -138,7 +151,7 @@
+@@ -136,7 +149,7 @@
  
  /* Set the TTY context for the specified user */
  void
@@ -311,7 +311,7 @@ Index: b/openbsd-compat/port-linux.c
  {
         security_context_t new_tty_ctx = NULL;
         security_context_t user_ctx = NULL;
-@@ -149,7 +162,7 @@
+@@ -147,7 +160,7 @@
  
         debug3("%s: setting TTY context on %s", __func__, tty);
  
@@ -392,7 +392,7 @@ Index: b/session.c
  
                 if (options.chroot_directory != NULL &&
                     strcasecmp(options.chroot_directory, "none") != 0) {
-@@ -1633,7 +1633,7 @@
+@@ -1646,7 +1646,7 @@
  
         /* Force a password change */
         if (s->authctxt->force_pwchange) {
@@ -401,7 +401,7 @@ Index: b/session.c
                 child_close_fds();
                 do_pwchange(s);
                 exit(1);
-@@ -1660,7 +1660,7 @@
+@@ -1673,7 +1673,7 @@
                 /* When PAM is enabled we rely on it to do the nologin check */
                 if (!options.use_pam)
                         do_nologin(pw);
@@ -410,7 +410,7 @@ Index: b/session.c
                 /*
                  * PAM session modules in do_setusercontext may have
                  * generated messages, so if this in an interactive
-@@ -2072,7 +2072,7 @@
+@@ -2084,7 +2084,7 @@
         tty_parse_modes(s->ttyfd, &n_bytes);
  
         if (!use_privsep)
@@ -436,7 +436,7 @@ Index: b/sshd.c
 ===================================================================
 --- a/sshd.c
 +++ b/sshd.c
-@@ -745,7 +745,7 @@
+@@ -753,7 +753,7 @@
         RAND_seed(rnd, sizeof(rnd));
  
         /* Drop privileges */
diff --git a/debian/patches/series b/debian/patches/series
index 0e43d9fe9..f5c2ebb52 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -26,7 +26,6 @@ shell-path.patch
 dnssec-sshfp.patch
 auth-log-verbosity.patch
 mention-ssh-keygen-on-keychange.patch
-ssh-copy-id-portable.patch
 
 # Versioning
 package-versioning.patch
diff --git a/debian/patches/shell-path.patch b/debian/patches/shell-path.patch
index d4cbc3e5f..a1c6efc8d 100644
--- a/debian/patches/shell-path.patch
+++ b/debian/patches/shell-path.patch
@@ -4,7 +4,7 @@ Description: Look for $SHELL on the path for ProxyCommand/LocalCommand
 Author: Colin Watson <cjwatson@debian.org>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1494
 Bug-Debian: http://bugs.debian.org/492728
-Last-Update: 2013-05-16
+Last-Update: 2013-09-14
 
 Index: b/sshconnect.c
 ===================================================================
@@ -19,7 +19,7 @@ Index: b/sshconnect.c
                 perror(argv[0]);
                 exit(1);
         }
-@@ -1299,7 +1299,7 @@
+@@ -1298,7 +1298,7 @@
         if (pid == 0) {
                 signal(SIGPIPE, SIG_DFL);
                 debug3("Executing %s -c \"%s\"", shell, args);
diff --git a/debian/patches/sigstop.patch b/debian/patches/sigstop.patch
index 42bee0739..3311a797c 100644
--- a/debian/patches/sigstop.patch
+++ b/debian/patches/sigstop.patch
@@ -1,13 +1,13 @@
 Description: Support synchronisation with service supervisor using SIGSTOP
 Author: Colin Watson <cjwatson@debian.org>
 Forwarded: no
-Last-Update: 2013-08-12
+Last-Update: 2013-09-14
 
 Index: b/sshd.c
 ===================================================================
 --- a/sshd.c
 +++ b/sshd.c
-@@ -1855,6 +1855,10 @@
+@@ -1914,6 +1914,10 @@
                         }
                 }
  
diff --git a/debian/patches/ssh-argv0.patch b/debian/patches/ssh-argv0.patch
index 6f4a3cd9a..28d144221 100644
--- a/debian/patches/ssh-argv0.patch
+++ b/debian/patches/ssh-argv0.patch
@@ -5,13 +5,13 @@ Description: ssh(1): Refer to ssh-argv0(1)
  manual page from ssh(1).
 Bug-Debian: http://bugs.debian.org/111341
 Forwarded: not-needed
-Last-Update: 2013-05-07
+Last-Update: 2013-09-14
 
 Index: b/ssh.1
 ===================================================================
 --- a/ssh.1
 +++ b/ssh.1
-@@ -1433,6 +1433,7 @@
+@@ -1451,6 +1451,7 @@
  .Xr sftp 1 ,
  .Xr ssh-add 1 ,
  .Xr ssh-agent 1 ,
diff --git a/debian/patches/ssh-copy-id-portable.patch b/debian/patches/ssh-copy-id-portable.patch
deleted file mode 100644
index 9583eab4b..000000000
--- a/debian/patches/ssh-copy-id-portable.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-Description: Fix non-portable shell in ssh-copy-id
-Author: Colin Watson <cjwatson@debian.org>
-Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=2117
-Bug-Debian: http://bugs.debian.org/711162
-Forwarded: https://bugzilla.mindrot.org/show_bug.cgi?id=2117
-Last-Update: 2013-06-05
-
-Index: b/contrib/ssh-copy-id
-===================================================================
---- a/contrib/ssh-copy-id
-+++ b/contrib/ssh-copy-id
-@@ -165,7 +165,7 @@
- 
- eval set -- "$SAVEARGS"
- 
--if [ $# == 0 ] ; then
-+if [ $# = 0 ] ; then
-   usage
- fi
- if [ $# != 1 ] ; then
diff --git a/debian/patches/ssh-vulnkey.patch b/debian/patches/ssh-vulnkey.patch
index 03d6f15d9..a56911290 100644
--- a/debian/patches/ssh-vulnkey.patch
+++ b/debian/patches/ssh-vulnkey.patch
@@ -8,7 +8,7 @@ Description: Reject vulnerable keys to mitigate Debian OpenSSL flaw
  See CVE-2008-0166.
 Author: Colin Watson <cjwatson@ubuntu.com>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1469
-Last-Update: 2013-05-16
+Last-Update: 2013-09-14
 
 Index: b/Makefile.in
 ===================================================================
@@ -52,7 +52,7 @@ Index: b/Makefile.in
  MANTYPE                = @MANTYPE@
  
  CONFIGFILES=sshd_config.out ssh_config.out moduli.out
-@@ -174,6 +176,9 @@
+@@ -176,6 +178,9 @@
  sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o
         $(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
  
@@ -62,7 +62,7 @@ Index: b/Makefile.in
  # test driver for the loginrec code - not built by default
  logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
         $(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS)
-@@ -269,6 +274,7 @@
+@@ -272,6 +277,7 @@
         $(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT)
         $(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
         $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
@@ -70,7 +70,7 @@ Index: b/Makefile.in
         $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
         $(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
         $(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
-@@ -283,6 +289,7 @@
+@@ -286,6 +292,7 @@
         $(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
         $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
         $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8
@@ -78,7 +78,7 @@ Index: b/Makefile.in
         -rm -f $(DESTDIR)$(bindir)/slogin
         ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin
         -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
-@@ -364,6 +371,7 @@
+@@ -367,6 +374,7 @@
         -rm -f $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT)
         -rm -f $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT)
         -rm -f $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT)
@@ -86,7 +86,7 @@ Index: b/Makefile.in
         -rm -f $(DESTDIR)$(bindir)/sftp$(EXEEXT)
         -rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
         -rm -r $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
-@@ -376,6 +384,7 @@
+@@ -379,6 +387,7 @@
         -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
         -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
         -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
@@ -111,8 +111,8 @@ Index: b/auth-rsa.c
 ===================================================================
 --- a/auth-rsa.c
 +++ b/auth-rsa.c
-@@ -233,7 +233,7 @@
-                            file, linenum, BN_num_bits(key->rsa->n), bits);
+@@ -237,7 +237,7 @@
+                free(fp);
  
                 /* Never accept a revoked key */
 -               if (auth_key_is_revoked(key))
@@ -132,7 +132,7 @@ Index: b/auth.c
  #include "auth.h"
  #include "auth-options.h"
  #include "canohost.h"
-@@ -635,10 +636,34 @@
+@@ -657,10 +658,34 @@
  
  /* Returns 1 if key is revoked by revoked_keys_file, 0 otherwise */
  int
@@ -151,7 +151,7 @@ Index: b/auth.c
 +                               logit("Public key %s from %s blacklisted (see "
 +                                   "ssh-vulnkey(1)); continuing anyway",
 +                                   key_fp, get_remote_ipaddr());
-+                       xfree(key_fp);
++                       free(key_fp);
 +               } else {
 +                       if (hostkey)
 +                               error("Host key %s blacklisted (see "
@@ -160,7 +160,7 @@ Index: b/auth.c
 +                               logit("Public key %s from %s blacklisted (see "
 +                                   "ssh-vulnkey(1))",
 +                                   key_fp, get_remote_ipaddr());
-+                       xfree(key_fp);
++                       free(key_fp);
 +                       return 1;
 +               }
 +       }
@@ -172,7 +172,7 @@ Index: b/auth.h
 ===================================================================
 --- a/auth.h
 +++ b/auth.h
-@@ -185,7 +185,7 @@
+@@ -191,7 +191,7 @@
  
  FILE   *auth_openkeyfile(const char *, struct passwd *, int);
  FILE   *auth_openprincipals(const char *, struct passwd *, int);
@@ -185,7 +185,7 @@ Index: b/auth2-hostbased.c
 ===================================================================
 --- a/auth2-hostbased.c
 +++ b/auth2-hostbased.c
-@@ -146,7 +146,7 @@
+@@ -150,7 +150,7 @@
         int len;
         char *fp;
  
@@ -198,7 +198,7 @@ Index: b/auth2-pubkey.c
 ===================================================================
 --- a/auth2-pubkey.c
 +++ b/auth2-pubkey.c
-@@ -608,9 +608,10 @@
+@@ -647,9 +647,10 @@
         u_int success, i;
         char *file;
  
@@ -223,7 +223,7 @@ Index: b/authfile.c
  
  #define MAX_KEY_FILE_SIZE      (1024 * 1024)
  
-@@ -944,3 +945,140 @@
+@@ -944,3 +945,139 @@
         return ret;
  }
  
@@ -316,10 +316,9 @@ Index: b/authfile.c
 +       }
 +
 +out:
-+       if (dgst_packed)
-+               xfree(dgst_packed);
++       free(dgst_packed);
 +       if (ret != 1 && dgst_hex) {
-+               xfree(dgst_hex);
++               free(dgst_hex);
 +               dgst_hex = NULL;
 +       }
 +       if (fp)
@@ -347,7 +346,7 @@ Index: b/authfile.c
 +       xasprintf(&blacklist_file, "%s.%s-%u",
 +           _PATH_BLACKLIST, key_type(public), key_size(public));
 +       ret = blacklisted_key_in_file(public, blacklist_file, fp);
-+       xfree(blacklist_file);
++       free(blacklist_file);
 +       if (ret > 0) {
 +               key_free(public);
 +               return ret;
@@ -356,7 +355,7 @@ Index: b/authfile.c
 +       xasprintf(&blacklist_file, "%s.%s-%u",
 +           _PATH_BLACKLIST_CONFIG, key_type(public), key_size(public));
 +       ret2 = blacklisted_key_in_file(public, blacklist_file, fp);
-+       xfree(blacklist_file);
++       free(blacklist_file);
 +       if (ret2 > ret)
 +               ret = ret2;
 +
@@ -404,7 +403,7 @@ Index: b/readconf.c
 ===================================================================
 --- a/readconf.c
 +++ b/readconf.c
-@@ -125,6 +125,7 @@
+@@ -128,6 +128,7 @@
         oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
         oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
         oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
@@ -412,7 +411,7 @@ Index: b/readconf.c
         oHostKeyAlgorithms, oBindAddress, oPKCS11Provider,
         oClearAllForwardings, oNoHostAuthenticationForLocalhost,
         oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
-@@ -158,6 +159,7 @@
+@@ -161,6 +162,7 @@
         { "passwordauthentication", oPasswordAuthentication },
         { "kbdinteractiveauthentication", oKbdInteractiveAuthentication },
         { "kbdinteractivedevices", oKbdInteractiveDevices },
@@ -420,7 +419,7 @@ Index: b/readconf.c
         { "rsaauthentication", oRSAAuthentication },
         { "pubkeyauthentication", oPubkeyAuthentication },
         { "dsaauthentication", oPubkeyAuthentication },             /* alias */
-@@ -510,6 +512,10 @@
+@@ -523,6 +525,10 @@
                 intptr = &options->challenge_response_authentication;
                 goto parse_flag;
  
@@ -431,7 +430,7 @@ Index: b/readconf.c
         case oGssAuthentication:
                 intptr = &options->gss_authentication;
                 goto parse_flag;
-@@ -1200,6 +1206,7 @@
+@@ -1210,6 +1216,7 @@
         options->kbd_interactive_devices = NULL;
         options->rhosts_rsa_authentication = -1;
         options->hostbased_authentication = -1;
@@ -439,7 +438,7 @@ Index: b/readconf.c
         options->batch_mode = -1;
         options->check_host_ip = -1;
         options->strict_host_key_checking = -1;
-@@ -1310,6 +1317,8 @@
+@@ -1320,6 +1327,8 @@
                 options->rhosts_rsa_authentication = 0;
         if (options->hostbased_authentication == -1)
                 options->hostbased_authentication = 0;
@@ -464,7 +463,7 @@ Index: b/servconf.c
 ===================================================================
 --- a/servconf.c
 +++ b/servconf.c
-@@ -109,6 +109,7 @@
+@@ -114,6 +114,7 @@
         options->password_authentication = -1;
         options->kbd_interactive_authentication = -1;
         options->challenge_response_authentication = -1;
@@ -472,7 +471,7 @@ Index: b/servconf.c
         options->permit_empty_passwd = -1;
         options->permit_user_env = -1;
         options->use_login = -1;
-@@ -250,6 +251,8 @@
+@@ -257,6 +258,8 @@
                 options->kbd_interactive_authentication = 0;
         if (options->challenge_response_authentication == -1)
                 options->challenge_response_authentication = 1;
@@ -481,16 +480,16 @@ Index: b/servconf.c
         if (options->permit_empty_passwd == -1)
                 options->permit_empty_passwd = 0;
         if (options->permit_user_env == -1)
-@@ -327,7 +330,7 @@
+@@ -338,7 +341,7 @@
         sListenAddress, sAddressFamily,
         sPrintMotd, sPrintLastLog, sIgnoreRhosts,
         sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
 -       sStrictModes, sEmptyPasswd, sTCPKeepAlive,
 +       sStrictModes, sPermitBlacklistedKeys, sEmptyPasswd, sTCPKeepAlive,
         sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,
-        sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
+        sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
         sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
-@@ -439,6 +442,7 @@
+@@ -451,6 +454,7 @@
         { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
         { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
         { "strictmodes", sStrictModes, SSHCFG_GLOBAL },
@@ -498,7 +497,7 @@ Index: b/servconf.c
         { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },
         { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
         { "uselogin", sUseLogin, SSHCFG_GLOBAL },
-@@ -1134,6 +1138,10 @@
+@@ -1158,6 +1162,10 @@
                 intptr = &options->tcp_keep_alive;
                 goto parse_flag;
  
@@ -509,7 +508,7 @@ Index: b/servconf.c
         case sEmptyPasswd:
                 intptr = &options->permit_empty_passwd;
                 goto parse_flag;
-@@ -1980,6 +1988,7 @@
+@@ -2036,6 +2044,7 @@
         dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost);
         dump_cfg_fmtint(sStrictModes, o->strict_modes);
         dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive);
@@ -521,7 +520,7 @@ Index: b/servconf.h
 ===================================================================
 --- a/servconf.h
 +++ b/servconf.h
-@@ -120,6 +120,7 @@
+@@ -121,6 +121,7 @@
         int     challenge_response_authentication;
         int     zero_knowledge_password_authentication;
                                         /* If true, permit jpake auth */
@@ -572,9 +571,9 @@ Index: b/ssh-add.c
 +       if (blacklisted_key(private, &fp) == 1) {
 +               fprintf(stderr, "Public key %s blacklisted (see "
 +                   "ssh-vulnkey(1)); refusing to add it\n", fp);
-+               xfree(fp);
++               free(fp);
 +               key_free(private);
-+               xfree(comment);
++               free(comment);
 +               return -1;
 +       }
  
@@ -584,7 +583,7 @@ Index: b/ssh-keygen.1
 ===================================================================
 --- a/ssh-keygen.1
 +++ b/ssh-keygen.1
-@@ -810,6 +810,7 @@
+@@ -809,6 +809,7 @@
  .Xr ssh 1 ,
  .Xr ssh-add 1 ,
  .Xr ssh-agent 1 ,
@@ -843,7 +842,7 @@ Index: b/ssh-vulnkey.c
 ===================================================================
 --- /dev/null
 +++ b/ssh-vulnkey.c
-@@ -0,0 +1,387 @@
+@@ -0,0 +1,386 @@
 +/*
 + * Copyright (c) 2008 Canonical Ltd.  All rights reserved.
 + *
@@ -940,7 +939,7 @@ Index: b/ssh-vulnkey.c
 +               printf(":%lu: %s: %s %u %s %s\n", linenum, msg,
 +                   key_type(key), key_size(key), fp, comment);
 +       }
-+       xfree(fp);
++       free(fp);
 +}
 +
 +static int
@@ -1093,8 +1092,7 @@ Index: b/ssh-vulnkey.c
 +                               ret = 0;
 +                       found = 1;
 +               }
-+               if (comment)
-+                       xfree(comment);
++               free(comment);
 +       }
 +
 +       return ret;
@@ -1128,12 +1126,12 @@ Index: b/ssh-vulnkey.c
 +       for (i = 0; default_files[i]; i++) {
 +               xasprintf(&file, "%s/%s", dir, default_files[i]);
 +               if (stat(file, &st) < 0 && errno == ENOENT) {
-+                       xfree(file);
++                       free(file);
 +                       continue;
 +               }
 +               if (!do_filename(file, 0))
 +                       ret = 0;
-+               xfree(file);
++               free(file);
 +       }
 +
 +       return ret;
@@ -1235,7 +1233,7 @@ Index: b/ssh.1
 ===================================================================
 --- a/ssh.1
 +++ b/ssh.1
-@@ -1429,6 +1429,7 @@
+@@ -1447,6 +1447,7 @@
  .Xr ssh-agent 1 ,
  .Xr ssh-keygen 1 ,
  .Xr ssh-keyscan 1 ,
@@ -1247,7 +1245,7 @@ Index: b/ssh.c
 ===================================================================
 --- a/ssh.c
 +++ b/ssh.c
-@@ -1492,7 +1492,7 @@
+@@ -1525,7 +1525,7 @@
  static void
  load_public_identity_files(void)
  {
@@ -1256,7 +1254,7 @@ Index: b/ssh.c
         char *pwdir = NULL, *pwname = NULL;
         int i = 0;
         Key *public;
-@@ -1550,6 +1550,22 @@
+@@ -1583,6 +1583,22 @@
                 public = key_load_public(filename, NULL);
                 debug("identity file %s type %d", filename,
                     public ? public->type : -1);
@@ -1268,22 +1266,22 @@ Index: b/ssh.c
 +                               logit("Public key %s blacklisted (see "
 +                                   "ssh-vulnkey(1)); refusing to send it",
 +                                   fp);
-+                       xfree(fp);
++                       free(fp);
 +                       if (!options.use_blacklisted_keys) {
 +                               key_free(public);
-+                               xfree(filename);
++                               free(filename);
 +                               filename = NULL;
 +                               public = NULL;
 +                       }
 +               }
-                xfree(options.identity_files[i]);
+                free(options.identity_files[i]);
                 identity_files[n_ids] = filename;
                 identity_keys[n_ids] = public;
 Index: b/ssh_config.5
 ===================================================================
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -1201,6 +1201,23 @@
+@@ -1229,6 +1229,23 @@
  .Dq any .
  The default is
  .Dq any:any .
@@ -1320,7 +1318,7 @@ Index: b/sshconnect2.c
                 key = options.identity_keys[i];
                 if (key && key->type == KEY_RSA1)
                         continue;
-@@ -1609,7 +1611,7 @@
+@@ -1608,7 +1610,7 @@
                         debug("Offering %s public key: %s", key_type(id->key),
                             id->filename);
                         sent = send_pubkey_test(authctxt, id);
@@ -1333,7 +1331,7 @@ Index: b/sshd.8
 ===================================================================
 --- a/sshd.8
 +++ b/sshd.8
-@@ -953,6 +953,7 @@
+@@ -954,6 +954,7 @@
  .Xr ssh-agent 1 ,
  .Xr ssh-keygen 1 ,
  .Xr ssh-keyscan 1 ,
@@ -1345,23 +1343,23 @@ Index: b/sshd.c
 ===================================================================
 --- a/sshd.c
 +++ b/sshd.c
-@@ -1631,6 +1631,11 @@
-                        sensitive_data.host_keys[i] = NULL;
+@@ -1688,6 +1688,11 @@
+                        sensitive_data.host_pubkeys[i] = NULL;
                         continue;
                 }
-+               if (auth_key_is_revoked(key, 1)) {
-+                       key_free(key);
++               if (auth_key_is_revoked(key != NULL ? key : pubkey, 1)) {
 +                       sensitive_data.host_keys[i] = NULL;
++                       sensitive_data.host_pubkeys[i] = NULL;
 +                       continue;
 +               }
-                switch (key->type) {
+ 
+                switch (keytype) {
                 case KEY_RSA1:
-                        sensitive_data.ssh1_host_key = key;
 Index: b/sshd_config.5
 ===================================================================
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -870,6 +870,20 @@
+@@ -885,6 +885,20 @@
  Specifies whether password authentication is allowed.
  The default is
  .Dq yes .
diff --git a/debian/patches/ssh1-keepalive.patch b/debian/patches/ssh1-keepalive.patch
index 87211e8a3..de61e1dd9 100644
--- a/debian/patches/ssh1-keepalive.patch
+++ b/debian/patches/ssh1-keepalive.patch
@@ -1,13 +1,13 @@
 Description: Partial server keep-alive implementation for SSH1
 Author: Colin Watson <cjwatson@debian.org>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1712
-Last-Update: 2013-05-07
+Last-Update: 2013-09-14
 
 Index: b/clientloop.c
 ===================================================================
 --- a/clientloop.c
 +++ b/clientloop.c
-@@ -565,16 +565,21 @@
+@@ -563,16 +563,21 @@
  static void
  server_alive_check(void)
  {
@@ -38,20 +38,20 @@ Index: b/clientloop.c
  }
  
  /*
-@@ -636,7 +641,7 @@
+@@ -634,7 +639,7 @@
          */
  
         timeout_secs = INT_MAX; /* we use INT_MAX to mean no timeout */
--       if (options.server_alive_interval > 0 && compat20)
-+       if (options.server_alive_interval > 0)
+-       if (options.server_alive_interval > 0 && compat20) {
++       if (options.server_alive_interval > 0) {
                 timeout_secs = options.server_alive_interval;
-        set_control_persist_exit_time();
-        if (control_persist_exit_time > 0) {
+                server_alive_time = now + options.server_alive_interval;
+        }
 Index: b/ssh_config.5
 ===================================================================
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -1102,7 +1102,10 @@
+@@ -1130,7 +1130,10 @@
  .Cm ServerAliveCountMax
  is left at the default, if the server becomes unresponsive,
  ssh will disconnect after approximately 45 seconds.
diff --git a/debian/patches/syslog-level-silent.patch b/debian/patches/syslog-level-silent.patch
index 2bac7c8cb..f8be76c89 100644
--- a/debian/patches/syslog-level-silent.patch
+++ b/debian/patches/syslog-level-silent.patch
@@ -8,13 +8,13 @@ Description: "LogLevel SILENT" compatibility
 Author: Jonathan David Amery <jdamery@ysolde.ucam.org>
 Author: Matthew Vernon <matthew@debian.org>
 Author: Colin Watson <cjwatson@debian.org>
-Last-Update: 2013-05-16
+Last-Update: 2013-09-14
 
 Index: b/log.c
 ===================================================================
 --- a/log.c
 +++ b/log.c
-@@ -92,6 +92,7 @@
+@@ -94,6 +94,7 @@
         LogLevel val;
  } log_levels[] =
  {
@@ -26,7 +26,7 @@ Index: b/ssh.c
 ===================================================================
 --- a/ssh.c
 +++ b/ssh.c
-@@ -711,7 +711,7 @@
+@@ -740,7 +740,7 @@
         /* Do not allocate a tty if stdin is not a tty. */
         if ((!isatty(fileno(stdin)) || stdin_null_flag) &&
             options.request_tty != REQUEST_TTY_FORCE) {
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch
index d0de9c006..ac00edac6 100644
--- a/debian/patches/user-group-modes.patch
+++ b/debian/patches/user-group-modes.patch
@@ -9,7 +9,7 @@ Description: Allow harmless group-writability
 Author: Colin Watson <cjwatson@debian.org>
 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1060
 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314347
-Last-Update: 2013-05-16
+Last-Update: 2013-09-14
 
 Index: b/readconf.c
 ===================================================================
@@ -21,10 +21,10 @@ Index: b/readconf.c
  #include <unistd.h>
 +#include <pwd.h>
 +#include <grp.h>
- 
- #include "xmalloc.h"
- #include "ssh.h"
-@@ -1150,8 +1152,7 @@
+ #ifdef HAVE_UTIL_H
+ #include <util.h>
+ #endif
+@@ -1160,8 +1162,7 @@
  
                 if (fstat(fileno(f), &sb) == -1)
                         fatal("fstat %s: %s", filename, strerror(errno));
@@ -38,10 +38,10 @@ Index: b/ssh.1
 ===================================================================
 --- a/ssh.1
 +++ b/ssh.1
-@@ -1320,6 +1320,8 @@
+@@ -1338,6 +1338,8 @@
  .Xr ssh_config 5 .
  Because of the potential for abuse, this file must have strict permissions:
- read/write for the user, and not accessible by others.
+ read/write for the user, and not writable by others.
 +It may be group-writable provided that the group in question contains only
 +the user.
  .Pp
@@ -51,7 +51,7 @@ Index: b/ssh_config.5
 ===================================================================
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -1356,6 +1356,8 @@
+@@ -1382,6 +1382,8 @@
  This file is used by the SSH client.
  Because of the potential for abuse, this file must have strict permissions:
  read/write for the user, and not accessible by others.
@@ -64,7 +64,7 @@ Index: b/auth.c
 ===================================================================
 --- a/auth.c
 +++ b/auth.c
-@@ -386,8 +386,7 @@
+@@ -408,8 +408,7 @@
                 user_hostfile = tilde_expand_filename(userfile, pw->pw_uid);
                 if (options.strict_modes &&
                     (stat(user_hostfile, &st) == 0) &&
@@ -74,7 +74,7 @@ Index: b/auth.c
                         logit("Authentication refused for %.100s: "
                             "bad owner or modes for %.200s",
                             pw->pw_name, user_hostfile);
-@@ -449,8 +448,7 @@
+@@ -471,8 +470,7 @@
                 snprintf(err, errlen, "%s is not a regular file", buf);
                 return -1;
         }
@@ -84,7 +84,7 @@ Index: b/auth.c
                 snprintf(err, errlen, "bad ownership or modes for file %s",
                     buf);
                 return -1;
-@@ -465,8 +463,7 @@
+@@ -487,8 +485,7 @@
                 strlcpy(buf, cp, sizeof(buf));
  
                 if (stat(buf, &st) < 0 ||
@@ -117,7 +117,7 @@ Index: b/misc.c
  
  /* remove newline at end of string */
  char *
-@@ -641,6 +643,71 @@
+@@ -642,6 +644,71 @@
         return -1;
  }
  
@@ -193,7 +193,7 @@ Index: b/misc.h
 ===================================================================
 --- a/misc.h
 +++ b/misc.h
-@@ -103,4 +103,6 @@
+@@ -104,4 +104,6 @@
  int     ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
  int     read_keyfile_line(FILE *, const char *, char *, size_t, u_long *);
  
diff --git a/defines.h b/defines.h
index 64515c2ff..d5ce52f32 100644
--- a/defines.h
+++ b/defines.h
@@ -25,7 +25,7 @@
 #ifndef _DEFINES_H
 #define _DEFINES_H
 
-/* $Id: defines.h,v 1.171 2013/03/07 09:06:13 dtucker Exp $ */
+/* $Id: defines.h,v 1.172 2013/06/01 21:18:48 dtucker Exp $ */
 
 
 /* Constants */
@@ -171,11 +171,6 @@ enum
 # define MAP_FAILED ((void *)-1)
 #endif
 
-/* *-*-nto-qnx doesn't define this constant in the system headers */
-#ifdef MISSING_NFDBITS
-# define        NFDBITS (8 * sizeof(unsigned long))
-#endif
-
 /*
 SCO Open Server 3 has INADDR_LOOPBACK defined in rpc/rpc.h but
 including rpc/rpc.h breaks Solaris 6
@@ -355,11 +350,19 @@ struct winsize {
 };
 #endif
 
-/* *-*-nto-qnx does not define this type in the system headers */
-#ifdef MISSING_FD_MASK
+/* bits needed for select that may not be in the system headers */
+#ifndef HAVE_FD_MASK
  typedef unsigned long int      fd_mask;
 #endif
 
+#if defined(HAVE_DECL_NFDBITS) && HAVE_DECL_NFDBITS == 0
+# define        NFDBITS (8 * sizeof(unsigned long))
+#endif
+
+#if defined(HAVE_DECL_HOWMANY) && HAVE_DECL_HOWMANY == 0
+# define howmany(x,y)   (((x)+((y)-1))/(y))
+#endif
+
 /* Paths */
 
 #ifndef _PATH_BSHELL
@@ -484,11 +487,6 @@ struct winsize {
 # define __nonnull__(x)
 #endif
 
-/* *-*-nto-qnx doesn't define this macro in the system headers */
-#ifdef MISSING_HOWMANY
-# define howmany(x,y)   (((x)+((y)-1))/(y))
-#endif
-
 #ifndef OSSH_ALIGNBYTES
 #define OSSH_ALIGNBYTES (sizeof(int) - 1)
 #endif
diff --git a/dh.c b/dh.c
index d943ca1e1..449dd3858 100644
--- a/dh.c
+++ b/dh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh.c,v 1.49 2011/12/07 05:44:38 djm Exp $ */
+/* $OpenBSD: dh.c,v 1.51 2013/07/02 12:31:43 markus Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  *
@@ -48,6 +48,7 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg)
         const char *errstr = NULL;
         long long n;
 
+        dhg->p = dhg->g = NULL;
         cp = line;
         if ((arg = strdelim(&cp)) == NULL)
                 return 0;
@@ -59,66 +60,85 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg)
 
         /* time */
         if (cp == NULL || *arg == '\0')
-                goto fail;
+                goto truncated;
         arg = strsep(&cp, " "); /* type */
         if (cp == NULL || *arg == '\0')
-                goto fail;
+                goto truncated;
         /* Ensure this is a safe prime */
         n = strtonum(arg, 0, 5, &errstr);
-        if (errstr != NULL || n != MODULI_TYPE_SAFE)
+        if (errstr != NULL || n != MODULI_TYPE_SAFE) {
+                error("moduli:%d: type is not %d", linenum, MODULI_TYPE_SAFE);
                 goto fail;
+        }
         arg = strsep(&cp, " "); /* tests */
         if (cp == NULL || *arg == '\0')
-                goto fail;
+                goto truncated;
         /* Ensure prime has been tested and is not composite */
         n = strtonum(arg, 0, 0x1f, &errstr);
         if (errstr != NULL ||
-            (n & MODULI_TESTS_COMPOSITE) || !(n & ~MODULI_TESTS_COMPOSITE))
+            (n & MODULI_TESTS_COMPOSITE) || !(n & ~MODULI_TESTS_COMPOSITE)) {
+                error("moduli:%d: invalid moduli tests flag", linenum);
                 goto fail;
+        }
         arg = strsep(&cp, " "); /* tries */
         if (cp == NULL || *arg == '\0')
-                goto fail;
+                goto truncated;
         n = strtonum(arg, 0, 1<<30, &errstr);
-        if (errstr != NULL || n == 0)
+        if (errstr != NULL || n == 0) {
+                error("moduli:%d: invalid primality trial count", linenum);
                 goto fail;
+        }
         strsize = strsep(&cp, " "); /* size */
         if (cp == NULL || *strsize == '\0' ||
             (dhg->size = (int)strtonum(strsize, 0, 64*1024, &errstr)) == 0 ||
-            errstr)
+            errstr) {
+                error("moduli:%d: invalid prime length", linenum);
                 goto fail;
+        }
         /* The whole group is one bit larger */
         dhg->size++;
         gen = strsep(&cp, " "); /* gen */
         if (cp == NULL || *gen == '\0')
-                goto fail;
+                goto truncated;
         prime = strsep(&cp, " "); /* prime */
-        if (cp != NULL || *prime == '\0')
+        if (cp != NULL || *prime == '\0') {
+ truncated:
+                error("moduli:%d: truncated", linenum);
                 goto fail;
+        }
 
         if ((dhg->g = BN_new()) == NULL)
                 fatal("parse_prime: BN_new failed");
         if ((dhg->p = BN_new()) == NULL)
                 fatal("parse_prime: BN_new failed");
-        if (BN_hex2bn(&dhg->g, gen) == 0)
-                goto failclean;
-
-        if (BN_hex2bn(&dhg->p, prime) == 0)
-                goto failclean;
-
-        if (BN_num_bits(dhg->p) != dhg->size)
-                goto failclean;
-
-        if (BN_is_zero(dhg->g) || BN_is_one(dhg->g))
-                goto failclean;
+        if (BN_hex2bn(&dhg->g, gen) == 0) {
+                error("moduli:%d: could not parse generator value", linenum);
+                goto fail;
+        }
+        if (BN_hex2bn(&dhg->p, prime) == 0) {
+                error("moduli:%d: could not parse prime value", linenum);
+                goto fail;
+        }
+        if (BN_num_bits(dhg->p) != dhg->size) {
+                error("moduli:%d: prime has wrong size: actual %d listed %d",
+                    linenum, BN_num_bits(dhg->p), dhg->size - 1);
+                goto fail;
+        }
+        if (BN_cmp(dhg->g, BN_value_one()) <= 0) {
+                error("moduli:%d: generator is invalid", linenum);
+                goto fail;
+        }
 
-        return (1);
+        return 1;
 
- failclean:
-        BN_clear_free(dhg->g);
-        BN_clear_free(dhg->p);
  fail:
+        if (dhg->g != NULL)
+                BN_clear_free(dhg->g);
+        if (dhg->p != NULL)
+                BN_clear_free(dhg->p);
+        dhg->g = dhg->p = NULL;
         error("Bad prime description in line %d", linenum);
-        return (0);
+        return 0;
 }
 
 DH *
diff --git a/dns.c b/dns.c
index bbe7f5023..478c3d9c5 100644
--- a/dns.c
+++ b/dns.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dns.c,v 1.28 2012/05/23 03:28:28 djm Exp $ */
+/* $OpenBSD: dns.c,v 1.29 2013/05/17 00:13:13 djm Exp $ */
 
 /*
  * Copyright (c) 2003 Wesley Griffin. All rights reserved.
@@ -273,7 +273,7 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
 
                 if (hostkey_digest_type != dnskey_digest_type) {
                         hostkey_digest_type = dnskey_digest_type;
-                        xfree(hostkey_digest);
+                        free(hostkey_digest);
 
                         /* Initialize host key parameters */
                         if (!dns_read_key(&hostkey_algorithm,
@@ -293,10 +293,10 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
                             hostkey_digest_len) == 0)
                                 *flags |= DNS_VERIFY_MATCH;
                 }
-                xfree(dnskey_digest);
+                free(dnskey_digest);
         }
 
-        xfree(hostkey_digest); /* from key_fingerprint_raw() */
+        free(hostkey_digest); /* from key_fingerprint_raw() */
         freerrset(fingerprints);
 
         if (*flags & DNS_VERIFY_FOUND)
@@ -339,7 +339,7 @@ export_dns_rr(const char *hostname, Key *key, FILE *f, int generic)
                         for (i = 0; i < rdata_digest_len; i++)
                                 fprintf(f, "%02x", rdata_digest[i]);
                         fprintf(f, "\n");
-                        xfree(rdata_digest); /* from key_fingerprint_raw() */
+                        free(rdata_digest); /* from key_fingerprint_raw() */
                         success = 1;
                 }
         }
diff --git a/fixalgorithms b/fixalgorithms
new file mode 100755
index 000000000..115dce81c
--- /dev/null
+++ b/fixalgorithms
@@ -0,0 +1,26 @@
+#!/bin/sh
+#
+# fixciphers - remove unsupported ciphers from man pages.
+# Usage: fixpaths /path/to/sed cipher1 [cipher2] <infile >outfile 
+#
+# Author: Darren Tucker (dtucker at zip com.au).  Placed in the public domain.
+
+die() {
+        echo $*
+        exit -1
+}
+
+SED=$1
+shift
+
+for c in $*; do
+        subs="$subs -e /.Dq.$c.*$/d"
+        subs="$subs -e s/$c,//g"
+done
+
+# now remove any entirely empty lines
+subs="$subs -e /^$/d"
+
+${SED} $subs
+
+exit 0
diff --git a/groupaccess.c b/groupaccess.c
index 2381aeb15..1eab10b19 100644
--- a/groupaccess.c
+++ b/groupaccess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: groupaccess.c,v 1.13 2008/07/04 03:44:59 djm Exp $ */
+/* $OpenBSD: groupaccess.c,v 1.14 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Copyright (c) 2001 Kevin Steves.  All rights reserved.
  *
@@ -31,6 +31,7 @@
 #include <grp.h>
 #include <unistd.h>
 #include <stdarg.h>
+#include <stdlib.h>
 #include <string.h>
 
 #include "xmalloc.h"
@@ -68,7 +69,7 @@ ga_init(const char *user, gid_t base)
         for (i = 0, j = 0; i < ngroups; i++)
                 if ((gr = getgrgid(groups_bygid[i])) != NULL)
                         groups_byname[j++] = xstrdup(gr->gr_name);
-        xfree(groups_bygid);
+        free(groups_bygid);
         return (ngroups = j);
 }
 
@@ -122,8 +123,8 @@ ga_free(void)
 
         if (ngroups > 0) {
                 for (i = 0; i < ngroups; i++)
-                        xfree(groups_byname[i]);
+                        free(groups_byname[i]);
                 ngroups = 0;
-                xfree(groups_byname);
+                free(groups_byname);
         }
 }
diff --git a/gss-genr.c b/gss-genr.c
index f9b39cfd5..3069347c2 100644
--- a/gss-genr.c
+++ b/gss-genr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gss-genr.c,v 1.20 2009/06/22 05:39:28 dtucker Exp $ */
+/* $OpenBSD: gss-genr.c,v 1.21 2013/05/17 00:13:13 djm Exp $ */
 
 /*
  * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
@@ -101,8 +101,8 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
 
         if (gss_enc2oid != NULL) {
                 for (i = 0; gss_enc2oid[i].encoded != NULL; i++)
-                        xfree(gss_enc2oid[i].encoded);
-                xfree(gss_enc2oid);
+                        free(gss_enc2oid[i].encoded);
+                free(gss_enc2oid);
         }
 
         gss_enc2oid = xmalloc(sizeof(ssh_gss_kex_mapping) *
@@ -159,7 +159,7 @@ ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check,
         buffer_free(&buf);
 
         if (strlen(mechs) == 0) {
-                xfree(mechs);
+                free(mechs);
                 mechs = NULL;
         }
         
@@ -214,8 +214,8 @@ void
 ssh_gssapi_set_oid_data(Gssctxt *ctx, void *data, size_t len)
 {
         if (ctx->oid != GSS_C_NO_OID) {
-                xfree(ctx->oid->elements);
-                xfree(ctx->oid);
+                free(ctx->oid->elements);
+                free(ctx->oid);
         }
         ctx->oid = xmalloc(sizeof(gss_OID_desc));
         ctx->oid->length = len;
@@ -238,7 +238,7 @@ ssh_gssapi_error(Gssctxt *ctxt)
 
         s = ssh_gssapi_last_error(ctxt, NULL, NULL);
         debug("%s", s);
-        xfree(s);
+        free(s);
 }
 
 char *
@@ -319,8 +319,8 @@ ssh_gssapi_delete_ctx(Gssctxt **ctx)
         if ((*ctx)->name != GSS_C_NO_NAME)
                 gss_release_name(&ms, &(*ctx)->name);
         if ((*ctx)->oid != GSS_C_NO_OID) {
-                xfree((*ctx)->oid->elements);
-                xfree((*ctx)->oid);
+                free((*ctx)->oid->elements);
+                free((*ctx)->oid);
                 (*ctx)->oid = GSS_C_NO_OID;
         }
         if ((*ctx)->creds != GSS_C_NO_CREDENTIAL)
@@ -330,7 +330,7 @@ ssh_gssapi_delete_ctx(Gssctxt **ctx)
         if ((*ctx)->client_creds != GSS_C_NO_CREDENTIAL)
                 gss_release_cred(&ms, &(*ctx)->client_creds);
 
-        xfree(*ctx);
+        free(*ctx);
         *ctx = NULL;
 }
 
@@ -377,7 +377,7 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host)
             &gssbuf, GSS_C_NT_HOSTBASED_SERVICE, &ctx->name)))
                 ssh_gssapi_error(ctx);
 
-        xfree(gssbuf.value);
+        free(gssbuf.value);
         return (ctx->major);
 }
 
diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c
index e7170ee41..c55446a0b 100644
--- a/gss-serv-krb5.c
+++ b/gss-serv-krb5.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gss-serv-krb5.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: gss-serv-krb5.c,v 1.8 2013/07/20 01:55:13 djm Exp $ */
 
 /*
  * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
@@ -48,12 +48,11 @@ extern ServerOptions options;
 
 #ifdef HEIMDAL
 # include <krb5.h>
-#else
-# ifdef HAVE_GSSAPI_KRB5_H
-#  include <gssapi_krb5.h>
-# elif HAVE_GSSAPI_GSSAPI_KRB5_H
-#  include <gssapi/gssapi_krb5.h>
-# endif
+#endif
+#ifdef HAVE_GSSAPI_KRB5_H
+# include <gssapi_krb5.h>
+#elif HAVE_GSSAPI_GSSAPI_KRB5_H
+# include <gssapi/gssapi_krb5.h>
 #endif
 
 static krb5_context krb_context = NULL;
@@ -87,14 +86,16 @@ ssh_gssapi_krb5_userok(ssh_gssapi_client *client, char *name)
 {
         krb5_principal princ;
         int retval;
+        const char *errmsg;
 
         if (ssh_gssapi_krb5_init() == 0)
                 return 0;
 
         if ((retval = krb5_parse_name(krb_context, client->exportedname.value,
             &princ))) {
-                logit("krb5_parse_name(): %.100s",
-                    krb5_get_err_text(krb_context, retval));
+                errmsg = krb5_get_error_message(krb_context, retval);
+                logit("krb5_parse_name(): %.100s", errmsg);
+                krb5_free_error_message(krb_context, errmsg);
                 return 0;
         }
         if (krb5_kuserok(krb_context, princ, name)) {
@@ -120,6 +121,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
         krb5_principal princ;
         OM_uint32 maj_status, min_status;
         int len;
+        const char *errmsg;
         const char *new_ccname;
 
         if (client->creds == NULL) {
@@ -131,30 +133,34 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client)
                 return;
 
 #ifdef HEIMDAL
-        if ((problem = krb5_cc_gen_new(krb_context, &krb5_fcc_ops, &ccache))) {
-                logit("krb5_cc_gen_new(): %.100s",
-                    krb5_get_err_text(krb_context, problem));
+        if ((problem = krb5_cc_new_unique(krb_context, krb5_fcc_ops.prefix,
+            NULL, &ccache)) != 0) {
+                errmsg = krb5_get_error_message(krb_context, problem);
+                logit("krb5_cc_new_unique(): %.100s", errmsg);
+                krb5_free_error_message(krb_context, errmsg);
                 return;
         }
 #else
         if ((problem = ssh_krb5_cc_gen(krb_context, &ccache))) {
-                logit("ssh_krb5_cc_gen(): %.100s",
-                    krb5_get_err_text(krb_context, problem));
+                errmsg = krb5_get_error_message(krb_context, problem);
+                logit("ssh_krb5_cc_gen(): %.100s", errmsg);
+                krb5_free_error_message(krb_context, errmsg);
                 return;
         }
 #endif  /* #ifdef HEIMDAL */
 
         if ((problem = krb5_parse_name(krb_context,
             client->exportedname.value, &princ))) {
-                logit("krb5_parse_name(): %.100s",
-                    krb5_get_err_text(krb_context, problem));
-                krb5_cc_destroy(krb_context, ccache);
+                errmsg = krb5_get_error_message(krb_context, problem);
+                logit("krb5_parse_name(): %.100s", errmsg);
+                krb5_free_error_message(krb_context, errmsg);
                 return;
         }
 
         if ((problem = krb5_cc_initialize(krb_context, ccache, princ))) {
-                logit("krb5_cc_initialize(): %.100s",
-                    krb5_get_err_text(krb_context, problem));
+                errmsg = krb5_get_error_message(krb_context, problem);
+                logit("krb5_cc_initialize(): %.100s", errmsg);
+                krb5_free_error_message(krb_context, errmsg);
                 krb5_free_principal(krb_context, princ);
                 krb5_cc_destroy(krb_context, ccache);
                 return;
diff --git a/gss-serv.c b/gss-serv.c
index 380895ea5..97f366fdf 100644
--- a/gss-serv.c
+++ b/gss-serv.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gss-serv.c,v 1.23 2011/08/01 19:18:15 markus Exp $ */
+/* $OpenBSD: gss-serv.c,v 1.24 2013/07/20 01:55:13 djm Exp $ */
 
 /*
  * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved.
@@ -55,7 +55,8 @@ extern ServerOptions options;
 
 static ssh_gssapi_client gssapi_client =
     { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER,
-    GSS_C_NO_CREDENTIAL, GSS_C_NO_NAME,  NULL, {NULL, NULL, NULL}, 0, 0};
+    GSS_C_NO_CREDENTIAL, GSS_C_NO_NAME,  NULL,
+    {NULL, NULL, NULL, NULL, NULL}, 0, 0};
 
 ssh_gssapi_mech gssapi_null_mech =
     { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL, NULL};
diff --git a/hostfile.c b/hostfile.c
index b6f924b23..2ff4c48b4 100644
--- a/hostfile.c
+++ b/hostfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: hostfile.c,v 1.50 2010/12/04 13:31:37 djm Exp $ */
+/* $OpenBSD: hostfile.c,v 1.52 2013/07/12 00:19:58 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -64,7 +64,7 @@ struct hostkeys {
 };
 
 static int
-extract_salt(const char *s, u_int l, char *salt, size_t salt_len)
+extract_salt(const char *s, u_int l, u_char *salt, size_t salt_len)
 {
         char *p, *b64salt;
         u_int b64len;
@@ -96,7 +96,7 @@ extract_salt(const char *s, u_int l, char *salt, size_t salt_len)
         b64salt[b64len] = '\0';
 
         ret = __b64_pton(b64salt, salt, salt_len);
-        xfree(b64salt);
+        free(b64salt);
         if (ret == -1) {
                 debug2("extract_salt: salt decode error");
                 return (-1);
@@ -115,7 +115,8 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
 {
         const EVP_MD *md = EVP_sha1();
         HMAC_CTX mac_ctx;
-        char salt[256], result[256], uu_salt[512], uu_result[512];
+        u_char salt[256], result[256];
+        char uu_salt[512], uu_result[512];
         static char encoded[1024];
         u_int i, len;
 
@@ -133,7 +134,7 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
         }
 
         HMAC_Init(&mac_ctx, salt, len, md);
-        HMAC_Update(&mac_ctx, host, strlen(host));
+        HMAC_Update(&mac_ctx, (u_char *)host, strlen(host));
         HMAC_Final(&mac_ctx, result, NULL);
         HMAC_cleanup(&mac_ctx);
 
@@ -153,7 +154,7 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
  */
 
 int
-hostfile_read_key(char **cpp, u_int *bitsp, Key *ret)
+hostfile_read_key(char **cpp, int *bitsp, Key *ret)
 {
         char *cp;
 
@@ -170,8 +171,10 @@ hostfile_read_key(char **cpp, u_int *bitsp, Key *ret)
 
         /* Return results. */
         *cpp = cp;
-        if (bitsp != NULL)
-                *bitsp = key_size(ret);
+        if (bitsp != NULL) {
+                if ((*bitsp = key_size(ret)) <= 0)
+                        return 0;
+        }
         return 1;
 }
 
@@ -327,16 +330,14 @@ free_hostkeys(struct hostkeys *hostkeys)
         u_int i;
 
         for (i = 0; i < hostkeys->num_entries; i++) {
-                xfree(hostkeys->entries[i].host);
-                xfree(hostkeys->entries[i].file);
+                free(hostkeys->entries[i].host);
+                free(hostkeys->entries[i].file);
                 key_free(hostkeys->entries[i].key);
                 bzero(hostkeys->entries + i, sizeof(*hostkeys->entries));
         }
-        if (hostkeys->entries != NULL)
-                xfree(hostkeys->entries);
-        hostkeys->entries = NULL;
-        hostkeys->num_entries = 0;
-        xfree(hostkeys);
+        free(hostkeys->entries);
+        bzero(hostkeys, sizeof(*hostkeys));
+        free(hostkeys);
 }
 
 static int
diff --git a/hostfile.h b/hostfile.h
index d84d422ff..679c034f3 100644
--- a/hostfile.h
+++ b/hostfile.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: hostfile.h,v 1.19 2010/11/29 23:45:51 djm Exp $ */
+/* $OpenBSD: hostfile.h,v 1.20 2013/07/12 00:19:58 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -40,7 +40,7 @@ HostStatus check_key_in_hostkeys(struct hostkeys *, Key *,
 int      lookup_key_in_hostkeys_by_type(struct hostkeys *, int,
     const struct hostkey_entry **);
 
-int      hostfile_read_key(char **, u_int *, Key *);
+int      hostfile_read_key(char **, int *, Key *);
 int      add_host_to_hostfile(const char *, const char *, const Key *, int);
 
 #define HASH_MAGIC      "|1|"
diff --git a/includes.h b/includes.h
index 3e206c899..07bcd89f2 100644
--- a/includes.h
+++ b/includes.h
@@ -18,7 +18,9 @@
 
 #include "config.h"
 
+#ifndef _GNU_SOURCE
 #define _GNU_SOURCE /* activate extra prototypes for glibc */
+#endif
 
 #include <sys/types.h>
 #include <sys/socket.h> /* For CMSG_* */
diff --git a/jpake.c b/jpake.c
index b010dafaa..3dd87916a 100644
--- a/jpake.c
+++ b/jpake.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: jpake.c,v 1.7 2012/06/18 11:43:53 dtucker Exp $ */
+/* $OpenBSD: jpake.c,v 1.8 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
  *
@@ -106,7 +106,7 @@ jpake_free(struct jpake_ctx *pctx)
         do {                                    \
                 if ((v) != NULL) {              \
                         bzero((v), (l));        \
-                        xfree(v);               \
+                        free(v);                \
                         (v) = NULL;             \
                         (l) = 0;                \
                 }                               \
@@ -134,7 +134,7 @@ jpake_free(struct jpake_ctx *pctx)
 #undef JPAKE_BUF_CLEAR_FREE
 
         bzero(pctx, sizeof(*pctx));
-        xfree(pctx);
+        free(pctx);
 }
 
 /* dump entire jpake_ctx. NB. includes private values! */
@@ -445,7 +445,7 @@ jpake_check_confirm(const BIGNUM *k,
             expected_confirm_hash_len) == 0)
                 success = 1;
         bzero(expected_confirm_hash, expected_confirm_hash_len);
-        xfree(expected_confirm_hash);
+        free(expected_confirm_hash);
         debug3("%s: success = %d", __func__, success);
         return success;
 }
diff --git a/kex.c b/kex.c
index f9e7a9c09..1ec278245 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.88 2013/01/08 18:49:04 markus Exp $ */
+/* $OpenBSD: kex.c,v 1.91 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -66,6 +66,69 @@ extern const EVP_MD *evp_ssh_sha256(void);
 static void kex_kexinit_finish(Kex *);
 static void kex_choose_conf(Kex *);
 
+struct kexalg {
+        char *name;
+        int type;
+        int ec_nid;
+        const EVP_MD *(*mdfunc)(void);
+};
+static const struct kexalg kexalgs[] = {
+        { KEX_DH1, KEX_DH_GRP1_SHA1, 0, EVP_sha1 },
+        { KEX_DH14, KEX_DH_GRP14_SHA1, 0, EVP_sha1 },
+        { KEX_DHGEX_SHA1, KEX_DH_GEX_SHA1, 0, EVP_sha1 },
+#ifdef HAVE_EVP_SHA256
+        { KEX_DHGEX_SHA256, KEX_DH_GEX_SHA256, 0, EVP_sha256 },
+#endif
+#ifdef OPENSSL_HAS_ECC
+        { KEX_ECDH_SHA2_NISTP256, KEX_ECDH_SHA2, NID_X9_62_prime256v1, EVP_sha256 },
+        { KEX_ECDH_SHA2_NISTP384, KEX_ECDH_SHA2, NID_secp384r1, EVP_sha384 },
+        { KEX_ECDH_SHA2_NISTP521, KEX_ECDH_SHA2, NID_secp521r1, EVP_sha512 },
+#endif
+        { NULL, -1, -1, NULL},
+};
+static const struct kexalg kexalg_prefixes[] = {
+#ifdef GSSAPI
+        { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, EVP_sha1 },
+        { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, EVP_sha1 },
+        { KEX_GSS_GRP14_SHA1_ID, KEX_GSS_GRP14_SHA1, 0, EVP_sha1 },
+#endif
+        { NULL, -1, -1, NULL },
+};
+
+char *
+kex_alg_list(void)
+{
+        char *ret = NULL;
+        size_t nlen, rlen = 0;
+        const struct kexalg *k;
+
+        for (k = kexalgs; k->name != NULL; k++) {
+                if (ret != NULL)
+                        ret[rlen++] = '\n';
+                nlen = strlen(k->name);
+                ret = xrealloc(ret, 1, rlen + nlen + 2);
+                memcpy(ret + rlen, k->name, nlen + 1);
+                rlen += nlen;
+        }
+        return ret;
+}
+
+static const struct kexalg *
+kex_alg_by_name(const char *name)
+{
+        const struct kexalg *k;
+
+        for (k = kexalgs; k->name != NULL; k++) {
+                if (strcmp(k->name, name) == 0)
+                        return k;
+        }
+        for (k = kexalg_prefixes; k->name != NULL; k++) {
+                if (strncmp(k->name, name, strlen(k->name)) == 0)
+                        return k;
+        }
+        return NULL;
+}
+
 /* Validate KEX method name list */
 int
 kex_names_valid(const char *names)
@@ -77,20 +140,14 @@ kex_names_valid(const char *names)
         s = cp = xstrdup(names);
         for ((p = strsep(&cp, ",")); p && *p != '\0';
             (p = strsep(&cp, ","))) {
-                if (strcmp(p, KEX_DHGEX_SHA256) != 0 &&
-                    strcmp(p, KEX_DHGEX_SHA1) != 0 &&
-                    strcmp(p, KEX_DH14) != 0 &&
-                    strcmp(p, KEX_DH1) != 0 &&
-                    (strncmp(p, KEX_ECDH_SHA2_STEM,
-                    sizeof(KEX_ECDH_SHA2_STEM) - 1) != 0 ||
-                    kex_ecdh_name_to_nid(p) == -1)) {
+                if (kex_alg_by_name(p) == NULL) {
                         error("Unsupported KEX algorithm \"%.100s\"", p);
-                        xfree(s);
+                        free(s);
                         return 0;
                 }
         }
         debug3("kex names ok: [%s]", names);
-        xfree(s);
+        free(s);
         return 1;
 }
 
@@ -150,8 +207,8 @@ kex_prop_free(char **proposal)
         u_int i;
 
         for (i = 0; i < PROPOSAL_MAX; i++)
-                xfree(proposal[i]);
-        xfree(proposal);
+                free(proposal[i]);
+        free(proposal);
 }
 
 /* ARGSUSED */
@@ -188,7 +245,7 @@ kex_finish(Kex *kex)
         buffer_clear(&kex->peer);
         /* buffer_clear(&kex->my); */
         kex->flags &= ~KEX_INIT_SENT;
-        xfree(kex->name);
+        free(kex->name);
         kex->name = NULL;
 }
 
@@ -245,7 +302,7 @@ kex_input_kexinit(int type, u_int32_t seq, void *ctxt)
         for (i = 0; i < KEX_COOKIE_LEN; i++)
                 packet_get_char();
         for (i = 0; i < PROPOSAL_MAX; i++)
-                xfree(packet_get_string(NULL));
+                free(packet_get_string(NULL));
         /*
          * XXX RFC4253 sec 7: "each side MAY guess" - currently no supported
          * KEX method has the server move first, but a server might be using
@@ -352,43 +409,16 @@ choose_comp(Comp *comp, char *client, char *server)
 static void
 choose_kex(Kex *k, char *client, char *server)
 {
+        const struct kexalg *kexalg;
+
         k->name = match_list(client, server, NULL);
         if (k->name == NULL)
                 fatal("Unable to negotiate a key exchange method");
-        if (strcmp(k->name, KEX_DH1) == 0) {
-                k->kex_type = KEX_DH_GRP1_SHA1;
-                k->evp_md = EVP_sha1();
-        } else if (strcmp(k->name, KEX_DH14) == 0) {
-                k->kex_type = KEX_DH_GRP14_SHA1;
-                k->evp_md = EVP_sha1();
-        } else if (strcmp(k->name, KEX_DHGEX_SHA1) == 0) {
-                k->kex_type = KEX_DH_GEX_SHA1;
-                k->evp_md = EVP_sha1();
-#if OPENSSL_VERSION_NUMBER >= 0x00907000L
-        } else if (strcmp(k->name, KEX_DHGEX_SHA256) == 0) {
-                k->kex_type = KEX_DH_GEX_SHA256;
-                k->evp_md = evp_ssh_sha256();
-        } else if (strncmp(k->name, KEX_ECDH_SHA2_STEM,
-            sizeof(KEX_ECDH_SHA2_STEM) - 1) == 0) {
-                k->kex_type = KEX_ECDH_SHA2;
-                k->evp_md = kex_ecdh_name_to_evpmd(k->name);
-#endif
-#ifdef GSSAPI
-        } else if (strncmp(k->name, KEX_GSS_GEX_SHA1_ID,
-            sizeof(KEX_GSS_GEX_SHA1_ID) - 1) == 0) {
-                k->kex_type = KEX_GSS_GEX_SHA1;
-                k->evp_md = EVP_sha1();
-        } else if (strncmp(k->name, KEX_GSS_GRP1_SHA1_ID,
-            sizeof(KEX_GSS_GRP1_SHA1_ID) - 1) == 0) {
-                k->kex_type = KEX_GSS_GRP1_SHA1;
-                k->evp_md = EVP_sha1();
-        } else if (strncmp(k->name, KEX_GSS_GRP14_SHA1_ID,
-            sizeof(KEX_GSS_GRP14_SHA1_ID) - 1) == 0) {
-                k->kex_type = KEX_GSS_GRP14_SHA1;
-                k->evp_md = EVP_sha1();
-#endif
-        } else
-                fatal("bad kex alg %s", k->name);
+        if ((kexalg = kex_alg_by_name(k->name)) == NULL)
+                fatal("unsupported kex alg %s", k->name);
+        k->kex_type = kexalg->type;
+        k->evp_md = kexalg->mdfunc();
+        k->ec_nid = kexalg->ec_nid;
 }
 
 static void
@@ -400,7 +430,7 @@ choose_hostkeyalg(Kex *k, char *client, char *server)
         k->hostkey_type = key_type_from_name(hostkeyalg);
         if (k->hostkey_type == KEY_UNSPEC)
                 fatal("bad hostkey alg '%s'", hostkeyalg);
-        xfree(hostkeyalg);
+        free(hostkeyalg);
 }
 
 static int
@@ -454,7 +484,7 @@ kex_choose_conf(Kex *kex)
                 roaming = match_list(KEX_RESUME, peer[PROPOSAL_KEX_ALGS], NULL);
                 if (roaming) {
                         kex->roaming = 1;
-                        xfree(roaming);
+                        free(roaming);
                 }
         }
 
diff --git a/kex.h b/kex.h
index 8013ab8a4..d5046c627 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.54 2013/01/08 18:49:04 markus Exp $ */
+/* $OpenBSD: kex.h,v 1.56 2013/07/19 07:37:48 markus Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -40,8 +40,9 @@
 #define KEX_DHGEX_SHA1          "diffie-hellman-group-exchange-sha1"
 #define KEX_DHGEX_SHA256        "diffie-hellman-group-exchange-sha256"
 #define KEX_RESUME              "resume@appgate.com"
-/* The following represents the family of ECDH methods */
-#define KEX_ECDH_SHA2_STEM      "ecdh-sha2-"
+#define KEX_ECDH_SHA2_NISTP256  "ecdh-sha2-nistp256"
+#define KEX_ECDH_SHA2_NISTP384  "ecdh-sha2-nistp384"
+#define KEX_ECDH_SHA2_NISTP521  "ecdh-sha2-nistp521"
 
 #define COMP_NONE       0
 #define COMP_ZLIB       1
@@ -89,7 +90,7 @@ typedef struct Newkeys Newkeys;
 
 struct Enc {
         char    *name;
-        Cipher  *cipher;
+        const Cipher *cipher;
         int     enabled;
         u_int   key_len;
         u_int   iv_len;
@@ -134,6 +135,7 @@ struct Kex {
         sig_atomic_t done;
         int     flags;
         const EVP_MD *evp_md;
+        int     ec_nid;
 #ifdef GSSAPI
         int     gss_deleg_creds;
         int     gss_trust_dns;
@@ -146,10 +148,12 @@ struct Kex {
         Key     *(*load_host_public_key)(int);
         Key     *(*load_host_private_key)(int);
         int     (*host_key_index)(Key *);
+        void    (*sign)(Key *, Key *, u_char **, u_int *, u_char *, u_int);
         void    (*kex[KEX_MAX])(Kex *);
 };
 
 int      kex_names_valid(const char *);
+char    *kex_alg_list(void);
 
 Kex     *kex_setup(char *[PROPOSAL_MAX]);
 void     kex_finish(Kex *);
@@ -184,11 +188,6 @@ void
 kex_ecdh_hash(const EVP_MD *, const EC_GROUP *, char *, char *, char *, int,
     char *, int, u_char *, int, const EC_POINT *, const EC_POINT *,
     const BIGNUM *, u_char **, u_int *);
-int     kex_ecdh_name_to_nid(const char *);
-const EVP_MD *kex_ecdh_name_to_evpmd(const char *);
-#else
-# define kex_ecdh_name_to_nid(x) (-1)
-# define kex_ecdh_name_to_evpmd(x) (NULL)
 #endif
 
 void
diff --git a/kexdhc.c b/kexdhc.c
index 76ceb5dd8..ccd137cac 100644
--- a/kexdhc.c
+++ b/kexdhc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexdhc.c,v 1.12 2010/11/10 01:33:07 djm Exp $ */
+/* $OpenBSD: kexdhc.c,v 1.13 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -125,7 +125,7 @@ kexdh_client(Kex *kex)
         if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
                 fatal("kexdh_client: BN_bin2bn failed");
         memset(kbuf, 0, klen);
-        xfree(kbuf);
+        free(kbuf);
 
         /* calc and verify H */
         kex_dh_hash(
@@ -139,14 +139,14 @@ kexdh_client(Kex *kex)
             shared_secret,
             &hash, &hashlen
         );
-        xfree(server_host_key_blob);
+        free(server_host_key_blob);
         BN_clear_free(dh_server_pub);
         DH_free(dh);
 
         if (key_verify(server_host_key, signature, slen, hash, hashlen) != 1)
                 fatal("key_verify failed for server_host_key");
         key_free(server_host_key);
-        xfree(signature);
+        free(signature);
 
         /* save session id */
         if (kex->session_id == NULL) {
diff --git a/kexdhs.c b/kexdhs.c
index f56e88764..269d80900 100644
--- a/kexdhs.c
+++ b/kexdhs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexdhs.c,v 1.12 2010/11/10 01:33:07 djm Exp $ */
+/* $OpenBSD: kexdhs.c,v 1.14 2013/07/19 07:37:48 markus Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -80,9 +80,6 @@ kexdh_server(Kex *kex)
         if (server_host_public == NULL)
                 fatal("Unsupported hostkey type %d", kex->hostkey_type);
         server_host_private = kex->load_host_private_key(kex->hostkey_type);
-        if (server_host_private == NULL)
-                fatal("Missing private key for hostkey type %d",
-                    kex->hostkey_type);
 
         /* key, cert */
         if ((dh_client_pub = BN_new()) == NULL)
@@ -118,7 +115,7 @@ kexdh_server(Kex *kex)
         if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
                 fatal("kexdh_server: BN_bin2bn failed");
         memset(kbuf, 0, klen);
-        xfree(kbuf);
+        free(kbuf);
 
         key_to_blob(server_host_public, &server_host_key_blob, &sbloblen);
 
@@ -144,9 +141,8 @@ kexdh_server(Kex *kex)
         }
 
         /* sign H */
-        if (PRIVSEP(key_sign(server_host_private, &signature, &slen, hash,
-            hashlen)) < 0)
-                fatal("kexdh_server: key_sign failed");
+        kex->sign(server_host_private, server_host_public, &signature, &slen,
+            hash, hashlen);
 
         /* destroy_sensitive_data(); */
 
@@ -157,8 +153,8 @@ kexdh_server(Kex *kex)
         packet_put_string(signature, slen);
         packet_send();
 
-        xfree(signature);
-        xfree(server_host_key_blob);
+        free(signature);
+        free(server_host_key_blob);
         /* have keys, free DH */
         DH_free(dh);
 
diff --git a/kexecdh.c b/kexecdh.c
index f13f69d3b..c948fe20a 100644
--- a/kexecdh.c
+++ b/kexecdh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexecdh.c,v 1.3 2010/09/22 05:01:29 djm Exp $ */
+/* $OpenBSD: kexecdh.c,v 1.4 2013/04/19 01:06:50 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
@@ -45,24 +45,6 @@
 #include "kex.h"
 #include "log.h"
 
-int
-kex_ecdh_name_to_nid(const char *kexname)
-{
-        if (strlen(kexname) < sizeof(KEX_ECDH_SHA2_STEM) - 1)
-                fatal("%s: kexname too short \"%s\"", __func__, kexname);
-        return key_curve_name_to_nid(kexname + sizeof(KEX_ECDH_SHA2_STEM) - 1);
-}
-
-const EVP_MD *
-kex_ecdh_name_to_evpmd(const char *kexname)
-{
-        int nid = kex_ecdh_name_to_nid(kexname);
-
-        if (nid == -1)
-                fatal("%s: unsupported ECDH curve \"%s\"", __func__, kexname);
-        return key_ec_nid_to_evpmd(nid);
-}
-
 void
 kex_ecdh_hash(
     const EVP_MD *evp_md,
diff --git a/kexecdhc.c b/kexecdhc.c
index 115d4bf83..6193836c7 100644
--- a/kexecdhc.c
+++ b/kexecdhc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexecdhc.c,v 1.2 2010/09/22 05:01:29 djm Exp $ */
+/* $OpenBSD: kexecdhc.c,v 1.4 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
@@ -57,11 +57,8 @@ kexecdh_client(Kex *kex)
         u_char *server_host_key_blob = NULL, *signature = NULL;
         u_char *kbuf, *hash;
         u_int klen, slen, sbloblen, hashlen;
-        int curve_nid;
 
-        if ((curve_nid = kex_ecdh_name_to_nid(kex->name)) == -1)
-                fatal("%s: unsupported ECDH curve \"%s\"", __func__, kex->name);
-        if ((client_key = EC_KEY_new_by_curve_name(curve_nid)) == NULL)
+        if ((client_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL)
                 fatal("%s: EC_KEY_new_by_curve_name failed", __func__);
         if (EC_KEY_generate_key(client_key) != 1)
                 fatal("%s: EC_KEY_generate_key failed", __func__);
@@ -123,7 +120,7 @@ kexecdh_client(Kex *kex)
         if (BN_bin2bn(kbuf, klen, shared_secret) == NULL)
                 fatal("%s: BN_bin2bn failed", __func__);
         memset(kbuf, 0, klen);
-        xfree(kbuf);
+        free(kbuf);
 
         /* calc and verify H */
         kex_ecdh_hash(
@@ -139,14 +136,14 @@ kexecdh_client(Kex *kex)
             shared_secret,
             &hash, &hashlen
         );
-        xfree(server_host_key_blob);
+        free(server_host_key_blob);
         EC_POINT_clear_free(server_public);
         EC_KEY_free(client_key);
 
         if (key_verify(server_host_key, signature, slen, hash, hashlen) != 1)
                 fatal("key_verify failed for server_host_key");
         key_free(server_host_key);
-        xfree(signature);
+        free(signature);
 
         /* save session id */
         if (kex->session_id == NULL) {
diff --git a/kexecdhs.c b/kexecdhs.c
index 8c515dfa6..3a580aacf 100644
--- a/kexecdhs.c
+++ b/kexecdhs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexecdhs.c,v 1.2 2010/09/22 05:01:29 djm Exp $ */
+/* $OpenBSD: kexecdhs.c,v 1.5 2013/07/19 07:37:48 markus Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
@@ -59,11 +59,8 @@ kexecdh_server(Kex *kex)
         u_char *server_host_key_blob = NULL, *signature = NULL;
         u_char *kbuf, *hash;
         u_int klen, slen, sbloblen, hashlen;
-        int curve_nid;
 
-        if ((curve_nid = kex_ecdh_name_to_nid(kex->name)) == -1)
-                fatal("%s: unsupported ECDH curve \"%s\"", __func__, kex->name);
-        if ((server_key = EC_KEY_new_by_curve_name(curve_nid)) == NULL)
+        if ((server_key = EC_KEY_new_by_curve_name(kex->ec_nid)) == NULL)
                 fatal("%s: EC_KEY_new_by_curve_name failed", __func__);
         if (EC_KEY_generate_key(server_key) != 1)
                 fatal("%s: EC_KEY_generate_key failed", __func__);
@@ -81,9 +78,6 @@ kexecdh_server(Kex *kex)
         if (server_host_public == NULL)
                 fatal("Unsupported hostkey type %d", kex->hostkey_type);
         server_host_private = kex->load_host_private_key(kex->hostkey_type);
-        if (server_host_private == NULL)
-                fatal("Missing private key for hostkey type %d",
-                    kex->hostkey_type);
 
         debug("expecting SSH2_MSG_KEX_ECDH_INIT");
         packet_read_expect(SSH2_MSG_KEX_ECDH_INIT);
@@ -115,7 +109,7 @@ kexecdh_server(Kex *kex)
         if (BN_bin2bn(kbuf, klen, shared_secret) == NULL)
                 fatal("%s: BN_bin2bn failed", __func__);
         memset(kbuf, 0, klen);
-        xfree(kbuf);
+        free(kbuf);
 
         /* calc H */
         key_to_blob(server_host_public, &server_host_key_blob, &sbloblen);
@@ -142,9 +136,8 @@ kexecdh_server(Kex *kex)
         }
 
         /* sign H */
-        if (PRIVSEP(key_sign(server_host_private, &signature, &slen,
-            hash, hashlen)) < 0)
-                fatal("kexdh_server: key_sign failed");
+        kex->sign(server_host_private, server_host_public, &signature, &slen,
+            hash, hashlen);
 
         /* destroy_sensitive_data(); */
 
@@ -155,8 +148,8 @@ kexecdh_server(Kex *kex)
         packet_put_string(signature, slen);
         packet_send();
 
-        xfree(signature);
-        xfree(server_host_key_blob);
+        free(signature);
+        free(server_host_key_blob);
         /* have keys, free server key */
         EC_KEY_free(server_key);
 
diff --git a/kexgexc.c b/kexgexc.c
index 79552d709..5a3be2005 100644
--- a/kexgexc.c
+++ b/kexgexc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexgexc.c,v 1.12 2010/11/10 01:33:07 djm Exp $ */
+/* $OpenBSD: kexgexc.c,v 1.13 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -163,7 +163,7 @@ kexgex_client(Kex *kex)
         if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
                 fatal("kexgex_client: BN_bin2bn failed");
         memset(kbuf, 0, klen);
-        xfree(kbuf);
+        free(kbuf);
 
         if (datafellows & SSH_OLD_DHGEX)
                 min = max = -1;
@@ -186,13 +186,13 @@ kexgex_client(Kex *kex)
 
         /* have keys, free DH */
         DH_free(dh);
-        xfree(server_host_key_blob);
+        free(server_host_key_blob);
         BN_clear_free(dh_server_pub);
 
         if (key_verify(server_host_key, signature, slen, hash, hashlen) != 1)
                 fatal("key_verify failed for server_host_key");
         key_free(server_host_key);
-        xfree(signature);
+        free(signature);
 
         /* save session id */
         if (kex->session_id == NULL) {
diff --git a/kexgexs.c b/kexgexs.c
index a5e3df7bc..4e473fc73 100644
--- a/kexgexs.c
+++ b/kexgexs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexgexs.c,v 1.14 2010/11/10 01:33:07 djm Exp $ */
+/* $OpenBSD: kexgexs.c,v 1.16 2013/07/19 07:37:48 markus Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -68,10 +68,6 @@ kexgex_server(Kex *kex)
         if (server_host_public == NULL)
                 fatal("Unsupported hostkey type %d", kex->hostkey_type);
         server_host_private = kex->load_host_private_key(kex->hostkey_type);
-        if (server_host_private == NULL)
-                fatal("Missing private key for hostkey type %d",
-                    kex->hostkey_type);
-
 
         type = packet_read();
         switch (type) {
@@ -155,7 +151,7 @@ kexgex_server(Kex *kex)
         if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
                 fatal("kexgex_server: BN_bin2bn failed");
         memset(kbuf, 0, klen);
-        xfree(kbuf);
+        free(kbuf);
 
         key_to_blob(server_host_public, &server_host_key_blob, &sbloblen);
 
@@ -187,9 +183,8 @@ kexgex_server(Kex *kex)
         }
 
         /* sign H */
-        if (PRIVSEP(key_sign(server_host_private, &signature, &slen, hash,
-            hashlen)) < 0)
-                fatal("kexgex_server: key_sign failed");
+        kex->sign(server_host_private, server_host_public, &signature, &slen,
+            hash, hashlen);
 
         /* destroy_sensitive_data(); */
 
@@ -201,8 +196,8 @@ kexgex_server(Kex *kex)
         packet_put_string(signature, slen);
         packet_send();
 
-        xfree(signature);
-        xfree(server_host_key_blob);
+        free(signature);
+        free(server_host_key_blob);
         /* have keys, free DH */
         DH_free(dh);
 
diff --git a/kexgssc.c b/kexgssc.c
index 39be40531..616893c7e 100644
--- a/kexgssc.c
+++ b/kexgssc.c
@@ -144,7 +144,7 @@ kexgss_client(Kex *kex) {
 
                 /* If we've got an old receive buffer get rid of it */
                 if (token_ptr != GSS_C_NO_BUFFER)
-                        xfree(recv_tok.value);
+                        free(recv_tok.value);
 
                 if (maj_status == GSS_S_COMPLETE) {
                         /* If mutual state flag is not true, kex fails */
@@ -261,7 +261,7 @@ kexgss_client(Kex *kex) {
                 fatal("kexdh_client: BN_bin2bn failed");
 
         memset(kbuf, 0, klen);
-        xfree(kbuf);
+        free(kbuf);
 
         switch (kex->kex_type) {
         case KEX_GSS_GRP1_SHA1:
@@ -304,11 +304,10 @@ kexgss_client(Kex *kex) {
         if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok)))
                 packet_disconnect("Hash's MIC didn't verify");
 
-        xfree(msg_tok.value);
+        free(msg_tok.value);
 
         DH_free(dh);
-        if (serverhostkey)
-                xfree(serverhostkey);
+        free(serverhostkey);
         BN_clear_free(dh_server_pub);
 
         /* save session id */
diff --git a/kexgsss.c b/kexgsss.c
index 0c3eeaa63..18b065b10 100644
--- a/kexgsss.c
+++ b/kexgsss.c
@@ -78,9 +78,10 @@ kexgss_server(Kex *kex)
          * in the GSSAPI code are no longer available. This kludges them back
          * into life
          */
-        if (!ssh_gssapi_oid_table_ok()) 
-                if ((mechs = ssh_gssapi_server_mechanisms()))
-                        xfree(mechs);
+        if (!ssh_gssapi_oid_table_ok()) {
+                mechs = ssh_gssapi_server_mechanisms();
+                free(mechs);
+        }
 
         debug2("%s: Identifying %s", __func__, kex->name);
         oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type);
@@ -158,7 +159,7 @@ kexgss_server(Kex *kex)
                 maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, 
                     &send_tok, &ret_flags));
 
-                xfree(recv_tok.value);
+                free(recv_tok.value);
 
                 if (maj_status != GSS_S_COMPLETE && send_tok.length == 0)
                         fatal("Zero length token output when incomplete");
@@ -207,7 +208,7 @@ kexgss_server(Kex *kex)
                 fatal("kexgss_server: BN_bin2bn failed");
 
         memset(kbuf, 0, klen);
-        xfree(kbuf);
+        free(kbuf);
 
         switch (kex->kex_type) {
         case KEX_GSS_GRP1_SHA1:
diff --git a/key.c b/key.c
index fdfed5c56..2591635bc 100644
--- a/key.c
+++ b/key.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: key.c,v 1.100 2013/01/17 23:00:01 djm Exp $ */
+/* $OpenBSD: key.c,v 1.104 2013/05/19 02:42:42 djm Exp $ */
 /*
  * read_bignum():
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -187,14 +187,13 @@ cert_free(struct KeyCert *cert)
         buffer_free(&cert->certblob);
         buffer_free(&cert->critical);
         buffer_free(&cert->extensions);
-        if (cert->key_id != NULL)
-                xfree(cert->key_id);
+        free(cert->key_id);
         for (i = 0; i < cert->nprincipals; i++)
-                xfree(cert->principals[i]);
-        if (cert->principals != NULL)
-                xfree(cert->principals);
+                free(cert->principals[i]);
+        free(cert->principals);
         if (cert->signature_key != NULL)
                 key_free(cert->signature_key);
+        free(cert);
 }
 
 void
@@ -238,7 +237,7 @@ key_free(Key *k)
                 k->cert = NULL;
         }
 
-        xfree(k);
+        free(k);
 }
 
 static int
@@ -388,7 +387,7 @@ key_fingerprint_raw(const Key *k, enum fp_type dgst_type,
                 EVP_DigestUpdate(&ctx, blob, len);
                 EVP_DigestFinal(&ctx, retval, dgst_raw_length);
                 memset(blob, 0, len);
-                xfree(blob);
+                free(blob);
         } else {
                 fatal("key_fingerprint_raw: blob is null");
         }
@@ -570,7 +569,7 @@ key_fingerprint_randomart(u_char *dgst_raw, u_int dgst_raw_len, const Key *k)
 }
 
 char *
-key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep)
+key_fingerprint(const Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep)
 {
         char *retval = NULL;
         u_char *dgst_raw;
@@ -595,7 +594,7 @@ key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep)
                 break;
         }
         memset(dgst_raw, 0, dgst_raw_len);
-        xfree(dgst_raw);
+        free(dgst_raw);
         return retval;
 }
 
@@ -740,11 +739,11 @@ key_read(Key *ret, char **cpp)
                 n = uudecode(cp, blob, len);
                 if (n < 0) {
                         error("key_read: uudecode %s failed", cp);
-                        xfree(blob);
+                        free(blob);
                         return -1;
                 }
                 k = key_from_blob(blob, (u_int)n);
-                xfree(blob);
+                free(blob);
                 if (k == NULL) {
                         error("key_read: key_from_blob %s failed", cp);
                         return -1;
@@ -885,43 +884,13 @@ key_write(const Key *key, FILE *f)
                 fprintf(f, "%s %s", key_ssh_name(key), uu);
                 success = 1;
         }
-        xfree(blob);
-        xfree(uu);
+        free(blob);
+        free(uu);
 
         return success;
 }
 
 const char *
-key_type(const Key *k)
-{
-        switch (k->type) {
-        case KEY_RSA1:
-                return "RSA1";
-        case KEY_RSA:
-                return "RSA";
-        case KEY_DSA:
-                return "DSA";
-#ifdef OPENSSL_HAS_ECC
-        case KEY_ECDSA:
-                return "ECDSA";
-#endif
-        case KEY_RSA_CERT_V00:
-                return "RSA-CERT-V00";
-        case KEY_DSA_CERT_V00:
-                return "DSA-CERT-V00";
-        case KEY_RSA_CERT:
-                return "RSA-CERT";
-        case KEY_DSA_CERT:
-                return "DSA-CERT";
-#ifdef OPENSSL_HAS_ECC
-        case KEY_ECDSA_CERT:
-                return "ECDSA-CERT";
-#endif
-        }
-        return "unknown";
-}
-
-const char *
 key_cert_type(const Key *k)
 {
         switch (k->cert->type) {
@@ -934,50 +903,60 @@ key_cert_type(const Key *k)
         }
 }
 
+struct keytype {
+        char *name;
+        char *shortname;
+        int type;
+        int nid;
+        int cert;
+};
+static const struct keytype keytypes[] = {
+        { NULL, "RSA1", KEY_RSA1, 0, 0 },
+        { "ssh-rsa", "RSA", KEY_RSA, 0, 0 },
+        { "ssh-dss", "DSA", KEY_DSA, 0, 0 },
+#ifdef OPENSSL_HAS_ECC
+        { "ecdsa-sha2-nistp256", "ECDSA", KEY_ECDSA, NID_X9_62_prime256v1, 0 },
+        { "ecdsa-sha2-nistp384", "ECDSA", KEY_ECDSA, NID_secp384r1, 0 },
+        { "ecdsa-sha2-nistp521", "ECDSA", KEY_ECDSA, NID_secp521r1, 0 },
+#endif /* OPENSSL_HAS_ECC */
+        { "ssh-rsa-cert-v01@openssh.com", "RSA-CERT", KEY_RSA_CERT, 0, 1 },
+        { "ssh-dss-cert-v01@openssh.com", "DSA-CERT", KEY_DSA_CERT, 0, 1 },
+#ifdef OPENSSL_HAS_ECC
+        { "ecdsa-sha2-nistp256-cert-v01@openssh.com", "ECDSA-CERT",
+            KEY_ECDSA_CERT, NID_X9_62_prime256v1, 1 },
+        { "ecdsa-sha2-nistp384-cert-v01@openssh.com", "ECDSA-CERT",
+            KEY_ECDSA_CERT, NID_secp384r1, 1 },
+        { "ecdsa-sha2-nistp521-cert-v01@openssh.com", "ECDSA-CERT",
+            KEY_ECDSA_CERT, NID_secp521r1, 1 },
+#endif /* OPENSSL_HAS_ECC */
+        { "ssh-rsa-cert-v00@openssh.com", "RSA-CERT-V00",
+            KEY_RSA_CERT_V00, 0, 1 },
+        { "ssh-dss-cert-v00@openssh.com", "DSA-CERT-V00",
+            KEY_DSA_CERT_V00, 0, 1 },
+        { "null", "null", KEY_NULL, 0, 0 },
+        { NULL, NULL, -1, -1, 0 }
+};
+
+const char *
+key_type(const Key *k)
+{
+        const struct keytype *kt;
+
+        for (kt = keytypes; kt->type != -1; kt++) {
+                if (kt->type == k->type)
+                        return kt->shortname;
+        }
+        return "unknown";
+}
+
 static const char *
 key_ssh_name_from_type_nid(int type, int nid)
 {
-        switch (type) {
-        case KEY_RSA:
-                return "ssh-rsa";
-        case KEY_DSA:
-                return "ssh-dss";
-        case KEY_RSA_CERT_V00:
-                return "ssh-rsa-cert-v00@openssh.com";
-        case KEY_DSA_CERT_V00:
-                return "ssh-dss-cert-v00@openssh.com";
-        case KEY_RSA_CERT:
-                return "ssh-rsa-cert-v01@openssh.com";
-        case KEY_DSA_CERT:
-                return "ssh-dss-cert-v01@openssh.com";
-#ifdef OPENSSL_HAS_ECC
-        case KEY_ECDSA:
-                switch (nid) {
-                case NID_X9_62_prime256v1:
-                        return "ecdsa-sha2-nistp256";
-                case NID_secp384r1:
-                        return "ecdsa-sha2-nistp384";
-                case NID_secp521r1:
-                        return "ecdsa-sha2-nistp521";
-                default:
-                        break;
-                }
-                break;
-        case KEY_ECDSA_CERT:
-                switch (nid) {
-                case NID_X9_62_prime256v1:
-                        return "ecdsa-sha2-nistp256-cert-v01@openssh.com";
-                case NID_secp384r1:
-                        return "ecdsa-sha2-nistp384-cert-v01@openssh.com";
-                case NID_secp521r1:
-                        return "ecdsa-sha2-nistp521-cert-v01@openssh.com";
-                default:
-                        break;
-                }
-                break;
-#endif /* OPENSSL_HAS_ECC */
-        case KEY_NULL:
-                return "null";
+        const struct keytype *kt;
+
+        for (kt = keytypes; kt->type != -1; kt++) {
+                if (kt->type == type && (kt->nid == 0 || kt->nid == nid))
+                        return kt->name;
         }
         return "ssh-unknown";
 }
@@ -995,6 +974,56 @@ key_ssh_name_plain(const Key *k)
             k->ecdsa_nid);
 }
 
+int
+key_type_from_name(char *name)
+{
+        const struct keytype *kt;
+
+        for (kt = keytypes; kt->type != -1; kt++) {
+                /* Only allow shortname matches for plain key types */
+                if ((kt->name != NULL && strcmp(name, kt->name) == 0) ||
+                    (!kt->cert && strcasecmp(kt->shortname, name) == 0))
+                        return kt->type;
+        }
+        debug2("key_type_from_name: unknown key type '%s'", name);
+        return KEY_UNSPEC;
+}
+
+int
+key_ecdsa_nid_from_name(const char *name)
+{
+        const struct keytype *kt;
+
+        for (kt = keytypes; kt->type != -1; kt++) {
+                if (kt->type != KEY_ECDSA && kt->type != KEY_ECDSA_CERT)
+                        continue;
+                if (kt->name != NULL && strcmp(name, kt->name) == 0)
+                        return kt->nid;
+        }
+        debug2("%s: unknown/non-ECDSA key type '%s'", __func__, name);
+        return -1;
+}
+
+char *
+key_alg_list(void)
+{
+        char *ret = NULL;
+        size_t nlen, rlen = 0;
+        const struct keytype *kt;
+
+        for (kt = keytypes; kt->type != -1; kt++) {
+                if (kt->name == NULL)
+                        continue;
+                if (ret != NULL)
+                        ret[rlen++] = '\n';
+                nlen = strlen(kt->name);
+                ret = xrealloc(ret, 1, rlen + nlen + 2);
+                memcpy(ret + rlen, kt->name, nlen + 1);
+                rlen += nlen;
+        }
+        return ret;
+}
+
 u_int
 key_size(const Key *k)
 {
@@ -1250,67 +1279,6 @@ key_from_private(const Key *k)
 }
 
 int
-key_type_from_name(char *name)
-{
-        if (strcmp(name, "rsa1") == 0) {
-                return KEY_RSA1;
-        } else if (strcmp(name, "rsa") == 0) {
-                return KEY_RSA;
-        } else if (strcmp(name, "dsa") == 0) {
-                return KEY_DSA;
-        } else if (strcmp(name, "ssh-rsa") == 0) {
-                return KEY_RSA;
-        } else if (strcmp(name, "ssh-dss") == 0) {
-                return KEY_DSA;
-#ifdef OPENSSL_HAS_ECC
-        } else if (strcmp(name, "ecdsa") == 0 ||
-            strcmp(name, "ecdsa-sha2-nistp256") == 0 ||
-            strcmp(name, "ecdsa-sha2-nistp384") == 0 ||
-            strcmp(name, "ecdsa-sha2-nistp521") == 0) {
-                return KEY_ECDSA;
-#endif
-        } else if (strcmp(name, "ssh-rsa-cert-v00@openssh.com") == 0) {
-                return KEY_RSA_CERT_V00;
-        } else if (strcmp(name, "ssh-dss-cert-v00@openssh.com") == 0) {
-                return KEY_DSA_CERT_V00;
-        } else if (strcmp(name, "ssh-rsa-cert-v01@openssh.com") == 0) {
-                return KEY_RSA_CERT;
-        } else if (strcmp(name, "ssh-dss-cert-v01@openssh.com") == 0) {
-                return KEY_DSA_CERT;
-#ifdef OPENSSL_HAS_ECC
-        } else if (strcmp(name, "ecdsa-sha2-nistp256-cert-v01@openssh.com") == 0 ||
-            strcmp(name, "ecdsa-sha2-nistp384-cert-v01@openssh.com") == 0 ||
-            strcmp(name, "ecdsa-sha2-nistp521-cert-v01@openssh.com") == 0) {
-                return KEY_ECDSA_CERT;
-#endif
-        } else if (strcmp(name, "null") == 0) {
-                return KEY_NULL;
-        }
-
-        debug2("key_type_from_name: unknown key type '%s'", name);
-        return KEY_UNSPEC;
-}
-
-int
-key_ecdsa_nid_from_name(const char *name)
-{
-#ifdef OPENSSL_HAS_ECC
-        if (strcmp(name, "ecdsa-sha2-nistp256") == 0 ||
-            strcmp(name, "ecdsa-sha2-nistp256-cert-v01@openssh.com") == 0)
-                return NID_X9_62_prime256v1;
-        if (strcmp(name, "ecdsa-sha2-nistp384") == 0 ||
-            strcmp(name, "ecdsa-sha2-nistp384-cert-v01@openssh.com") == 0)
-                return NID_secp384r1;
-        if (strcmp(name, "ecdsa-sha2-nistp521") == 0 ||
-            strcmp(name, "ecdsa-sha2-nistp521-cert-v01@openssh.com") == 0)
-                return NID_secp521r1;
-#endif /* OPENSSL_HAS_ECC */
-
-        debug2("%s: unknown/non-ECDSA key type '%s'", __func__, name);
-        return -1;
-}
-
-int
 key_names_valid2(const char *names)
 {
         char *s, *cp, *p;
@@ -1323,12 +1291,12 @@ key_names_valid2(const char *names)
                 switch (key_type_from_name(p)) {
                 case KEY_RSA1:
                 case KEY_UNSPEC:
-                        xfree(s);
+                        free(s);
                         return 0;
                 }
         }
         debug3("key names ok: [%s]", names);
-        xfree(s);
+        free(s);
         return 1;
 }
 
@@ -1450,16 +1418,11 @@ cert_parse(Buffer *b, Key *key, const u_char *blob, u_int blen)
 
  out:
         buffer_free(&tmp);
-        if (principals != NULL)
-                xfree(principals);
-        if (critical != NULL)
-                xfree(critical);
-        if (exts != NULL)
-                xfree(exts);
-        if (sig_key != NULL)
-                xfree(sig_key);
-        if (sig != NULL)
-                xfree(sig);
+        free(principals);
+        free(critical);
+        free(exts);
+        free(sig_key);
+        free(sig);
         return ret;
 }
 
@@ -1579,10 +1542,8 @@ key_from_blob(const u_char *blob, u_int blen)
         if (key != NULL && rlen != 0)
                 error("key_from_blob: remaining bytes in key blob %d", rlen);
  out:
-        if (ktype != NULL)
-                xfree(ktype);
-        if (curve != NULL)
-                xfree(curve);
+        free(ktype);
+        free(curve);
 #ifdef OPENSSL_HAS_ECC
         if (q != NULL)
                 EC_POINT_free(q);
@@ -1932,7 +1893,7 @@ key_certify(Key *k, Key *ca)
         default:
                 error("%s: key has incorrect type %s", __func__, key_type(k));
                 buffer_clear(&k->cert->certblob);
-                xfree(ca_blob);
+                free(ca_blob);
                 return -1;
         }
 
@@ -1968,7 +1929,7 @@ key_certify(Key *k, Key *ca)
 
         buffer_put_string(&k->cert->certblob, NULL, 0); /* reserved */
         buffer_put_string(&k->cert->certblob, ca_blob, ca_len);
-        xfree(ca_blob);
+        free(ca_blob);
 
         /* Sign the whole mess */
         if (key_sign(ca, &sig_blob, &sig_len, buffer_ptr(&k->cert->certblob),
@@ -1979,7 +1940,7 @@ key_certify(Key *k, Key *ca)
         }
         /* Append signature and we are done */
         buffer_put_string(&k->cert->certblob, sig_blob, sig_len);
-        xfree(sig_blob);
+        free(sig_blob);
 
         return 0;
 }
diff --git a/key.h b/key.h
index 4beaf202e..b57d6a4c4 100644
--- a/key.h
+++ b/key.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: key.h,v 1.35 2013/01/17 23:00:01 djm Exp $ */
+/* $OpenBSD: key.h,v 1.37 2013/05/19 02:42:42 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -96,7 +96,7 @@ void		 key_free(Key *);
 Key             *key_demote(const Key *);
 int              key_equal_public(const Key *, const Key *);
 int              key_equal(const Key *, const Key *);
-char            *key_fingerprint(Key *, enum fp_type, enum fp_rep);
+char            *key_fingerprint(const Key *, enum fp_type, enum fp_rep);
 u_char          *key_fingerprint_raw(const Key *, enum fp_type, u_int *);
 const char      *key_type(const Key *);
 const char      *key_cert_type(const Key *);
@@ -119,15 +119,16 @@ int	 key_cert_is_legacy(const Key *);
 
 int              key_ecdsa_nid_from_name(const char *);
 int              key_curve_name_to_nid(const char *);
-const char *     key_curve_nid_to_name(int);
+const char      *key_curve_nid_to_name(int);
 u_int            key_curve_nid_to_bits(int);
 int              key_ecdsa_bits_to_nid(int);
 #ifdef OPENSSL_HAS_ECC
 int              key_ecdsa_key_to_nid(EC_KEY *);
-const EVP_MD *   key_ec_nid_to_evpmd(int nid);
+const EVP_MD    *key_ec_nid_to_evpmd(int nid);
 int              key_ec_validate_public(const EC_GROUP *, const EC_POINT *);
 int              key_ec_validate_private(const EC_KEY *);
 #endif
+char            *key_alg_list(void);
 
 Key             *key_from_blob(const u_char *, u_int);
 int              key_to_blob(const Key *, u_char **, u_int *);
diff --git a/krl.c b/krl.c
index 0d9bb5411..b2d0354f2 100644
--- a/krl.c
+++ b/krl.c
@@ -14,7 +14,7 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $OpenBSD: krl.c,v 1.10 2013/02/19 02:12:47 dtucker Exp $ */
+/* $OpenBSD: krl.c,v 1.13 2013/07/20 22:20:42 djm Exp $ */
 
 #include "includes.h"
 
@@ -502,8 +502,11 @@ choose_next_state(int current_state, u_int64_t contig, int final,
         }
         debug3("%s: contig %llu last_gap %llu next_gap %llu final %d, costs:"
             "list %llu range %llu bitmap %llu new bitmap %llu, "
-            "selected 0x%02x%s", __func__, contig, last_gap, next_gap, final,
-            cost_list, cost_range, cost_bitmap, cost_bitmap_restart, new_state,
+            "selected 0x%02x%s", __func__, (long long unsigned)contig,
+            (long long unsigned)last_gap, (long long unsigned)next_gap, final,
+            (long long unsigned)cost_list, (long long unsigned)cost_range,
+            (long long unsigned)cost_bitmap,
+            (long long unsigned)cost_bitmap_restart, new_state,
             *force_new_section ? " restart" : "");
         return new_state;
 }
@@ -539,7 +542,8 @@ revoked_certs_generate(struct revoked_certs *rc, Buffer *buf)
              rs != NULL;
              rs = RB_NEXT(revoked_serial_tree, &rc->revoked_serials, rs)) {
                 debug3("%s: serial %llu:%llu state 0x%02x", __func__,
-                    rs->lo, rs->hi, state);
+                    (long long unsigned)rs->lo, (long long unsigned)rs->hi,
+                    state);
 
                 /* Check contiguous length and gap to next section (if any) */
                 nrs = RB_NEXT(revoked_serial_tree, &rc->revoked_serials, rs);
@@ -883,9 +887,10 @@ ssh_krl_from_blob(Buffer *buf, struct ssh_krl **krlp,
         char timestamp[64];
         int ret = -1, r, sig_seen;
         Key *key = NULL, **ca_used = NULL;
-        u_char type, *blob;
-        u_int i, j, sig_off, sects_off, blen, format_version, nca_used = 0;
+        u_char type, *blob, *rdata = NULL;
+        u_int i, j, sig_off, sects_off, rlen, blen, format_version, nca_used;
 
+        nca_used = 0;
         *krlp = NULL;
         if (buffer_len(buf) < sizeof(KRL_MAGIC) - 1 ||
             memcmp(buffer_ptr(buf), KRL_MAGIC, sizeof(KRL_MAGIC) - 1) != 0) {
@@ -928,8 +933,9 @@ ssh_krl_from_blob(Buffer *buf, struct ssh_krl **krlp,
         }
 
         format_timestamp(krl->generated_date, timestamp, sizeof(timestamp));
-        debug("KRL version %llu generated at %s%s%s", krl->krl_version,
-            timestamp, *krl->comment ? ": " : "", krl->comment);
+        debug("KRL version %llu generated at %s%s%s",
+            (long long unsigned)krl->krl_version, timestamp,
+            *krl->comment ? ": " : "", krl->comment);
 
         /*
          * 1st pass: verify signatures, if any. This is done to avoid
@@ -967,7 +973,7 @@ ssh_krl_from_blob(Buffer *buf, struct ssh_krl **krlp,
                 }
                 /* Check signature over entire KRL up to this point */
                 if (key_verify(key, blob, blen,
-                    buffer_ptr(buf), buffer_len(buf) - sig_off) == -1) {
+                    buffer_ptr(buf), buffer_len(buf) - sig_off) != 1) {
                         error("bad signaure on KRL");
                         goto out;
                 }
@@ -1010,21 +1016,22 @@ ssh_krl_from_blob(Buffer *buf, struct ssh_krl **krlp,
                 case KRL_SECTION_EXPLICIT_KEY:
                 case KRL_SECTION_FINGERPRINT_SHA1:
                         while (buffer_len(&sect) > 0) {
-                                if ((blob = buffer_get_string_ret(&sect,
-                                    &blen)) == NULL) {
+                                if ((rdata = buffer_get_string_ret(&sect,
+                                    &rlen)) == NULL) {
                                         error("%s: buffer error", __func__);
                                         goto out;
                                 }
                                 if (type == KRL_SECTION_FINGERPRINT_SHA1 &&
-                                    blen != 20) {
+                                    rlen != 20) {
                                         error("%s: bad SHA1 length", __func__);
                                         goto out;
                                 }
                                 if (revoke_blob(
                                     type == KRL_SECTION_EXPLICIT_KEY ?
                                     &krl->revoked_keys : &krl->revoked_sha1s,
-                                    blob, blen) != 0)
-                                        goto out; /* revoke_blob frees blob */
+                                    rdata, rlen) != 0)
+                                        goto out;
+                                rdata = NULL; /* revoke_blob frees blob */
                         }
                         break;
                 case KRL_SECTION_SIGNATURE:
@@ -1090,6 +1097,7 @@ ssh_krl_from_blob(Buffer *buf, struct ssh_krl **krlp,
                         key_free(ca_used[i]);
         }
         free(ca_used);
+        free(rdata);
         if (key != NULL)
                 key_free(key);
         buffer_free(&copy);
diff --git a/log.c b/log.c
index dabee1407..53e7b6561 100644
--- a/log.c
+++ b/log.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: log.c,v 1.43 2012/09/06 04:37:39 dtucker Exp $ */
+/* $OpenBSD: log.c,v 1.45 2013/05/16 09:08:41 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -38,6 +38,7 @@
 
 #include <sys/types.h>
 
+#include <fcntl.h>
 #include <stdarg.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -54,6 +55,7 @@
 
 static LogLevel log_level = SYSLOG_LEVEL_INFO;
 static int log_on_stderr = 1;
+static int log_stderr_fd = STDERR_FILENO;
 static int log_facility = LOG_AUTH;
 static char *argv0;
 static log_handler_fn *log_handler;
@@ -345,6 +347,20 @@ log_is_on_stderr(void)
         return log_on_stderr;
 }
 
+/* redirect what would usually get written to stderr to specified file */
+void
+log_redirect_stderr_to(const char *logfile)
+{
+        int fd;
+
+        if ((fd = open(logfile, O_WRONLY|O_CREAT|O_APPEND, 0600)) == -1) {
+                fprintf(stderr, "Couldn't open logfile %s: %s\n", logfile,
+                     strerror(errno));
+                exit(1);
+        }
+        log_stderr_fd = fd;
+}
+
 #define MSGBUFSIZ 1024
 
 void
@@ -430,7 +446,7 @@ do_log(LogLevel level, const char *fmt, va_list args)
                 log_handler = tmp_handler;
         } else if (log_on_stderr) {
                 snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf);
-                write(STDERR_FILENO, msgbuf, strlen(msgbuf));
+                (void)write(log_stderr_fd, msgbuf, strlen(msgbuf));
         } else {
 #if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT)
                 openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata);
diff --git a/log.h b/log.h
index e3e328b06..ae7df25d3 100644
--- a/log.h
+++ b/log.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: log.h,v 1.19 2012/09/06 04:37:39 dtucker Exp $ */
+/* $OpenBSD: log.h,v 1.20 2013/04/07 02:10:33 dtucker Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -51,6 +51,7 @@ typedef void (log_handler_fn)(LogLevel, const char *, void *);
 void     log_init(char *, LogLevel, SyslogFacility, int);
 void     log_change_level(LogLevel);
 int      log_is_on_stderr(void);
+void     log_redirect_stderr_to(const char *);
 
 SyslogFacility  log_facility_number(char *);
 const char *    log_facility_name(SyslogFacility);
diff --git a/loginrec.c b/loginrec.c
index f9662fa5c..59e8a44ee 100644
--- a/loginrec.c
+++ b/loginrec.c
@@ -347,7 +347,7 @@ logininfo *login_alloc_entry(pid_t pid, const char *username,
 void
 login_free_entry(struct logininfo *li)
 {
-        xfree(li);
+        free(li);
 }
 
 
diff --git a/mac.c b/mac.c
index 3f2dc6f2a..c4dfb501d 100644
--- a/mac.c
+++ b/mac.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mac.c,v 1.21 2012/12/11 22:51:45 sthen Exp $ */
+/* $OpenBSD: mac.c,v 1.24 2013/06/03 00:03:18 dtucker Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -50,7 +50,7 @@
 #define SSH_UMAC        2       /* UMAC (not integrated with OpenSSL) */
 #define SSH_UMAC128     3
 
-struct {
+struct macalg {
         char            *name;
         int             type;
         const EVP_MD *  (*mdfunc)(void);
@@ -58,7 +58,9 @@ struct {
         int             key_len;        /* just for UMAC */
         int             len;            /* just for UMAC */
         int             etm;            /* Encrypt-then-MAC */
-} macs[] = {
+};
+
+static const struct macalg macs[] = {
         /* Encrypt-and-MAC (encrypt-and-authenticate) variants */
         { "hmac-sha1",                          SSH_EVP, EVP_sha1, 0, 0, 0, 0 },
         { "hmac-sha1-96",                       SSH_EVP, EVP_sha1, 96, 0, 0, 0 },
@@ -89,38 +91,58 @@ struct {
         { NULL,                                 0, NULL, 0, 0, 0, 0 }
 };
 
+/* Returns a comma-separated list of supported MACs. */
+char *
+mac_alg_list(void)
+{
+        char *ret = NULL;
+        size_t nlen, rlen = 0;
+        const struct macalg *m;
+
+        for (m = macs; m->name != NULL; m++) {
+                if (ret != NULL)
+                        ret[rlen++] = '\n';
+                nlen = strlen(m->name);
+                ret = xrealloc(ret, 1, rlen + nlen + 2);
+                memcpy(ret + rlen, m->name, nlen + 1);
+                rlen += nlen;
+        }
+        return ret;
+}
+
 static void
-mac_setup_by_id(Mac *mac, int which)
+mac_setup_by_alg(Mac *mac, const struct macalg *macalg)
 {
         int evp_len;
-        mac->type = macs[which].type;
+
+        mac->type = macalg->type;
         if (mac->type == SSH_EVP) {
-                mac->evp_md = (*macs[which].mdfunc)();
+                mac->evp_md = macalg->mdfunc();
                 if ((evp_len = EVP_MD_size(mac->evp_md)) <= 0)
                         fatal("mac %s len %d", mac->name, evp_len);
                 mac->key_len = mac->mac_len = (u_int)evp_len;
         } else {
-                mac->mac_len = macs[which].len / 8;
-                mac->key_len = macs[which].key_len / 8;
+                mac->mac_len = macalg->len / 8;
+                mac->key_len = macalg->key_len / 8;
                 mac->umac_ctx = NULL;
         }
-        if (macs[which].truncatebits != 0)
-                mac->mac_len = macs[which].truncatebits / 8;
-        mac->etm = macs[which].etm;
+        if (macalg->truncatebits != 0)
+                mac->mac_len = macalg->truncatebits / 8;
+        mac->etm = macalg->etm;
 }
 
 int
 mac_setup(Mac *mac, char *name)
 {
-        int i;
-
-        for (i = 0; macs[i].name; i++) {
-                if (strcmp(name, macs[i].name) == 0) {
-                        if (mac != NULL)
-                                mac_setup_by_id(mac, i);
-                        debug2("mac_setup: found %s", name);
-                        return (0);
-                }
+        const struct macalg *m;
+
+        for (m = macs; m->name != NULL; m++) {
+                if (strcmp(name, m->name) != 0)
+                        continue;
+                if (mac != NULL)
+                        mac_setup_by_alg(mac, m);
+                debug2("mac_setup: found %s", name);
+                return (0);
         }
         debug2("mac_setup: unknown %s", name);
         return (-1);
@@ -152,12 +174,15 @@ mac_init(Mac *mac)
 u_char *
 mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen)
 {
-        static u_char m[EVP_MAX_MD_SIZE];
+        static union {
+                u_char m[EVP_MAX_MD_SIZE];
+                u_int64_t for_align;
+        } u;
         u_char b[4], nonce[8];
 
-        if (mac->mac_len > sizeof(m))
+        if (mac->mac_len > sizeof(u))
                 fatal("mac_compute: mac too long %u %lu",
-                    mac->mac_len, (u_long)sizeof(m));
+                    mac->mac_len, (u_long)sizeof(u));
 
         switch (mac->type) {
         case SSH_EVP:
@@ -166,22 +191,22 @@ mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen)
                 HMAC_Init(&mac->evp_ctx, NULL, 0, NULL);
                 HMAC_Update(&mac->evp_ctx, b, sizeof(b));
                 HMAC_Update(&mac->evp_ctx, data, datalen);
-                HMAC_Final(&mac->evp_ctx, m, NULL);
+                HMAC_Final(&mac->evp_ctx, u.m, NULL);
                 break;
         case SSH_UMAC:
                 put_u64(nonce, seqno);
                 umac_update(mac->umac_ctx, data, datalen);
-                umac_final(mac->umac_ctx, m, nonce);
+                umac_final(mac->umac_ctx, u.m, nonce);
                 break;
         case SSH_UMAC128:
                 put_u64(nonce, seqno);
                 umac128_update(mac->umac_ctx, data, datalen);
-                umac128_final(mac->umac_ctx, m, nonce);
+                umac128_final(mac->umac_ctx, u.m, nonce);
                 break;
         default:
                 fatal("mac_compute: unknown MAC type");
         }
-        return (m);
+        return (u.m);
 }
 
 void
@@ -213,13 +238,13 @@ mac_valid(const char *names)
             (p = strsep(&cp, MAC_SEP))) {
                 if (mac_setup(NULL, p) < 0) {
                         debug("bad mac %s [%s]", p, names);
-                        xfree(maclist);
+                        free(maclist);
                         return (0);
                 } else {
                         debug3("mac ok: %s [%s]", p, names);
                 }
         }
         debug3("macs ok: [%s]", names);
-        xfree(maclist);
+        free(maclist);
         return (1);
 }
diff --git a/mac.h b/mac.h
index 39f564dd3..260798ab3 100644
--- a/mac.h
+++ b/mac.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: mac.h,v 1.6 2007/06/07 19:37:34 pvalchev Exp $ */
+/* $OpenBSD: mac.h,v 1.7 2013/04/19 01:06:50 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -24,6 +24,7 @@
  */
 
 int      mac_valid(const char *);
+char    *mac_alg_list(void);
 int      mac_setup(Mac *, char *);
 int      mac_init(Mac *);
 u_char  *mac_compute(Mac *, u_int32_t, u_char *, int);
diff --git a/match.c b/match.c
index 238947778..7be7d2c5c 100644
--- a/match.c
+++ b/match.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: match.c,v 1.27 2008/06/10 23:06:19 djm Exp $ */
+/* $OpenBSD: match.c,v 1.28 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -40,6 +40,7 @@
 #include <sys/types.h>
 
 #include <ctype.h>
+#include <stdlib.h>
 #include <string.h>
 
 #include "xmalloc.h"
@@ -226,14 +227,14 @@ match_user(const char *user, const char *host, const char *ipaddr,
 
         if ((ret = match_pattern(user, pat)) == 1)
                 ret = match_host_and_ip(host, ipaddr, p);
-        xfree(pat);
+        free(pat);
 
         return ret;
 }
 
 /*
  * Returns first item from client-list that is also supported by server-list,
- * caller must xfree() returned string.
+ * caller must free the returned string.
  */
 #define MAX_PROP        40
 #define SEP     ","
@@ -264,15 +265,15 @@ match_list(const char *client, const char *server, u_int *next)
                                 if (next != NULL)
                                         *next = (cp == NULL) ?
                                             strlen(c) : (u_int)(cp - c);
-                                xfree(c);
-                                xfree(s);
+                                free(c);
+                                free(s);
                                 return ret;
                         }
                 }
         }
         if (next != NULL)
                 *next = strlen(c);
-        xfree(c);
-        xfree(s);
+        free(c);
+        free(s);
         return NULL;
 }
diff --git a/misc.c b/misc.c
index 2adb8c6a8..eb57bfc1b 100644
--- a/misc.c
+++ b/misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.86 2011/09/05 05:59:08 djm Exp $ */
+/* $OpenBSD: misc.c,v 1.91 2013/07/12 00:43:50 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2005,2006 Damien Miller.  All rights reserved.
@@ -129,7 +129,7 @@ unset_nonblock(int fd)
 const char *
 ssh_gai_strerror(int gaierr)
 {
-        if (gaierr == EAI_SYSTEM)
+        if (gaierr == EAI_SYSTEM && errno != 0)
                 return strerror(errno);
         return gai_strerror(gaierr);
 }
@@ -208,16 +208,18 @@ pwcopy(struct passwd *pw)
 
         copy->pw_name = xstrdup(pw->pw_name);
         copy->pw_passwd = xstrdup(pw->pw_passwd);
+#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
         copy->pw_gecos = xstrdup(pw->pw_gecos);
+#endif
         copy->pw_uid = pw->pw_uid;
         copy->pw_gid = pw->pw_gid;
-#ifdef HAVE_PW_EXPIRE_IN_PASSWD
+#ifdef HAVE_STRUCT_PASSWD_PW_EXPIRE
         copy->pw_expire = pw->pw_expire;
 #endif
-#ifdef HAVE_PW_CHANGE_IN_PASSWD
+#ifdef HAVE_STRUCT_PASSWD_PW_CHANGE
         copy->pw_change = pw->pw_change;
 #endif
-#ifdef HAVE_PW_CLASS_IN_PASSWD
+#ifdef HAVE_STRUCT_PASSWD_PW_CLASS
         copy->pw_class = xstrdup(pw->pw_class);
 #endif
         copy->pw_dir = xstrdup(pw->pw_dir);
@@ -253,13 +255,13 @@ a2tun(const char *s, int *remote)
                 *remote = SSH_TUNID_ANY;
                 sp = xstrdup(s);
                 if ((ep = strchr(sp, ':')) == NULL) {
-                        xfree(sp);
+                        free(sp);
                         return (a2tun(s, NULL));
                 }
                 ep[0] = '\0'; ep++;
                 *remote = a2tun(ep, NULL);
                 tun = a2tun(sp, NULL);
-                xfree(sp);
+                free(sp);
                 return (*remote == SSH_TUNID_ERR ? *remote : tun);
         }
 
@@ -492,7 +494,7 @@ replacearg(arglist *args, u_int which, char *fmt, ...)
         if (which >= args->num)
                 fatal("replacearg: tried to replace invalid arg %d >= %d",
                     which, args->num);
-        xfree(args->list[which]);
+        free(args->list[which]);
         args->list[which] = cp;
 }
 
@@ -503,8 +505,8 @@ freeargs(arglist *args)
 
         if (args->list != NULL) {
                 for (i = 0; i < args->num; i++)
-                        xfree(args->list[i]);
-                xfree(args->list);
+                        free(args->list[i]);
+                free(args->list);
                 args->nalloc = args->num = 0;
                 args->list = NULL;
         }
@@ -517,8 +519,8 @@ freeargs(arglist *args)
 char *
 tilde_expand_filename(const char *filename, uid_t uid)
 {
-        const char *path;
-        char user[128], ret[MAXPATHLEN];
+        const char *path, *sep;
+        char user[128], *ret;
         struct passwd *pw;
         u_int len, slash;
 
@@ -538,22 +540,21 @@ tilde_expand_filename(const char *filename, uid_t uid)
         } else if ((pw = getpwuid(uid)) == NULL)        /* ~/path */
                 fatal("tilde_expand_filename: No such uid %ld", (long)uid);
 
-        if (strlcpy(ret, pw->pw_dir, sizeof(ret)) >= sizeof(ret))
-                fatal("tilde_expand_filename: Path too long");
-
         /* Make sure directory has a trailing '/' */
         len = strlen(pw->pw_dir);
-        if ((len == 0 || pw->pw_dir[len - 1] != '/') &&
-            strlcat(ret, "/", sizeof(ret)) >= sizeof(ret))
-                fatal("tilde_expand_filename: Path too long");
+        if (len == 0 || pw->pw_dir[len - 1] != '/')
+                sep = "/";
+        else
+                sep = "";
 
         /* Skip leading '/' from specified path */
         if (path != NULL)
                 filename = path + 1;
-        if (strlcat(ret, filename, sizeof(ret)) >= sizeof(ret))
+
+        if (xasprintf(&ret, "%s%s%s", pw->pw_dir, sep, filename) >= MAXPATHLEN)
                 fatal("tilde_expand_filename: Path too long");
 
-        return (xstrdup(ret));
+        return (ret);
 }
 
 /*
@@ -920,6 +921,24 @@ ms_to_timeval(struct timeval *tv, int ms)
         tv->tv_usec = (ms % 1000) * 1000;
 }
 
+time_t
+monotime(void)
+{
+#if defined(HAVE_CLOCK_GETTIME) && defined(CLOCK_MONOTONIC)
+        struct timespec ts;
+        static int gettime_failed = 0;
+
+        if (!gettime_failed) {
+                if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0)
+                        return (ts.tv_sec);
+                debug3("clock_gettime: %s", strerror(errno));
+                gettime_failed = 1;
+        }
+#endif
+
+        return time(NULL);
+}
+
 void
 bandwidth_limit_init(struct bwlimit *bw, u_int64_t kbps, size_t buflen)
 {
diff --git a/misc.h b/misc.h
index 904edc704..51ba182e1 100644
--- a/misc.h
+++ b/misc.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.h,v 1.48 2011/03/29 18:54:17 stevesk Exp $ */
+/* $OpenBSD: misc.h,v 1.49 2013/06/01 13:15:52 dtucker Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -35,6 +35,7 @@ char	*tohex(const void *, size_t);
 void     sanitise_stdfd(void);
 void     ms_subtract_diff(struct timeval *, int *);
 void     ms_to_timeval(struct timeval *, int);
+time_t   monotime(void);
 void     sock_set_v6only(int);
 
 struct passwd *pwcopy(struct passwd *);
diff --git a/moduli.0 b/moduli.0
index 77dfa4295..7dc2cd540 100644
--- a/moduli.0
+++ b/moduli.0
@@ -71,4 +71,4 @@ STANDARDS
      the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006,
      2006.
 
-OpenBSD 5.3                   September 26, 2012                   OpenBSD 5.3
+OpenBSD 5.4                   September 26, 2012                   OpenBSD 5.4
diff --git a/moduli.c b/moduli.c
index 5267bb9ab..294ff8fde 100644
--- a/moduli.c
+++ b/moduli.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: moduli.c,v 1.26 2012/07/06 00:41:59 dtucker Exp $ */
+/* $OpenBSD: moduli.c,v 1.27 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Copyright 1994 Phil Karn <karn@qualcomm.com>
  * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com>
@@ -433,9 +433,9 @@ gen_candidates(FILE *out, u_int32_t memory, u_int32_t power, BIGNUM *start)
 
         time(&time_stop);
 
-        xfree(LargeSieve);
-        xfree(SmallSieve);
-        xfree(TinySieve);
+        free(LargeSieve);
+        free(SmallSieve);
+        free(TinySieve);
 
         logit("%.24s Found %u candidates", ctime(&time_stop), r);
 
@@ -709,7 +709,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted,
         }
 
         time(&time_stop);
-        xfree(lp);
+        free(lp);
         BN_free(p);
         BN_free(q);
         BN_CTX_free(ctx);
diff --git a/monitor.c b/monitor.c
index a9021fc4d..9bc4f0b2e 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.120 2012/12/11 22:16:21 markus Exp $ */
+/* $OpenBSD: monitor.c,v 1.127 2013/07/19 07:37:48 markus Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -97,6 +97,7 @@
 #include "ssh2.h"
 #include "jpake.h"
 #include "roaming.h"
+#include "authfd.h"
 #ifdef USE_CONSOLEKIT
 #include "consolekit.h"
 #endif
@@ -420,7 +421,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
                                     "with SSH protocol 1");
                         if (authenticated &&
                             !auth2_update_methods_lists(authctxt,
-                            auth_method)) {
+                            auth_method, auth_submethod)) {
                                 debug3("%s: method %s: partial", __func__,
                                     auth_method);
                                 authenticated = 0;
@@ -450,8 +451,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
                 }
                 if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) {
                         auth_log(authctxt, authenticated, partial,
-                            auth_method, auth_submethod,
-                            compat20 ? " ssh2" : "");
+                            auth_method, auth_submethod);
                         if (!authenticated)
                                 authctxt->failures++;
                 }
@@ -586,7 +586,7 @@ monitor_read_log(struct monitor *pmonitor)
         do_log2(level, "%s [preauth]", msg);
 
         buffer_free(&logmsg);
-        xfree(msg);
+        free(msg);
 
         return 0;
 }
@@ -677,12 +677,9 @@ static void
 monitor_reset_key_state(void)
 {
         /* reset state */
-        if (key_blob != NULL)
-                xfree(key_blob);
-        if (hostbased_cuser != NULL)
-                xfree(hostbased_cuser);
-        if (hostbased_chost != NULL)
-                xfree(hostbased_chost);
+        free(key_blob);
+        free(hostbased_cuser);
+        free(hostbased_chost);
         key_blob = NULL;
         key_bloblen = 0;
         key_blobtype = MM_NOKEY;
@@ -725,6 +722,8 @@ mm_answer_moduli(int sock, Buffer *m)
         return (0);
 }
 
+extern AuthenticationConnection *auth_conn;
+
 int
 mm_answer_sign(int sock, Buffer *m)
 {
@@ -753,18 +752,24 @@ mm_answer_sign(int sock, Buffer *m)
                 memcpy(session_id2, p, session_id2_len);
         }
 
-        if ((key = get_hostkey_by_index(keyid)) == NULL)
+        if ((key = get_hostkey_by_index(keyid)) != NULL) {
+                if (key_sign(key, &signature, &siglen, p, datlen) < 0)
+                        fatal("%s: key_sign failed", __func__);
+        } else if ((key = get_hostkey_public_by_index(keyid)) != NULL &&
+            auth_conn != NULL) {
+                if (ssh_agent_sign(auth_conn, key, &signature, &siglen, p,
+                    datlen) < 0)
+                        fatal("%s: ssh_agent_sign failed", __func__);
+        } else
                 fatal("%s: no hostkey from index %d", __func__, keyid);
-        if (key_sign(key, &signature, &siglen, p, datlen) < 0)
-                fatal("%s: key_sign failed", __func__);
 
         debug3("%s: signature %p(%u)", __func__, signature, siglen);
 
         buffer_clear(m);
         buffer_put_string(m, signature, siglen);
 
-        xfree(p);
-        xfree(signature);
+        free(p);
+        free(signature);
 
         mm_request_send(sock, MONITOR_ANS_SIGN, m);
 
@@ -795,7 +800,7 @@ mm_answer_pwnamallow(int sock, Buffer *m)
 
         authctxt->user = xstrdup(username);
         setproctitle("%s [priv]", pwent ? username : "unknown");
-        xfree(username);
+        free(username);
 
         buffer_clear(m);
 
@@ -813,8 +818,10 @@ mm_answer_pwnamallow(int sock, Buffer *m)
         buffer_put_string(m, pwent, sizeof(struct passwd));
         buffer_put_cstring(m, pwent->pw_name);
         buffer_put_cstring(m, "*");
+#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
         buffer_put_cstring(m, pwent->pw_gecos);
-#ifdef HAVE_PW_CLASS_IN_PASSWD
+#endif
+#ifdef HAVE_STRUCT_PASSWD_PW_CLASS
         buffer_put_cstring(m, pwent->pw_class);
 #endif
         buffer_put_cstring(m, pwent->pw_dir);
@@ -874,9 +881,7 @@ int mm_answer_auth2_read_banner(int sock, Buffer *m)
         banner = auth2_read_banner();
         buffer_put_cstring(m, banner != NULL ? banner : "");
         mm_request_send(sock, MONITOR_ANS_AUTH2_READ_BANNER, m);
-
-        if (banner != NULL)
-                xfree(banner);
+        free(banner);
 
         return (0);
 }
@@ -893,12 +898,12 @@ mm_answer_authserv(int sock, Buffer *m)
             __func__, authctxt->service, authctxt->style, authctxt->role);
 
         if (strlen(authctxt->style) == 0) {
-                xfree(authctxt->style);
+                free(authctxt->style);
                 authctxt->style = NULL;
         }
 
         if (strlen(authctxt->role) == 0) {
-                xfree(authctxt->role);
+                free(authctxt->role);
                 authctxt->role = NULL;
         }
 
@@ -915,7 +920,7 @@ mm_answer_authrole(int sock, Buffer *m)
             __func__, authctxt->role);
 
         if (strlen(authctxt->role) == 0) {
-                xfree(authctxt->role);
+                free(authctxt->role);
                 authctxt->role = NULL;
         }
 
@@ -935,7 +940,7 @@ mm_answer_authpassword(int sock, Buffer *m)
         authenticated = options.password_authentication &&
             auth_password(authctxt, passwd);
         memset(passwd, 0, strlen(passwd));
-        xfree(passwd);
+        free(passwd);
 
         buffer_clear(m);
         buffer_put_int(m, authenticated);
@@ -975,10 +980,10 @@ mm_answer_bsdauthquery(int sock, Buffer *m)
         mm_request_send(sock, MONITOR_ANS_BSDAUTHQUERY, m);
 
         if (success) {
-                xfree(name);
-                xfree(infotxt);
-                xfree(prompts);
-                xfree(echo_on);
+                free(name);
+                free(infotxt);
+                free(prompts);
+                free(echo_on);
         }
 
         return (0);
@@ -998,7 +1003,7 @@ mm_answer_bsdauthrespond(int sock, Buffer *m)
             auth_userresponse(authctxt->as, response, 0);
         authctxt->as = NULL;
         debug3("%s: <%s> = <%d>", __func__, response, authok);
-        xfree(response);
+        free(response);
 
         buffer_clear(m);
         buffer_put_int(m, authok);
@@ -1006,9 +1011,10 @@ mm_answer_bsdauthrespond(int sock, Buffer *m)
         debug3("%s: sending authenticated: %d", __func__, authok);
         mm_request_send(sock, MONITOR_ANS_BSDAUTHRESPOND, m);
 
-        if (compat20)
-                auth_method = "keyboard-interactive"; /* XXX auth_submethod */
-        else
+        if (compat20) {
+                auth_method = "keyboard-interactive";
+                auth_submethod = "bsdauth";
+        } else
                 auth_method = "bsdauth";
 
         return (authok != 0);
@@ -1050,7 +1056,7 @@ mm_answer_skeyrespond(int sock, Buffer *m)
             skey_haskey(authctxt->pw->pw_name) == 0 &&
             skey_passcheck(authctxt->pw->pw_name, response) != -1);
 
-        xfree(response);
+        free(response);
 
         buffer_clear(m);
         buffer_put_int(m, authok);
@@ -1135,19 +1141,17 @@ mm_answer_pam_query(int sock, Buffer *m)
         buffer_clear(m);
         buffer_put_int(m, ret);
         buffer_put_cstring(m, name);
-        xfree(name);
+        free(name);
         buffer_put_cstring(m, info);
-        xfree(info);
+        free(info);
         buffer_put_int(m, num);
         for (i = 0; i < num; ++i) {
                 buffer_put_cstring(m, prompts[i]);
-                xfree(prompts[i]);
+                free(prompts[i]);
                 buffer_put_int(m, echo_on[i]);
         }
-        if (prompts != NULL)
-                xfree(prompts);
-        if (echo_on != NULL)
-                xfree(echo_on);
+        free(prompts);
+        free(echo_on);
         auth_method = "keyboard-interactive";
         auth_submethod = "pam";
         mm_request_send(sock, MONITOR_ANS_PAM_QUERY, m);
@@ -1170,8 +1174,8 @@ mm_answer_pam_respond(int sock, Buffer *m)
                         resp[i] = buffer_get_string(m, NULL);
                 ret = (sshpam_device.respond)(sshpam_ctxt, num, resp);
                 for (i = 0; i < num; ++i)
-                        xfree(resp[i]);
-                xfree(resp);
+                        free(resp[i]);
+                free(resp);
         } else {
                 ret = (sshpam_device.respond)(sshpam_ctxt, num, NULL);
         }
@@ -1229,6 +1233,7 @@ mm_answer_keyallowed(int sock, Buffer *m)
                 case MM_USERKEY:
                         allowed = options.pubkey_authentication &&
                             user_key_allowed(authctxt->pw, key);
+                        pubkey_auth_info(authctxt, key, NULL);
                         auth_method = "publickey";
                         if (options.pubkey_authentication && allowed != 1)
                                 auth_clear_options();
@@ -1237,6 +1242,9 @@ mm_answer_keyallowed(int sock, Buffer *m)
                         allowed = options.hostbased_authentication &&
                             hostbased_key_allowed(authctxt->pw,
                             cuser, chost, key);
+                        pubkey_auth_info(authctxt, key,
+                            "client user \"%.100s\", client host \"%.100s\"",
+                            cuser, chost);
                         auth_method = "hostbased";
                         break;
                 case MM_RSAHOSTKEY:
@@ -1268,11 +1276,10 @@ mm_answer_keyallowed(int sock, Buffer *m)
                 hostbased_chost = chost;
         } else {
                 /* Log failed attempt */
-                auth_log(authctxt, 0, 0, auth_method, NULL,
-                    compat20 ? " ssh2" : "");
-                xfree(blob);
-                xfree(cuser);
-                xfree(chost);
+                auth_log(authctxt, 0, 0, auth_method, NULL);
+                free(blob);
+                free(cuser);
+                free(chost);
         }
 
         debug3("%s: key %p is %s",
@@ -1294,7 +1301,7 @@ static int
 monitor_valid_userblob(u_char *data, u_int datalen)
 {
         Buffer b;
-        char *p;
+        char *p, *userstyle;
         u_int len;
         int fail = 0;
 
@@ -1315,26 +1322,30 @@ monitor_valid_userblob(u_char *data, u_int datalen)
                     (len != session_id2_len) ||
                     (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
                         fail++;
-                xfree(p);
+                free(p);
         }
         if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST)
                 fail++;
-        p = buffer_get_string(&b, NULL);
-        if (strcmp(authctxt->user, p) != 0) {
+        p = buffer_get_cstring(&b, NULL);
+        xasprintf(&userstyle, "%s%s%s", authctxt->user,
+            authctxt->style ? ":" : "",
+            authctxt->style ? authctxt->style : "");
+        if (strcmp(userstyle, p) != 0) {
                 logit("wrong user name passed to monitor: expected %s != %.100s",
-                    authctxt->user, p);
+                    userstyle, p);
                 fail++;
         }
-        xfree(p);
+        free(userstyle);
+        free(p);
         buffer_skip_string(&b);
         if (datafellows & SSH_BUG_PKAUTH) {
                 if (!buffer_get_char(&b))
                         fail++;
         } else {
-                p = buffer_get_string(&b, NULL);
+                p = buffer_get_cstring(&b, NULL);
                 if (strcmp("publickey", p) != 0)
                         fail++;
-                xfree(p);
+                free(p);
                 if (!buffer_get_char(&b))
                         fail++;
                 buffer_skip_string(&b);
@@ -1351,7 +1362,7 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
     char *chost)
 {
         Buffer b;
-        char *p;
+        char *p, *userstyle;
         u_int len;
         int fail = 0;
 
@@ -1363,22 +1374,26 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
             (len != session_id2_len) ||
             (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
                 fail++;
-        xfree(p);
+        free(p);
 
         if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST)
                 fail++;
-        p = buffer_get_string(&b, NULL);
-        if (strcmp(authctxt->user, p) != 0) {
+        p = buffer_get_cstring(&b, NULL);
+        xasprintf(&userstyle, "%s%s%s", authctxt->user,
+            authctxt->style ? ":" : "",
+            authctxt->style ? authctxt->style : "");
+        if (strcmp(userstyle, p) != 0) {
                 logit("wrong user name passed to monitor: expected %s != %.100s",
-                    authctxt->user, p);
+                    userstyle, p);
                 fail++;
         }
-        xfree(p);
+        free(userstyle);
+        free(p);
         buffer_skip_string(&b); /* service */
-        p = buffer_get_string(&b, NULL);
+        p = buffer_get_cstring(&b, NULL);
         if (strcmp(p, "hostbased") != 0)
                 fail++;
-        xfree(p);
+        free(p);
         buffer_skip_string(&b); /* pkalg */
         buffer_skip_string(&b); /* pkblob */
 
@@ -1388,13 +1403,13 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
                 p[len - 1] = '\0';
         if (strcmp(p, chost) != 0)
                 fail++;
-        xfree(p);
+        free(p);
 
         /* verify client user */
         p = buffer_get_string(&b, NULL);
         if (strcmp(p, cuser) != 0)
                 fail++;
-        xfree(p);
+        free(p);
 
         if (buffer_len(&b) != 0)
                 fail++;
@@ -1443,9 +1458,9 @@ mm_answer_keyverify(int sock, Buffer *m)
             __func__, key, (verified == 1) ? "verified" : "unverified");
 
         key_free(key);
-        xfree(blob);
-        xfree(signature);
-        xfree(data);
+        free(blob);
+        free(signature);
+        free(data);
 
         auth_method = key_blobtype == MM_USERKEY ? "publickey" : "hostbased";
 
@@ -1573,7 +1588,7 @@ mm_answer_pty_cleanup(int sock, Buffer *m)
         if ((s = session_by_tty(tty)) != NULL)
                 mm_session_close(s);
         buffer_clear(m);
-        xfree(tty);
+        free(tty);
         return (0);
 }
 
@@ -1705,7 +1720,7 @@ mm_answer_rsa_challenge(int sock, Buffer *m)
 
         monitor_permit(mon_dispatch, MONITOR_REQ_RSARESPONSE, 1);
 
-        xfree(blob);
+        free(blob);
         key_free(key);
         return (0);
 }
@@ -1737,9 +1752,9 @@ mm_answer_rsa_response(int sock, Buffer *m)
                 fatal("%s: received bad response to challenge", __func__);
         success = auth_rsa_verify_response(key, ssh1_challenge, response);
 
-        xfree(blob);
+        free(blob);
         key_free(key);
-        xfree(response);
+        free(response);
 
         auth_method = key_blobtype == MM_RSAUSERKEY ? "rsa" : "rhosts-rsa";
 
@@ -1818,7 +1833,7 @@ mm_answer_audit_command(int socket, Buffer *m)
         cmd = buffer_get_string(m, &len);
         /* sanity check command, if so how? */
         audit_run_command(cmd);
-        xfree(cmd);
+        free(cmd);
         return (0);
 }
 #endif /* SSH_AUDIT_EVENTS */
@@ -1833,20 +1848,20 @@ monitor_apply_keystate(struct monitor *pmonitor)
                 packet_set_protocol_flags(child_state.ssh1protoflags);
                 packet_set_encryption_key(child_state.ssh1key,
                     child_state.ssh1keylen, child_state.ssh1cipher);
-                xfree(child_state.ssh1key);
+                free(child_state.ssh1key);
         }
 
         /* for rc4 and other stateful ciphers */
         packet_set_keycontext(MODE_OUT, child_state.keyout);
-        xfree(child_state.keyout);
+        free(child_state.keyout);
         packet_set_keycontext(MODE_IN, child_state.keyin);
-        xfree(child_state.keyin);
+        free(child_state.keyin);
 
         if (!compat20) {
                 packet_set_iv(MODE_OUT, child_state.ivout);
-                xfree(child_state.ivout);
+                free(child_state.ivout);
                 packet_set_iv(MODE_IN, child_state.ivin);
-                xfree(child_state.ivin);
+                free(child_state.ivin);
         }
 
         memcpy(&incoming_stream, &child_state.incoming,
@@ -1858,18 +1873,22 @@ monitor_apply_keystate(struct monitor *pmonitor)
         if (options.compression)
                 mm_init_compression(pmonitor->m_zlib);
 
+        if (options.rekey_limit || options.rekey_interval)
+                packet_set_rekey_limits((u_int32_t)options.rekey_limit,
+                    (time_t)options.rekey_interval);
+
         /* Network I/O buffers */
         /* XXX inefficient for large buffers, need: buffer_init_from_string */
         buffer_clear(packet_get_input());
         buffer_append(packet_get_input(), child_state.input, child_state.ilen);
         memset(child_state.input, 0, child_state.ilen);
-        xfree(child_state.input);
+        free(child_state.input);
 
         buffer_clear(packet_get_output());
         buffer_append(packet_get_output(), child_state.output,
                       child_state.olen);
         memset(child_state.output, 0, child_state.olen);
-        xfree(child_state.output);
+        free(child_state.output);
 
         /* Roaming */
         if (compat20)
@@ -1908,11 +1927,11 @@ mm_get_kex(Buffer *m)
         blob = buffer_get_string(m, &bloblen);
         buffer_init(&kex->my);
         buffer_append(&kex->my, blob, bloblen);
-        xfree(blob);
+        free(blob);
         blob = buffer_get_string(m, &bloblen);
         buffer_init(&kex->peer);
         buffer_append(&kex->peer, blob, bloblen);
-        xfree(blob);
+        free(blob);
         kex->done = 1;
         kex->flags = buffer_get_int(m);
         kex->client_version_string = buffer_get_string(m, NULL);
@@ -1920,6 +1939,7 @@ mm_get_kex(Buffer *m)
         kex->load_host_public_key=&get_hostkey_public_by_type;
         kex->load_host_private_key=&get_hostkey_private_by_type;
         kex->host_key_index=&get_hostkey_index;
+        kex->sign = sshd_hostkey_sign;
 
         return (kex);
 }
@@ -1955,12 +1975,12 @@ mm_get_keystate(struct monitor *pmonitor)
 
         blob = buffer_get_string(&m, &bloblen);
         current_keys[MODE_OUT] = mm_newkeys_from_blob(blob, bloblen);
-        xfree(blob);
+        free(blob);
 
         debug3("%s: Waiting for second key", __func__);
         blob = buffer_get_string(&m, &bloblen);
         current_keys[MODE_IN] = mm_newkeys_from_blob(blob, bloblen);
-        xfree(blob);
+        free(blob);
 
         /* Now get sequence numbers for the packets */
         seqnr = buffer_get_int(&m);
@@ -1985,13 +2005,13 @@ mm_get_keystate(struct monitor *pmonitor)
         if (plen != sizeof(child_state.outgoing))
                 fatal("%s: bad request size", __func__);
         memcpy(&child_state.outgoing, p, sizeof(child_state.outgoing));
-        xfree(p);
+        free(p);
 
         p = buffer_get_string(&m, &plen);
         if (plen != sizeof(child_state.incoming))
                 fatal("%s: bad request size", __func__);
         memcpy(&child_state.incoming, p, sizeof(child_state.incoming));
-        xfree(p);
+        free(p);
 
         /* Network I/O buffers */
         debug3("%s: Getting Network I/O buffers", __func__);
@@ -2116,7 +2136,7 @@ mm_answer_gss_setup_ctx(int sock, Buffer *m)
 
         major = ssh_gssapi_server_ctx(&gsscontext, &goid);
 
-        xfree(goid.elements);
+        free(goid.elements);
 
         buffer_clear(m);
         buffer_put_int(m, major);
@@ -2144,7 +2164,7 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m)
         in.value = buffer_get_string(m, &len);
         in.length = len;
         major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags);
-        xfree(in.value);
+        free(in.value);
 
         buffer_clear(m);
         buffer_put_int(m, major);
@@ -2180,8 +2200,8 @@ mm_answer_gss_checkmic(int sock, Buffer *m)
 
         ret = ssh_gssapi_checkmic(gsscontext, &gssbuf, &mic);
 
-        xfree(gssbuf.value);
-        xfree(mic.value);
+        free(gssbuf.value);
+        free(mic.value);
 
         buffer_clear(m);
         buffer_put_int(m, ret);
@@ -2242,7 +2262,7 @@ mm_answer_gss_sign(int socket, Buffer *m)
         }
         major = ssh_gssapi_sign(gsscontext, &data, &hash);
 
-        xfree(data.value);
+        free(data.value);
 
         buffer_clear(m);
         buffer_put_int(m, major);
@@ -2272,9 +2292,9 @@ mm_answer_gss_updatecreds(int socket, Buffer *m) {
 
         ok = ssh_gssapi_update_creds(&store);
 
-        xfree(store.filename);
-        xfree(store.envvar);
-        xfree(store.envval);
+        free(store.filename);
+        free(store.envvar);
+        free(store.envval);
 
         buffer_clear(m);
         buffer_put_int(m, ok);
@@ -2323,8 +2343,8 @@ mm_answer_jpake_step1(int sock, Buffer *m)
 
         bzero(x3_proof, x3_proof_len);
         bzero(x4_proof, x4_proof_len);
-        xfree(x3_proof);
-        xfree(x4_proof);
+        free(x3_proof);
+        free(x4_proof);
 
         monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_GET_PWDATA, 1);
         monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_STEP1, 0);
@@ -2353,8 +2373,8 @@ mm_answer_jpake_get_pwdata(int sock, Buffer *m)
 
         bzero(hash_scheme, strlen(hash_scheme));
         bzero(salt, strlen(salt));
-        xfree(hash_scheme);
-        xfree(salt);
+        free(hash_scheme);
+        free(salt);
 
         monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_STEP2, 1);
 
@@ -2393,8 +2413,8 @@ mm_answer_jpake_step2(int sock, Buffer *m)
 
         bzero(x1_proof, x1_proof_len);
         bzero(x2_proof, x2_proof_len);
-        xfree(x1_proof);
-        xfree(x2_proof);
+        free(x1_proof);
+        free(x2_proof);
 
         buffer_clear(m);
 
@@ -2405,7 +2425,7 @@ mm_answer_jpake_step2(int sock, Buffer *m)
         mm_request_send(sock, MONITOR_ANS_JPAKE_STEP2, m);
 
         bzero(x4_s_proof, x4_s_proof_len);
-        xfree(x4_s_proof);
+        free(x4_s_proof);
 
         monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_KEY_CONFIRM, 1);
 
@@ -2473,7 +2493,7 @@ mm_answer_jpake_check_confirm(int sock, Buffer *m)
         JPAKE_DEBUG_CTX((pctx, "check_confirm done in %s", __func__));
 
         bzero(peer_confirm_hash, peer_confirm_hash_len);
-        xfree(peer_confirm_hash);
+        free(peer_confirm_hash);
 
         buffer_clear(m);
         buffer_put_int(m, authenticated);
@@ -2508,10 +2528,9 @@ mm_answer_consolekit_register(int sock, Buffer *m)
         buffer_put_cstring(m, cookie != NULL ? cookie : "");
         mm_request_send(sock, MONITOR_ANS_CONSOLEKIT_REGISTER, m);
 
-        if (cookie != NULL)
-                xfree(cookie);
-        xfree(display);
-        xfree(tty);
+        free(cookie);
+        free(display);
+        free(tty);
 
         return (0);
 }
diff --git a/monitor_mm.c b/monitor_mm.c
index faf9f3dcb..ee7bad4b4 100644
--- a/monitor_mm.c
+++ b/monitor_mm.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_mm.c,v 1.16 2009/06/22 05:39:28 dtucker Exp $ */
+/* $OpenBSD: monitor_mm.c,v 1.17 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * All rights reserved.
@@ -35,6 +35,7 @@
 
 #include <errno.h>
 #include <stdarg.h>
+#include <stdlib.h>
 #include <string.h>
 
 #include "xmalloc.h"
@@ -124,7 +125,7 @@ mm_freelist(struct mm_master *mmalloc, struct mmtree *head)
                 next = RB_NEXT(mmtree, head, mms);
                 RB_REMOVE(mmtree, head, mms);
                 if (mmalloc == NULL)
-                        xfree(mms);
+                        free(mms);
                 else
                         mm_free(mmalloc, mms);
         }
@@ -147,7 +148,7 @@ mm_destroy(struct mm_master *mm)
             __func__);
 #endif
         if (mm->mmalloc == NULL)
-                xfree(mm);
+                free(mm);
         else
                 mm_free(mm->mmalloc, mm);
 }
@@ -198,7 +199,7 @@ mm_malloc(struct mm_master *mm, size_t size)
         if (mms->size == 0) {
                 RB_REMOVE(mmtree, &mm->rb_free, mms);
                 if (mm->mmalloc == NULL)
-                        xfree(mms);
+                        free(mms);
                 else
                         mm_free(mm->mmalloc, mms);
         }
@@ -254,7 +255,7 @@ mm_free(struct mm_master *mm, void *address)
                 prev->size += mms->size;
                 RB_REMOVE(mmtree, &mm->rb_free, mms);
                 if (mm->mmalloc == NULL)
-                        xfree(mms);
+                        free(mms);
                 else
                         mm_free(mm->mmalloc, mms);
         } else
@@ -278,7 +279,7 @@ mm_free(struct mm_master *mm, void *address)
         RB_REMOVE(mmtree, &mm->rb_free, mms);
 
         if (mm->mmalloc == NULL)
-                xfree(mms);
+                free(mms);
         else
                 mm_free(mm->mmalloc, mms);
 }
diff --git a/monitor_wrap.c b/monitor_wrap.c
index e62650342..9662a4c63 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.75 2013/01/08 18:49:04 markus Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.76 2013/05/17 00:13:13 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -259,8 +259,10 @@ mm_getpwnamallow(const char *username)
                 fatal("%s: struct passwd size mismatch", __func__);
         pw->pw_name = buffer_get_string(&m, NULL);
         pw->pw_passwd = buffer_get_string(&m, NULL);
+#ifdef HAVE_STRUCT_PASSWD_PW_GECOS
         pw->pw_gecos = buffer_get_string(&m, NULL);
-#ifdef HAVE_PW_CLASS_IN_PASSWD
+#endif
+#ifdef HAVE_STRUCT_PASSWD_PW_CLASS
         pw->pw_class = buffer_get_string(&m, NULL);
 #endif
         pw->pw_dir = buffer_get_string(&m, NULL);
@@ -286,7 +288,7 @@ out:
 #undef M_CP_STRARRAYOPT
 
         copy_set_server_options(&options, newopts, 1);
-        xfree(newopts);
+        free(newopts);
 
         buffer_free(&m);
 
@@ -312,7 +314,7 @@ mm_auth2_read_banner(void)
 
         /* treat empty banner as missing banner */
         if (strlen(banner) == 0) {
-                xfree(banner);
+                free(banner);
                 banner = NULL;
         }
         return (banner);
@@ -423,7 +425,7 @@ mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key)
         buffer_put_cstring(&m, user ? user : "");
         buffer_put_cstring(&m, host ? host : "");
         buffer_put_string(&m, blob, len);
-        xfree(blob);
+        free(blob);
 
         mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYALLOWED, &m);
 
@@ -466,7 +468,7 @@ mm_key_verify(Key *key, u_char *sig, u_int siglen, u_char *data, u_int datalen)
         buffer_put_string(&m, blob, len);
         buffer_put_string(&m, sig, siglen);
         buffer_put_string(&m, data, datalen);
-        xfree(blob);
+        free(blob);
 
         mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KEYVERIFY, &m);
 
@@ -635,7 +637,7 @@ mm_send_keystate(struct monitor *monitor)
                 keylen = packet_get_encryption_key(key);
                 buffer_put_string(&m, key, keylen);
                 memset(key, 0, keylen);
-                xfree(key);
+                free(key);
 
                 ivlen = packet_get_keyiv_len(MODE_OUT);
                 packet_get_keyiv(MODE_OUT, iv, ivlen);
@@ -658,13 +660,13 @@ mm_send_keystate(struct monitor *monitor)
                 fatal("%s: conversion of newkeys failed", __func__);
 
         buffer_put_string(&m, blob, bloblen);
-        xfree(blob);
+        free(blob);
 
         if (!mm_newkeys_to_blob(MODE_IN, &blob, &bloblen))
                 fatal("%s: conversion of newkeys failed", __func__);
 
         buffer_put_string(&m, blob, bloblen);
-        xfree(blob);
+        free(blob);
 
         packet_get_state(MODE_OUT, &seqnr, &blocks, &packets, &bytes);
         buffer_put_int(&m, seqnr);
@@ -684,13 +686,13 @@ mm_send_keystate(struct monitor *monitor)
         p = xmalloc(plen+1);
         packet_get_keycontext(MODE_OUT, p);
         buffer_put_string(&m, p, plen);
-        xfree(p);
+        free(p);
 
         plen = packet_get_keycontext(MODE_IN, NULL);
         p = xmalloc(plen+1);
         packet_get_keycontext(MODE_IN, p);
         buffer_put_string(&m, p, plen);
-        xfree(p);
+        free(p);
 
         /* Compression state */
         debug3("%s: Sending compression state", __func__);
@@ -752,10 +754,10 @@ mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, size_t namebuflen)
         buffer_free(&m);
 
         strlcpy(namebuf, p, namebuflen); /* Possible truncation */
-        xfree(p);
+        free(p);
 
         buffer_append(&loginmsg, msg, strlen(msg));
-        xfree(msg);
+        free(msg);
 
         if ((*ptyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1 ||
             (*ttyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1)
@@ -821,7 +823,7 @@ mm_do_pam_account(void)
         ret = buffer_get_int(&m);
         msg = buffer_get_string(&m, NULL);
         buffer_append(&loginmsg, msg, strlen(msg));
-        xfree(msg);
+        free(msg);
 
         buffer_free(&m);
 
@@ -1051,7 +1053,7 @@ mm_skey_query(void *ctx, char **name, char **infotxt,
         mm_chall_setup(name, infotxt, numprompts, prompts, echo_on);
 
         xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT);
-        xfree(challenge);
+        free(challenge);
 
         return (0);
 }
@@ -1125,7 +1127,7 @@ mm_auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
                 if ((key = key_from_blob(blob, blen)) == NULL)
                         fatal("%s: key_from_blob failed", __func__);
                 *rkey = key;
-                xfree(blob);
+                free(blob);
         }
         buffer_free(&m);
 
@@ -1152,7 +1154,7 @@ mm_auth_rsa_generate_challenge(Key *key)
 
         buffer_init(&m);
         buffer_put_string(&m, blob, blen);
-        xfree(blob);
+        free(blob);
 
         mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSACHALLENGE, &m);
         mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSACHALLENGE, &m);
@@ -1181,7 +1183,7 @@ mm_auth_rsa_verify_response(Key *key, BIGNUM *p, u_char response[16])
         buffer_init(&m);
         buffer_put_string(&m, blob, blen);
         buffer_put_string(&m, response, 16);
-        xfree(blob);
+        free(blob);
 
         mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_RSARESPONSE, &m);
         mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_RSARESPONSE, &m);
@@ -1539,7 +1541,7 @@ mm_consolekit_register(Session *s, const char *display)
 
         /* treat empty cookie as missing cookie */
         if (strlen(cookie) == 0) {
-                xfree(cookie);
+                free(cookie);
                 cookie = NULL;
         }
         return (cookie);
diff --git a/mux.c b/mux.c
index 1ae0e0915..882fa61b5 100644
--- a/mux.c
+++ b/mux.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mux.c,v 1.38 2013/01/02 00:32:07 djm Exp $ */
+/* $OpenBSD: mux.c,v 1.44 2013/07/12 00:19:58 djm Exp $ */
 /*
  * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
  *
@@ -184,7 +184,7 @@ static const struct {
 
 /* Cleanup callback fired on closure of mux slave _session_ channel */
 /* ARGSUSED */
-void
+static void
 mux_master_session_cleanup_cb(int cid, void *unused)
 {
         Channel *cc, *c = channel_by_id(cid);
@@ -219,7 +219,8 @@ mux_master_control_cleanup_cb(int cid, void *unused)
                             __func__, c->self, c->remote_id);
                 c->remote_id = -1;
                 sc->ctl_chan = -1;
-                if (sc->type != SSH_CHANNEL_OPEN) {
+                if (sc->type != SSH_CHANNEL_OPEN &&
+                    sc->type != SSH_CHANNEL_OPENING) {
                         debug2("%s: channel %d: not open", __func__, sc->self);
                         chan_mark_dead(sc);
                 } else {
@@ -286,13 +287,13 @@ process_mux_master_hello(u_int rid, Channel *c, Buffer *m, Buffer *r)
                 char *value = buffer_get_string_ret(m, NULL);
 
                 if (name == NULL || value == NULL) {
-                        if (name != NULL)
-                                xfree(name);
+                        free(name);
+                        free(value);
                         goto malf;
                 }
                 debug2("Unrecognised slave extension \"%s\"", name);
-                xfree(name);
-                xfree(value);
+                free(name);
+                free(value);
         }
         state->hello_rcvd = 1;
         return 0;
@@ -323,21 +324,17 @@ process_mux_new_session(u_int rid, Channel *c, Buffer *m, Buffer *r)
             (cctx->term = buffer_get_string_ret(m, &len)) == NULL ||
             (cmd = buffer_get_string_ret(m, &len)) == NULL) {
  malf:
-                if (cmd != NULL)
-                        xfree(cmd);
-                if (reserved != NULL)
-                        xfree(reserved);
+                free(cmd);
+                free(reserved);
                 for (j = 0; j < env_len; j++)
-                        xfree(cctx->env[j]);
-                if (env_len > 0)
-                        xfree(cctx->env);
-                if (cctx->term != NULL)
-                        xfree(cctx->term);
-                xfree(cctx);
+                        free(cctx->env[j]);
+                free(cctx->env);
+                free(cctx->term);
+                free(cctx);
                 error("%s: malformed message", __func__);
                 return -1;
         }
-        xfree(reserved);
+        free(reserved);
         reserved = NULL;
 
         while (buffer_len(m) > 0) {
@@ -345,7 +342,7 @@ process_mux_new_session(u_int rid, Channel *c, Buffer *m, Buffer *r)
                 if ((cp = buffer_get_string_ret(m, &len)) == NULL)
                         goto malf;
                 if (!env_permitted(cp)) {
-                        xfree(cp);
+                        free(cp);
                         continue;
                 }
                 cctx->env = xrealloc(cctx->env, env_len + 2,
@@ -366,7 +363,7 @@ process_mux_new_session(u_int rid, Channel *c, Buffer *m, Buffer *r)
 
         buffer_init(&cctx->cmd);
         buffer_append(&cctx->cmd, cmd, strlen(cmd));
-        xfree(cmd);
+        free(cmd);
         cmd = NULL;
 
         /* Gather fds from client */
@@ -377,12 +374,11 @@ process_mux_new_session(u_int rid, Channel *c, Buffer *m, Buffer *r)
                         for (j = 0; j < i; j++)
                                 close(new_fd[j]);
                         for (j = 0; j < env_len; j++)
-                                xfree(cctx->env[j]);
-                        if (env_len > 0)
-                                xfree(cctx->env);
-                        xfree(cctx->term);
+                                free(cctx->env[j]);
+                        free(cctx->env);
+                        free(cctx->term);
                         buffer_free(&cctx->cmd);
-                        xfree(cctx);
+                        free(cctx);
 
                         /* prepare reply */
                         buffer_put_int(r, MUX_S_FAILURE);
@@ -407,14 +403,14 @@ process_mux_new_session(u_int rid, Channel *c, Buffer *m, Buffer *r)
                 close(new_fd[0]);
                 close(new_fd[1]);
                 close(new_fd[2]);
-                xfree(cctx->term);
+                free(cctx->term);
                 if (env_len != 0) {
                         for (i = 0; i < env_len; i++)
-                                xfree(cctx->env[i]);
-                        xfree(cctx->env);
+                                free(cctx->env[i]);
+                        free(cctx->env);
                 }
                 buffer_free(&cctx->cmd);
-                xfree(cctx);
+                free(cctx);
                 return 0;
         }
 
@@ -619,7 +615,7 @@ mux_confirm_remote_forward(int type, u_int32_t seq, void *ctxt)
         buffer_put_int(&out, MUX_S_FAILURE);
         buffer_put_int(&out, fctx->rid);
         buffer_put_cstring(&out, failmsg);
-        xfree(failmsg);
+        free(failmsg);
  out:
         buffer_put_string(&c->output, buffer_ptr(&out), buffer_len(&out));
         buffer_free(&out);
@@ -634,25 +630,28 @@ process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
         Forward fwd;
         char *fwd_desc = NULL;
         u_int ftype;
+        u_int lport, cport;
         int i, ret = 0, freefwd = 1;
 
         fwd.listen_host = fwd.connect_host = NULL;
         if (buffer_get_int_ret(&ftype, m) != 0 ||
             (fwd.listen_host = buffer_get_string_ret(m, NULL)) == NULL ||
-            buffer_get_int_ret(&fwd.listen_port, m) != 0 ||
+            buffer_get_int_ret(&lport, m) != 0 ||
             (fwd.connect_host = buffer_get_string_ret(m, NULL)) == NULL ||
-            buffer_get_int_ret(&fwd.connect_port, m) != 0) {
+            buffer_get_int_ret(&cport, m) != 0 ||
+            lport > 65535 || cport > 65535) {
                 error("%s: malformed message", __func__);
                 ret = -1;
                 goto out;
         }
-
+        fwd.listen_port = lport;
+        fwd.connect_port = cport;
         if (*fwd.listen_host == '\0') {
-                xfree(fwd.listen_host);
+                free(fwd.listen_host);
                 fwd.listen_host = NULL;
         }
         if (*fwd.connect_host == '\0') {
-                xfree(fwd.connect_host);
+                free(fwd.connect_host);
                 fwd.connect_host = NULL;
         }
 
@@ -663,10 +662,8 @@ process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
             ftype != MUX_FWD_DYNAMIC) {
                 logit("%s: invalid forwarding type %u", __func__, ftype);
  invalid:
-                if (fwd.listen_host)
-                        xfree(fwd.listen_host);
-                if (fwd.connect_host)
-                        xfree(fwd.connect_host);
+                free(fwd.listen_host);
+                free(fwd.connect_host);
                 buffer_put_int(r, MUX_S_FAILURE);
                 buffer_put_int(r, rid);
                 buffer_put_cstring(r, "Invalid forwarding request");
@@ -768,13 +765,10 @@ process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
         buffer_put_int(r, MUX_S_OK);
         buffer_put_int(r, rid);
  out:
-        if (fwd_desc != NULL)
-                xfree(fwd_desc);
+        free(fwd_desc);
         if (freefwd) {
-                if (fwd.listen_host != NULL)
-                        xfree(fwd.listen_host);
-                if (fwd.connect_host != NULL)
-                        xfree(fwd.connect_host);
+                free(fwd.listen_host);
+                free(fwd.connect_host);
         }
         return ret;
 }
@@ -787,24 +781,28 @@ process_mux_close_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
         const char *error_reason = NULL;
         u_int ftype;
         int i, listen_port, ret = 0;
+        u_int lport, cport;
 
         fwd.listen_host = fwd.connect_host = NULL;
         if (buffer_get_int_ret(&ftype, m) != 0 ||
             (fwd.listen_host = buffer_get_string_ret(m, NULL)) == NULL ||
-            buffer_get_int_ret(&fwd.listen_port, m) != 0 ||
+            buffer_get_int_ret(&lport, m) != 0 ||
             (fwd.connect_host = buffer_get_string_ret(m, NULL)) == NULL ||
-            buffer_get_int_ret(&fwd.connect_port, m) != 0) {
+            buffer_get_int_ret(&cport, m) != 0 ||
+            lport > 65535 || cport > 65535) {
                 error("%s: malformed message", __func__);
                 ret = -1;
                 goto out;
         }
+        fwd.listen_port = lport;
+        fwd.connect_port = cport;
 
         if (*fwd.listen_host == '\0') {
-                xfree(fwd.listen_host);
+                free(fwd.listen_host);
                 fwd.listen_host = NULL;
         }
         if (*fwd.connect_host == '\0') {
-                xfree(fwd.connect_host);
+                free(fwd.connect_host);
                 fwd.connect_host = NULL;
         }
 
@@ -861,10 +859,8 @@ process_mux_close_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
                 buffer_put_int(r, MUX_S_OK);
                 buffer_put_int(r, rid);
 
-                if (found_fwd->listen_host != NULL)
-                        xfree(found_fwd->listen_host);
-                if (found_fwd->connect_host != NULL)
-                        xfree(found_fwd->connect_host);
+                free(found_fwd->listen_host);
+                free(found_fwd->connect_host);
                 found_fwd->listen_host = found_fwd->connect_host = NULL;
                 found_fwd->listen_port = found_fwd->connect_port = 0;
         } else {
@@ -873,12 +869,9 @@ process_mux_close_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
                 buffer_put_cstring(r, error_reason);
         }
  out:
-        if (fwd_desc != NULL)
-                xfree(fwd_desc);
-        if (fwd.listen_host != NULL)
-                xfree(fwd.listen_host);
-        if (fwd.connect_host != NULL)
-                xfree(fwd.connect_host);
+        free(fwd_desc);
+        free(fwd.listen_host);
+        free(fwd.connect_host);
 
         return ret;
 }
@@ -895,14 +888,12 @@ process_mux_stdio_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
         if ((reserved = buffer_get_string_ret(m, NULL)) == NULL ||
            (chost = buffer_get_string_ret(m, NULL)) == NULL ||
             buffer_get_int_ret(&cport, m) != 0) {
-                if (reserved != NULL)
-                        xfree(reserved);
-                if (chost != NULL)
-                        xfree(chost);
+                free(reserved);
+                free(chost);
                 error("%s: malformed message", __func__);
                 return -1;
         }
-        xfree(reserved);
+        free(reserved);
 
         debug2("%s: channel %d: request stdio fwd to %s:%u",
             __func__, c->self, chost, cport);
@@ -914,7 +905,7 @@ process_mux_stdio_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
                             __func__, i);
                         for (j = 0; j < i; j++)
                                 close(new_fd[j]);
-                        xfree(chost);
+                        free(chost);
 
                         /* prepare reply */
                         buffer_put_int(r, MUX_S_FAILURE);
@@ -938,7 +929,7 @@ process_mux_stdio_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
  cleanup:
                 close(new_fd[0]);
                 close(new_fd[1]);
-                xfree(chost);
+                free(chost);
                 return 0;
         }
 
@@ -1000,7 +991,7 @@ process_mux_stop_listening(u_int rid, Channel *c, Buffer *m, Buffer *r)
         if (mux_listener_channel != NULL) {
                 channel_free(mux_listener_channel);
                 client_stop_mux();
-                xfree(options.control_path);
+                free(options.control_path);
                 options.control_path = NULL;
                 mux_listener_channel = NULL;
                 muxserver_sock = -1;
@@ -1100,7 +1091,7 @@ mux_exit_message(Channel *c, int exitval)
         Buffer m;
         Channel *mux_chan;
 
-        debug3("%s: channel %d: exit message, evitval %d", __func__, c->self,
+        debug3("%s: channel %d: exit message, exitval %d", __func__, c->self,
             exitval);
 
         if ((mux_chan = channel_by_id(c->ctl_chan)) == NULL)
@@ -1197,8 +1188,8 @@ muxserver_listen(void)
                                 close(muxserver_sock);
                                 muxserver_sock = -1;
                         }
-                        xfree(orig_control_path);
-                        xfree(options.control_path);
+                        free(orig_control_path);
+                        free(options.control_path);
                         options.control_path = NULL;
                         options.control_master = SSHCTL_MASTER_NO;
                         return;
@@ -1223,7 +1214,7 @@ muxserver_listen(void)
                 goto disable_mux_master;
         }
         unlink(options.control_path);
-        xfree(options.control_path);
+        free(options.control_path);
         options.control_path = orig_control_path;
 
         set_nonblock(muxserver_sock);
@@ -1308,13 +1299,13 @@ mux_session_confirm(int id, int success, void *arg)
         cc->mux_pause = 0; /* start processing messages again */
         c->open_confirm_ctx = NULL;
         buffer_free(&cctx->cmd);
-        xfree(cctx->term);
+        free(cctx->term);
         if (cctx->env != NULL) {
                 for (i = 0; cctx->env[i] != NULL; i++)
-                        xfree(cctx->env[i]);
-                xfree(cctx->env);
+                        free(cctx->env[i]);
+                free(cctx->env);
         }
-        xfree(cctx);
+        free(cctx);
 }
 
 /* ** Multiplexing client support */
@@ -1444,7 +1435,9 @@ mux_client_read_packet(int fd, Buffer *m)
         buffer_init(&queue);
         if (mux_client_read(fd, &queue, 4) != 0) {
                 if ((oerrno = errno) == EPIPE)
-                debug3("%s: read header failed: %s", __func__, strerror(errno));
+                        debug3("%s: read header failed: %s", __func__,
+                            strerror(errno));
+                buffer_free(&queue);
                 errno = oerrno;
                 return -1;
         }
@@ -1452,6 +1445,7 @@ mux_client_read_packet(int fd, Buffer *m)
         if (mux_client_read(fd, &queue, need) != 0) {
                 oerrno = errno;
                 debug3("%s: read body failed: %s", __func__, strerror(errno));
+                buffer_free(&queue);
                 errno = oerrno;
                 return -1;
         }
@@ -1498,8 +1492,8 @@ mux_client_hello_exchange(int fd)
                 char *value = buffer_get_string(&m, NULL);
 
                 debug2("Unrecognised master extension \"%s\"", name);
-                xfree(name);
-                xfree(value);
+                free(name);
+                free(value);
         }
         buffer_free(&m);
         return 0;
@@ -1608,7 +1602,7 @@ mux_client_forward(int fd, int cancel_flag, u_int ftype, Forward *fwd)
         fwd_desc = format_forward(ftype, fwd);
         debug("Requesting %s %s",
             cancel_flag ? "cancellation of" : "forwarding of", fwd_desc);
-        xfree(fwd_desc);
+        free(fwd_desc);
 
         buffer_init(&m);
         buffer_put_int(&m, cancel_flag ? MUX_C_CLOSE_FWD : MUX_C_OPEN_FWD);
diff --git a/myproposal.h b/myproposal.h
index 99d093461..4e913e3ce 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -26,6 +26,8 @@
 
 #include <openssl/opensslv.h>
 
+/* conditional algorithm support */
+
 #ifdef OPENSSL_HAS_ECC
 # define KEX_ECDH_METHODS \
         "ecdh-sha2-nistp256," \
@@ -45,12 +47,22 @@
 # define HOSTKEY_ECDSA_METHODS
 #endif
 
-/* Old OpenSSL doesn't support what we need for DHGEX-sha256 */
-#if OPENSSL_VERSION_NUMBER >= 0x00907000L
+#ifdef OPENSSL_HAVE_EVPGCM
+# define AESGCM_CIPHER_MODES \
+        "aes128-gcm@openssh.com,aes256-gcm@openssh.com,"
+#else
+# define AESGCM_CIPHER_MODES
+#endif
+
+#ifdef HAVE_EVP_SHA256
 # define KEX_SHA256_METHODS \
         "diffie-hellman-group-exchange-sha256,"
+#define SHA2_HMAC_MODES \
+        "hmac-sha2-256," \
+        "hmac-sha2-512,"
 #else
 # define KEX_SHA256_METHODS
+# define SHA2_HMAC_MODES
 #endif
 
 # define KEX_DEFAULT_KEX \
@@ -70,19 +82,15 @@
         "ssh-rsa," \
         "ssh-dss"
 
+/* the actual algorithms */
+
 #define KEX_DEFAULT_ENCRYPT \
         "aes128-ctr,aes192-ctr,aes256-ctr," \
         "arcfour256,arcfour128," \
-        "aes128-gcm@openssh.com,aes256-gcm@openssh.com," \
+        AESGCM_CIPHER_MODES \
         "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \
         "aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se"
-#ifdef HAVE_EVP_SHA256
-#define SHA2_HMAC_MODES \
-        "hmac-sha2-256," \
-        "hmac-sha2-512,"
-#else
-# define SHA2_HMAC_MODES
-#endif
+
 #define KEX_DEFAULT_MAC \
         "hmac-md5-etm@openssh.com," \
         "hmac-sha1-etm@openssh.com," \
diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in
index e1c3651e8..365cf006d 100644
--- a/openbsd-compat/Makefile.in
+++ b/openbsd-compat/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.50 2013/02/15 01:13:02 dtucker Exp $
+# $Id: Makefile.in,v 1.51 2013/05/10 06:28:56 dtucker Exp $
 
 sysconfdir=@sysconfdir@
 piddir=@piddir@
@@ -16,7 +16,7 @@ RANLIB=@RANLIB@
 INSTALL=@INSTALL@
 LDFLAGS=-L. @LDFLAGS@
 
-OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strnlen.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o strtoull.o timingsafe_bcmp.o vis.o
+OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt_long.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strnlen.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o strtoull.o timingsafe_bcmp.o vis.o
 
 COMPAT=bsd-arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o
 
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index d3d2d913a..267e77a11 100644
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -97,7 +97,7 @@ fetch_windows_environment(void)
 void
 free_windows_environment(char **p)
 {
-        xfree(p);
+        free(p);
 }
 
 #endif /* HAVE_CYGWIN */
diff --git a/openbsd-compat/bsd-cygwin_util.h b/openbsd-compat/bsd-cygwin_util.h
index 6061a6b01..372e41955 100644
--- a/openbsd-compat/bsd-cygwin_util.h
+++ b/openbsd-compat/bsd-cygwin_util.h
@@ -1,4 +1,4 @@
-/* $Id: bsd-cygwin_util.h,v 1.15.4.1 2013/04/04 23:53:31 dtucker Exp $ */
+/* $Id: bsd-cygwin_util.h,v 1.16 2013/04/01 01:40:49 dtucker Exp $ */
 
 /*
  * Copyright (c) 2000, 2001, 2011, 2013 Corinna Vinschen <vinschen@redhat.com>
diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h
index 430066376..65c18ec2f 100644
--- a/openbsd-compat/bsd-misc.h
+++ b/openbsd-compat/bsd-misc.h
@@ -1,4 +1,4 @@
-/* $Id: bsd-misc.h,v 1.23 2013/03/14 23:34:27 djm Exp $ */
+/* $Id: bsd-misc.h,v 1.25 2013/08/04 11:48:41 dtucker Exp $ */
 
 /*
  * Copyright (c) 1999-2004 Damien Miller <djm@mindrot.org>
@@ -110,4 +110,16 @@ int	isblank(int);
 pid_t getpgid(pid_t);
 #endif
 
+#ifndef HAVE_ENDGRENT
+# define endgrent() {}
+#endif
+
+#ifndef HAVE_KRB5_GET_ERROR_MESSAGE
+# define krb5_get_error_message krb5_get_err_text
+#endif
+
+#ifndef HAVE_KRB5_FREE_ERROR_MESSAGE
+# define krb5_free_error_message(a,b) while(0)
+#endif
+
 #endif /* _BSD_MISC_H */
diff --git a/openbsd-compat/getopt.c b/openbsd-compat/getopt.c
deleted file mode 100644
index 5450e43d9..000000000
--- a/openbsd-compat/getopt.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
- * Copyright (c) 1987, 1993, 1994
- *      The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* OPENBSD ORIGINAL: lib/libc/stdlib/getopt.c */
-
-#include "includes.h"
-#if !defined(HAVE_GETOPT) || !defined(HAVE_GETOPT_OPTRESET)
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char *rcsid = "$OpenBSD: getopt.c,v 1.5 2003/06/02 20:18:37 millert Exp $";
-#endif /* LIBC_SCCS and not lint */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-int     BSDopterr = 1,          /* if error message should be printed */
-        BSDoptind = 1,          /* index into parent argv vector */
-        BSDoptopt,              /* character checked for validity */
-        BSDoptreset;            /* reset getopt */
-char    *BSDoptarg;             /* argument associated with option */
-
-#define BADCH   (int)'?'
-#define BADARG  (int)':'
-#define EMSG    ""
-
-/*
- * getopt --
- *      Parse argc/argv argument vector.
- */
-int
-BSDgetopt(nargc, nargv, ostr)
-        int nargc;
-        char * const *nargv;
-        const char *ostr;
-{
-        extern char *__progname;
-        static char *place = EMSG;              /* option letter processing */
-        char *oli;                              /* option letter list index */
-
-        if (ostr == NULL)
-                return (-1);
-
-        if (BSDoptreset || !*place) {           /* update scanning pointer */
-                BSDoptreset = 0;
-                if (BSDoptind >= nargc || *(place = nargv[BSDoptind]) != '-') {
-                        place = EMSG;
-                        return (-1);
-                }
-                if (place[1] && *++place == '-') {      /* found "--" */
-                        ++BSDoptind;
-                        place = EMSG;
-                        return (-1);
-                }
-        }                                       /* option letter okay? */
-        if ((BSDoptopt = (int)*place++) == (int)':' ||
-            !(oli = strchr(ostr, BSDoptopt))) {
-                /*
-                 * if the user didn't specify '-' as an option,
-                 * assume it means -1.
-                 */
-                if (BSDoptopt == (int)'-')
-                        return (-1);
-                if (!*place)
-                        ++BSDoptind;
-                if (BSDopterr && *ostr != ':')
-                        (void)fprintf(stderr,
-                            "%s: illegal option -- %c\n", __progname, BSDoptopt);
-                return (BADCH);
-        }
-        if (*++oli != ':') {                    /* don't need argument */
-                BSDoptarg = NULL;
-                if (!*place)
-                        ++BSDoptind;
-        }
-        else {                                  /* need an argument */
-                if (*place)                     /* no white space */
-                        BSDoptarg = place;
-                else if (nargc <= ++BSDoptind) {        /* no arg */
-                        place = EMSG;
-                        if (*ostr == ':')
-                                return (BADARG);
-                        if (BSDopterr)
-                                (void)fprintf(stderr,
-                                    "%s: option requires an argument -- %c\n",
-                                    __progname, BSDoptopt);
-                        return (BADCH);
-                }
-                else                            /* white space */
-                        BSDoptarg = nargv[BSDoptind];
-                place = EMSG;
-                ++BSDoptind;
-        }
-        return (BSDoptopt);                     /* dump back option letter */
-}
-
-#endif /* !defined(HAVE_GETOPT) || !defined(HAVE_OPTRESET) */
diff --git a/openbsd-compat/getopt.h b/openbsd-compat/getopt.h
new file mode 100644
index 000000000..8eb12447e
--- /dev/null
+++ b/openbsd-compat/getopt.h
@@ -0,0 +1,74 @@
+/*      $OpenBSD: getopt.h,v 1.2 2008/06/26 05:42:04 ray Exp $  */
+/*      $NetBSD: getopt.h,v 1.4 2000/07/07 10:43:54 ad Exp $    */
+
+/*-
+ * Copyright (c) 2000 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Dieter Baron and Thomas Klausner.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _GETOPT_H_
+#define _GETOPT_H_
+
+/*
+ * GNU-like getopt_long() and 4.4BSD getsubopt()/optreset extensions
+ */
+#define no_argument        0
+#define required_argument  1
+#define optional_argument  2
+
+struct option {
+        /* name of long option */
+        const char *name;
+        /*
+         * one of no_argument, required_argument, and optional_argument:
+         * whether option takes an argument
+         */
+        int has_arg;
+        /* if not NULL, set *flag to val when option found */
+        int *flag;
+        /* if flag not NULL, value to set *flag to; else return value */
+        int val;
+};
+
+int      getopt_long(int, char * const *, const char *,
+            const struct option *, int *);
+int      getopt_long_only(int, char * const *, const char *,
+            const struct option *, int *);
+#ifndef _GETOPT_DEFINED_
+#define _GETOPT_DEFINED_
+int      getopt(int, char * const *, const char *);
+int      getsubopt(char **, char * const *, char **);
+
+extern   char *optarg;                  /* getopt(3) external variables */
+extern   int opterr;
+extern   int optind;
+extern   int optopt;
+extern   int optreset;
+extern   char *suboptarg;               /* getsubopt(3) external variable */
+#endif
+ 
+#endif /* !_GETOPT_H_ */
diff --git a/openbsd-compat/getopt_long.c b/openbsd-compat/getopt_long.c
new file mode 100644
index 000000000..e28947430
--- /dev/null
+++ b/openbsd-compat/getopt_long.c
@@ -0,0 +1,532 @@
+/*      $OpenBSD: getopt_long.c,v 1.25 2011/03/05 22:10:11 guenther Exp $       */
+/*      $NetBSD: getopt_long.c,v 1.15 2002/01/31 22:43:40 tv Exp $      */
+
+/*
+ * Copyright (c) 2002 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * Sponsored in part by the Defense Advanced Research Projects
+ * Agency (DARPA) and Air Force Research Laboratory, Air Force
+ * Materiel Command, USAF, under agreement number F39502-99-1-0512.
+ */
+/*-
+ * Copyright (c) 2000 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Dieter Baron and Thomas Klausner.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* OPENBSD ORIGINAL: lib/libc/stdlib/getopt_long.c */
+#include "includes.h"
+
+#if !defined(HAVE_GETOPT) || !defined(HAVE_GETOPT_OPTRESET)
+
+/*
+ * Some defines to make it easier to keep the code in sync with upstream.
+ * getopt opterr optind optopt optreset optarg are all in defines.h which is
+ * pulled in by includes.h.
+ */
+#define warnx           logit
+
+#if 0
+#include <err.h>
+#include <getopt.h>
+#endif
+#include <errno.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdarg.h>
+
+#include "log.h"
+
+int     opterr = 1;             /* if error message should be printed */
+int     optind = 1;             /* index into parent argv vector */
+int     optopt = '?';           /* character checked for validity */
+int     optreset;               /* reset getopt */
+char    *optarg;                /* argument associated with option */
+
+#define PRINT_ERROR     ((opterr) && (*options != ':'))
+
+#define FLAG_PERMUTE    0x01    /* permute non-options to the end of argv */
+#define FLAG_ALLARGS    0x02    /* treat non-options as args to option "-1" */
+#define FLAG_LONGONLY   0x04    /* operate as getopt_long_only */
+
+/* return values */
+#define BADCH           (int)'?'
+#define BADARG          ((*options == ':') ? (int)':' : (int)'?')
+#define INORDER         (int)1
+
+#define EMSG            ""
+
+static int getopt_internal(int, char * const *, const char *,
+                           const struct option *, int *, int);
+static int parse_long_options(char * const *, const char *,
+                              const struct option *, int *, int);
+static int gcd(int, int);
+static void permute_args(int, int, int, char * const *);
+
+static char *place = EMSG; /* option letter processing */
+
+/* XXX: set optreset to 1 rather than these two */
+static int nonopt_start = -1; /* first non option argument (for permute) */
+static int nonopt_end = -1;   /* first option after non options (for permute) */
+
+/* Error messages */
+static const char recargchar[] = "option requires an argument -- %c";
+static const char recargstring[] = "option requires an argument -- %s";
+static const char ambig[] = "ambiguous option -- %.*s";
+static const char noarg[] = "option doesn't take an argument -- %.*s";
+static const char illoptchar[] = "unknown option -- %c";
+static const char illoptstring[] = "unknown option -- %s";
+
+/*
+ * Compute the greatest common divisor of a and b.
+ */
+static int
+gcd(int a, int b)
+{
+        int c;
+
+        c = a % b;
+        while (c != 0) {
+                a = b;
+                b = c;
+                c = a % b;
+        }
+
+        return (b);
+}
+
+/*
+ * Exchange the block from nonopt_start to nonopt_end with the block
+ * from nonopt_end to opt_end (keeping the same order of arguments
+ * in each block).
+ */
+static void
+permute_args(int panonopt_start, int panonopt_end, int opt_end,
+        char * const *nargv)
+{
+        int cstart, cyclelen, i, j, ncycle, nnonopts, nopts, pos;
+        char *swap;
+
+        /*
+         * compute lengths of blocks and number and size of cycles
+         */
+        nnonopts = panonopt_end - panonopt_start;
+        nopts = opt_end - panonopt_end;
+        ncycle = gcd(nnonopts, nopts);
+        cyclelen = (opt_end - panonopt_start) / ncycle;
+
+        for (i = 0; i < ncycle; i++) {
+                cstart = panonopt_end+i;
+                pos = cstart;
+                for (j = 0; j < cyclelen; j++) {
+                        if (pos >= panonopt_end)
+                                pos -= nnonopts;
+                        else
+                                pos += nopts;
+                        swap = nargv[pos];
+                        /* LINTED const cast */
+                        ((char **) nargv)[pos] = nargv[cstart];
+                        /* LINTED const cast */
+                        ((char **)nargv)[cstart] = swap;
+                }
+        }
+}
+
+/*
+ * parse_long_options --
+ *      Parse long options in argc/argv argument vector.
+ * Returns -1 if short_too is set and the option does not match long_options.
+ */
+static int
+parse_long_options(char * const *nargv, const char *options,
+        const struct option *long_options, int *idx, int short_too)
+{
+        char *current_argv, *has_equal;
+        size_t current_argv_len;
+        int i, match;
+
+        current_argv = place;
+        match = -1;
+
+        optind++;
+
+        if ((has_equal = strchr(current_argv, '=')) != NULL) {
+                /* argument found (--option=arg) */
+                current_argv_len = has_equal - current_argv;
+                has_equal++;
+        } else
+                current_argv_len = strlen(current_argv);
+
+        for (i = 0; long_options[i].name; i++) {
+                /* find matching long option */
+                if (strncmp(current_argv, long_options[i].name,
+                    current_argv_len))
+                        continue;
+
+                if (strlen(long_options[i].name) == current_argv_len) {
+                        /* exact match */
+                        match = i;
+                        break;
+                }
+                /*
+                 * If this is a known short option, don't allow
+                 * a partial match of a single character.
+                 */
+                if (short_too && current_argv_len == 1)
+                        continue;
+
+                if (match == -1)        /* partial match */
+                        match = i;
+                else {
+                        /* ambiguous abbreviation */
+                        if (PRINT_ERROR)
+                                warnx(ambig, (int)current_argv_len,
+                                     current_argv);
+                        optopt = 0;
+                        return (BADCH);
+                }
+        }
+        if (match != -1) {              /* option found */
+                if (long_options[match].has_arg == no_argument
+                    && has_equal) {
+                        if (PRINT_ERROR)
+                                warnx(noarg, (int)current_argv_len,
+                                     current_argv);
+                        /*
+                         * XXX: GNU sets optopt to val regardless of flag
+                         */
+                        if (long_options[match].flag == NULL)
+                                optopt = long_options[match].val;
+                        else
+                                optopt = 0;
+                        return (BADARG);
+                }
+                if (long_options[match].has_arg == required_argument ||
+                    long_options[match].has_arg == optional_argument) {
+                        if (has_equal)
+                                optarg = has_equal;
+                        else if (long_options[match].has_arg ==
+                            required_argument) {
+                                /*
+                                 * optional argument doesn't use next nargv
+                                 */
+                                optarg = nargv[optind++];
+                        }
+                }
+                if ((long_options[match].has_arg == required_argument)
+                    && (optarg == NULL)) {
+                        /*
+                         * Missing argument; leading ':' indicates no error
+                         * should be generated.
+                         */
+                        if (PRINT_ERROR)
+                                warnx(recargstring,
+                                    current_argv);
+                        /*
+                         * XXX: GNU sets optopt to val regardless of flag
+                         */
+                        if (long_options[match].flag == NULL)
+                                optopt = long_options[match].val;
+                        else
+                                optopt = 0;
+                        --optind;
+                        return (BADARG);
+                }
+        } else {                        /* unknown option */
+                if (short_too) {
+                        --optind;
+                        return (-1);
+                }
+                if (PRINT_ERROR)
+                        warnx(illoptstring, current_argv);
+                optopt = 0;
+                return (BADCH);
+        }
+        if (idx)
+                *idx = match;
+        if (long_options[match].flag) {
+                *long_options[match].flag = long_options[match].val;
+                return (0);
+        } else
+                return (long_options[match].val);
+}
+
+/*
+ * getopt_internal --
+ *      Parse argc/argv argument vector.  Called by user level routines.
+ */
+static int
+getopt_internal(int nargc, char * const *nargv, const char *options,
+        const struct option *long_options, int *idx, int flags)
+{
+        char *oli;                              /* option letter list index */
+        int optchar, short_too;
+        static int posixly_correct = -1;
+
+        if (options == NULL)
+                return (-1);
+
+        /*
+         * XXX Some GNU programs (like cvs) set optind to 0 instead of
+         * XXX using optreset.  Work around this braindamage.
+         */
+        if (optind == 0)
+                optind = optreset = 1;
+
+        /*
+         * Disable GNU extensions if POSIXLY_CORRECT is set or options
+         * string begins with a '+'.
+         */
+        if (posixly_correct == -1 || optreset)
+                posixly_correct = (getenv("POSIXLY_CORRECT") != NULL);
+        if (*options == '-')
+                flags |= FLAG_ALLARGS;
+        else if (posixly_correct || *options == '+')
+                flags &= ~FLAG_PERMUTE;
+        if (*options == '+' || *options == '-')
+                options++;
+
+        optarg = NULL;
+        if (optreset)
+                nonopt_start = nonopt_end = -1;
+start:
+        if (optreset || !*place) {              /* update scanning pointer */
+                optreset = 0;
+                if (optind >= nargc) {          /* end of argument vector */
+                        place = EMSG;
+                        if (nonopt_end != -1) {
+                                /* do permutation, if we have to */
+                                permute_args(nonopt_start, nonopt_end,
+                                    optind, nargv);
+                                optind -= nonopt_end - nonopt_start;
+                        }
+                        else if (nonopt_start != -1) {
+                                /*
+                                 * If we skipped non-options, set optind
+                                 * to the first of them.
+                                 */
+                                optind = nonopt_start;
+                        }
+                        nonopt_start = nonopt_end = -1;
+                        return (-1);
+                }
+                if (*(place = nargv[optind]) != '-' ||
+                    (place[1] == '\0' && strchr(options, '-') == NULL)) {
+                        place = EMSG;           /* found non-option */
+                        if (flags & FLAG_ALLARGS) {
+                                /*
+                                 * GNU extension:
+                                 * return non-option as argument to option 1
+                                 */
+                                optarg = nargv[optind++];
+                                return (INORDER);
+                        }
+                        if (!(flags & FLAG_PERMUTE)) {
+                                /*
+                                 * If no permutation wanted, stop parsing
+                                 * at first non-option.
+                                 */
+                                return (-1);
+                        }
+                        /* do permutation */
+                        if (nonopt_start == -1)
+                                nonopt_start = optind;
+                        else if (nonopt_end != -1) {
+                                permute_args(nonopt_start, nonopt_end,
+                                    optind, nargv);
+                                nonopt_start = optind -
+                                    (nonopt_end - nonopt_start);
+                                nonopt_end = -1;
+                        }
+                        optind++;
+                        /* process next argument */
+                        goto start;
+                }
+                if (nonopt_start != -1 && nonopt_end == -1)
+                        nonopt_end = optind;
+
+                /*
+                 * If we have "-" do nothing, if "--" we are done.
+                 */
+                if (place[1] != '\0' && *++place == '-' && place[1] == '\0') {
+                        optind++;
+                        place = EMSG;
+                        /*
+                         * We found an option (--), so if we skipped
+                         * non-options, we have to permute.
+                         */
+                        if (nonopt_end != -1) {
+                                permute_args(nonopt_start, nonopt_end,
+                                    optind, nargv);
+                                optind -= nonopt_end - nonopt_start;
+                        }
+                        nonopt_start = nonopt_end = -1;
+                        return (-1);
+                }
+        }
+
+        /*
+         * Check long options if:
+         *  1) we were passed some
+         *  2) the arg is not just "-"
+         *  3) either the arg starts with -- we are getopt_long_only()
+         */
+        if (long_options != NULL && place != nargv[optind] &&
+            (*place == '-' || (flags & FLAG_LONGONLY))) {
+                short_too = 0;
+                if (*place == '-')
+                        place++;                /* --foo long option */
+                else if (*place != ':' && strchr(options, *place) != NULL)
+                        short_too = 1;          /* could be short option too */
+
+                optchar = parse_long_options(nargv, options, long_options,
+                    idx, short_too);
+                if (optchar != -1) {
+                        place = EMSG;
+                        return (optchar);
+                }
+        }
+
+        if ((optchar = (int)*place++) == (int)':' ||
+            (optchar == (int)'-' && *place != '\0') ||
+            (oli = strchr(options, optchar)) == NULL) {
+                /*
+                 * If the user specified "-" and  '-' isn't listed in
+                 * options, return -1 (non-option) as per POSIX.
+                 * Otherwise, it is an unknown option character (or ':').
+                 */
+                if (optchar == (int)'-' && *place == '\0')
+                        return (-1);
+                if (!*place)
+                        ++optind;
+                if (PRINT_ERROR)
+                        warnx(illoptchar, optchar);
+                optopt = optchar;
+                return (BADCH);
+        }
+        if (long_options != NULL && optchar == 'W' && oli[1] == ';') {
+                /* -W long-option */
+                if (*place)                     /* no space */
+                        /* NOTHING */;
+                else if (++optind >= nargc) {   /* no arg */
+                        place = EMSG;
+                        if (PRINT_ERROR)
+                                warnx(recargchar, optchar);
+                        optopt = optchar;
+                        return (BADARG);
+                } else                          /* white space */
+                        place = nargv[optind];
+                optchar = parse_long_options(nargv, options, long_options,
+                    idx, 0);
+                place = EMSG;
+                return (optchar);
+        }
+        if (*++oli != ':') {                    /* doesn't take argument */
+                if (!*place)
+                        ++optind;
+        } else {                                /* takes (optional) argument */
+                optarg = NULL;
+                if (*place)                     /* no white space */
+                        optarg = place;
+                else if (oli[1] != ':') {       /* arg not optional */
+                        if (++optind >= nargc) {        /* no arg */
+                                place = EMSG;
+                                if (PRINT_ERROR)
+                                        warnx(recargchar, optchar);
+                                optopt = optchar;
+                                return (BADARG);
+                        } else
+                                optarg = nargv[optind];
+                }
+                place = EMSG;
+                ++optind;
+        }
+        /* dump back option letter */
+        return (optchar);
+}
+
+/*
+ * getopt --
+ *      Parse argc/argv argument vector.
+ *
+ * [eventually this will replace the BSD getopt]
+ */
+int
+getopt(int nargc, char * const *nargv, const char *options)
+{
+
+        /*
+         * We don't pass FLAG_PERMUTE to getopt_internal() since
+         * the BSD getopt(3) (unlike GNU) has never done this.
+         *
+         * Furthermore, since many privileged programs call getopt()
+         * before dropping privileges it makes sense to keep things
+         * as simple (and bug-free) as possible.
+         */
+        return (getopt_internal(nargc, nargv, options, NULL, NULL, 0));
+}
+
+#if 0
+/*
+ * getopt_long --
+ *      Parse argc/argv argument vector.
+ */
+int
+getopt_long(int nargc, char * const *nargv, const char *options,
+    const struct option *long_options, int *idx)
+{
+
+        return (getopt_internal(nargc, nargv, options, long_options, idx,
+            FLAG_PERMUTE));
+}
+
+/*
+ * getopt_long_only --
+ *      Parse argc/argv argument vector.
+ */
+int
+getopt_long_only(int nargc, char * const *nargv, const char *options,
+    const struct option *long_options, int *idx)
+{
+
+        return (getopt_internal(nargc, nargv, options, long_options, idx,
+            FLAG_PERMUTE|FLAG_LONGONLY));
+}
+#endif
+
+#endif /* !defined(HAVE_GETOPT) || !defined(HAVE_OPTRESET) */
diff --git a/openbsd-compat/getrrsetbyname-ldns.c b/openbsd-compat/getrrsetbyname-ldns.c
index 19666346b..343720f10 100644
--- a/openbsd-compat/getrrsetbyname-ldns.c
+++ b/openbsd-compat/getrrsetbyname-ldns.c
@@ -58,7 +58,6 @@
 
 #define malloc(x)       (xmalloc(x))
 #define calloc(x, y)    (xcalloc((x),(y)))
-#define free(x)         (xfree(x))
 
 int
 getrrsetbyname(const char *hostname, unsigned int rdclass,
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index a8c579f49..392fa38dc 100644
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -1,4 +1,4 @@
-/* $Id: openbsd-compat.h,v 1.55 2013/02/15 01:20:42 dtucker Exp $ */
+/* $Id: openbsd-compat.h,v 1.58 2013/06/05 22:30:21 dtucker Exp $ */
 
 /*
  * Copyright (c) 1999-2003 Damien Miller.  All rights reserved.
@@ -111,6 +111,10 @@ char *dirname(const char *path);
 int     fmt_scaled(long long number, char *result);
 #endif
 
+#ifndef HAVE_SCAN_SCALED
+int     scan_scaled(char *, long long *);
+#endif
+
 #if defined(BROKEN_INET_NTOA) || !defined(HAVE_INET_NTOA)
 char *inet_ntoa(struct in_addr in);
 #endif
@@ -139,6 +143,7 @@ int getgrouplist(const char *, gid_t, gid_t *, int *);
 
 #if !defined(HAVE_GETOPT) || !defined(HAVE_GETOPT_OPTRESET)
 int BSDgetopt(int argc, char * const *argv, const char *opts);
+#include "openbsd-compat/getopt.h"
 #endif
 
 #if defined(HAVE_DECL_WRITEV) && HAVE_DECL_WRITEV == 0
@@ -202,6 +207,11 @@ unsigned long long strtoull(const char *, char **, int);
 long long strtonum(const char *, long long, long long, const char **);
 #endif
 
+/* multibyte character support */
+#ifndef HAVE_MBLEN
+# define mblen(x, y)    1
+#endif
+
 #if !defined(HAVE_VASPRINTF) || !defined(HAVE_VSNPRINTF)
 # include <stdarg.h>
 #endif
diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c
index 0bdefbf6d..8da367d48 100644
--- a/openbsd-compat/port-aix.c
+++ b/openbsd-compat/port-aix.c
@@ -86,7 +86,7 @@ aix_usrinfo(struct passwd *pw)
                 fatal("Couldn't set usrinfo: %s", strerror(errno));
         debug3("AIX/UsrInfo: set len %d", i);
 
-        xfree(cp);
+        free(cp);
 }
 
 # ifdef WITH_AIXAUTHENTICATE
@@ -215,16 +215,14 @@ sys_auth_passwd(Authctxt *ctxt, const char *password)
                 default: /* user can't change(2) or other error (-1) */
                         logit("Password can't be changed for user %s: %.100s",
                             name, msg);
-                        if (msg)
-                                xfree(msg);
+                        free(msg);
                         authsuccess = 0;
                 }
 
                 aix_restoreauthdb();
         }
 
-        if (authmsg != NULL)
-                xfree(authmsg);
+        free(authmsg);
 
         return authsuccess;
 }
@@ -269,7 +267,7 @@ sys_auth_allowed_user(struct passwd *pw, Buffer *loginmsg)
 
         if (!permitted)
                 logit("Login restricted for %s: %.100s", pw->pw_name, msg);
-        xfree(msg);
+        free(msg);
         return permitted;
 }
 
diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c
index 2b8a14a59..de6ad3fd7 100644
--- a/openbsd-compat/port-linux.c
+++ b/openbsd-compat/port-linux.c
@@ -1,4 +1,4 @@
-/* $Id: port-linux.c,v 1.17 2012/03/08 23:25:18 djm Exp $ */
+/* $Id: port-linux.c,v 1.18 2013/06/01 22:07:32 dtucker Exp $ */
 
 /*
  * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com>
@@ -109,10 +109,8 @@ ssh_selinux_getctxbyname(char *pwname, const char *role)
         }
 
 #ifdef HAVE_GETSEUSERBYNAME
-        if (sename != NULL)
-                xfree(sename);
-        if (lvl != NULL)
-                xfree(lvl);
+        free(sename);
+        free(lvl);
 #endif
 
         return sc;
@@ -230,8 +228,8 @@ ssh_selinux_change_context(const char *newname)
         if (setcon(newctx) < 0)
                 switchlog("%s: setcon %s from %s failed with %s", __func__,
                     newctx, oldctx, strerror(errno));
-        xfree(oldctx);
-        xfree(newctx);
+        free(oldctx);
+        free(newctx);
 }
 
 void
diff --git a/openbsd-compat/xcrypt.c b/openbsd-compat/xcrypt.c
index 6291e2884..c8aea461d 100644
--- a/openbsd-compat/xcrypt.c
+++ b/openbsd-compat/xcrypt.c
@@ -55,7 +55,12 @@
 
 # if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT)
 #  include "md5crypt.h"
-# endif 
+# endif
+
+# if !defined(HAVE_CRYPT) && defined(HAVE_DES_CRYPT)
+#  include <openssl/des.h>
+#  define crypt DES_crypt
+# endif
 
 char *
 xcrypt(const char *password, const char *salt)
diff --git a/packet.c b/packet.c
index 3e835d360..0d27e7592 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.182 2013/04/11 02:27:50 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.188 2013/07/12 00:19:58 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -58,6 +58,7 @@
 #include <string.h>
 #include <unistd.h>
 #include <signal.h>
+#include <time.h>
 
 #include "xmalloc.h"
 #include "buffer.h"
@@ -165,9 +166,14 @@ struct session_state {
         Newkeys *newkeys[MODE_MAX];
         struct packet_state p_read, p_send;
 
+        /* Volume-based rekeying */
         u_int64_t max_blocks_in, max_blocks_out;
         u_int32_t rekey_limit;
 
+        /* Time-based rekeying */
+        time_t rekey_interval;  /* how often in seconds */
+        time_t rekey_time;      /* time of last rekeying */
+
         /* Session key for protocol v1 */
         u_char ssh1_key[SSH_SESSION_KEY_LENGTH];
         u_int ssh1_keylen;
@@ -215,7 +221,7 @@ alloc_session_state(void)
 void
 packet_set_connection(int fd_in, int fd_out)
 {
-        Cipher *none = cipher_by_name("none");
+        const Cipher *none = cipher_by_name("none");
 
         if (none == NULL)
                 fatal("packet_set_connection: cannot load cipher 'none'");
@@ -545,7 +551,7 @@ packet_start_compression(int level)
 void
 packet_set_encryption_key(const u_char *key, u_int keylen, int number)
 {
-        Cipher *cipher = cipher_by_number(number);
+        const Cipher *cipher = cipher_by_number(number);
 
         if (cipher == NULL)
                 fatal("packet_set_encryption_key: unknown cipher number %d", number);
@@ -760,13 +766,13 @@ set_newkeys(int mode)
                 memset(enc->iv,  0, enc->iv_len);
                 memset(enc->key, 0, enc->key_len);
                 memset(mac->key, 0, mac->key_len);
-                xfree(enc->name);
-                xfree(enc->iv);
-                xfree(enc->key);
-                xfree(mac->name);
-                xfree(mac->key);
-                xfree(comp->name);
-                xfree(active_state->newkeys[mode]);
+                free(enc->name);
+                free(enc->iv);
+                free(enc->key);
+                free(mac->name);
+                free(mac->key);
+                free(comp->name);
+                free(active_state->newkeys[mode]);
         }
         active_state->newkeys[mode] = kex_get_newkeys(mode);
         if (active_state->newkeys[mode] == NULL)
@@ -1009,6 +1015,7 @@ packet_send2(void)
         /* after a NEWKEYS message we can send the complete queue */
         if (type == SSH2_MSG_NEWKEYS) {
                 active_state->rekeying = 0;
+                active_state->rekey_time = monotime();
                 while ((p = TAILQ_FIRST(&active_state->outgoing))) {
                         type = p->type;
                         debug("dequeue packet: %u", type);
@@ -1016,7 +1023,7 @@ packet_send2(void)
                         memcpy(&active_state->outgoing_packet, &p->payload,
                             sizeof(Buffer));
                         TAILQ_REMOVE(&active_state->outgoing, p, next);
-                        xfree(p);
+                        free(p);
                         packet_send2_wrapped();
                 }
         }
@@ -1041,7 +1048,7 @@ packet_send(void)
 int
 packet_read_seqnr(u_int32_t *seqnr_p)
 {
-        int type, len, ret, ms_remain, cont;
+        int type, len, ret, cont, ms_remain = 0;
         fd_set *setp;
         char buf[8192];
         struct timeval timeout, start, *timeoutp = NULL;
@@ -1066,7 +1073,7 @@ packet_read_seqnr(u_int32_t *seqnr_p)
                         packet_check_eom();
                 /* If we got a packet, return it. */
                 if (type != SSH_MSG_NONE) {
-                        xfree(setp);
+                        free(setp);
                         return type;
                 }
                 /*
@@ -1453,9 +1460,9 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p)
                                 packet_get_char();
                                 msg = packet_get_string(NULL);
                                 debug("Remote: %.900s", msg);
-                                xfree(msg);
+                                free(msg);
                                 msg = packet_get_string(NULL);
-                                xfree(msg);
+                                free(msg);
                                 break;
                         case SSH2_MSG_DISCONNECT:
                                 reason = packet_get_int();
@@ -1466,7 +1473,7 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p)
                                     SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_ERROR,
                                     "Received disconnect from %s: %u: %.400s",
                                     get_remote_ipaddr(), reason, msg);
-                                xfree(msg);
+                                free(msg);
                                 cleanup_exit(255);
                                 break;
                         case SSH2_MSG_UNIMPLEMENTED:
@@ -1480,12 +1487,14 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p)
                 } else {
                         type = packet_read_poll1();
                         switch (type) {
+                        case SSH_MSG_NONE:
+                                return SSH_MSG_NONE;
                         case SSH_MSG_IGNORE:
                                 break;
                         case SSH_MSG_DEBUG:
                                 msg = packet_get_string(NULL);
                                 debug("Remote: %.900s", msg);
-                                xfree(msg);
+                                free(msg);
                                 break;
                         case SSH_MSG_DISCONNECT:
                                 msg = packet_get_string(NULL);
@@ -1494,8 +1503,7 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p)
                                 cleanup_exit(255);
                                 break;
                         default:
-                                if (type)
-                                        DBG(debug("received packet type %d", type));
+                                DBG(debug("received packet type %d", type));
                                 return type;
                         }
                 }
@@ -1732,7 +1740,7 @@ void
 packet_write_wait(void)
 {
         fd_set *setp;
-        int ret, ms_remain;
+        int ret, ms_remain = 0;
         struct timeval start, timeout, *timeoutp = NULL;
 
         setp = (fd_set *)xcalloc(howmany(active_state->connection_out + 1,
@@ -1773,7 +1781,7 @@ packet_write_wait(void)
                 }
                 packet_write_poll();
         }
-        xfree(setp);
+        free(setp);
 }
 
 /* Returns true if there is buffered data to write to the connection. */
@@ -1933,13 +1941,33 @@ packet_need_rekeying(void)
             (active_state->max_blocks_out &&
                 (active_state->p_send.blocks > active_state->max_blocks_out)) ||
             (active_state->max_blocks_in &&
-                (active_state->p_read.blocks > active_state->max_blocks_in));
+                (active_state->p_read.blocks > active_state->max_blocks_in)) ||
+            (active_state->rekey_interval != 0 && active_state->rekey_time +
+                 active_state->rekey_interval <= monotime());
 }
 
 void
-packet_set_rekey_limit(u_int32_t bytes)
+packet_set_rekey_limits(u_int32_t bytes, time_t seconds)
 {
+        debug3("rekey after %lld bytes, %d seconds", (long long)bytes,
+            (int)seconds);
         active_state->rekey_limit = bytes;
+        active_state->rekey_interval = seconds;
+        /*
+         * We set the time here so that in post-auth privsep slave we count
+         * from the completion of the authentication.
+         */
+        active_state->rekey_time = monotime();
+}
+
+time_t
+packet_get_rekey_timeout(void)
+{
+        time_t seconds;
+
+        seconds = active_state->rekey_time + active_state->rekey_interval -
+            monotime();
+        return (seconds <= 0 ? 1 : seconds);
 }
 
 void
diff --git a/packet.h b/packet.h
index 09ba07951..f8edf851c 100644
--- a/packet.h
+++ b/packet.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.h,v 1.57 2012/01/25 19:40:09 markus Exp $ */
+/* $OpenBSD: packet.h,v 1.59 2013/07/12 00:19:59 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -71,7 +71,7 @@ void	*packet_get_raw(u_int *length_ptr);
 void    *packet_get_string(u_int *length_ptr);
 char    *packet_get_cstring(u_int *length_ptr);
 void    *packet_get_string_ptr(u_int *length_ptr);
-void     packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2)));
+void     packet_disconnect(const char *fmt,...) __attribute__((noreturn)) __attribute__((format(printf, 1, 2)));
 void     packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2)));
 
 void     set_newkeys(int mode);
@@ -115,7 +115,8 @@ do { \
 } while (0)
 
 int      packet_need_rekeying(void);
-void     packet_set_rekey_limit(u_int32_t);
+void     packet_set_rekey_limits(u_int32_t, time_t);
+time_t   packet_get_rekey_timeout(void);
 
 void     packet_backup_state(void);
 void     packet_restore_state(void);
diff --git a/pathnames.h b/pathnames.h
index 0cdfcef7f..47f7867d5 100644
--- a/pathnames.h
+++ b/pathnames.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: pathnames.h,v 1.22 2011/05/23 03:30:07 djm Exp $ */
+/* $OpenBSD: pathnames.h,v 1.23 2013/04/05 00:31:49 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -72,18 +72,18 @@
  * readable by anyone except the user him/herself, though this does not
  * contain anything particularly secret.
  */
-#define _PATH_SSH_USER_HOSTFILE         "~/.ssh/known_hosts"
+#define _PATH_SSH_USER_HOSTFILE         "~/" _PATH_SSH_USER_DIR "/known_hosts"
 /* backward compat for protocol 2 */
-#define _PATH_SSH_USER_HOSTFILE2        "~/.ssh/known_hosts2"
+#define _PATH_SSH_USER_HOSTFILE2        "~/" _PATH_SSH_USER_DIR "/known_hosts2"
 
 /*
  * Name of the default file containing client-side authentication key. This
  * file should only be readable by the user him/herself.
  */
-#define _PATH_SSH_CLIENT_IDENTITY       ".ssh/identity"
-#define _PATH_SSH_CLIENT_ID_DSA         ".ssh/id_dsa"
-#define _PATH_SSH_CLIENT_ID_ECDSA       ".ssh/id_ecdsa"
-#define _PATH_SSH_CLIENT_ID_RSA         ".ssh/id_rsa"
+#define _PATH_SSH_CLIENT_IDENTITY       _PATH_SSH_USER_DIR "/identity"
+#define _PATH_SSH_CLIENT_ID_DSA         _PATH_SSH_USER_DIR "/id_dsa"
+#define _PATH_SSH_CLIENT_ID_ECDSA       _PATH_SSH_USER_DIR "/id_ecdsa"
+#define _PATH_SSH_CLIENT_ID_RSA         _PATH_SSH_USER_DIR "/id_rsa"
 
 /*
  * Configuration file in user's home directory.  This file need not be
@@ -91,7 +91,7 @@
  * particularly secret.  If the user's home directory resides on an NFS
  * volume where root is mapped to nobody, this may need to be world-readable.
  */
-#define _PATH_SSH_USER_CONFFILE         ".ssh/config"
+#define _PATH_SSH_USER_CONFFILE         _PATH_SSH_USER_DIR "/config"
 
 /*
  * File containing a list of those rsa keys that permit logging in as this
@@ -101,10 +101,10 @@
  * may need to be world-readable.  (This file is read by the daemon which is
  * running as root.)
  */
-#define _PATH_SSH_USER_PERMITTED_KEYS   ".ssh/authorized_keys"
+#define _PATH_SSH_USER_PERMITTED_KEYS   _PATH_SSH_USER_DIR "/authorized_keys"
 
 /* backward compat for protocol v2 */
-#define _PATH_SSH_USER_PERMITTED_KEYS2  ".ssh/authorized_keys2"
+#define _PATH_SSH_USER_PERMITTED_KEYS2  _PATH_SSH_USER_DIR "/authorized_keys2"
 
 /*
  * Per-user and system-wide ssh "rc" files.  These files are executed with
@@ -112,7 +112,7 @@
  * passed "proto cookie" as arguments if X11 forwarding with spoofing is in
  * use.  xauth will be run if neither of these exists.
  */
-#define _PATH_SSH_USER_RC               ".ssh/rc"
+#define _PATH_SSH_USER_RC               _PATH_SSH_USER_DIR "/rc"
 #define _PATH_SSH_SYSTEM_RC             SSHDIR "/sshrc"
 
 /*
diff --git a/progressmeter.c b/progressmeter.c
index 0f95222d2..332bd3c99 100644
--- a/progressmeter.c
+++ b/progressmeter.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: progressmeter.c,v 1.37 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: progressmeter.c,v 1.39 2013/06/02 13:33:05 dtucker Exp $ */
 /*
  * Copyright (c) 2003 Nils Nordman.  All rights reserved.
  *
@@ -131,7 +131,7 @@ refresh_progress_meter(void)
 
         transferred = *counter - cur_pos;
         cur_pos = *counter;
-        now = time(NULL);
+        now = monotime();
         bytes_left = end_pos - cur_pos;
 
         if (bytes_left > 0)
@@ -249,7 +249,7 @@ update_progress_meter(int ignore)
 void
 start_progress_meter(char *f, off_t filesize, off_t *ctr)
 {
-        start = last_update = time(NULL);
+        start = last_update = monotime();
         file = f;
         end_pos = filesize;
         cur_pos = 0;
diff --git a/readconf.c b/readconf.c
index 0b26a6735..2778176c6 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.196 2013/02/22 04:45:08 dtucker Exp $ */
+/* $OpenBSD: readconf.c,v 1.204 2013/06/10 19:19:44 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -32,6 +32,9 @@
 #include <unistd.h>
 #include <pwd.h>
 #include <grp.h>
+#ifdef HAVE_UTIL_H
+#include <util.h>
+#endif
 
 #include "xmalloc.h"
 #include "ssh.h"
@@ -139,9 +142,9 @@ typedef enum {
         oHashKnownHosts,
         oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
         oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
-        oKexAlgorithms, oIPQoS, oRequestTTY,
+        oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown,
         oProtocolKeepAlives, oSetupTimeOut,
-        oDeprecated, oUnsupported
+        oIgnoredUnknownOption, oDeprecated, oUnsupported
 } OpCodes;
 
 /* Textual representations of the tokens. */
@@ -262,6 +265,7 @@ static struct {
         { "kexalgorithms", oKexAlgorithms },
         { "ipqos", oIPQoS },
         { "requesttty", oRequestTTY },
+        { "ignoreunknown", oIgnoreUnknown },
         { "protocolkeepalives", oProtocolKeepAlives },
         { "setuptimeout", oSetupTimeOut },
 
@@ -322,22 +326,20 @@ clear_forwardings(Options *options)
         int i;
 
         for (i = 0; i < options->num_local_forwards; i++) {
-                if (options->local_forwards[i].listen_host != NULL)
-                        xfree(options->local_forwards[i].listen_host);
-                xfree(options->local_forwards[i].connect_host);
+                free(options->local_forwards[i].listen_host);
+                free(options->local_forwards[i].connect_host);
         }
         if (options->num_local_forwards > 0) {
-                xfree(options->local_forwards);
+                free(options->local_forwards);
                 options->local_forwards = NULL;
         }
         options->num_local_forwards = 0;
         for (i = 0; i < options->num_remote_forwards; i++) {
-                if (options->remote_forwards[i].listen_host != NULL)
-                        xfree(options->remote_forwards[i].listen_host);
-                xfree(options->remote_forwards[i].connect_host);
+                free(options->remote_forwards[i].listen_host);
+                free(options->remote_forwards[i].connect_host);
         }
         if (options->num_remote_forwards > 0) {
-                xfree(options->remote_forwards);
+                free(options->remote_forwards);
                 options->remote_forwards = NULL;
         }
         options->num_remote_forwards = 0;
@@ -369,14 +371,17 @@ add_identity_file(Options *options, const char *dir, const char *filename,
  */
 
 static OpCodes
-parse_token(const char *cp, const char *filename, int linenum)
+parse_token(const char *cp, const char *filename, int linenum,
+    const char *ignored_unknown)
 {
-        u_int i;
+        int i;
 
         for (i = 0; keywords[i].name; i++)
-                if (strcasecmp(cp, keywords[i].name) == 0)
+                if (strcmp(cp, keywords[i].name) == 0)
                         return keywords[i].opcode;
-
+        if (ignored_unknown != NULL && match_pattern_list(cp, ignored_unknown,
+            strlen(ignored_unknown), 1) == 1)
+                return oIgnoredUnknownOption;
         error("%s: line %d: Bad configuration option: %s",
             filename, linenum, cp);
         return oBadOption;
@@ -395,10 +400,10 @@ process_config_line(Options *options, const char *host,
 {
         char *s, **charptr, *endofnumber, *keyword, *arg, *arg2;
         char **cpptr, fwdarg[256];
-        u_int *uintptr, max_entries = 0;
-        int negated, opcode, *intptr, value, value2, scale;
+        u_int i, *uintptr, max_entries = 0;
+        int negated, opcode, *intptr, value, value2;
         LogLevel *log_level_ptr;
-        long long orig, val64;
+        long long val64;
         size_t len;
         Forward fwd;
 
@@ -418,14 +423,22 @@ process_config_line(Options *options, const char *host,
                 keyword = strdelim(&s);
         if (keyword == NULL || !*keyword || *keyword == '\n' || *keyword == '#')
                 return 0;
+        /* Match lowercase keyword */
+        for (i = 0; i < strlen(keyword); i++)
+                keyword[i] = tolower(keyword[i]);
 
-        opcode = parse_token(keyword, filename, linenum);
+        opcode = parse_token(keyword, filename, linenum,
+            options->ignored_unknown);
 
         switch (opcode) {
         case oBadOption:
                 /* don't panic, but count bad options */
                 return -1;
                 /* NOTREACHED */
+        case oIgnoredUnknownOption:
+                debug("%s line %d: Ignored unknown option \"%s\"",
+                    filename, linenum, keyword);
+                return 0;
         case oConnectTimeout:
                 intptr = &options->connection_timeout;
 parse_time:
@@ -604,39 +617,32 @@ parse_yesnoask:
         case oRekeyLimit:
                 arg = strdelim(&s);
                 if (!arg || *arg == '\0')
-                        fatal("%.200s line %d: Missing argument.", filename, linenum);
-                if (arg[0] < '0' || arg[0] > '9')
-                        fatal("%.200s line %d: Bad number.", filename, linenum);
-                orig = val64 = strtoll(arg, &endofnumber, 10);
-                if (arg == endofnumber)
-                        fatal("%.200s line %d: Bad number.", filename, linenum);
-                switch (toupper(*endofnumber)) {
-                case '\0':
-                        scale = 1;
-                        break;
-                case 'K':
-                        scale = 1<<10;
-                        break;
-                case 'M':
-                        scale = 1<<20;
-                        break;
-                case 'G':
-                        scale = 1<<30;
-                        break;
-                default:
-                        fatal("%.200s line %d: Invalid RekeyLimit suffix",
-                            filename, linenum);
+                        fatal("%.200s line %d: Missing argument.", filename,
+                            linenum);
+                if (strcmp(arg, "default") == 0) {
+                        val64 = 0;
+                } else {
+                        if (scan_scaled(arg, &val64) == -1)
+                                fatal("%.200s line %d: Bad number '%s': %s",
+                                    filename, linenum, arg, strerror(errno));
+                        /* check for too-large or too-small limits */
+                        if (val64 > UINT_MAX)
+                                fatal("%.200s line %d: RekeyLimit too large",
+                                    filename, linenum);
+                        if (val64 != 0 && val64 < 16)
+                                fatal("%.200s line %d: RekeyLimit too small",
+                                    filename, linenum);
                 }
-                val64 *= scale;
-                /* detect integer wrap and too-large limits */
-                if ((val64 / scale) != orig || val64 > UINT_MAX)
-                        fatal("%.200s line %d: RekeyLimit too large",
-                            filename, linenum);
-                if (val64 < 16)
-                        fatal("%.200s line %d: RekeyLimit too small",
-                            filename, linenum);
                 if (*activep && options->rekey_limit == -1)
                         options->rekey_limit = (u_int32_t)val64;
+                if (s != NULL) { /* optional rekey interval present */
+                        if (strcmp(s, "none") == 0) {
+                                (void)strdelim(&s);     /* discard */
+                                break;
+                        }
+                        intptr = &options->rekey_interval;
+                        goto parse_time;
+                }
                 break;
 
         case oIdentityFile:
@@ -1106,6 +1112,10 @@ parse_int:
                         *intptr = value;
                 break;
 
+        case oIgnoreUnknown:
+                charptr = &options->ignored_unknown;
+                goto parse_string;
+
         case oDeprecated:
                 debug("%s line %d: Deprecated option \"%s\"",
                     filename, linenum, keyword);
@@ -1251,6 +1261,7 @@ initialize_options(Options * options)
         options->no_host_authentication_for_localhost = - 1;
         options->identities_only = - 1;
         options->rekey_limit = - 1;
+        options->rekey_interval = -1;
         options->verify_host_key_dns = -1;
         options->server_alive_interval = -1;
         options->server_alive_count_max = -1;
@@ -1271,6 +1282,7 @@ initialize_options(Options * options)
         options->ip_qos_interactive = -1;
         options->ip_qos_bulk = -1;
         options->request_tty = -1;
+        options->ignored_unknown = NULL;
 }
 
 /*
@@ -1281,8 +1293,6 @@ initialize_options(Options * options)
 void
 fill_default_options(Options * options)
 {
-        int len;
-
         if (options->forward_agent == -1)
                 options->forward_agent = 0;
         if (options->forward_x11 == -1)
@@ -1396,6 +1406,8 @@ fill_default_options(Options * options)
                 options->enable_ssh_keysign = 0;
         if (options->rekey_limit == -1)
                 options->rekey_limit = 0;
+        if (options->rekey_interval == -1)
+                options->rekey_interval = 0;
         if (options->verify_host_key_dns == -1)
                 options->verify_host_key_dns = 0;
         if (options->server_alive_interval == -1) {
@@ -1504,7 +1516,7 @@ parse_forward(Forward *fwd, const char *fwdspec, int dynamicfwd, int remotefwd)
                 i = 0; /* failure */
         }
 
-        xfree(p);
+        free(p);
 
         if (dynamicfwd) {
                 if (!(i == 1 || i == 2))
@@ -1530,13 +1542,9 @@ parse_forward(Forward *fwd, const char *fwdspec, int dynamicfwd, int remotefwd)
         return (i);
 
  fail_free:
-        if (fwd->connect_host != NULL) {
-                xfree(fwd->connect_host);
-                fwd->connect_host = NULL;
-        }
-        if (fwd->listen_host != NULL) {
-                xfree(fwd->listen_host);
-                fwd->listen_host = NULL;
-        }
+        free(fwd->connect_host);
+        fwd->connect_host = NULL;
+        free(fwd->listen_host);
+        fwd->listen_host = NULL;
         return (0);
 }
diff --git a/readconf.h b/readconf.h
index 6ecbf281e..a508151f7 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.h,v 1.93 2013/02/22 04:45:09 dtucker Exp $ */
+/* $OpenBSD: readconf.h,v 1.95 2013/05/16 04:27:50 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -116,6 +116,7 @@ typedef struct {
 
         int     enable_ssh_keysign;
         int64_t rekey_limit;
+        int     rekey_interval;
         int     no_host_authentication_for_localhost;
         int     identities_only;
         int     server_alive_interval;
@@ -142,6 +143,8 @@ typedef struct {
         int     use_roaming;
 
         int     request_tty;
+
+        char    *ignored_unknown; /* Pattern list of unknown tokens to ignore */
 }       Options;
 
 #define SSHCTL_MASTER_NO        0
diff --git a/readpass.c b/readpass.c
index 599c8ef9a..e37d31158 100644
--- a/readpass.c
+++ b/readpass.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readpass.c,v 1.48 2010/12/15 00:49:27 djm Exp $ */
+/* $OpenBSD: readpass.c,v 1.49 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -186,7 +186,7 @@ ask_permission(const char *fmt, ...)
                 if (*p == '\0' || *p == '\n' ||
                     strcasecmp(p, "yes") == 0)
                         allowed = 1;
-                xfree(p);
+                free(p);
         }
 
         return (allowed);
diff --git a/regress/Makefile b/regress/Makefile
index 6ef5d9cce..ab2a6ae7b 100644
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -1,4 +1,4 @@
-#       $OpenBSD: Makefile,v 1.62 2013/01/18 00:45:29 djm Exp $
+#       $OpenBSD: Makefile,v 1.65 2013/04/18 02:46:12 djm Exp $
 
 REGRESS_TARGETS=        t1 t2 t3 t4 t5 t6 t7 t8 t9 t-exec
 tests:          $(REGRESS_TARGETS)
@@ -8,6 +8,7 @@ interop interop-tests: t-exec-interop
 
 clean:
         for F in $(CLEANFILES); do rm -f $(OBJ)$$F; done
+        test -z "${SUDO}" || ${SUDO} rm -f ${SUDO_CLEAN}
         rm -rf $(OBJ).putty
 
 distclean:      clean
@@ -38,6 +39,7 @@ LTESTS= 	connect \
                 key-options \
                 scp \
                 sftp \
+                sftp-chroot \
                 sftp-cmds \
                 sftp-badcmds \
                 sftp-batch \
@@ -82,8 +84,11 @@ CLEANFILES=	t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \
                 putty.rsa2 sshd_proxy_orig ssh_proxy_bak \
                 key.rsa-* key.dsa-* key.ecdsa-* \
                 authorized_principals_${USER} expect actual ready \
-                sshd_proxy.* authorized_keys_${USER}.* modpipe revoked-* krl-*
+                sshd_proxy.* authorized_keys_${USER}.* modpipe revoked-* krl-* \
+                ssh.log failed-ssh.log sshd.log failed-sshd.log \
+                regress.log failed-regress.log ssh-log-wrapper.sh
 
+SUDO_CLEAN+=    /var/run/testdata_${USER} /var/run/keycommand_${USER}
 
 # Enable all malloc(3) randomisations and checks
 TEST_ENV=      "MALLOC_OPTIONS=AFGJPRX"
@@ -150,14 +155,14 @@ t-exec:	${LTESTS:=.sh}
         @if [ "x$?" = "x" ]; then exit 0; fi; \
         for TEST in ""$?; do \
                 echo "run test $${TEST}" ... 1>&2; \
-                (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \
+                (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} ${TEST_SHELL} ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \
         done
 
 t-exec-interop: ${INTEROP_TESTS:=.sh}
         @if [ "x$?" = "x" ]; then exit 0; fi; \
         for TEST in ""$?; do \
                 echo "run test $${TEST}" ... 1>&2; \
-                (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \
+                (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} ${TEST_SHELL} ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \
         done
 
 # Not run by default
diff --git a/regress/agent-getpeereid.sh b/regress/agent-getpeereid.sh
index faf654c04..d5ae2d6e2 100644
--- a/regress/agent-getpeereid.sh
+++ b/regress/agent-getpeereid.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: agent-getpeereid.sh,v 1.4 2007/11/25 15:35:09 jmc Exp $
+#       $OpenBSD: agent-getpeereid.sh,v 1.5 2013/05/17 10:33:09 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="disallow agent attach from other uid"
@@ -18,7 +18,6 @@ if [ -z "$SUDO" ]; then
         exit 0
 fi
 
-
 trace "start agent"
 eval `${SSHAGENT} -s -a ${ASOCK}` > /dev/null
 r=$?
diff --git a/regress/agent-timeout.sh b/regress/agent-timeout.sh
index 3a40e7af8..68826594e 100644
--- a/regress/agent-timeout.sh
+++ b/regress/agent-timeout.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: agent-timeout.sh,v 1.1 2002/06/06 00:38:40 markus Exp $
+#       $OpenBSD: agent-timeout.sh,v 1.2 2013/05/17 01:16:09 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="agent timeout test"
diff --git a/regress/agent.sh b/regress/agent.sh
index 094cf694b..be7d91334 100644
--- a/regress/agent.sh
+++ b/regress/agent.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: agent.sh,v 1.7 2007/11/25 15:35:09 jmc Exp $
+#       $OpenBSD: agent.sh,v 1.8 2013/05/17 00:37:40 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="simple agent test"
@@ -19,7 +19,7 @@ else
                 fail "ssh-add -l did not fail with exit code 1"
         fi
         trace "overwrite authorized keys"
-        echon > $OBJ/authorized_keys_$USER
+        printf '' > $OBJ/authorized_keys_$USER
         for t in rsa rsa1; do
                 # generate user key for agent
                 rm -f $OBJ/$t-agent
diff --git a/regress/bsd.regress.mk b/regress/bsd.regress.mk
deleted file mode 100644
index 9b8011a01..000000000
--- a/regress/bsd.regress.mk
+++ /dev/null
@@ -1,79 +0,0 @@
-#       $OpenBSD: bsd.regress.mk,v 1.9 2002/02/17 01:10:15 marc Exp $
-# No man pages for regression tests.
-NOMAN=
-
-# No installation.
-install:
-
-# If REGRESSTARGETS is defined and PROG is not defined, set NOPROG
-.if defined(REGRESSTARGETS) && !defined(PROG)
-NOPROG=
-.endif
-
-.include <bsd.prog.mk>
-
-.MAIN: all
-all: regress
-
-# XXX - Need full path to REGRESSLOG, otherwise there will be much pain.
-
-REGRESSLOG?=/dev/null
-REGRESSNAME=${.CURDIR:S/${BSDSRCDIR}\/regress\///}
-
-.if defined(PROG) && !empty(PROG)
-run-regress-${PROG}: ${PROG}
-        ./${PROG}
-.endif
-
-.if !defined(REGRESSTARGETS)
-REGRESSTARGETS=run-regress-${PROG}
-.  if defined(REGRESSSKIP)
-REGRESSSKIPTARGETS=run-regress-${PROG}
-.  endif
-.endif
-
-REGRESSSKIPSLOW?=no
-
-#.if (${REGRESSSKIPSLOW:L} == "yes") && defined(REGRESSSLOWTARGETS)
-
-.if (${REGRESSSKIPSLOW} == "yes") && defined(REGRESSSLOWTARGETS)
-REGRESSSKIPTARGETS+=${REGRESSSLOWTARGETS}
-.endif
-
-.if defined(REGRESSROOTTARGETS)
-ROOTUSER!=id -g
-SUDO?=
-. if (${ROOTUSER} != 0) && empty(SUDO)
-REGRESSSKIPTARGETS+=${REGRESSROOTTARGETS}
-. endif
-.endif
-
-REGRESSSKIPTARGETS?=
-
-regress:
-.for RT in ${REGRESSTARGETS} 
-.  if ${REGRESSSKIPTARGETS:M${RT}}
-        @echo -n "SKIP " >> ${REGRESSLOG}
-.  else
-# XXX - we need a better method to see if a test fails due to timeout or just
-#       normal failure.
-.   if !defined(REGRESSMAXTIME)
-        @if cd ${.CURDIR} && ${MAKE} ${RT}; then \
-            echo -n "SUCCESS " >> ${REGRESSLOG} ; \
-        else \
-            echo -n "FAIL " >> ${REGRESSLOG} ; \
-            echo FAILED ; \
-        fi
-.   else
-        @if cd ${.CURDIR} && (ulimit -t ${REGRESSMAXTIME} ; ${MAKE} ${RT}); then \
-            echo -n "SUCCESS " >> ${REGRESSLOG} ; \
-        else \
-            echo -n "FAIL (possible timeout) " >> ${REGRESSLOG} ; \
-            echo FAILED ; \
-        fi
-.   endif
-.  endif
-        @echo ${REGRESSNAME}/${RT:S/^run-regress-//} >> ${REGRESSLOG}
-.endfor
-
-.PHONY: regress
diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh
index 6216abd87..35cd39293 100644
--- a/regress/cert-hostkey.sh
+++ b/regress/cert-hostkey.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: cert-hostkey.sh,v 1.6 2011/05/20 02:43:36 djm Exp $
+#       $OpenBSD: cert-hostkey.sh,v 1.7 2013/05/17 00:37:40 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="certified host keys"
@@ -18,8 +18,8 @@ HOSTS='localhost-with-alias,127.0.0.1,::1'
 ${SSHKEYGEN} -q -N '' -t rsa  -f $OBJ/host_ca_key ||\
         fail "ssh-keygen of host_ca_key failed"
 (
-        echon '@cert-authority '
-        echon "$HOSTS "
+        printf '@cert-authority '
+        printf "$HOSTS "
         cat $OBJ/host_ca_key.pub
 ) > $OBJ/known_hosts-cert
 
@@ -66,25 +66,25 @@ done
 
 # Revoked certificates with key present
 (
-        echon '@cert-authority '
-        echon "$HOSTS "
+        printf '@cert-authority '
+        printf "$HOSTS "
         cat $OBJ/host_ca_key.pub
-        echon '@revoked '
-        echon "* "
+        printf '@revoked '
+        printf "* "
         cat $OBJ/cert_host_key_rsa.pub
         if test "x$TEST_SSH_ECC" = "xyes"; then
-                echon '@revoked '
-                echon "* "
+                printf '@revoked '
+                printf "* "
                 cat $OBJ/cert_host_key_ecdsa.pub
         fi
-        echon '@revoked '
-        echon "* "
+        printf '@revoked '
+        printf "* "
         cat $OBJ/cert_host_key_dsa.pub
-        echon '@revoked '
-        echon "* "
+        printf '@revoked '
+        printf "* "
         cat $OBJ/cert_host_key_rsa_v00.pub
-        echon '@revoked '
-        echon "* "
+        printf '@revoked '
+        printf "* "
         cat $OBJ/cert_host_key_dsa_v00.pub
 ) > $OBJ/known_hosts-cert
 for privsep in yes no ; do
@@ -108,11 +108,11 @@ done
 
 # Revoked CA
 (
-        echon '@cert-authority '
-        echon "$HOSTS "
+        printf '@cert-authority '
+        printf "$HOSTS "
         cat $OBJ/host_ca_key.pub
-        echon '@revoked '
-        echon "* "
+        printf '@revoked '
+        printf "* "
         cat $OBJ/host_ca_key.pub
 ) > $OBJ/known_hosts-cert
 for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00 ; do 
@@ -132,8 +132,8 @@ done
 
 # Create a CA key and add it to known hosts
 (
-        echon '@cert-authority '
-        echon "$HOSTS "
+        printf '@cert-authority '
+        printf "$HOSTS "
         cat $OBJ/host_ca_key.pub
 ) > $OBJ/known_hosts-cert
 
@@ -200,7 +200,7 @@ for v in v01 v00 ;  do
                     -n $HOSTS $OBJ/cert_host_key_${ktype} ||
                         fail "couldn't sign cert_host_key_${ktype}"
                 (
-                        echon "$HOSTS "
+                        printf "$HOSTS "
                         cat $OBJ/cert_host_key_${ktype}.pub
                 ) > $OBJ/known_hosts-cert
                 (
@@ -220,8 +220,8 @@ done
 
 # Wrong certificate
 (
-        echon '@cert-authority '
-        echon "$HOSTS "
+        printf '@cert-authority '
+        printf "$HOSTS "
         cat $OBJ/host_ca_key.pub
 ) > $OBJ/known_hosts-cert
 for v in v01 v00 ;  do 
diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh
index 3bba9f8f2..6018b38f4 100644
--- a/regress/cert-userkey.sh
+++ b/regress/cert-userkey.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: cert-userkey.sh,v 1.10 2013/01/18 00:45:29 djm Exp $
+#       $OpenBSD: cert-userkey.sh,v 1.11 2013/05/17 00:37:40 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="certified user keys"
@@ -126,7 +126,7 @@ for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00 ; do
                 # Wrong principals list
                 verbose "$tid: ${_prefix} wrong principals key option"
                 (
-                        echon 'cert-authority,principals="gregorsamsa" '
+                        printf 'cert-authority,principals="gregorsamsa" '
                         cat $OBJ/user_ca_key.pub
                 ) > $OBJ/authorized_keys_$USER
                 ${SSH} -2i $OBJ/cert_user_key_${ktype} \
@@ -138,7 +138,7 @@ for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00 ; do
                 # Correct principals list
                 verbose "$tid: ${_prefix} correct principals key option"
                 (
-                        echon 'cert-authority,principals="mekmitasdigoat" '
+                        printf 'cert-authority,principals="mekmitasdigoat" '
                         cat $OBJ/user_ca_key.pub
                 ) > $OBJ/authorized_keys_$USER
                 ${SSH} -2i $OBJ/cert_user_key_${ktype} \
@@ -154,7 +154,7 @@ basic_tests() {
         if test "x$auth" = "xauthorized_keys" ; then
                 # Add CA to authorized_keys
                 (
-                        echon 'cert-authority '
+                        printf 'cert-authority '
                         cat $OBJ/user_ca_key.pub
                 ) > $OBJ/authorized_keys_$USER
         else
@@ -264,7 +264,7 @@ test_one() {
                         if test "x$auth" = "xauthorized_keys" ; then
                                 # Add CA to authorized_keys
                                 (
-                                        echon "cert-authority${auth_opt} "
+                                        printf "cert-authority${auth_opt} "
                                         cat $OBJ/user_ca_key.pub
                                 ) > $OBJ/authorized_keys_$USER
                         else
diff --git a/regress/cfgmatch.sh b/regress/cfgmatch.sh
index 0603fab64..80cf22930 100644
--- a/regress/cfgmatch.sh
+++ b/regress/cfgmatch.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: cfgmatch.sh,v 1.6 2011/06/03 05:35:10 dtucker Exp $
+#       $OpenBSD: cfgmatch.sh,v 1.8 2013/05/17 00:37:40 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="sshd_config match"
@@ -15,7 +15,7 @@ start_client()
         rm -f $pidfile
         ${SSH} -q -$p $fwd "$@" somehost \
             exec sh -c \'"echo \$\$ > $pidfile; exec sleep 100"\' \
-            >>$TEST_SSH_LOGFILE 2>&1 &
+            >>$TEST_REGRESS_LOGFILE 2>&1 &
         client_pid=$!
         # Wait for remote end
         n=0
@@ -34,21 +34,20 @@ stop_client()
         pid=`cat $pidfile`
         if [ ! -z "$pid" ]; then
                 kill $pid
-                sleep 1
         fi
         wait
 }
 
 cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
-grep -v AuthorizedKeysFile $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy
-echo "AuthorizedKeysFile /dev/null" >>$OBJ/sshd_proxy
 echo "PermitOpen 127.0.0.1:1" >>$OBJ/sshd_config
-echo "Match user $USER" >>$OBJ/sshd_proxy
-echo "AuthorizedKeysFile /dev/null $OBJ/authorized_keys_%u" >>$OBJ/sshd_proxy
 echo "Match Address 127.0.0.1" >>$OBJ/sshd_config
 echo "PermitOpen 127.0.0.1:$PORT" >>$OBJ/sshd_config
 
+grep -v AuthorizedKeysFile $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy
+echo "AuthorizedKeysFile /dev/null" >>$OBJ/sshd_proxy
 echo "PermitOpen 127.0.0.1:1" >>$OBJ/sshd_proxy
+echo "Match user $USER" >>$OBJ/sshd_proxy
+echo "AuthorizedKeysFile /dev/null $OBJ/authorized_keys_%u" >>$OBJ/sshd_proxy
 echo "Match Address 127.0.0.1" >>$OBJ/sshd_proxy
 echo "PermitOpen 127.0.0.1:$PORT" >>$OBJ/sshd_proxy
 
@@ -75,9 +74,9 @@ for p in 1 2; do
 done
 
 # Retry previous with key option, should also be denied.
-echon 'permitopen="127.0.0.1:'$PORT'" ' >$OBJ/authorized_keys_$USER
+printf 'permitopen="127.0.0.1:'$PORT'" ' >$OBJ/authorized_keys_$USER
 cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER
-echon 'permitopen="127.0.0.1:'$PORT'" ' >>$OBJ/authorized_keys_$USER
+printf 'permitopen="127.0.0.1:'$PORT'" ' >>$OBJ/authorized_keys_$USER
 cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER
 for p in 1 2; do
         trace "match permitopen proxy w/key opts proto $p"
diff --git a/regress/cipher-speed.sh b/regress/cipher-speed.sh
index 65e5f35ec..489d9f5fa 100644
--- a/regress/cipher-speed.sh
+++ b/regress/cipher-speed.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: cipher-speed.sh,v 1.7 2013/01/12 11:23:53 djm Exp $
+#       $OpenBSD: cipher-speed.sh,v 1.9 2013/05/17 04:29:14 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="cipher speed"
diff --git a/regress/conch-ciphers.sh b/regress/conch-ciphers.sh
index 5b65cd993..199d863a0 100644
--- a/regress/conch-ciphers.sh
+++ b/regress/conch-ciphers.sh
@@ -1,11 +1,8 @@
-#       $OpenBSD: conch-ciphers.sh,v 1.2 2008/06/30 10:43:03 djm Exp $
+#       $OpenBSD: conch-ciphers.sh,v 1.3 2013/05/17 04:29:14 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="conch ciphers"
 
-DATA=/bin/ls
-COPY=${OBJ}/copy
-
 if test "x$REGRESS_INTEROP_CONCH" != "xyes" ; then
         echo "conch interop tests not enabled"
         exit 0
diff --git a/regress/dynamic-forward.sh b/regress/dynamic-forward.sh
index d1ab8059b..42fa8acdc 100644
--- a/regress/dynamic-forward.sh
+++ b/regress/dynamic-forward.sh
@@ -1,12 +1,10 @@
-#       $OpenBSD: dynamic-forward.sh,v 1.9 2011/06/03 00:29:52 dtucker Exp $
+#       $OpenBSD: dynamic-forward.sh,v 1.10 2013/05/17 04:29:14 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="dynamic forwarding"
 
 FWDPORT=`expr $PORT + 1`
 
-DATA=/bin/ls${EXEEXT}
-
 if have_prog nc && nc -h 2>&1 | grep "proxy address" >/dev/null; then
         proxycmd="nc -x 127.0.0.1:$FWDPORT -X"
 elif have_prog connect; then
diff --git a/regress/forcecommand.sh b/regress/forcecommand.sh
index 99e51a60f..44d2b7ffd 100644
--- a/regress/forcecommand.sh
+++ b/regress/forcecommand.sh
@@ -1,13 +1,13 @@
-#       $OpenBSD: forcecommand.sh,v 1.1 2006/07/19 13:09:28 dtucker Exp $
+#       $OpenBSD: forcecommand.sh,v 1.2 2013/05/17 00:37:40 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="forced command"
 
 cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
 
-echon 'command="true" ' >$OBJ/authorized_keys_$USER
+printf 'command="true" ' >$OBJ/authorized_keys_$USER
 cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER
-echon 'command="true" ' >>$OBJ/authorized_keys_$USER
+printf 'command="true" ' >>$OBJ/authorized_keys_$USER
 cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER
 
 for p in 1 2; do
@@ -16,9 +16,9 @@ for p in 1 2; do
             fail "forced command in key proto $p"
 done
 
-echon 'command="false" ' >$OBJ/authorized_keys_$USER
+printf 'command="false" ' >$OBJ/authorized_keys_$USER
 cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER
-echon 'command="false" ' >>$OBJ/authorized_keys_$USER
+printf 'command="false" ' >>$OBJ/authorized_keys_$USER
 cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER
 
 cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
diff --git a/regress/forwarding.sh b/regress/forwarding.sh
index f9c367beb..94873f22c 100644
--- a/regress/forwarding.sh
+++ b/regress/forwarding.sh
@@ -1,7 +1,8 @@
-#       $OpenBSD: forwarding.sh,v 1.8 2012/06/01 00:47:35 djm Exp $
+#       $OpenBSD: forwarding.sh,v 1.11 2013/06/10 21:56:43 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="local and remote forwarding"
+
 DATA=/bin/ls${EXEEXT}
 
 start_sshd
@@ -26,9 +27,9 @@ for p in 1 2; do
 
         trace "transfer over forwarded channels and check result"
         ${SSH} -$q -F $OBJ/ssh_config -p$last -o 'ConnectionAttempts=4' \
-                somehost cat $DATA > $OBJ/ls.copy
-        test -f $OBJ/ls.copy                    || fail "failed copy $DATA"
-        cmp $DATA $OBJ/ls.copy                  || fail "corrupted copy of $DATA"
+                somehost cat ${DATA} > ${COPY}
+        test -f ${COPY}         || fail "failed copy of ${DATA}"
+        cmp ${DATA} ${COPY}     || fail "corrupted copy of ${DATA}"
 
         sleep 10
 done
@@ -75,7 +76,7 @@ for p in 1 2; do
         else
                 # this one should fail
                 ${SSH} -$p -F $OBJ/ssh_config -p ${base}01 true \
-                     2>>$TEST_SSH_LOGFILE && \
+                     >>$TEST_REGRESS_LOGFILE 2>&1 && \
                         fail "local forwarding not cleared"
         fi
         sleep 10
@@ -88,7 +89,7 @@ for p in 1 2; do
         else
                 # this one should fail
                 ${SSH} -$p -F $OBJ/ssh_config -p ${base}01 true \
-                     2>>$TEST_SSH_LOGFILE && \
+                     >>$TEST_REGRESS_LOGFILE 2>&1 && \
                         fail "remote forwarding not cleared"
         fi
         sleep 10
@@ -103,3 +104,18 @@ for p in 2; do
                 fail "stdio forwarding proto $p"
         fi
 done
+
+echo "LocalForward ${base}01 127.0.0.1:$PORT" >> $OBJ/ssh_config
+echo "RemoteForward ${base}02 127.0.0.1:${base}01" >> $OBJ/ssh_config
+for p in 1 2; do
+        trace "config file: start forwarding, fork to background"
+        ${SSH} -$p -F $OBJ/ssh_config -f somehost sleep 10
+
+        trace "config file: transfer over forwarded channels and check result"
+        ${SSH} -F $OBJ/ssh_config -p${base}02 -o 'ConnectionAttempts=4' \
+                somehost cat ${DATA} > ${COPY}
+        test -f ${COPY}         || fail "failed copy of ${DATA}"
+        cmp ${DATA} ${COPY}     || fail "corrupted copy of ${DATA}"
+
+        wait
+done
diff --git a/regress/integrity.sh b/regress/integrity.sh
index 4d46926d5..1d17fe10a 100644
--- a/regress/integrity.sh
+++ b/regress/integrity.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: integrity.sh,v 1.7 2013/02/20 08:27:50 djm Exp $
+#       $OpenBSD: integrity.sh,v 1.10 2013/05/17 01:32:11 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="integrity"
@@ -21,12 +21,13 @@ config_defined HAVE_EVP_SHA256 &&
 config_defined OPENSSL_HAVE_EVPGCM && \
         macs="$macs aes128-gcm@openssh.com aes256-gcm@openssh.com"
 
-# sshd-command for proxy (see test-exec.sh)
-cmd="$SUDO sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy"
+# avoid DH group exchange as the extra traffic makes it harder to get the
+# offset into the stream right.
+echo "KexAlgorithms diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" \
+        >> $OBJ/ssh_proxy
 
-jot() {
-        awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } exit }"
-}
+# sshd-command for proxy (see test-exec.sh)
+cmd="$SUDO sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSHD_LOGFILE} -i -f $OBJ/sshd_proxy"
 
 for m in $macs; do
         trace "test $tid: mac $m"
@@ -47,14 +48,15 @@ for m in $macs; do
                         aes*gcm*)       macopt="-c $m";;
                         *)              macopt="-m $m";;
                 esac
-                output=`${SSH} $macopt -2F $OBJ/ssh_proxy -o "$pxy" \
-                    999.999.999.999 'printf "%4096s" " "' 2>&1`
+                verbose "test $tid: $m @$off"
+                ${SSH} $macopt -2F $OBJ/ssh_proxy -o "$pxy" \
+                    999.999.999.999 'printf "%4096s" " "' >/dev/null
                 if [ $? -eq 0 ]; then
                         fail "ssh -m $m succeeds with bit-flip at $off"
                 fi
                 ecnt=`expr $ecnt + 1`
-                output=`echo $output | tr -s '\r\n' '.'`
-                verbose "test $tid: $m @$off $output"
+                output=$(tail -2 $TEST_SSH_LOGFILE | egrep -v "^debug" | \
+                     tr -s '\r\n' '.')
                 case "$output" in
                 Bad?packet*)    elen=`expr $elen + 1`; skip=3;;
                 Corrupted?MAC* | Decryption?integrity?check?failed*)
diff --git a/regress/keytype.sh b/regress/keytype.sh
index cb40c6864..59586bf0d 100644
--- a/regress/keytype.sh
+++ b/regress/keytype.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: keytype.sh,v 1.1 2010/09/02 16:12:55 markus Exp $
+#       $OpenBSD: keytype.sh,v 1.2 2013/05/17 00:37:40 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="login with different key types"
@@ -40,7 +40,7 @@ for ut in $ktypes; do
                         echo IdentityFile $OBJ/key.$ut 
                 ) > $OBJ/ssh_proxy
                 (
-                        echon 'localhost-with-alias,127.0.0.1,::1 '
+                        printf 'localhost-with-alias,127.0.0.1,::1 '
                         cat $OBJ/key.$ht.pub
                 ) > $OBJ/known_hosts
                 cat $OBJ/key.$ut.pub > $OBJ/authorized_keys_$USER
diff --git a/regress/krl.sh b/regress/krl.sh
index 62a239c38..de9cc8764 100644
--- a/regress/krl.sh
+++ b/regress/krl.sh
@@ -39,10 +39,6 @@ serial: 799
 serial: 599-701
 EOF
 
-jot() {
-        awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } exit }"
-}
-
 # A specification that revokes some certificated by key ID.
 touch $OBJ/revoked-keyid
 for n in 1 2 3 4 10 15 30 50 `jot 500 300` 999 1000 1001 1002; do
diff --git a/regress/localcommand.sh b/regress/localcommand.sh
index feade7a9d..8a9b56971 100644
--- a/regress/localcommand.sh
+++ b/regress/localcommand.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: localcommand.sh,v 1.1 2007/10/29 06:57:13 dtucker Exp $
+#       $OpenBSD: localcommand.sh,v 1.2 2013/05/17 10:24:48 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="localcommand"
diff --git a/regress/login-timeout.sh b/regress/login-timeout.sh
index 55fbb324d..d73923b9c 100644
--- a/regress/login-timeout.sh
+++ b/regress/login-timeout.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: login-timeout.sh,v 1.4 2005/02/27 23:13:36 djm Exp $
+#       $OpenBSD: login-timeout.sh,v 1.5 2013/05/17 10:23:52 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="connect after login grace timeout"
diff --git a/regress/modpipe.c b/regress/modpipe.c
index 9629aa80b..85747cf7d 100755
--- a/regress/modpipe.c
+++ b/regress/modpipe.c
@@ -14,7 +14,7 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $OpenBSD: modpipe.c,v 1.4 2013/02/20 08:29:27 djm Exp $ */
+/* $OpenBSD: modpipe.c,v 1.5 2013/05/10 03:46:14 djm Exp $ */
 
 #include "includes.h"
 
@@ -25,7 +25,7 @@
 #include <stdarg.h>
 #include <stdlib.h>
 #include <errno.h>
-#include "openbsd-compat/getopt.c"
+#include "openbsd-compat/getopt_long.c"
 
 static void err(int, const char *, ...) __attribute__((format(printf, 2, 3)));
 static void errx(int, const char *, ...) __attribute__((format(printf, 2, 3)));
diff --git a/regress/multiplex.sh b/regress/multiplex.sh
index 1e6cc7606..3e697e691 100644
--- a/regress/multiplex.sh
+++ b/regress/multiplex.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: multiplex.sh,v 1.17 2012/10/05 02:05:30 dtucker Exp $
+#       $OpenBSD: multiplex.sh,v 1.21 2013/05/17 04:29:14 dtucker Exp $
 #       Placed in the Public Domain.
 
 CTL=/tmp/openssh.regress.ctl-sock.$$
@@ -10,8 +10,7 @@ if config_defined DISABLE_FD_PASSING ; then
         exit 0
 fi
 
-DATA=/bin/ls${EXEEXT}
-COPY=$OBJ/ls.copy
+P=3301  # test port
 
 wait_for_mux_master_ready()
 {
@@ -25,10 +24,16 @@ wait_for_mux_master_ready()
 
 start_sshd
 
-trace "start master, fork to background"
-${SSH} -Nn2 -MS$CTL -F $OBJ/ssh_config -oSendEnv="_XXX_TEST" somehost &
-MASTER_PID=$!
-wait_for_mux_master_ready
+start_mux_master()
+{
+        trace "start master, fork to background"
+        ${SSH} -Nn2 -MS$CTL -F $OBJ/ssh_config -oSendEnv="_XXX_TEST" somehost \
+            -E $TEST_REGRESS_LOGFILE 2>&1 &
+        MASTER_PID=$!
+        wait_for_mux_master_ready
+}
+
+start_mux_master
 
 verbose "test $tid: envpass"
 trace "env passing over multiplexed connection"
@@ -55,13 +60,13 @@ cmp ${DATA} ${COPY}		|| fail "ssh -S ctl: corrupted copy of ${DATA}"
 rm -f ${COPY}
 trace "sftp transfer over multiplexed connection and check result"
 echo "get ${DATA} ${COPY}" | \
-        ${SFTP} -S ${SSH} -F $OBJ/ssh_config -oControlPath=$CTL otherhost >>$TEST_SSH_LOGFILE 2>&1
+        ${SFTP} -S ${SSH} -F $OBJ/ssh_config -oControlPath=$CTL otherhost >>$TEST_REGRESS_LOGFILE 2>&1
 test -f ${COPY}                 || fail "sftp: failed copy ${DATA}" 
 cmp ${DATA} ${COPY}             || fail "sftp: corrupted copy of ${DATA}"
 
 rm -f ${COPY}
 trace "scp transfer over multiplexed connection and check result"
-${SCP} -S ${SSH} -F $OBJ/ssh_config -oControlPath=$CTL otherhost:${DATA} ${COPY} >>$TEST_SSH_LOGFILE 2>&1
+${SCP} -S ${SSH} -F $OBJ/ssh_config -oControlPath=$CTL otherhost:${DATA} ${COPY} >>$TEST_REGRESS_LOGFILE 2>&1
 test -f ${COPY}                 || fail "scp: failed copy ${DATA}" 
 cmp ${DATA} ${COPY}             || fail "scp: corrupted copy of ${DATA}"
 
@@ -87,11 +92,31 @@ for s in 0 1 4 5 44; do
 done
 
 verbose "test $tid: cmd check"
-${SSH} -F $OBJ/ssh_config -S $CTL -Ocheck otherhost >>$TEST_SSH_LOGFILE 2>&1 \
+${SSH} -F $OBJ/ssh_config -S $CTL -Ocheck otherhost >>$TEST_REGRESS_LOGFILE 2>&1 \
     || fail "check command failed" 
 
+verbose "test $tid: cmd forward local"
+${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -L $P:localhost:$PORT otherhost \
+     || fail "request local forward failed"
+${SSH} -F $OBJ/ssh_config -p$P otherhost true \
+     || fail "connect to local forward port failed"
+${SSH} -F $OBJ/ssh_config -S $CTL -Ocancel -L $P:localhost:$PORT otherhost \
+     || fail "cancel local forward failed"
+${SSH} -F $OBJ/ssh_config -p$P otherhost true \
+     && fail "local forward port still listening"
+
+verbose "test $tid: cmd forward remote"
+${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -R $P:localhost:$PORT otherhost \
+     || fail "request remote forward failed"
+${SSH} -F $OBJ/ssh_config -p$P otherhost true \
+     || fail "connect to remote forwarded port failed"
+${SSH} -F $OBJ/ssh_config -S $CTL -Ocancel -R $P:localhost:$PORT otherhost \
+     || fail "cancel remote forward failed"
+${SSH} -F $OBJ/ssh_config -p$P otherhost true \
+     && fail "remote forward port still listening"
+
 verbose "test $tid: cmd exit"
-${SSH} -F $OBJ/ssh_config -S $CTL -Oexit otherhost >>$TEST_SSH_LOGFILE 2>&1 \
+${SSH} -F $OBJ/ssh_config -S $CTL -Oexit otherhost >>$TEST_REGRESS_LOGFILE 2>&1 \
     || fail "send exit command failed" 
 
 # Wait for master to exit
@@ -101,15 +126,13 @@ kill -0 $MASTER_PID >/dev/null 2>&1 && fail "exit command failed"
 # Restart master and test -O stop command with master using -N
 verbose "test $tid: cmd stop"
 trace "restart master, fork to background"
-${SSH} -Nn2 -MS$CTL -F $OBJ/ssh_config -oSendEnv="_XXX_TEST" somehost &
-MASTER_PID=$!
-wait_for_mux_master_ready
+start_mux_master
 
 # start a long-running command then immediately request a stop
 ${SSH} -F $OBJ/ssh_config -S $CTL otherhost "sleep 10; exit 0" \
-     >>$TEST_SSH_LOGFILE 2>&1 &
+     >>$TEST_REGRESS_LOGFILE 2>&1 &
 SLEEP_PID=$!
-${SSH} -F $OBJ/ssh_config -S $CTL -Ostop otherhost >>$TEST_SSH_LOGFILE 2>&1 \
+${SSH} -F $OBJ/ssh_config -S $CTL -Ostop otherhost >>$TEST_REGRESS_LOGFILE 2>&1 \
     || fail "send stop command failed"
 
 # wait until both long-running command and master have exited.
diff --git a/regress/portnum.sh b/regress/portnum.sh
index 1de0680fe..c56b869a3 100644
--- a/regress/portnum.sh
+++ b/regress/portnum.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: portnum.sh,v 1.1 2009/08/13 00:57:17 djm Exp $
+#       $OpenBSD: portnum.sh,v 1.2 2013/05/17 10:34:30 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="port number parsing"
diff --git a/regress/proto-version.sh b/regress/proto-version.sh
index 1651a69e1..b876dd7ec 100644
--- a/regress/proto-version.sh
+++ b/regress/proto-version.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: proto-version.sh,v 1.3 2002/03/15 13:08:56 markus Exp $
+#       $OpenBSD: proto-version.sh,v 1.4 2013/05/17 00:37:40 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="sshd version with different protocol combinations"
@@ -8,7 +8,7 @@ check_version ()
 {
         version=$1
         expect=$2
-        banner=`echon | ${SSHD} -o "Protocol=${version}" -i -f ${OBJ}/sshd_proxy`
+        banner=`printf '' | ${SSHD} -o "Protocol=${version}" -i -f ${OBJ}/sshd_proxy`
         case ${banner} in
         SSH-1.99-*)
                 proto=199
diff --git a/regress/proxy-connect.sh b/regress/proxy-connect.sh
index 6a36b2513..76e602dd6 100644
--- a/regress/proxy-connect.sh
+++ b/regress/proxy-connect.sh
@@ -1,8 +1,9 @@
-#       $OpenBSD: proxy-connect.sh,v 1.5 2002/12/09 15:28:46 markus Exp $
+#       $OpenBSD: proxy-connect.sh,v 1.6 2013/03/07 00:20:34 djm Exp $
 #       Placed in the Public Domain.
 
 tid="proxy connect"
 
+verbose "plain username"
 for p in 1 2; do
         ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true
         if [ $? -ne 0 ]; then
@@ -16,3 +17,10 @@ for p in 1 2; do
                 fail "bad SSH_CONNECTION"
         fi
 done
+
+verbose "username with style"
+for p in 1 2; do
+        ${SSH} -$p -F $OBJ/ssh_proxy ${USER}:style@999.999.999.999 true || \
+                fail "ssh proxyconnect protocol $p failed"
+done
+
diff --git a/regress/putty-ciphers.sh b/regress/putty-ciphers.sh
index 928ea60d2..724a98cc1 100644
--- a/regress/putty-ciphers.sh
+++ b/regress/putty-ciphers.sh
@@ -1,11 +1,8 @@
-#       $OpenBSD: putty-ciphers.sh,v 1.3 2008/11/10 02:06:35 djm Exp $
+#       $OpenBSD: putty-ciphers.sh,v 1.4 2013/05/17 04:29:14 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="putty ciphers"
 
-DATA=/bin/ls
-COPY=${OBJ}/copy
-
 if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
         echo "putty interop tests not enabled"
         exit 0
diff --git a/regress/putty-kex.sh b/regress/putty-kex.sh
index 293885a8a..1844d6599 100644
--- a/regress/putty-kex.sh
+++ b/regress/putty-kex.sh
@@ -1,11 +1,8 @@
-#       $OpenBSD: putty-kex.sh,v 1.2 2008/06/30 10:31:11 djm Exp $
+#       $OpenBSD: putty-kex.sh,v 1.3 2013/05/17 04:29:14 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="putty KEX"
 
-DATA=/bin/ls
-COPY=${OBJ}/copy
-
 if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
         echo "putty interop tests not enabled"
         exit 0
diff --git a/regress/putty-transfer.sh b/regress/putty-transfer.sh
index 9e1e1550a..aec0e04ee 100644
--- a/regress/putty-transfer.sh
+++ b/regress/putty-transfer.sh
@@ -1,11 +1,8 @@
-#       $OpenBSD: putty-transfer.sh,v 1.2 2008/06/30 10:31:11 djm Exp $
+#       $OpenBSD: putty-transfer.sh,v 1.3 2013/05/17 04:29:14 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="putty transfer data"
 
-DATA=/bin/ls
-COPY=${OBJ}/copy
-
 if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
         echo "putty interop tests not enabled"
         exit 0
diff --git a/regress/reexec.sh b/regress/reexec.sh
index 9464eb699..433573f06 100644
--- a/regress/reexec.sh
+++ b/regress/reexec.sh
@@ -1,12 +1,10 @@
-#       $OpenBSD: reexec.sh,v 1.5 2004/10/08 02:01:50 djm Exp $
+#       $OpenBSD: reexec.sh,v 1.7 2013/05/17 10:23:52 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="reexec tests"
 
-DATA=/bin/ls${EXEEXT}
-COPY=${OBJ}/copy
-SSHD_ORIG=$SSHD${EXEEXT}
-SSHD_COPY=$OBJ/sshd${EXEEXT}
+SSHD_ORIG=$SSHD
+SSHD_COPY=$OBJ/sshd
 
 # Start a sshd and then delete it
 start_sshd_copy ()
diff --git a/regress/rekey.sh b/regress/rekey.sh
index 3c5f266fc..8eb7efaf9 100644
--- a/regress/rekey.sh
+++ b/regress/rekey.sh
@@ -1,23 +1,18 @@
-#       $OpenBSD: rekey.sh,v 1.1 2003/03/28 13:58:28 markus Exp $
+#       $OpenBSD: rekey.sh,v 1.8 2013/05/17 04:29:14 dtucker Exp $
 #       Placed in the Public Domain.
 
-tid="rekey during transfer data"
+tid="rekey"
 
-DATA=${OBJ}/data
-COPY=${OBJ}/copy
-LOG=${OBJ}/log
+LOG=${TEST_SSH_LOGFILE}
 
-rm -f ${COPY} ${LOG} ${DATA}
-touch ${DATA}
-dd if=/bin/ls${EXEEXT} of=${DATA} bs=1k seek=511 count=1 > /dev/null 2>&1
+rm -f ${LOG}
 
 for s in 16 1k 128k 256k; do
-        trace "rekeylimit ${s}"
-        rm -f ${COPY}
+        verbose "client rekeylimit ${s}"
+        rm -f ${COPY} ${LOG}
         cat $DATA | \
                 ${SSH} -oCompression=no -oRekeyLimit=$s \
-                        -v -F $OBJ/ssh_proxy somehost "cat > ${COPY}" \
-                2> ${LOG}
+                        -v -F $OBJ/ssh_proxy somehost "cat > ${COPY}"
         if [ $? -ne 0 ]; then
                 fail "ssh failed"
         fi
@@ -29,4 +24,86 @@ for s in 16 1k 128k 256k; do
                 fail "no rekeying occured"
         fi
 done
-rm -f ${COPY} ${LOG} ${DATA}
+
+for s in 5 10; do
+        verbose "client rekeylimit default ${s}"
+        rm -f ${COPY} ${LOG}
+        cat $DATA | \
+                ${SSH} -oCompression=no -oRekeyLimit="default $s" -F \
+                        $OBJ/ssh_proxy somehost "cat >${COPY};sleep $s;sleep 3"
+        if [ $? -ne 0 ]; then
+                fail "ssh failed"
+        fi
+        cmp $DATA ${COPY}               || fail "corrupted copy"
+        n=`grep 'NEWKEYS sent' ${LOG} | wc -l`
+        n=`expr $n - 1`
+        trace "$n rekeying(s)"
+        if [ $n -lt 1 ]; then
+                fail "no rekeying occured"
+        fi
+done
+
+for s in 5 10; do
+        verbose "client rekeylimit default ${s} no data"
+        rm -f ${COPY} ${LOG}
+        ${SSH} -oCompression=no -oRekeyLimit="default $s" -F \
+                $OBJ/ssh_proxy somehost "sleep $s;sleep 3"
+        if [ $? -ne 0 ]; then
+                fail "ssh failed"
+        fi
+        n=`grep 'NEWKEYS sent' ${LOG} | wc -l`
+        n=`expr $n - 1`
+        trace "$n rekeying(s)"
+        if [ $n -lt 1 ]; then
+                fail "no rekeying occured"
+        fi
+done
+
+echo "rekeylimit default 5" >>$OBJ/sshd_proxy
+for s in 5 10; do
+        verbose "server rekeylimit default ${s} no data"
+        rm -f ${COPY} ${LOG}
+        ${SSH} -oCompression=no -F $OBJ/ssh_proxy somehost "sleep $s;sleep 3"
+        if [ $? -ne 0 ]; then
+                fail "ssh failed"
+        fi
+        n=`grep 'NEWKEYS sent' ${LOG} | wc -l`
+        n=`expr $n - 1`
+        trace "$n rekeying(s)"
+        if [ $n -lt 1 ]; then
+                fail "no rekeying occured"
+        fi
+done
+
+verbose "rekeylimit parsing"
+for size in 16 1k 1K 1m 1M 1g 1G; do
+    for time in 1 1m 1M 1h 1H 1d 1D 1w 1W; do
+        case $size in
+                16)     bytes=16 ;;
+                1k|1K)  bytes=1024 ;;
+                1m|1M)  bytes=1048576 ;;
+                1g|1G)  bytes=1073741824 ;;
+        esac
+        case $time in
+                1)      seconds=1 ;;
+                1m|1M)  seconds=60 ;;
+                1h|1H)  seconds=3600 ;;
+                1d|1D)  seconds=86400 ;;
+                1w|1W)  seconds=604800 ;;
+        esac
+
+        b=`$SUDO ${SSHD} -T -o "rekeylimit $size $time" -f $OBJ/sshd_proxy | \
+            awk '/rekeylimit/{print $2}'`
+        s=`$SUDO ${SSHD} -T -o "rekeylimit $size $time" -f $OBJ/sshd_proxy | \
+            awk '/rekeylimit/{print $3}'`
+
+        if [ "$bytes" != "$b" ]; then
+                fatal "rekeylimit size: expected $bytes got $b"
+        fi
+        if [ "$seconds" != "$s" ]; then
+                fatal "rekeylimit time: expected $time got $s"
+        fi
+    done
+done
+
+rm -f ${COPY} ${DATA}
diff --git a/regress/runtests.sh b/regress/runtests.sh
deleted file mode 100755
index 9808eb8a7..000000000
--- a/regress/runtests.sh
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/sh
-
-TEST_SSH_SSH=../ssh
-TEST_SSH_SSHD=../sshd
-TEST_SSH_SSHAGENT=../ssh-agent
-TEST_SSH_SSHADD=../ssh-add
-TEST_SSH_SSHKEYGEN=../ssh-keygen
-TEST_SSH_SSHKEYSCAN=../ssh-keyscan
-TEST_SSH_SFTP=../sftp
-TEST_SSH_SFTPSERVER=../sftp-server
-
-pmake
-
diff --git a/regress/scp.sh b/regress/scp.sh
index c5d412dd9..29c5b35d4 100644
--- a/regress/scp.sh
+++ b/regress/scp.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: scp.sh,v 1.7 2006/01/31 10:36:33 djm Exp $
+#       $OpenBSD: scp.sh,v 1.9 2013/05/17 10:35:43 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="scp"
@@ -12,8 +12,6 @@ else
         DIFFOPT="-r"
 fi
 
-DATA=/bin/ls${EXEEXT}
-COPY=${OBJ}/copy
 COPY2=${OBJ}/copy2
 DIR=${COPY}.dd
 DIR2=${COPY}.dd2
diff --git a/regress/sftp-badcmds.sh b/regress/sftp-badcmds.sh
index 08009f26b..7f85c4f22 100644
--- a/regress/sftp-badcmds.sh
+++ b/regress/sftp-badcmds.sh
@@ -1,12 +1,10 @@
-#       $OpenBSD: sftp-badcmds.sh,v 1.4 2009/08/13 01:11:55 djm Exp $
+#       $OpenBSD: sftp-badcmds.sh,v 1.6 2013/05/17 10:26:26 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="sftp invalid commands"
 
-DATA=/bin/ls${EXEEXT}
 DATA2=/bin/sh${EXEEXT}
 NONEXIST=/NONEXIST.$$
-COPY=${OBJ}/copy
 GLOBFILES=`(cd /bin;echo l*)`
 
 rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd
diff --git a/regress/sftp-batch.sh b/regress/sftp-batch.sh
index a51ef0782..41011549b 100644
--- a/regress/sftp-batch.sh
+++ b/regress/sftp-batch.sh
@@ -1,10 +1,8 @@
-#       $OpenBSD: sftp-batch.sh,v 1.4 2009/08/13 01:11:55 djm Exp $
+#       $OpenBSD: sftp-batch.sh,v 1.5 2013/05/17 04:29:14 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="sftp batchfile"
 
-DATA=/bin/ls${EXEEXT}
-COPY=${OBJ}/copy
 BATCH=${OBJ}/sftp.bb
 
 rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.*
diff --git a/regress/sftp-chroot.sh b/regress/sftp-chroot.sh
new file mode 100644
index 000000000..03b9bc6d7
--- /dev/null
+++ b/regress/sftp-chroot.sh
@@ -0,0 +1,25 @@
+#       $OpenBSD: sftp-chroot.sh,v 1.2 2013/05/17 04:29:14 dtucker Exp $
+#       Placed in the Public Domain.
+
+tid="sftp in chroot"
+
+CHROOT=/var/run
+FILENAME=testdata_${USER}
+PRIVDATA=${CHROOT}/${FILENAME}
+
+if [ -z "$SUDO" ]; then
+  echo "skipped: need SUDO to create file in /var/run, test won't work without"
+  exit 0
+fi
+
+$SUDO sh -c "echo mekmitastdigoat > $PRIVDATA" || \
+        fatal "create $PRIVDATA failed"
+
+start_sshd -oChrootDirectory=$CHROOT -oForceCommand="internal-sftp -d /"
+
+verbose "test $tid: get"
+${SFTP} -qS "$SSH" -F $OBJ/ssh_config host:/${FILENAME} $COPY || \
+        fatal "Fetch ${FILENAME} failed"
+cmp $PRIVDATA $COPY || fail "$PRIVDATA $COPY differ"
+
+$SUDO rm $PRIVDATA
diff --git a/regress/sftp-cmds.sh b/regress/sftp-cmds.sh
index 2e0300e16..aad7fcac2 100644
--- a/regress/sftp-cmds.sh
+++ b/regress/sftp-cmds.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: sftp-cmds.sh,v 1.12 2012/06/01 00:52:52 djm Exp $
+#       $OpenBSD: sftp-cmds.sh,v 1.14 2013/06/21 02:26:26 djm Exp $
 #       Placed in the Public Domain.
 
 # XXX - TODO: 
@@ -7,8 +7,6 @@
 
 tid="sftp commands"
 
-DATA=/bin/ls${EXEEXT}
-COPY=${OBJ}/copy
 # test that these files are readable!
 for i in `(cd /bin;echo l*)`
 do
@@ -108,7 +106,7 @@ rm -f ${COPY}.dd/*
 verbose "$tid: get to directory"
 echo "get $DATA ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
         || fail "get failed"
-cmp $DATA ${COPY}.dd/`basename $DATA` || fail "corrupted copy after get"
+cmp $DATA ${COPY}.dd/$DATANAME || fail "corrupted copy after get"
 
 rm -f ${COPY}.dd/*
 verbose "$tid: glob get to directory"
@@ -122,7 +120,7 @@ rm -f ${COPY}.dd/*
 verbose "$tid: get to local dir"
 (echo "lcd ${COPY}.dd"; echo "get $DATA" ) | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
         || fail "get failed"
-cmp $DATA ${COPY}.dd/`basename $DATA` || fail "corrupted copy after get"
+cmp $DATA ${COPY}.dd/$DATANAME || fail "corrupted copy after get"
 
 rm -f ${COPY}.dd/*
 verbose "$tid: glob get to local dir"
@@ -156,7 +154,7 @@ rm -f ${COPY}.dd/*
 verbose "$tid: put to directory"
 echo "put $DATA ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
         || fail "put failed"
-cmp $DATA ${COPY}.dd/`basename $DATA` || fail "corrupted copy after put"
+cmp $DATA ${COPY}.dd/$DATANAME || fail "corrupted copy after put"
 
 rm -f ${COPY}.dd/*
 verbose "$tid: glob put to directory"
@@ -170,7 +168,7 @@ rm -f ${COPY}.dd/*
 verbose "$tid: put to local dir"
 (echo "cd ${COPY}.dd"; echo "put $DATA") | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
         || fail "put failed"
-cmp $DATA ${COPY}.dd/`basename $DATA` || fail "corrupted copy after put"
+cmp $DATA ${COPY}.dd/$DATANAME || fail "corrupted copy after put"
 
 rm -f ${COPY}.dd/*
 verbose "$tid: glob put to local dir"
diff --git a/regress/sftp.sh b/regress/sftp.sh
index f84fa6f4e..b8e9f7527 100644
--- a/regress/sftp.sh
+++ b/regress/sftp.sh
@@ -1,11 +1,8 @@
-#       $OpenBSD: sftp.sh,v 1.3 2009/08/13 01:11:55 djm Exp $
+#       $OpenBSD: sftp.sh,v 1.5 2013/05/17 10:28:11 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="basic sftp put/get"
 
-DATA=/bin/ls${EXEEXT}
-COPY=${OBJ}/copy
-
 SFTPCMDFILE=${OBJ}/batch
 cat >$SFTPCMDFILE <<EOF
 version
diff --git a/regress/ssh-com-client.sh b/regress/ssh-com-client.sh
index 324a0a723..e4f80cf0a 100644
--- a/regress/ssh-com-client.sh
+++ b/regress/ssh-com-client.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: ssh-com-client.sh,v 1.6 2004/02/24 17:06:52 markus Exp $
+#       $OpenBSD: ssh-com-client.sh,v 1.7 2013/05/17 04:29:14 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="connect with ssh.com client"
@@ -67,10 +67,6 @@ EOF
 # we need a real server (no ProxyConnect option)
 start_sshd
 
-DATA=/bin/ls${EXEEXT}
-COPY=${OBJ}/copy
-rm -f ${COPY}
-
 # go for it
 for v in ${VERSIONS}; do
         ssh2=${TEST_COMBASE}/${v}/ssh2
diff --git a/regress/ssh-com-sftp.sh b/regress/ssh-com-sftp.sh
index be6f4e0dc..fabfa4983 100644
--- a/regress/ssh-com-sftp.sh
+++ b/regress/ssh-com-sftp.sh
@@ -1,10 +1,8 @@
-#       $OpenBSD: ssh-com-sftp.sh,v 1.6 2009/08/20 18:43:07 djm Exp $
+#       $OpenBSD: ssh-com-sftp.sh,v 1.7 2013/05/17 04:29:14 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="basic sftp put/get with ssh.com server"
 
-DATA=/bin/ls${EXEEXT}
-COPY=${OBJ}/copy
 SFTPCMDFILE=${OBJ}/batch
 
 cat >$SFTPCMDFILE <<EOF
diff --git a/regress/ssh-com.sh b/regress/ssh-com.sh
index 7bcd85b65..6c5cfe888 100644
--- a/regress/ssh-com.sh
+++ b/regress/ssh-com.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: ssh-com.sh,v 1.7 2004/02/24 17:06:52 markus Exp $
+#       $OpenBSD: ssh-com.sh,v 1.8 2013/05/17 00:37:40 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="connect to ssh.com server"
@@ -70,7 +70,7 @@ done
 
 # convert and append DSA hostkey
 (
-        echon 'ssh2-localhost-with-alias,127.0.0.1,::1 '
+        printf 'ssh2-localhost-with-alias,127.0.0.1,::1 '
         ${SSHKEYGEN} -if ${SRC}/dsa_ssh2.pub
 ) >> $OBJ/known_hosts
 
diff --git a/regress/sshd-log-wrapper.sh b/regress/sshd-log-wrapper.sh
index c7a5ef3a6..a9386be4d 100644
--- a/regress/sshd-log-wrapper.sh
+++ b/regress/sshd-log-wrapper.sh
@@ -1,5 +1,5 @@
 #!/bin/sh
-#       $OpenBSD: sshd-log-wrapper.sh,v 1.2 2005/02/27 11:40:30 dtucker Exp $
+#       $OpenBSD: sshd-log-wrapper.sh,v 1.3 2013/04/07 02:16:03 dtucker Exp $
 #       Placed in the Public Domain.
 #
 # simple wrapper for sshd proxy mode to catch stderr output
@@ -10,4 +10,4 @@ log=$2
 shift
 shift
 
-exec $sshd $@ -e 2>>$log
+exec $sshd -E$log $@
diff --git a/regress/stderr-after-eof.sh b/regress/stderr-after-eof.sh
index 05a5ea56d..218ac6b68 100644
--- a/regress/stderr-after-eof.sh
+++ b/regress/stderr-after-eof.sh
@@ -1,29 +1,13 @@
-#       $OpenBSD: stderr-after-eof.sh,v 1.1 2002/03/23 16:38:09 markus Exp $
+#       $OpenBSD: stderr-after-eof.sh,v 1.2 2013/05/17 04:29:14 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="stderr data after eof"
 
-DATA=/etc/motd
-DATA=${OBJ}/data
-COPY=${OBJ}/copy
-
-if have_prog md5sum; then
-        CHECKSUM=md5sum
-elif have_prog openssl; then
-        CHECKSUM="openssl md5"
-elif have_prog cksum; then
-        CHECKSUM=cksum
-elif have_prog sum; then
-        CHECKSUM=sum
-else
-        fatal "No checksum program available, aborting $tid test"
-fi
-
 # setup data
 rm -f ${DATA} ${COPY}
 cp /dev/null ${DATA}
 for i in 1 2 3 4 5 6; do
-        (date;echo $i) | $CHECKSUM >> ${DATA}
+        (date;echo $i) | md5 >> ${DATA}
 done
 
 ${SSH} -2 -F $OBJ/ssh_proxy otherhost \
diff --git a/regress/stderr-data.sh b/regress/stderr-data.sh
index 1daf79bb5..b0bd2355c 100644
--- a/regress/stderr-data.sh
+++ b/regress/stderr-data.sh
@@ -1,12 +1,8 @@
-#       $OpenBSD: stderr-data.sh,v 1.2 2002/03/27 22:39:52 markus Exp $
+#       $OpenBSD: stderr-data.sh,v 1.3 2013/05/17 04:29:14 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="stderr data transfer"
 
-DATA=/bin/ls${EXEEXT}
-COPY=${OBJ}/copy
-rm -f ${COPY}
-
 for n in '' -n; do
 for p in 1 2; do
         verbose "test $tid: proto $p ($n)"
diff --git a/regress/test-exec.sh b/regress/test-exec.sh
index aa4e6e5c0..eee446264 100644
--- a/regress/test-exec.sh
+++ b/regress/test-exec.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: test-exec.sh,v 1.37 2010/02/24 06:21:56 djm Exp $
+#       $OpenBSD: test-exec.sh,v 1.46 2013/06/21 02:26:26 djm Exp $
 #       Placed in the Public Domain.
 
 #SUDO=sudo
@@ -136,30 +136,49 @@ case "$SSHD" in
 *) SSHD=`which sshd` ;;
 esac
 
+# Logfiles.
+# SSH_LOGFILE should be the debug output of ssh(1) only
+# SSHD_LOGFILE should be the debug output of sshd(8) only
+# REGRESS_LOGFILE is the output of the test itself stdout and stderr
 if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
-        TEST_SSH_LOGFILE=/dev/null
+        TEST_SSH_LOGFILE=$OBJ/ssh.log
+fi
+if [ "x$TEST_SSHD_LOGFILE" = "x" ]; then
+        TEST_SSHD_LOGFILE=$OBJ/sshd.log
+fi
+if [ "x$TEST_REGRESS_LOGFILE" = "x" ]; then
+        TEST_REGRESS_LOGFILE=$OBJ/regress.log
 fi
 
-# Some data for test copies
-DATA=$OBJ/testdata
-cat $SSHD${EXEEXT} $SSHD${EXEEXT} $SSHD${EXEEXT} $SSHD${EXEEXT} >$DATA
+# truncate logfiles
+>$TEST_SSH_LOGFILE
+>$TEST_SSHD_LOGFILE
+>$TEST_REGRESS_LOGFILE
+
+# Create wrapper ssh with logging.  We can't just specify "SSH=ssh -E..."
+# because sftp and scp don't handle spaces in arguments.
+SSHLOGWRAP=$OBJ/ssh-log-wrapper.sh
+echo "#!/bin/sh" > $SSHLOGWRAP
+echo "exec ${SSH} -E${TEST_SSH_LOGFILE} "'"$@"' >>$SSHLOGWRAP
+
+chmod a+rx $OBJ/ssh-log-wrapper.sh
+SSH="$SSHLOGWRAP"
+
+# Some test data.  We make a copy because some tests will overwrite it.
+# The tests may assume that $DATA exists and is writable and $COPY does
+# not exist.
+DATANAME=data
+DATA=$OBJ/${DATANAME}
+cat $SSHD $SSHD $SSHD $SSHD >${DATA}
+chmod u+w ${DATA}
+COPY=$OBJ/copy
+rm -f ${COPY}
 
 # these should be used in tests
 export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
 #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
 
-# helper
-echon()
-{
-       if [ "x`echo -n`" = "x" ]; then
-               echo -n "$@"
-       elif [ "x`echo '\c'`" = "x" ]; then
-               echo "$@\c"
-       else
-               fatal "Don't know how to echo without newline."
-       fi
-}
-
+# Portable specific functions
 have_prog()
 {
         saved_IFS="$IFS"
@@ -175,6 +194,37 @@ have_prog()
         return 1
 }
 
+jot() {
+        awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } exit }"
+}
+
+# Check whether preprocessor symbols are defined in config.h.
+config_defined ()
+{
+        str=$1
+        while test "x$2" != "x" ; do
+                str="$str|$2"
+                shift
+        done
+        egrep "^#define.*($str)" ${BUILDDIR}/config.h >/dev/null 2>&1
+}
+
+md5 () {
+        if have_prog md5sum; then
+                md5sum
+        elif have_prog openssl; then
+                openssl md5
+        elif have_prog cksum; then
+                cksum
+        elif have_prog sum; then
+                sum
+        else
+                wc -c
+        fi
+}
+# End of portable specific functions
+
+# helper
 cleanup ()
 {
         if [ -f $PIDFILE ]; then
@@ -199,9 +249,26 @@ cleanup ()
         fi
 }
 
+start_debug_log ()
+{
+        echo "trace: $@" >$TEST_REGRESS_LOGFILE
+        echo "trace: $@" >$TEST_SSH_LOGFILE
+        echo "trace: $@" >$TEST_SSHD_LOGFILE
+}
+
+save_debug_log ()
+{
+        echo $@ >>$TEST_REGRESS_LOGFILE
+        echo $@ >>$TEST_SSH_LOGFILE
+        echo $@ >>$TEST_SSHD_LOGFILE
+        (cat $TEST_REGRESS_LOGFILE; echo) >>$OBJ/failed-regress.log
+        (cat $TEST_SSH_LOGFILE; echo) >>$OBJ/failed-ssh.log
+        (cat $TEST_SSHD_LOGFILE; echo) >>$OBJ/failed-sshd.log
+}
+
 trace ()
 {
-        echo "trace: $@" >>$TEST_SSH_LOGFILE
+        start_debug_log $@
         if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
                 echo "$@"
         fi
@@ -209,7 +276,7 @@ trace ()
 
 verbose ()
 {
-        echo "verbose: $@" >>$TEST_SSH_LOGFILE
+        start_debug_log $@
         if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
                 echo "$@"
         fi
@@ -223,31 +290,21 @@ warn ()
 
 fail ()
 {
-        echo "FAIL: $@" >>$TEST_SSH_LOGFILE
+        save_debug_log "FAIL: $@"
         RESULT=1
         echo "$@"
+
 }
 
 fatal ()
 {
-        echo "FATAL: $@" >>$TEST_SSH_LOGFILE
-        echon "FATAL: "
+        save_debug_log "FATAL: $@"
+        printf "FATAL: "
         fail "$@"
         cleanup
         exit $RESULT
 }
 
-# Check whether preprocessor symbols are defined in config.h.
-config_defined ()
-{
-        str=$1
-        while test "x$2" != "x" ; do
-                str="$str|$2"
-                shift
-        done
-        egrep "^#define.*($str)" ${BUILDDIR}/config.h >/dev/null 2>&1
-}
-
 RESULT=0
 PIDFILE=$OBJ/pidfile
 
@@ -263,7 +320,7 @@ cat << EOF > $OBJ/sshd_config
         #ListenAddress          ::1
         PidFile                 $PIDFILE
         AuthorizedKeysFile      $OBJ/authorized_keys_%u
-        LogLevel                VERBOSE
+        LogLevel                DEBUG3
         AcceptEnv               _XXX_TEST_*
         AcceptEnv               _XXX_TEST
         Subsystem       sftp    $SFTPSERVER
@@ -295,8 +352,10 @@ Host *
         ChallengeResponseAuthentication no
         HostbasedAuthentication no
         PasswordAuthentication  no
+        RhostsRSAAuthentication no
         BatchMode               yes
         StrictHostKeyChecking   yes
+        LogLevel                DEBUG3
 EOF
 
 if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
@@ -309,13 +368,15 @@ rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
 trace "generate keys"
 for t in rsa rsa1; do
         # generate user key
-        rm -f $OBJ/$t
-        ${SSHKEYGEN} -b 1024 -q -N '' -t $t  -f $OBJ/$t ||\
-                fail "ssh-keygen for $t failed"
+        if [ ! -f $OBJ/$t ] || [ ${SSHKEYGEN} -nt $OBJ/$t ]; then
+                rm -f $OBJ/$t
+                ${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
+                        fail "ssh-keygen for $t failed"
+        fi
 
         # known hosts file for client
         (
-                echon 'localhost-with-alias,127.0.0.1,::1 '
+                printf 'localhost-with-alias,127.0.0.1,::1 '
                 cat $OBJ/$t.pub
         ) >> $OBJ/known_hosts
 
@@ -370,7 +431,7 @@ if test "$REGRESS_INTEROP_PUTTY" = "yes" ; then
         echo "Hostname=127.0.0.1" >> ${OBJ}/.putty/sessions/localhost_proxy
         echo "PortNumber=$PORT" >> ${OBJ}/.putty/sessions/localhost_proxy
         echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy
-        echo "ProxyTelnetCommand=sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy 
+        echo "ProxyTelnetCommand=sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSHD_LOGFILE} -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy
 
         REGRESS_INTEROP_PUTTY=yes
 fi
@@ -378,7 +439,7 @@ fi
 # create a proxy version of the client config
 (
         cat $OBJ/ssh_config
-        echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy
+        echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSHD_LOGFILE} -i -f $OBJ/sshd_proxy
 ) > $OBJ/ssh_proxy
 
 # check proxy config
@@ -388,7 +449,7 @@ start_sshd ()
 {
         # start sshd
         $SUDO ${SSHD} -f $OBJ/sshd_config "$@" -t || fatal "sshd_config broken"
-        $SUDO ${SSHD} -f $OBJ/sshd_config -e "$@" >>$TEST_SSH_LOGFILE 2>&1
+        $SUDO ${SSHD} -f $OBJ/sshd_config "$@" -E$TEST_SSHD_LOGFILE
 
         trace "wait for sshd"
         i=0;
diff --git a/regress/transfer.sh b/regress/transfer.sh
index 13ea367d5..1ae3ef5bf 100644
--- a/regress/transfer.sh
+++ b/regress/transfer.sh
@@ -1,11 +1,8 @@
-#       $OpenBSD: transfer.sh,v 1.1 2002/03/27 00:03:37 markus Exp $
+#       $OpenBSD: transfer.sh,v 1.2 2013/05/17 04:29:14 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="transfer data"
 
-DATA=/bin/ls${EXEEXT}
-COPY=${OBJ}/copy
-
 for p in 1 2; do
         verbose "$tid: proto $p"
         rm -f ${COPY}
diff --git a/regress/try-ciphers.sh b/regress/try-ciphers.sh
index 084a1457a..e17c9f5e9 100644
--- a/regress/try-ciphers.sh
+++ b/regress/try-ciphers.sh
@@ -1,4 +1,4 @@
-#       $OpenBSD: try-ciphers.sh,v 1.19 2013/02/11 23:58:51 djm Exp $
+#       $OpenBSD: try-ciphers.sh,v 1.20 2013/05/17 10:16:26 dtucker Exp $
 #       Placed in the Public Domain.
 
 tid="try ciphers"
diff --git a/roaming_client.c b/roaming_client.c
index 48009d781..81c496827 100644
--- a/roaming_client.c
+++ b/roaming_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: roaming_client.c,v 1.4 2011/12/07 05:44:38 djm Exp $ */
+/* $OpenBSD: roaming_client.c,v 1.5 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Copyright (c) 2004-2009 AppGate Network Security AB
  *
@@ -187,10 +187,10 @@ roaming_resume(void)
                 debug("server doesn't allow resume");
                 goto fail;
         }
-        xfree(str);
+        free(str);
         for (i = 1; i < PROPOSAL_MAX; i++) {
                 /* kex algorithm taken care of so start with i=1 and not 0 */
-                xfree(packet_get_string(&len));
+                free(packet_get_string(&len));
         }
         i = packet_get_char(); /* first_kex_packet_follows */
         if (i && (c = strchr(kexlist, ',')))
@@ -226,8 +226,7 @@ roaming_resume(void)
         return 0;
 
 fail:
-        if (kexlist)
-                xfree(kexlist);
+        free(kexlist);
         if (packet_get_connection_in() == packet_get_connection_out())
                 close(packet_get_connection_in());
         else {
diff --git a/roaming_common.c b/roaming_common.c
index 8d0b6054a..50d6177d0 100644
--- a/roaming_common.c
+++ b/roaming_common.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: roaming_common.c,v 1.9 2011/12/07 05:44:38 djm Exp $ */
+/* $OpenBSD: roaming_common.c,v 1.10 2013/07/12 00:19:59 djm Exp $ */
 /*
  * Copyright (c) 2004-2009 AppGate Network Security AB
  *
@@ -227,7 +227,7 @@ calculate_new_key(u_int64_t *key, u_int64_t cookie, u_int64_t challenge)
 {
         const EVP_MD *md = EVP_sha1();
         EVP_MD_CTX ctx;
-        char hash[EVP_MAX_MD_SIZE];
+        u_char hash[EVP_MAX_MD_SIZE];
         Buffer b;
 
         buffer_init(&b);
diff --git a/rsa.c b/rsa.c
index bec1d190b..a9ee6b0ed 100644
--- a/rsa.c
+++ b/rsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa.c,v 1.29 2006/11/06 21:25:28 markus Exp $ */
+/* $OpenBSD: rsa.c,v 1.30 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -96,8 +96,8 @@ rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key)
 
         memset(outbuf, 0, olen);
         memset(inbuf, 0, ilen);
-        xfree(outbuf);
-        xfree(inbuf);
+        free(outbuf);
+        free(inbuf);
 }
 
 int
@@ -122,8 +122,8 @@ rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key)
         }
         memset(outbuf, 0, olen);
         memset(inbuf, 0, ilen);
-        xfree(outbuf);
-        xfree(inbuf);
+        free(outbuf);
+        free(inbuf);
         return len;
 }
 
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index e12418399..cc1465305 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -91,6 +91,7 @@ static const struct sock_filter preauth_insns[] = {
         SC_DENY(open, EACCES),
         SC_ALLOW(getpid),
         SC_ALLOW(gettimeofday),
+        SC_ALLOW(clock_gettime),
 #ifdef __NR_time /* not defined on EABI ARM */
         SC_ALLOW(time),
 #endif
diff --git a/sandbox-systrace.c b/sandbox-systrace.c
index 2d16a627f..cc0db46c4 100644
--- a/sandbox-systrace.c
+++ b/sandbox-systrace.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sandbox-systrace.c,v 1.6 2012/06/30 14:35:09 markus Exp $ */
+/* $OpenBSD: sandbox-systrace.c,v 1.7 2013/06/01 13:15:52 dtucker Exp $ */
 /*
  * Copyright (c) 2011 Damien Miller <djm@mindrot.org>
  *
@@ -57,6 +57,7 @@ static const struct sandbox_policy preauth_policy[] = {
         { SYS_exit, SYSTR_POLICY_PERMIT },
         { SYS_getpid, SYSTR_POLICY_PERMIT },
         { SYS_gettimeofday, SYSTR_POLICY_PERMIT },
+        { SYS_clock_gettime, SYSTR_POLICY_PERMIT },
         { SYS_madvise, SYSTR_POLICY_PERMIT },
         { SYS_mmap, SYSTR_POLICY_PERMIT },
         { SYS_mprotect, SYSTR_POLICY_PERMIT },
diff --git a/schnorr.c b/schnorr.c
index 4d54d6881..9549dcf0e 100644
--- a/schnorr.c
+++ b/schnorr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: schnorr.c,v 1.5 2010/12/03 23:49:26 djm Exp $ */
+/* $OpenBSD: schnorr.c,v 1.7 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
  *
@@ -102,7 +102,7 @@ schnorr_hash(const BIGNUM *p, const BIGNUM *q, const BIGNUM *g,
  out:
         buffer_free(&b);
         bzero(digest, digest_len);
-        xfree(digest);
+        free(digest);
         digest_len = 0;
         if (success == 0)
                 return h;
@@ -488,12 +488,13 @@ debug3_bn(const BIGNUM *n, const char *fmt, ...)
 {
         char *out, *h;
         va_list args;
+        int ret;
 
         out = NULL;
         va_start(args, fmt);
-        vasprintf(&out, fmt, args);
+        ret = vasprintf(&out, fmt, args);
         va_end(args);
-        if (out == NULL)
+        if (ret == -1 || out == NULL)
                 fatal("%s: vasprintf failed", __func__);
 
         if (n == NULL)
@@ -513,12 +514,13 @@ debug3_buf(const u_char *buf, u_int len, const char *fmt, ...)
         char *out, h[65];
         u_int i, j;
         va_list args;
+        int ret;
 
         out = NULL;
         va_start(args, fmt);
-        vasprintf(&out, fmt, args);
+        ret = vasprintf(&out, fmt, args);
         va_end(args);
-        if (out == NULL)
+        if (ret == -1 || out == NULL)
                 fatal("%s: vasprintf failed", __func__);
 
         debug3("%s length %u%s", out, len, buf == NULL ? " (null)" : "");
@@ -571,7 +573,7 @@ modp_group_free(struct modp_group *grp)
         if (grp->q != NULL)
                 BN_clear_free(grp->q);
         bzero(grp, sizeof(*grp));
-        xfree(grp);
+        free(grp);
 }
 
 /* main() function for self-test */
@@ -606,7 +608,7 @@ schnorr_selftest_one(const BIGNUM *grp_p, const BIGNUM *grp_q,
         if (schnorr_verify_buf(grp_p, grp_q, grp_g, g_x, "junk", 4,
             sig, siglen) != 0)
                 fatal("%s: verify should have failed (bit error)", __func__);
-        xfree(sig);
+        free(sig);
         BN_free(g_x);
         BN_CTX_free(bn_ctx);
 }
diff --git a/scp.0 b/scp.0
index 119d9293b..fe7087bc4 100644
--- a/scp.0
+++ b/scp.0
@@ -155,4 +155,4 @@ AUTHORS
      Timo Rinne <tri@iki.fi>
      Tatu Ylonen <ylo@cs.hut.fi>
 
-OpenBSD 5.3                    September 5, 2011                   OpenBSD 5.3
+OpenBSD 5.4                      July 16, 2013                     OpenBSD 5.4
diff --git a/scp.1 b/scp.1
index 734b97bb1..c83012c92 100644
--- a/scp.1
+++ b/scp.1
@@ -8,9 +8,9 @@
 .\"
 .\" Created: Sun May  7 00:14:37 1995 ylo
 .\"
-.\" $OpenBSD: scp.1,v 1.58 2011/09/05 07:01:44 jmc Exp $
+.\" $OpenBSD: scp.1,v 1.59 2013/07/16 00:07:52 schwarze Exp $
 .\"
-.Dd $Mdocdate: September 5 2011 $
+.Dd $Mdocdate: July 16 2013 $
 .Dt SCP 1
 .Os
 .Sh NAME
@@ -235,5 +235,5 @@ is based on the
 program in BSD source code from the Regents of the University of
 California.
 .Sh AUTHORS
-.An Timo Rinne Aq tri@iki.fi
-.An Tatu Ylonen Aq ylo@cs.hut.fi
+.An Timo Rinne Aq Mt tri@iki.fi
+.An Tatu Ylonen Aq Mt ylo@cs.hut.fi
diff --git a/scp.c b/scp.c
index e1fdd3985..b7a17abfe 100644
--- a/scp.c
+++ b/scp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: scp.c,v 1.171 2011/09/09 22:37:01 djm Exp $ */
+/* $OpenBSD: scp.c,v 1.178 2013/06/22 06:31:57 djm Exp $ */
 /*
  * scp - secure remote copy.  This is basically patched BSD rcp which
  * uses ssh to do the data transfer (instead of using rcmd).
@@ -558,6 +558,24 @@ scpio(void *_cnt, size_t s)
         return 0;
 }
 
+static int
+do_times(int fd, int verb, const struct stat *sb)
+{
+        /* strlen(2^64) == 20; strlen(10^6) == 7 */
+        char buf[(20 + 7 + 2) * 2 + 2];
+
+        (void)snprintf(buf, sizeof(buf), "T%llu 0 %llu 0\n",
+            (unsigned long long) (sb->st_mtime < 0 ? 0 : sb->st_mtime),
+            (unsigned long long) (sb->st_atime < 0 ? 0 : sb->st_atime));
+        if (verb) {
+                fprintf(stderr, "File mtime %lld atime %lld\n",
+                    (long long)sb->st_mtime, (long long)sb->st_atime);
+                fprintf(stderr, "Sending file timestamps: %s", buf);
+        }
+        (void) atomicio(vwrite, fd, buf, strlen(buf));
+        return (response());
+}
+
 void
 toremote(char *targ, int argc, char **argv)
 {
@@ -586,7 +604,7 @@ toremote(char *targ, int argc, char **argv)
         }
 
         if (tuser != NULL && !okname(tuser)) {
-                xfree(arg);
+                free(arg);
                 return;
         }
 
@@ -613,13 +631,13 @@ toremote(char *targ, int argc, char **argv)
                             *src == '-' ? "-- " : "", src);
                         if (do_cmd(host, suser, bp, &remin, &remout) < 0)
                                 exit(1);
-                        (void) xfree(bp);
+                        free(bp);
                         host = cleanhostname(thost);
                         xasprintf(&bp, "%s -t %s%s", cmd,
                             *targ == '-' ? "-- " : "", targ);
                         if (do_cmd2(host, tuser, bp, remin, remout) < 0)
                                 exit(1);
-                        (void) xfree(bp);
+                        free(bp);
                         (void) close(remin);
                         (void) close(remout);
                         remin = remout = -1;
@@ -670,12 +688,12 @@ toremote(char *targ, int argc, char **argv)
                                         exit(1);
                                 if (response() < 0)
                                         exit(1);
-                                (void) xfree(bp);
+                                free(bp);
                         }
                         source(1, argv + i);
                 }
         }
-        xfree(arg);
+        free(arg);
 }
 
 void
@@ -719,11 +737,11 @@ tolocal(int argc, char **argv)
                 xasprintf(&bp, "%s -f %s%s",
                     cmd, *src == '-' ? "-- " : "", src);
                 if (do_cmd(host, suser, bp, &remin, &remout) < 0) {
-                        (void) xfree(bp);
+                        free(bp);
                         ++errs;
                         continue;
                 }
-                xfree(bp);
+                free(bp);
                 sink(1, argv + argc - 1);
                 (void) close(remin);
                 remin = remout = -1;
@@ -782,21 +800,7 @@ syserr:			run_err("%s: %s", name, strerror(errno));
                         ++last;
                 curfile = last;
                 if (pflag) {
-                        /*
-                         * Make it compatible with possible future
-                         * versions expecting microseconds.
-                         */
-                        (void) snprintf(buf, sizeof buf, "T%lu 0 %lu 0\n",
-                            (u_long) (stb.st_mtime < 0 ? 0 : stb.st_mtime),
-                            (u_long) (stb.st_atime < 0 ? 0 : stb.st_atime));
-                        if (verbose_mode) {
-                                fprintf(stderr, "File mtime %ld atime %ld\n",
-                                    (long)stb.st_mtime, (long)stb.st_atime);
-                                fprintf(stderr, "Sending file timestamps: %s",
-                                    buf);
-                        }
-                        (void) atomicio(vwrite, remout, buf, strlen(buf));
-                        if (response() < 0)
+                        if (do_times(remout, verbose_mode, &stb) < 0)
                                 goto next;
                 }
 #define FILEMODEMASK    (S_ISUID|S_ISGID|S_IRWXU|S_IRWXG|S_IRWXO)
@@ -858,7 +862,7 @@ rsource(char *name, struct stat *statp)
 {
         DIR *dirp;
         struct dirent *dp;
-        char *last, *vect[1], path[1100];
+        char *last, *vect[1], path[MAXPATHLEN];
 
         if (!(dirp = opendir(name))) {
                 run_err("%s: %s", name, strerror(errno));
@@ -870,11 +874,7 @@ rsource(char *name, struct stat *statp)
         else
                 last++;
         if (pflag) {
-                (void) snprintf(path, sizeof(path), "T%lu 0 %lu 0\n",
-                    (u_long) statp->st_mtime,
-                    (u_long) statp->st_atime);
-                (void) atomicio(vwrite, remout, path, strlen(path));
-                if (response() < 0) {
+                if (do_times(remout, verbose_mode, statp) < 0) {
                         closedir(dirp);
                         return;
                 }
@@ -920,6 +920,7 @@ sink(int argc, char **argv)
         int amt, exists, first, ofd;
         mode_t mode, omode, mask;
         off_t size, statbytes;
+        unsigned long long ull;
         int setimes, targisdir, wrerrno = 0;
         char ch, *cp, *np, *targ, *why, *vect[1], buf[2048];
         struct timeval tv[2];
@@ -978,17 +979,31 @@ sink(int argc, char **argv)
                 if (*cp == 'T') {
                         setimes++;
                         cp++;
-                        mtime.tv_sec = strtol(cp, &cp, 10);
+                        if (!isdigit((unsigned char)*cp))
+                                SCREWUP("mtime.sec not present");
+                        ull = strtoull(cp, &cp, 10);
                         if (!cp || *cp++ != ' ')
                                 SCREWUP("mtime.sec not delimited");
+                        if ((time_t)ull < 0 ||
+                            (unsigned long long)(time_t)ull != ull)
+                                setimes = 0;    /* out of range */
+                        mtime.tv_sec = ull;
                         mtime.tv_usec = strtol(cp, &cp, 10);
-                        if (!cp || *cp++ != ' ')
+                        if (!cp || *cp++ != ' ' || mtime.tv_usec < 0 ||
+                            mtime.tv_usec > 999999)
                                 SCREWUP("mtime.usec not delimited");
-                        atime.tv_sec = strtol(cp, &cp, 10);
+                        if (!isdigit((unsigned char)*cp))
+                                SCREWUP("atime.sec not present");
+                        ull = strtoull(cp, &cp, 10);
                         if (!cp || *cp++ != ' ')
                                 SCREWUP("atime.sec not delimited");
+                        if ((time_t)ull < 0 ||
+                            (unsigned long long)(time_t)ull != ull)
+                                setimes = 0;    /* out of range */
+                        atime.tv_sec = ull;
                         atime.tv_usec = strtol(cp, &cp, 10);
-                        if (!cp || *cp++ != '\0')
+                        if (!cp || *cp++ != '\0' || atime.tv_usec < 0 ||
+                            atime.tv_usec > 999999)
                                 SCREWUP("atime.usec not delimited");
                         (void) atomicio(vwrite, remout, "", 1);
                         continue;
@@ -1031,8 +1046,7 @@ sink(int argc, char **argv)
 
                         need = strlen(targ) + strlen(cp) + 250;
                         if (need > cursize) {
-                                if (namebuf)
-                                        xfree(namebuf);
+                                free(namebuf);
                                 namebuf = xmalloc(need);
                                 cursize = need;
                         }
@@ -1071,12 +1085,11 @@ sink(int argc, char **argv)
                         }
                         if (mod_flag)
                                 (void) chmod(vect[0], mode);
-                        if (vect[0])
-                                xfree(vect[0]);
+                        free(vect[0]);
                         continue;
                 }
                 omode = mode;
-                mode |= S_IWRITE;
+                mode |= S_IWUSR;
                 if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) < 0) {
 bad:                    run_err("%s: %s", np, strerror(errno));
                         continue;
@@ -1333,7 +1346,7 @@ void
 lostconn(int signo)
 {
         if (!iamremote)
-                write(STDERR_FILENO, "lost connection\n", 16);
+                (void)write(STDERR_FILENO, "lost connection\n", 16);
         if (signo)
                 _exit(1);
         else
diff --git a/servconf.c b/servconf.c
index 1700d5aa6..a2928ff57 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
 
-/* $OpenBSD: servconf.c,v 1.234 2013/02/06 00:20:42 dtucker Exp $ */
+/* $OpenBSD: servconf.c,v 1.240 2013/07/19 07:37:48 markus Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -20,6 +20,7 @@
 #include <netinet/in_systm.h>
 #include <netinet/ip.h>
 
+#include <ctype.h>
 #include <netdb.h>
 #include <pwd.h>
 #include <stdio.h>
@@ -29,6 +30,9 @@
 #include <unistd.h>
 #include <stdarg.h>
 #include <errno.h>
+#ifdef HAVE_UTIL_H
+#include <util.h>
+#endif
 
 #include "openbsd-compat/sys-queue.h"
 #include "xmalloc.h"
@@ -75,6 +79,7 @@ initialize_server_options(ServerOptions *options)
         options->address_family = -1;
         options->num_host_key_files = 0;
         options->num_host_cert_files = 0;
+        options->host_key_agent = NULL;
         options->pid_file = NULL;
         options->server_key_bits = -1;
         options->login_grace_time = -1;
@@ -114,6 +119,8 @@ initialize_server_options(ServerOptions *options)
         options->permit_user_env = -1;
         options->use_login = -1;
         options->compression = -1;
+        options->rekey_limit = -1;
+        options->rekey_interval = -1;
         options->allow_tcp_forwarding = -1;
         options->allow_agent_forwarding = -1;
         options->num_allow_users = 0;
@@ -262,6 +269,10 @@ fill_default_server_options(ServerOptions *options)
                 options->use_login = 0;
         if (options->compression == -1)
                 options->compression = COMP_DELAYED;
+        if (options->rekey_limit == -1)
+                options->rekey_limit = 0;
+        if (options->rekey_interval == -1)
+                options->rekey_interval = 0;
         if (options->allow_tcp_forwarding == -1)
                 options->allow_tcp_forwarding = FORWARD_ALLOW;
         if (options->allow_agent_forwarding == -1)
@@ -335,7 +346,7 @@ typedef enum {
         sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
         sStrictModes, sPermitBlacklistedKeys, sEmptyPasswd, sTCPKeepAlive,
         sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,
-        sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
+        sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
         sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
         sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
         sMaxStartups, sMaxAuthTries, sMaxSessions,
@@ -351,7 +362,7 @@ typedef enum {
         sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
         sKexAlgorithms, sIPQoS, sVersionAddendum,
         sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,
-        sAuthenticationMethods,
+        sAuthenticationMethods, sHostKeyAgent,
         sDebianBanner,
         sDeprecated, sUnsupported
 } ServerOpCodes;
@@ -377,6 +388,7 @@ static struct {
         { "port", sPort, SSHCFG_GLOBAL },
         { "hostkey", sHostKeyFile, SSHCFG_GLOBAL },
         { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL },          /* alias */
+        { "hostkeyagent", sHostKeyAgent, SSHCFG_GLOBAL },
         { "pidfile", sPidFile, SSHCFG_GLOBAL },
         { "serverkeybits", sServerKeyBits, SSHCFG_GLOBAL },
         { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL },
@@ -451,6 +463,7 @@ static struct {
         { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
         { "uselogin", sUseLogin, SSHCFG_GLOBAL },
         { "compression", sCompression, SSHCFG_GLOBAL },
+        { "rekeylimit", sRekeyLimit, SSHCFG_ALL },
         { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL },
         { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL },  /* obsolete alias */
         { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL },
@@ -539,7 +552,7 @@ derelativise_path(const char *path)
         if (getcwd(cwd, sizeof(cwd)) == NULL)
                 fatal("%s: getcwd: %s", __func__, strerror(errno));
         xasprintf(&ret, "%s/%s", cwd, expanded);
-        xfree(expanded);
+        free(expanded);
         return ret;
 }
 
@@ -831,13 +844,13 @@ process_server_config_line(ServerOptions *options, char *line,
     struct connection_info *connectinfo)
 {
         char *cp, **charptr, *arg, *p;
-        int cmdline = 0, *intptr, value, value2, n;
+        int cmdline = 0, *intptr, value, value2, n, port;
         SyslogFacility *log_facility_ptr;
         LogLevel *log_level_ptr;
         ServerOpCodes opcode;
-        int port;
         u_int i, flags = 0;
         size_t len;
+        long long val64;
         const struct multistate *multistate_ptr;
 
         cp = line;
@@ -997,6 +1010,17 @@ process_server_config_line(ServerOptions *options, char *line,
                 }
                 break;
 
+        case sHostKeyAgent:
+                charptr = &options->host_key_agent;
+                arg = strdelim(&cp);
+                if (!arg || *arg == '\0')
+                        fatal("%s line %d: missing socket name.",
+                            filename, linenum);
+                if (*activep && *charptr == NULL)
+                        *charptr = !strcmp(arg, SSH_AUTHSOCKET_ENV_NAME) ?
+                            xstrdup(arg) : derelativise_path(arg);
+                break;
+
         case sHostCertificate:
                 intptr = &options->num_host_cert_files;
                 if (*intptr >= MAX_HOSTKEYS)
@@ -1164,6 +1188,37 @@ process_server_config_line(ServerOptions *options, char *line,
                 multistate_ptr = multistate_compression;
                 goto parse_multistate;
 
+        case sRekeyLimit:
+                arg = strdelim(&cp);
+                if (!arg || *arg == '\0')
+                        fatal("%.200s line %d: Missing argument.", filename,
+                            linenum);
+                if (strcmp(arg, "default") == 0) {
+                        val64 = 0;
+                } else {
+                        if (scan_scaled(arg, &val64) == -1)
+                                fatal("%.200s line %d: Bad number '%s': %s",
+                                    filename, linenum, arg, strerror(errno));
+                        /* check for too-large or too-small limits */
+                        if (val64 > UINT_MAX)
+                                fatal("%.200s line %d: RekeyLimit too large",
+                                    filename, linenum);
+                        if (val64 != 0 && val64 < 16)
+                                fatal("%.200s line %d: RekeyLimit too small",
+                                    filename, linenum);
+                }
+                if (*activep && options->rekey_limit == -1)
+                        options->rekey_limit = (u_int32_t)val64;
+                if (cp != NULL) { /* optional rekey interval present */
+                        if (strcmp(cp, "none") == 0) {
+                                (void)strdelim(&cp);    /* discard */
+                                break;
+                        }
+                        intptr = &options->rekey_interval;
+                        goto parse_time;
+                }
+                break;
+
         case sGatewayPorts:
                 intptr = &options->gateway_ports;
                 multistate_ptr = multistate_gatewayports;
@@ -1721,8 +1776,7 @@ int server_match_spec_complete(struct connection_info *ci)
 } while (0)
 #define M_CP_STROPT(n) do {\
         if (src->n != NULL) { \
-                if (dst->n != NULL) \
-                        xfree(dst->n); \
+                free(dst->n); \
                 dst->n = src->n; \
         } \
 } while(0)
@@ -1768,6 +1822,8 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
         M_CP_INTOPT(max_authtries);
         M_CP_INTOPT(ip_qos_interactive);
         M_CP_INTOPT(ip_qos_bulk);
+        M_CP_INTOPT(rekey_limit);
+        M_CP_INTOPT(rekey_interval);
 
         /* See comment in servconf.h */
         COPY_MATCH_STRING_OPTS();
@@ -1804,7 +1860,7 @@ parse_server_config(ServerOptions *options, const char *filename, Buffer *conf,
                     linenum++, &active, connectinfo) != 0)
                         bad_options++;
         }
-        xfree(obuf);
+        free(obuf);
         if (bad_options > 0)
                 fatal("%s: terminating, %d bad configuration options",
                     filename, bad_options);
@@ -2022,6 +2078,7 @@ dump_config(ServerOptions *o)
         dump_cfg_string(sVersionAddendum, o->version_addendum);
         dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command);
         dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user);
+        dump_cfg_string(sHostKeyAgent, o->host_key_agent);
 
         /* string arguments requiring a lookup */
         dump_cfg_string(sLogLevel, log_level_name(o->log_level));
@@ -2060,5 +2117,7 @@ dump_config(ServerOptions *o)
         printf("ipqos %s ", iptos2str(o->ip_qos_interactive));
         printf("%s\n", iptos2str(o->ip_qos_bulk));
 
+        printf("rekeylimit %lld %d\n", o->rekey_limit, o->rekey_interval);
+
         channel_print_adm_permitted_opens();
 }
diff --git a/servconf.h b/servconf.h
index bc0536927..fd72ce2a3 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.h,v 1.107 2013/01/03 05:49:36 djm Exp $ */
+/* $OpenBSD: servconf.h,v 1.109 2013/07/19 07:37:48 markus Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -65,6 +65,7 @@ typedef struct {
         int     num_host_key_files;     /* Number of files for host keys. */
         char   *host_cert_files[MAX_HOSTCERTS]; /* Files containing host certs. */
         int     num_host_cert_files;     /* Number of files for host certs. */
+        char   *host_key_agent;          /* ssh-agent socket for host keys. */
         char   *pid_file;       /* Where to put our pid */
         int     server_key_bits;/* Size of the server key. */
         int     login_grace_time;       /* Disconnect if no auth in this time
@@ -180,6 +181,9 @@ typedef struct {
         char   *authorized_keys_command;
         char   *authorized_keys_command_user;
 
+        int64_t rekey_limit;
+        int     rekey_interval;
+
         char   *version_addendum;       /* Appended to SSH banner */
 
         u_int   num_auth_methods;
diff --git a/serverloop.c b/serverloop.c
index 9e5fa555e..5f22df3df 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: serverloop.c,v 1.164 2012/12/07 01:51:35 dtucker Exp $ */
+/* $OpenBSD: serverloop.c,v 1.168 2013/07/12 00:19:59 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -148,7 +148,7 @@ static void
 notify_parent(void)
 {
         if (notify_pipe[1] != -1)
-                write(notify_pipe[1], "", 1);
+                (void)write(notify_pipe[1], "", 1);
 }
 static void
 notify_prepare(fd_set *readset)
@@ -277,7 +277,7 @@ client_alive_check(void)
  */
 static void
 wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
-    u_int *nallocp, u_int max_time_milliseconds)
+    u_int *nallocp, u_int64_t max_time_milliseconds)
 {
         struct timeval tv, *tvp;
         int ret;
@@ -563,7 +563,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg)
         int wait_status;        /* Status returned by wait(). */
         pid_t wait_pid;         /* pid returned by wait(). */
         int waiting_termination = 0;    /* Have displayed waiting close message. */
-        u_int max_time_milliseconds;
+        u_int64_t max_time_milliseconds;
         u_int previous_stdout_buffer_bytes;
         u_int stdout_buffer_bytes;
         int type;
@@ -694,7 +694,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg)
                                 /* Display list of open channels. */
                                 cp = channel_open_message();
                                 buffer_append(&stderr_buffer, cp, strlen(cp));
-                                xfree(cp);
+                                free(cp);
                         }
                 }
                 max_fd = MAX(connection_in, connection_out);
@@ -722,10 +722,8 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg)
                 /* Process output to the client and to program stdin. */
                 process_output(writeset);
         }
-        if (readset)
-                xfree(readset);
-        if (writeset)
-                xfree(writeset);
+        free(readset);
+        free(writeset);
 
         /* Cleanup and termination code. */
 
@@ -825,7 +823,9 @@ void
 server_loop2(Authctxt *authctxt)
 {
         fd_set *readset = NULL, *writeset = NULL;
-        int rekeying = 0, max_fd, nalloc = 0;
+        int rekeying = 0, max_fd;
+        u_int nalloc = 0;
+        u_int64_t rekey_timeout_ms = 0;
 
         debug("Entering interactive session for SSH2.");
 
@@ -854,8 +854,13 @@ server_loop2(Authctxt *authctxt)
 
                 if (!rekeying && packet_not_very_much_data_to_write())
                         channel_output_poll();
+                if (options.rekey_interval > 0 && compat20 && !rekeying)
+                        rekey_timeout_ms = packet_get_rekey_timeout() * 1000;
+                else
+                        rekey_timeout_ms = 0;
+
                 wait_until_can_do_something(&readset, &writeset, &max_fd,
-                    &nalloc, 0);
+                    &nalloc, rekey_timeout_ms);
 
                 if (received_sigterm) {
                         logit("Exiting on signal %d", (int)received_sigterm);
@@ -879,10 +884,8 @@ server_loop2(Authctxt *authctxt)
         }
         collect_children();
 
-        if (readset)
-                xfree(readset);
-        if (writeset)
-                xfree(writeset);
+        free(readset);
+        free(writeset);
 
         /* free all channels, no more reads and writes */
         channel_free_all();
@@ -917,7 +920,7 @@ server_input_stdin_data(int type, u_int32_t seq, void *ctxt)
         packet_check_eom();
         buffer_append(&stdin_buffer, data, data_len);
         memset(data, 0, data_len);
-        xfree(data);
+        free(data);
 }
 
 static void
@@ -974,8 +977,8 @@ server_request_direct_tcpip(void)
                     originator, originator_port, target, target_port);
         }
 
-        xfree(originator);
-        xfree(target);
+        free(originator);
+        free(target);
 
         return c;
 }
@@ -1104,7 +1107,7 @@ server_input_channel_open(int type, u_int32_t seq, void *ctxt)
                 }
                 packet_send();
         }
-        xfree(ctype);
+        free(ctype);
 }
 
 static void
@@ -1149,7 +1152,7 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt)
                             listen_address, listen_port,
                             &allocated_listen_port, options.gateway_ports);
                 }
-                xfree(listen_address);
+                free(listen_address);
         } else if (strcmp(rtype, "cancel-tcpip-forward") == 0) {
                 char *cancel_address;
                 u_short cancel_port;
@@ -1161,7 +1164,7 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt)
 
                 success = channel_cancel_rport_listener(cancel_address,
                     cancel_port);
-                xfree(cancel_address);
+                free(cancel_address);
         } else if (strcmp(rtype, "no-more-sessions@openssh.com") == 0) {
                 no_more_sessions = 1;
                 success = 1;
@@ -1174,7 +1177,7 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt)
                 packet_send();
                 packet_write_wait();
         }
-        xfree(rtype);
+        free(rtype);
 }
 
 static void
@@ -1206,7 +1209,7 @@ server_input_channel_req(int type, u_int32_t seq, void *ctxt)
                 packet_put_int(c->remote_id);
                 packet_send();
         }
-        xfree(rtype);
+        free(rtype);
 }
 
 static void
diff --git a/session.c b/session.c
index cff14cd5a..15bdb1bee 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.261 2012/12/02 20:46:11 djm Exp $ */
+/* $OpenBSD: session.c,v 1.266 2013/07/19 07:37:48 markus Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -80,6 +80,7 @@
 #include "hostfile.h"
 #include "auth.h"
 #include "auth-options.h"
+#include "authfd.h"
 #include "pathnames.h"
 #include "log.h"
 #include "servconf.h"
@@ -200,7 +201,7 @@ auth_input_request_forwarding(struct passwd * pw)
                 packet_send_debug("Agent forwarding disabled: "
                     "mkdtemp() failed: %.100s", strerror(errno));
                 restore_uid();
-                xfree(auth_sock_dir);
+                free(auth_sock_dir);
                 auth_sock_dir = NULL;
                 goto authsock_err;
         }
@@ -245,11 +246,10 @@ auth_input_request_forwarding(struct passwd * pw)
         return 1;
 
  authsock_err:
-        if (auth_sock_name != NULL)
-                xfree(auth_sock_name);
+        free(auth_sock_name);
         if (auth_sock_dir != NULL) {
                 rmdir(auth_sock_dir);
-                xfree(auth_sock_dir);
+                free(auth_sock_dir);
         }
         if (sock != -1)
                 close(sock);
@@ -365,8 +365,8 @@ do_authenticated1(Authctxt *authctxt)
                         packet_check_eom();
                         success = session_setup_x11fwd(s);
                         if (!success) {
-                                xfree(s->auth_proto);
-                                xfree(s->auth_data);
+                                free(s->auth_proto);
+                                free(s->auth_data);
                                 s->auth_proto = NULL;
                                 s->auth_data = NULL;
                         }
@@ -413,7 +413,7 @@ do_authenticated1(Authctxt *authctxt)
                                 if (do_exec(s, command) != 0)
                                         packet_disconnect(
                                             "command execution failed");
-                                xfree(command);
+                                free(command);
                         } else {
                                 if (do_exec(s, NULL) != 0)
                                         packet_disconnect(
@@ -978,7 +978,7 @@ child_set_env(char ***envp, u_int *envsizep, const char *name,
                         break;
         if (env[i]) {
                 /* Reuse the slot. */
-                xfree(env[i]);
+                free(env[i]);
         } else {
                 /* New variable.  Expand if necessary. */
                 envsize = *envsizep;
@@ -1094,8 +1094,8 @@ read_etc_default_login(char ***env, u_int *envsize, uid_t uid)
                         umask((mode_t)mask);
 
         for (i = 0; tmpenv[i] != NULL; i++)
-                xfree(tmpenv[i]);
-        xfree(tmpenv);
+                free(tmpenv[i]);
+        free(tmpenv);
 }
 #endif /* HAVE_ETC_DEFAULT_LOGIN */
 
@@ -1111,7 +1111,7 @@ copy_environment(char **source, char ***env, u_int *envsize)
         for(i = 0; source[i] != NULL; i++) {
                 var_name = xstrdup(source[i]);
                 if ((var_val = strstr(var_name, "=")) == NULL) {
-                        xfree(var_name);
+                        free(var_name);
                         continue;
                 }
                 *var_val++ = '\0';
@@ -1119,7 +1119,7 @@ copy_environment(char **source, char ***env, u_int *envsize)
                 debug3("Copy environment: %s=%s", var_name, var_val);
                 child_set_env(env, envsize, var_name, var_val);
 
-                xfree(var_name);
+                free(var_name);
         }
 }
 
@@ -1223,8 +1223,8 @@ do_setup_env(Session *s, const char *shell)
                                 child_set_env(&env, &envsize, str, str + i + 1);
                         }
                         custom_environment = ce->next;
-                        xfree(ce->s);
-                        xfree(ce);
+                        free(ce->s);
+                        free(ce);
                 }
         }
 
@@ -1236,7 +1236,7 @@ do_setup_env(Session *s, const char *shell)
         laddr = get_local_ipaddr(packet_get_connection_in());
         snprintf(buf, sizeof buf, "%.50s %d %.50s %d",
             get_remote_ipaddr(), get_remote_port(), laddr, get_local_port());
-        xfree(laddr);
+        free(laddr);
         child_set_env(&env, &envsize, "SSH_CONNECTION", buf);
 
         if (s->ttyfd != -1)
@@ -1412,7 +1412,7 @@ do_nologin(struct passwd *pw)
 #endif
         if (stat(nl, &sb) == -1) {
                 if (nl != def_nl)
-                        xfree(nl);
+                        free(nl);
                 return;
         }
 
@@ -1522,6 +1522,9 @@ do_setusercontext(struct passwd *pw, const char *role)
                         safely_chroot(chroot_path, pw->pw_uid);
                         free(tmp);
                         free(chroot_path);
+                        /* Make sure we don't attempt to chroot again */
+                        free(options.chroot_directory);
+                        options.chroot_directory = NULL;
                 }
 
 #ifdef HAVE_LOGIN_CAP
@@ -1538,6 +1541,9 @@ do_setusercontext(struct passwd *pw, const char *role)
                 /* Permanently switch to the desired uid. */
                 permanently_set_uid(pw);
 #endif
+        } else if (options.chroot_directory != NULL &&
+            strcasecmp(options.chroot_directory, "none") != 0) {
+                fatal("server lacks privileges to chroot to ChrootDirectory");
         }
 
         if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid)
@@ -1593,6 +1599,13 @@ launch_login(struct passwd *pw, const char *hostname)
 static void
 child_close_fds(void)
 {
+        extern AuthenticationConnection *auth_conn;
+
+        if (auth_conn) {
+                ssh_close_authentication_connection(auth_conn);
+                auth_conn = NULL;
+        }
+
         if (packet_get_connection_in() == packet_get_connection_out())
                 close(packet_get_connection_in());
         else {
@@ -2057,7 +2070,7 @@ session_pty_req(Session *s)
         s->ypixel = packet_get_int();
 
         if (strcmp(s->term, "") == 0) {
-                xfree(s->term);
+                free(s->term);
                 s->term = NULL;
         }
 
@@ -2065,8 +2078,7 @@ session_pty_req(Session *s)
         debug("Allocating pty.");
         if (!PRIVSEP(pty_allocate(&s->ptyfd, &s->ttyfd, s->tty,
             sizeof(s->tty)))) {
-                if (s->term)
-                        xfree(s->term);
+                free(s->term);
                 s->term = NULL;
                 s->ptyfd = -1;
                 s->ttyfd = -1;
@@ -2127,7 +2139,7 @@ session_subsystem_req(Session *s)
                 logit("subsystem request for %.100s failed, subsystem not found",
                     subsys);
 
-        xfree(subsys);
+        free(subsys);
         return success;
 }
 
@@ -2149,8 +2161,8 @@ session_x11_req(Session *s)
 
         success = session_setup_x11fwd(s);
         if (!success) {
-                xfree(s->auth_proto);
-                xfree(s->auth_data);
+                free(s->auth_proto);
+                free(s->auth_data);
                 s->auth_proto = NULL;
                 s->auth_data = NULL;
         }
@@ -2172,7 +2184,7 @@ session_exec_req(Session *s)
         char *command = packet_get_string(&len);
         packet_check_eom();
         success = do_exec(s, command) == 0;
-        xfree(command);
+        free(command);
         return success;
 }
 
@@ -2218,8 +2230,8 @@ session_env_req(Session *s)
         debug2("Ignoring env request %s: disallowed name", name);
 
  fail:
-        xfree(name);
-        xfree(val);
+        free(name);
+        free(val);
         return (0);
 }
 
@@ -2405,24 +2417,16 @@ session_close_single_x11(int id, void *arg)
                 if (s->x11_chanids[i] != id)
                         session_close_x11(s->x11_chanids[i]);
         }
-        xfree(s->x11_chanids);
+        free(s->x11_chanids);
         s->x11_chanids = NULL;
-        if (s->display) {
-                xfree(s->display);
-                s->display = NULL;
-        }
-        if (s->auth_proto) {
-                xfree(s->auth_proto);
-                s->auth_proto = NULL;
-        }
-        if (s->auth_data) {
-                xfree(s->auth_data);
-                s->auth_data = NULL;
-        }
-        if (s->auth_display) {
-                xfree(s->auth_display);
-                s->auth_display = NULL;
-        }
+        free(s->display);
+        s->display = NULL;
+        free(s->auth_proto);
+        s->auth_proto = NULL;
+        free(s->auth_data);
+        s->auth_data = NULL;
+        free(s->auth_display);
+        s->auth_display = NULL;
 }
 
 static void
@@ -2484,24 +2488,18 @@ session_close(Session *s)
         debug("session_close: session %d pid %ld", s->self, (long)s->pid);
         if (s->ttyfd != -1)
                 session_pty_cleanup(s);
-        if (s->term)
-                xfree(s->term);
-        if (s->display)
-                xfree(s->display);
-        if (s->x11_chanids)
-                xfree(s->x11_chanids);
-        if (s->auth_display)
-                xfree(s->auth_display);
-        if (s->auth_data)
-                xfree(s->auth_data);
-        if (s->auth_proto)
-                xfree(s->auth_proto);
+        free(s->term);
+        free(s->display);
+        free(s->x11_chanids);
+        free(s->auth_display);
+        free(s->auth_data);
+        free(s->auth_proto);
         if (s->env != NULL) {
                 for (i = 0; i < s->num_env; i++) {
-                        xfree(s->env[i].name);
-                        xfree(s->env[i].val);
+                        free(s->env[i].name);
+                        free(s->env[i].val);
                 }
-                xfree(s->env);
+                free(s->env);
         }
         session_proctitle(s);
         session_unused(s->self);
diff --git a/sftp-client.c b/sftp-client.c
index 85f2bd444..f4f1970b6 100644
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-client.c,v 1.97 2012/07/02 12:13:26 dtucker Exp $ */
+/* $OpenBSD: sftp-client.c,v 1.101 2013/07/25 00:56:51 djm Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
  *
@@ -112,7 +112,7 @@ send_msg(struct sftp_conn *conn, Buffer *m)
         iov[1].iov_len = buffer_len(m);
 
         if (atomiciov6(writev, conn->fd_out, iov, 2,
-            conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_out) != 
+            conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_out) !=
             buffer_len(m) + sizeof(mlen))
                 fatal("Couldn't send packet: %s", strerror(errno));
 
@@ -394,8 +394,8 @@ do_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests,
                 } else {
                         debug2("Unrecognised server extension \"%s\"", name);
                 }
-                xfree(name);
-                xfree(value);
+                free(name);
+                free(value);
         }
 
         buffer_free(&msg);
@@ -509,7 +509,7 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int printflag,
                                 error("Couldn't read directory: %s",
                                     fx2txt(status));
                                 do_close(conn, handle, handle_len);
-                                xfree(handle);
+                                free(handle);
                                 buffer_free(&msg);
                                 return(status);
                         }
@@ -552,14 +552,14 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int printflag,
                                 (*dir)[++ents] = NULL;
                         }
  next:
-                        xfree(filename);
-                        xfree(longname);
+                        free(filename);
+                        free(longname);
                 }
         }
 
         buffer_free(&msg);
         do_close(conn, handle, handle_len);
-        xfree(handle);
+        free(handle);
 
         /* Don't return partial matches on interrupt */
         if (interrupted && dir != NULL && *dir != NULL) {
@@ -582,11 +582,11 @@ void free_sftp_dirents(SFTP_DIRENT **s)
         int i;
 
         for (i = 0; s[i]; i++) {
-                xfree(s[i]->filename);
-                xfree(s[i]->longname);
-                xfree(s[i]);
+                free(s[i]->filename);
+                free(s[i]->longname);
+                free(s[i]);
         }
-        xfree(s);
+        free(s);
 }
 
 int
@@ -760,7 +760,7 @@ do_realpath(struct sftp_conn *conn, char *path)
         debug3("SSH_FXP_REALPATH %s -> %s size %lu", path, filename,
             (unsigned long)a->size);
 
-        xfree(longname);
+        free(longname);
 
         buffer_free(&msg);
 
@@ -907,7 +907,7 @@ do_readlink(struct sftp_conn *conn, char *path)
 
         debug3("SSH_FXP_READLINK %s -> %s", path, filename);
 
-        xfree(longname);
+        free(longname);
 
         buffer_free(&msg);
 
@@ -988,16 +988,17 @@ send_read_request(struct sftp_conn *conn, u_int id, u_int64_t offset,
 
 int
 do_download(struct sftp_conn *conn, char *remote_path, char *local_path,
-    Attrib *a, int pflag)
+    Attrib *a, int pflag, int resume)
 {
         Attrib junk;
         Buffer msg;
         char *handle;
-        int local_fd, status = 0, write_error;
-        int read_error, write_errno;
-        u_int64_t offset, size;
+        int local_fd = -1, status = 0, write_error;
+        int read_error, write_errno, reordered = 0;
+        u_int64_t offset = 0, size, highwater;
         u_int handle_len, mode, type, id, buflen, num_req, max_req;
         off_t progress_counter;
+        struct stat st;
         struct request {
                 u_int id;
                 u_int len;
@@ -1050,21 +1051,36 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path,
                 return(-1);
         }
 
-        local_fd = open(local_path, O_WRONLY | O_CREAT | O_TRUNC,
-            mode | S_IWRITE);
+        local_fd = open(local_path, O_WRONLY | O_CREAT | (resume ? 0 : O_TRUNC),
+            mode | S_IWUSR);
         if (local_fd == -1) {
                 error("Couldn't open local file \"%s\" for writing: %s",
                     local_path, strerror(errno));
-                do_close(conn, handle, handle_len);
-                buffer_free(&msg);
-                xfree(handle);
-                return(-1);
+                goto fail;
+        }
+        offset = highwater = 0;
+        if (resume) {
+                if (fstat(local_fd, &st) == -1) {
+                        error("Unable to stat local file \"%s\": %s",
+                            local_path, strerror(errno));
+                        goto fail;
+                }
+                if ((size_t)st.st_size > size) {
+                        error("Unable to resume download of \"%s\": "
+                            "local file is larger than remote", local_path);
+ fail:
+                        do_close(conn, handle, handle_len);
+                        buffer_free(&msg);
+                        free(handle);
+                        return -1;
+                }
+                offset = highwater = st.st_size;
         }
 
         /* Read from remote and write to local */
-        write_error = read_error = write_errno = num_req = offset = 0;
+        write_error = read_error = write_errno = num_req = 0;
         max_req = 1;
-        progress_counter = 0;
+        progress_counter = offset;
 
         if (showprogress && size != 0)
                 start_progress_meter(remote_path, size, &progress_counter);
@@ -1121,7 +1137,7 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path,
                                 read_error = 1;
                         max_req = 0;
                         TAILQ_REMOVE(&requests, req, tq);
-                        xfree(req);
+                        free(req);
                         num_req--;
                         break;
                 case SSH2_FXP_DATA:
@@ -1139,12 +1155,16 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path,
                                 write_error = 1;
                                 max_req = 0;
                         }
+                        else if (!reordered && req->offset <= highwater)
+                                highwater = req->offset + len;
+                        else if (!reordered && req->offset > highwater)
+                                reordered = 1;
                         progress_counter += len;
-                        xfree(data);
+                        free(data);
 
                         if (len == req->len) {
                                 TAILQ_REMOVE(&requests, req, tq);
-                                xfree(req);
+                                free(req);
                                 num_req--;
                         } else {
                                 /* Resend the request for the missing data */
@@ -1187,7 +1207,15 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path,
         /* Sanity check */
         if (TAILQ_FIRST(&requests) != NULL)
                 fatal("Transfer complete, but requests still in queue");
-
+        /* Truncate at highest contiguous point to avoid holes on interrupt */
+        if (read_error || write_error || interrupted) {
+                if (reordered && resume) {
+                        error("Unable to resume download of \"%s\": "
+                            "server reordered requests", local_path);
+                }
+                debug("truncating at %llu", (unsigned long long)highwater);
+                ftruncate(local_fd, highwater);
+        }
         if (read_error) {
                 error("Couldn't read from remote file \"%s\" : %s",
                     remote_path, fx2txt(status));
@@ -1199,7 +1227,8 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path,
                 do_close(conn, handle, handle_len);
         } else {
                 status = do_close(conn, handle, handle_len);
-
+                if (interrupted)
+                        status = -1;
                 /* Override umask and utimes if asked */
 #ifdef HAVE_FCHMOD
                 if (pflag && fchmod(local_fd, mode) == -1)
@@ -1220,14 +1249,14 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path,
         }
         close(local_fd);
         buffer_free(&msg);
-        xfree(handle);
+        free(handle);
 
         return(status);
 }
 
 static int
 download_dir_internal(struct sftp_conn *conn, char *src, char *dst,
-    Attrib *dirattrib, int pflag, int printflag, int depth)
+    Attrib *dirattrib, int pflag, int printflag, int depth, int resume)
 {
         int i, ret = 0;
         SFTP_DIRENT **dir_entries;
@@ -1280,11 +1309,11 @@ download_dir_internal(struct sftp_conn *conn, char *src, char *dst,
                                 continue;
                         if (download_dir_internal(conn, new_src, new_dst,
                             &(dir_entries[i]->a), pflag, printflag,
-                            depth + 1) == -1)
+                            depth + 1, resume) == -1)
                                 ret = -1;
                 } else if (S_ISREG(dir_entries[i]->a.perm) ) {
                         if (do_download(conn, new_src, new_dst,
-                            &(dir_entries[i]->a), pflag) == -1) {
+                            &(dir_entries[i]->a), pflag, resume) == -1) {
                                 error("Download of file %s to %s failed",
                                     new_src, new_dst);
                                 ret = -1;
@@ -1292,8 +1321,8 @@ download_dir_internal(struct sftp_conn *conn, char *src, char *dst,
                 } else
                         logit("%s: not a regular file\n", new_src);
 
-                xfree(new_dst);
-                xfree(new_src);
+                free(new_dst);
+                free(new_src);
         }
 
         if (pflag) {
@@ -1317,7 +1346,7 @@ download_dir_internal(struct sftp_conn *conn, char *src, char *dst,
 
 int
 download_dir(struct sftp_conn *conn, char *src, char *dst,
-    Attrib *dirattrib, int pflag, int printflag)
+    Attrib *dirattrib, int pflag, int printflag, int resume)
 {
         char *src_canon;
         int ret;
@@ -1328,8 +1357,8 @@ download_dir(struct sftp_conn *conn, char *src, char *dst,
         }
 
         ret = download_dir_internal(conn, src_canon, dst,
-            dirattrib, pflag, printflag, 0);
-        xfree(src_canon);
+            dirattrib, pflag, printflag, 0, resume);
+        free(src_canon);
         return ret;
 }
 
@@ -1340,7 +1369,7 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,
         int local_fd;
         int status = SSH2_FX_OK;
         u_int handle_len, id, type;
-        off_t offset;
+        off_t offset, progress_counter;
         char *handle, *data;
         Buffer msg;
         struct stat sb;
@@ -1408,9 +1437,10 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,
         data = xmalloc(conn->transfer_buflen);
 
         /* Read from local and write to remote */
-        offset = 0;
+        offset = progress_counter = 0;
         if (showprogress)
-                start_progress_meter(local_path, sb.st_size, &offset);
+                start_progress_meter(local_path, sb.st_size,
+                    &progress_counter);
 
         for (;;) {
                 int len;
@@ -1481,7 +1511,8 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,
                         debug3("In write loop, ack for %u %u bytes at %lld",
                             ack->id, ack->len, (long long)ack->offset);
                         ++ackid;
-                        xfree(ack);
+                        progress_counter += ack->len;
+                        free(ack);
                 }
                 offset += len;
                 if (offset < 0)
@@ -1491,7 +1522,7 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,
 
         if (showprogress)
                 stop_progress_meter();
-        xfree(data);
+        free(data);
 
         if (status != SSH2_FX_OK) {
                 error("Couldn't write to remote file \"%s\": %s",
@@ -1511,7 +1542,7 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,
 
         if (do_close(conn, handle, handle_len) != SSH2_FX_OK)
                 status = -1;
-        xfree(handle);
+        free(handle);
 
         return status;
 }
@@ -1551,7 +1582,7 @@ upload_dir_internal(struct sftp_conn *conn, char *src, char *dst,
         a.perm &= 01777;
         if (!pflag)
                 a.flags &= ~SSH2_FILEXFER_ATTR_ACMODTIME;
-        
+
         status = do_mkdir(conn, dst, &a, 0);
         /*
          * we lack a portable status for errno EEXIST,
@@ -1561,7 +1592,7 @@ upload_dir_internal(struct sftp_conn *conn, char *src, char *dst,
         if (status != SSH2_FX_OK) {
                 if (status != SSH2_FX_FAILURE)
                         return -1;
-                if (do_stat(conn, dst, 0) == NULL) 
+                if (do_stat(conn, dst, 0) == NULL)
                         return -1;
         }
 
@@ -1569,7 +1600,7 @@ upload_dir_internal(struct sftp_conn *conn, char *src, char *dst,
                 error("Failed to open dir \"%s\": %s", src, strerror(errno));
                 return -1;
         }
-        
+
         while (((dp = readdir(dirp)) != NULL) && !interrupted) {
                 if (dp->d_ino == 0)
                         continue;
@@ -1597,8 +1628,8 @@ upload_dir_internal(struct sftp_conn *conn, char *src, char *dst,
                         }
                 } else
                         logit("%s: not a regular file\n", filename);
-                xfree(new_dst);
-                xfree(new_src);
+                free(new_dst);
+                free(new_src);
         }
 
         do_setstat(conn, dst, &a);
@@ -1620,7 +1651,7 @@ upload_dir(struct sftp_conn *conn, char *src, char *dst, int printflag,
         }
 
         ret = upload_dir_internal(conn, src, dst_canon, pflag, printflag, 0);
-        xfree(dst_canon);
+        free(dst_canon);
         return ret;
 }
 
diff --git a/sftp-client.h b/sftp-client.h
index aef54ef49..111a998c8 100644
--- a/sftp-client.h
+++ b/sftp-client.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-client.h,v 1.20 2010/12/04 00:18:01 djm Exp $ */
+/* $OpenBSD: sftp-client.h,v 1.21 2013/07/25 00:56:51 djm Exp $ */
 
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
@@ -106,13 +106,13 @@ int do_symlink(struct sftp_conn *, char *, char *);
  * Download 'remote_path' to 'local_path'. Preserve permissions and times
  * if 'pflag' is set
  */
-int do_download(struct sftp_conn *, char *, char *, Attrib *, int);
+int do_download(struct sftp_conn *, char *, char *, Attrib *, int, int);
 
 /*
  * Recursively download 'remote_directory' to 'local_directory'. Preserve 
  * times if 'pflag' is set
  */
-int download_dir(struct sftp_conn *, char *, char *, Attrib *, int, int);
+int download_dir(struct sftp_conn *, char *, char *, Attrib *, int, int, int);
 
 /*
  * Upload 'local_path' to 'remote_path'. Preserve permissions and times
diff --git a/sftp-common.c b/sftp-common.c
index a042875c6..413efc209 100644
--- a/sftp-common.c
+++ b/sftp-common.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-common.c,v 1.23 2010/01/15 09:24:23 markus Exp $ */
+/* $OpenBSD: sftp-common.c,v 1.24 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2001 Damien Miller.  All rights reserved.
@@ -128,8 +128,8 @@ decode_attrib(Buffer *b)
                         type = buffer_get_string(b, NULL);
                         data = buffer_get_string(b, NULL);
                         debug3("Got file attribute \"%s\"", type);
-                        xfree(type);
-                        xfree(data);
+                        free(type);
+                        free(data);
                 }
         }
         return &a;
diff --git a/sftp-glob.c b/sftp-glob.c
index 06bf157ca..79b7bdb2f 100644
--- a/sftp-glob.c
+++ b/sftp-glob.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-glob.c,v 1.23 2011/10/04 14:17:32 djm Exp $ */
+/* $OpenBSD: sftp-glob.c,v 1.24 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
  *
@@ -51,7 +51,7 @@ fudge_opendir(const char *path)
         r = xmalloc(sizeof(*r));
 
         if (do_readdir(cur.conn, (char *)path, &r->dir)) {
-                xfree(r);
+                free(r);
                 return(NULL);
         }
 
@@ -103,7 +103,7 @@ static void
 fudge_closedir(struct SFTP_OPENDIR *od)
 {
         free_sftp_dirents(od->dir);
-        xfree(od);
+        free(od);
 }
 
 static int
diff --git a/sftp-server.0 b/sftp-server.0
index 6beddcc13..bca318b38 100644
--- a/sftp-server.0
+++ b/sftp-server.0
@@ -62,7 +62,7 @@ SEE ALSO
      sftp(1), ssh(1), sshd_config(5), sshd(8)
 
      T. Ylonen and S. Lehtinen, SSH File Transfer Protocol,
-     draft-ietf-secsh-filexfer-00.txt, January 2001, work in progress
+     draft-ietf-secsh-filexfer-02.txt, October 2001, work in progress
      material.
 
 HISTORY
@@ -71,4 +71,4 @@ HISTORY
 AUTHORS
      Markus Friedl <markus@openbsd.org>
 
-OpenBSD 5.3                     January 4, 2013                    OpenBSD 5.3
+OpenBSD 5.4                      July 16, 2013                     OpenBSD 5.4
diff --git a/sftp-server.8 b/sftp-server.8
index 2fd3df20c..cc925b96e 100644
--- a/sftp-server.8
+++ b/sftp-server.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: sftp-server.8,v 1.21 2013/01/04 19:26:38 jmc Exp $
+.\" $OpenBSD: sftp-server.8,v 1.23 2013/07/16 00:07:52 schwarze Exp $
 .\"
 .\" Copyright (c) 2000 Markus Friedl.  All rights reserved.
 .\"
@@ -22,7 +22,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: January 4 2013 $
+.Dd $Mdocdate: July 16 2013 $
 .Dt SFTP-SERVER 8
 .Os
 .Sh NAME
@@ -124,8 +124,8 @@ establish a logging socket inside the chroot directory.
 .%A T. Ylonen
 .%A S. Lehtinen
 .%T "SSH File Transfer Protocol"
-.%N draft-ietf-secsh-filexfer-00.txt
-.%D January 2001
+.%N draft-ietf-secsh-filexfer-02.txt
+.%D October 2001
 .%O work in progress material
 .Re
 .Sh HISTORY
@@ -133,4 +133,4 @@ establish a logging socket inside the chroot directory.
 first appeared in
 .Ox 2.8 .
 .Sh AUTHORS
-.An Markus Friedl Aq markus@openbsd.org
+.An Markus Friedl Aq Mt markus@openbsd.org
diff --git a/sftp-server.c b/sftp-server.c
index cce074a56..285f21aaf 100644
--- a/sftp-server.c
+++ b/sftp-server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-server.c,v 1.96 2013/01/04 19:26:38 jmc Exp $ */
+/* $OpenBSD: sftp-server.c,v 1.97 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Copyright (c) 2000-2004 Markus Friedl.  All rights reserved.
  *
@@ -319,11 +319,11 @@ handle_close(int handle)
 
         if (handle_is_ok(handle, HANDLE_FILE)) {
                 ret = close(handles[handle].fd);
-                xfree(handles[handle].name);
+                free(handles[handle].name);
                 handle_unused(handle);
         } else if (handle_is_ok(handle, HANDLE_DIR)) {
                 ret = closedir(handles[handle].dirp);
-                xfree(handles[handle].name);
+                free(handles[handle].name);
                 handle_unused(handle);
         } else {
                 errno = ENOENT;
@@ -367,7 +367,7 @@ get_handle(void)
         handle = get_string(&hlen);
         if (hlen < 256)
                 val = handle_from_string(handle, hlen);
-        xfree(handle);
+        free(handle);
         return val;
 }
 
@@ -450,7 +450,7 @@ send_handle(u_int32_t id, int handle)
         handle_to_string(handle, &string, &hlen);
         debug("request %u: sent handle handle %d", id, handle);
         send_data_or_handle(SSH2_FXP_HANDLE, id, string, hlen);
-        xfree(string);
+        free(string);
 }
 
 static void
@@ -578,7 +578,7 @@ process_open(void)
         }
         if (status != SSH2_FX_OK)
                 send_status(id, status);
-        xfree(name);
+        free(name);
 }
 
 static void
@@ -679,7 +679,7 @@ process_write(void)
                 }
         }
         send_status(id, status);
-        xfree(data);
+        free(data);
 }
 
 static void
@@ -705,7 +705,7 @@ process_do_stat(int do_lstat)
         }
         if (status != SSH2_FX_OK)
                 send_status(id, status);
-        xfree(name);
+        free(name);
 }
 
 static void
@@ -807,7 +807,7 @@ process_setstat(void)
                         status = errno_to_portable(errno);
         }
         send_status(id, status);
-        xfree(name);
+        free(name);
 }
 
 static void
@@ -904,7 +904,7 @@ process_opendir(void)
         }
         if (status != SSH2_FX_OK)
                 send_status(id, status);
-        xfree(path);
+        free(path);
 }
 
 static void
@@ -953,13 +953,13 @@ process_readdir(void)
                 if (count > 0) {
                         send_names(id, count, stats);
                         for (i = 0; i < count; i++) {
-                                xfree(stats[i].name);
-                                xfree(stats[i].long_name);
+                                free(stats[i].name);
+                                free(stats[i].long_name);
                         }
                 } else {
                         send_status(id, SSH2_FX_EOF);
                 }
-                xfree(stats);
+                free(stats);
         }
 }
 
@@ -982,7 +982,7 @@ process_remove(void)
                 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
         }
         send_status(id, status);
-        xfree(name);
+        free(name);
 }
 
 static void
@@ -1007,7 +1007,7 @@ process_mkdir(void)
                 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
         }
         send_status(id, status);
-        xfree(name);
+        free(name);
 }
 
 static void
@@ -1028,7 +1028,7 @@ process_rmdir(void)
                 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
         }
         send_status(id, status);
-        xfree(name);
+        free(name);
 }
 
 static void
@@ -1041,7 +1041,7 @@ process_realpath(void)
         id = get_int();
         path = get_string(NULL);
         if (path[0] == '\0') {
-                xfree(path);
+                free(path);
                 path = xstrdup(".");
         }
         debug3("request %u: realpath", id);
@@ -1054,7 +1054,7 @@ process_realpath(void)
                 s.name = s.long_name = resolvedname;
                 send_names(id, 1, &s);
         }
-        xfree(path);
+        free(path);
 }
 
 static void
@@ -1115,8 +1115,8 @@ process_rename(void)
                         status = SSH2_FX_OK;
         }
         send_status(id, status);
-        xfree(oldpath);
-        xfree(newpath);
+        free(oldpath);
+        free(newpath);
 }
 
 static void
@@ -1141,7 +1141,7 @@ process_readlink(void)
                 s.name = s.long_name = buf;
                 send_names(id, 1, &s);
         }
-        xfree(path);
+        free(path);
 }
 
 static void
@@ -1164,8 +1164,8 @@ process_symlink(void)
                 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
         }
         send_status(id, status);
-        xfree(oldpath);
-        xfree(newpath);
+        free(oldpath);
+        free(newpath);
 }
 
 static void
@@ -1185,8 +1185,8 @@ process_extended_posix_rename(u_int32_t id)
                 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
         }
         send_status(id, status);
-        xfree(oldpath);
-        xfree(newpath);
+        free(oldpath);
+        free(newpath);
 }
 
 static void
@@ -1203,7 +1203,7 @@ process_extended_statvfs(u_int32_t id)
                 send_status(id, errno_to_portable(errno));
         else
                 send_statvfs(id, &st);
-        xfree(path);
+        free(path);
 }
 
 static void
@@ -1242,8 +1242,8 @@ process_extended_hardlink(u_int32_t id)
                 status = (ret == -1) ? errno_to_portable(errno) : SSH2_FX_OK;
         }
         send_status(id, status);
-        xfree(oldpath);
-        xfree(newpath);
+        free(oldpath);
+        free(newpath);
 }
 
 static void
@@ -1264,7 +1264,7 @@ process_extended(void)
                 process_extended_hardlink(id);
         else
                 send_status(id, SSH2_FX_OP_UNSUPPORTED);        /* MUST */
-        xfree(request);
+        free(request);
 }
 
 /* stolen from ssh-agent */
diff --git a/sftp.0 b/sftp.0
index dd1da5241..c5fa17892 100644
--- a/sftp.0
+++ b/sftp.0
@@ -55,10 +55,10 @@ DESCRIPTION
              used in conjunction with non-interactive authentication.  A
              batchfile of `-' may be used to indicate standard input.  sftp
              will abort if any of the following commands fail: get, put,
-             rename, ln, rm, mkdir, chdir, ls, lchdir, chmod, chown, chgrp,
-             lpwd, df, symlink, and lmkdir.  Termination on error can be
-             suppressed on a command by command basis by prefixing the command
-             with a `-' character (for example, -rm /tmp/blah*).
+             reget, rename, ln, rm, mkdir, chdir, ls, lchdir, chmod, chown,
+             chgrp, lpwd, df, symlink, and lmkdir.  Termination on error can
+             be suppressed on a command by command basis by prefixing the
+             command with a `-' character (for example, -rm /tmp/blah*).
 
      -C      Enables compression (via ssh's -C flag).
 
@@ -209,7 +209,7 @@ INTERACTIVE COMMANDS
 
      exit    Quit sftp.
 
-     get [-Ppr] remote-path [local-path]
+     get [-aPpr] remote-path [local-path]
              Retrieve the remote-path and store it on the local machine.  If
              the local path name is not specified, it is given the same name
              it has on the remote machine.  remote-path may contain glob(3)
@@ -217,6 +217,12 @@ INTERACTIVE COMMANDS
              local-path is specified, then local-path must specify a
              directory.
 
+             If the -a flag is specified, then attempt to resume partial
+             transfers of existing files.  Note that resumption assumes that
+             any partial copy of the local file matches the remote copy.  If
+             the remote file differs from the partial local copy then the
+             resultant file is likely to be corrupt.
+
              If either the -P or -p flag is specified, then full file
              permissions and access times are copied too.
 
@@ -306,6 +312,10 @@ INTERACTIVE COMMANDS
 
      quit    Quit sftp.
 
+     reget [-Ppr] remote-path [local-path]
+             Resume download of remote-path.  Equivalent to get with the -a
+             flag set.
+
      rename oldpath newpath
              Rename remote file from oldpath to newpath.
 
@@ -336,4 +346,4 @@ SEE ALSO
      draft-ietf-secsh-filexfer-00.txt, January 2001, work in progress
      material.
 
-OpenBSD 5.3                    September 5, 2011                   OpenBSD 5.3
+OpenBSD 5.4                      July 25, 2013                     OpenBSD 5.4
diff --git a/sftp.1 b/sftp.1
index bcb472144..2577fe875 100644
--- a/sftp.1
+++ b/sftp.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: sftp.1,v 1.91 2011/09/05 05:56:13 djm Exp $
+.\" $OpenBSD: sftp.1,v 1.92 2013/07/25 00:56:51 djm Exp $
 .\"
 .\" Copyright (c) 2001 Damien Miller.  All rights reserved.
 .\"
@@ -22,7 +22,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: September 5 2011 $
+.Dd $Mdocdate: July 25 2013 $
 .Dt SFTP 1
 .Os
 .Sh NAME
@@ -129,7 +129,7 @@ may be used to indicate standard input.
 .Nm
 will abort if any of the following
 commands fail:
-.Ic get , put , rename , ln ,
+.Ic get , put , reget , rename , ln ,
 .Ic rm , mkdir , chdir , ls ,
 .Ic lchdir , chmod , chown ,
 .Ic chgrp , lpwd , df , symlink ,
@@ -343,7 +343,7 @@ extension.
 Quit
 .Nm sftp .
 .It Xo Ic get
-.Op Fl Ppr
+.Op Fl aPpr
 .Ar remote-path
 .Op Ar local-path
 .Xc
@@ -363,6 +363,14 @@ is specified, then
 .Ar local-path
 must specify a directory.
 .Pp
+If the
+.Fl a
+flag is specified, then attempt to resume partial transfers of existing files.
+Note that resumption assumes that any partial copy of the local file matches
+the remote copy.
+If the remote file differs from the partial local copy then the resultant file
+is likely to be corrupt.
+.Pp
 If either the
 .Fl P
 or
@@ -503,6 +511,18 @@ Display remote working directory.
 .It Ic quit
 Quit
 .Nm sftp .
+.It Xo Ic reget
+.Op Fl Ppr
+.Ar remote-path
+.Op Ar local-path
+.Xc
+Resume download of
+.Ar remote-path .
+Equivalent to
+.Ic get
+with the
+.Fl a
+flag set.
 .It Ic rename Ar oldpath Ar newpath
 Rename remote file from
 .Ar oldpath
diff --git a/sftp.c b/sftp.c
index 342ae7efc..969328de4 100644
--- a/sftp.c
+++ b/sftp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp.c,v 1.142 2013/02/08 00:41:12 djm Exp $ */
+/* $OpenBSD: sftp.c,v 1.148 2013/07/25 00:56:52 djm Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
  *
@@ -38,6 +38,9 @@
 #ifdef HAVE_LIBGEN_H
 #include <libgen.h>
 #endif
+#ifdef HAVE_LOCALE_H
+# include <locale.h>
+#endif
 #ifdef USE_LIBEDIT
 #include <histedit.h>
 #else
@@ -76,12 +79,18 @@ int batchmode = 0;
 /* PID of ssh transport process */
 static pid_t sshpid = -1;
 
+/* Suppress diagnositic messages */
+int quiet = 0;
+
 /* This is set to 0 if the progressmeter is not desired. */
 int showprogress = 1;
 
 /* When this option is set, we always recursively download/upload directories */
 int global_rflag = 0;
 
+/* When this option is set, we resume download if possible */
+int global_aflag = 0;
+
 /* When this option is set, the file transfers will always preserve times */
 int global_pflag = 0;
 
@@ -145,6 +154,7 @@ extern char *__progname;
 #define I_SYMLINK       21
 #define I_VERSION       22
 #define I_PROGRESS      23
+#define I_REGET         26
 
 struct CMD {
         const char *c;
@@ -184,6 +194,7 @@ static const struct CMD cmds[] = {
         { "put",        I_PUT,          LOCAL   },
         { "pwd",        I_PWD,          REMOTE  },
         { "quit",       I_QUIT,         NOARGS  },
+        { "reget",      I_REGET,        REMOTE  },
         { "rename",     I_RENAME,       REMOTE  },
         { "rm",         I_RM,           REMOTE  },
         { "rmdir",      I_RMDIR,        REMOTE  },
@@ -215,7 +226,7 @@ cmd_interrupt(int signo)
         const char msg[] = "\rInterrupt  \n";
         int olderrno = errno;
 
-        write(STDERR_FILENO, msg, sizeof(msg) - 1);
+        (void)write(STDERR_FILENO, msg, sizeof(msg) - 1);
         interrupted = 1;
         errno = olderrno;
 }
@@ -233,6 +244,7 @@ help(void)
             "                                   filesystem containing 'path'\n"
             "exit                               Quit sftp\n"
             "get [-Ppr] remote [local]          Download file\n"
+            "reget remote [local]               Resume download file\n"
             "help                               Display this help text\n"
             "lcd path                           Change local directory to 'path'\n"
             "lls [ls-options [path]]            Display local directory listing\n"
@@ -306,7 +318,7 @@ local_do_ls(const char *args)
                 /* XXX: quoting - rip quoting code from ftp? */
                 snprintf(buf, len, _PATH_LS " %s", args);
                 local_do_shell(buf);
-                xfree(buf);
+                free(buf);
         }
 }
 
@@ -337,15 +349,15 @@ make_absolute(char *p, char *pwd)
         /* Derelativise */
         if (p && p[0] != '/') {
                 abs_str = path_append(pwd, p);
-                xfree(p);
+                free(p);
                 return(abs_str);
         } else
                 return(p);
 }
 
 static int
-parse_getput_flags(const char *cmd, char **argv, int argc, int *pflag,
-    int *rflag)
+parse_getput_flags(const char *cmd, char **argv, int argc,
+    int *aflag, int *pflag, int *rflag)
 {
         extern int opterr, optind, optopt, optreset;
         int ch;
@@ -353,9 +365,12 @@ parse_getput_flags(const char *cmd, char **argv, int argc, int *pflag,
         optind = optreset = 1;
         opterr = 0;
 
-        *rflag = *pflag = 0;
-        while ((ch = getopt(argc, argv, "PpRr")) != -1) {
+        *aflag = *rflag = *pflag = 0;
+        while ((ch = getopt(argc, argv, "aPpRr")) != -1) {
                 switch (ch) {
+                case 'a':
+                        *aflag = 1;
+                        break;
                 case 'p':
                 case 'P':
                         *pflag = 1;
@@ -513,7 +528,7 @@ pathname_is_dir(char *pathname)
 
 static int
 process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd,
-    int pflag, int rflag)
+    int pflag, int rflag, int resume)
 {
         char *abs_src = NULL;
         char *abs_dst = NULL;
@@ -547,7 +562,7 @@ process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd,
                 tmp = xstrdup(g.gl_pathv[i]);
                 if ((filename = basename(tmp)) == NULL) {
                         error("basename %s: %s", tmp, strerror(errno));
-                        xfree(tmp);
+                        free(tmp);
                         err = -1;
                         goto out;
                 }
@@ -563,24 +578,28 @@ process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd,
                 } else {
                         abs_dst = xstrdup(filename);
                 }
-                xfree(tmp);
+                free(tmp);
 
-                printf("Fetching %s to %s\n", g.gl_pathv[i], abs_dst);
+                resume |= global_aflag;
+                if (!quiet && resume)
+                        printf("Resuming %s to %s\n", g.gl_pathv[i], abs_dst);
+                else if (!quiet && !resume)
+                        printf("Fetching %s to %s\n", g.gl_pathv[i], abs_dst);
                 if (pathname_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) {
-                        if (download_dir(conn, g.gl_pathv[i], abs_dst, NULL, 
-                            pflag || global_pflag, 1) == -1)
+                        if (download_dir(conn, g.gl_pathv[i], abs_dst, NULL,
+                            pflag || global_pflag, 1, resume) == -1)
                                 err = -1;
                 } else {
                         if (do_download(conn, g.gl_pathv[i], abs_dst, NULL,
-                            pflag || global_pflag) == -1)
+                            pflag || global_pflag, resume) == -1)
                                 err = -1;
                 }
-                xfree(abs_dst);
+                free(abs_dst);
                 abs_dst = NULL;
         }
 
 out:
-        xfree(abs_src);
+        free(abs_src);
         globfree(&g);
         return(err);
 }
@@ -632,7 +651,7 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd,
                 tmp = xstrdup(g.gl_pathv[i]);
                 if ((filename = basename(tmp)) == NULL) {
                         error("basename %s: %s", tmp, strerror(errno));
-                        xfree(tmp);
+                        free(tmp);
                         err = -1;
                         goto out;
                 }
@@ -648,9 +667,10 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd,
                 } else {
                         abs_dst = make_absolute(xstrdup(filename), pwd);
                 }
-                xfree(tmp);
+                free(tmp);
 
-                printf("Uploading %s to %s\n", g.gl_pathv[i], abs_dst);
+                if (!quiet)
+                        printf("Uploading %s to %s\n", g.gl_pathv[i], abs_dst);
                 if (pathname_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) {
                         if (upload_dir(conn, g.gl_pathv[i], abs_dst,
                             pflag || global_pflag, 1) == -1)
@@ -663,10 +683,8 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd,
         }
 
 out:
-        if (abs_dst)
-                xfree(abs_dst);
-        if (tmp_dst)
-                xfree(tmp_dst);
+        free(abs_dst);
+        free(tmp_dst);
         globfree(&g);
         return(err);
 }
@@ -714,7 +732,7 @@ do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag)
                 /* Add any subpath that also needs to be counted */
                 tmp = path_strip(path, strip_path);
                 m += strlen(tmp);
-                xfree(tmp);
+                free(tmp);
 
                 if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) != -1)
                         width = ws.ws_col;
@@ -740,7 +758,7 @@ do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag)
 
                 tmp = path_append(path, d[n]->filename);
                 fname = path_strip(tmp, strip_path);
-                xfree(tmp);
+                free(tmp);
 
                 if (lflag & LS_LONG_VIEW) {
                         if (lflag & (LS_NUMERIC_VIEW|LS_SI_UNITS)) {
@@ -752,7 +770,7 @@ do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag)
                                 lname = ls_file(fname, &sb, 1,
                                     (lflag & LS_SI_UNITS));
                                 printf("%s\n", lname);
-                                xfree(lname);
+                                free(lname);
                         } else
                                 printf("%s\n", d[n]->longname);
                 } else {
@@ -764,7 +782,7 @@ do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag)
                                 c++;
                 }
 
-                xfree(fname);
+                free(fname);
         }
 
         if (!(lflag & LS_LONG_VIEW) && (c != 1))
@@ -834,7 +852,7 @@ do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path,
                         lname = ls_file(fname, g.gl_statv[i], 1,
                             (lflag & LS_SI_UNITS));
                         printf("%s\n", lname);
-                        xfree(lname);
+                        free(lname);
                 } else {
                         printf("%-*s", colspace, fname);
                         if (c >= columns) {
@@ -843,7 +861,7 @@ do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path,
                         } else
                                 c++;
                 }
-                xfree(fname);
+                free(fname);
         }
 
         if (!(lflag & LS_LONG_VIEW) && (c != 1))
@@ -1112,8 +1130,9 @@ makeargv(const char *arg, int *argcp, int sloppy, char *lastquote,
 }
 
 static int
-parse_args(const char **cpp, int *pflag, int *rflag, int *lflag, int *iflag,
-    int *hflag, int *sflag, unsigned long *n_arg, char **path1, char **path2)
+parse_args(const char **cpp, int *aflag, int *hflag, int *iflag, int *lflag,
+    int *pflag, int *rflag, int *sflag, unsigned long *n_arg,
+    char **path1, char **path2)
 {
         const char *cmd, *cp = *cpp;
         char *cp2, **argv;
@@ -1157,14 +1176,15 @@ parse_args(const char **cpp, int *pflag, int *rflag, int *lflag, int *iflag,
         }
 
         /* Get arguments and parse flags */
-        *lflag = *pflag = *rflag = *hflag = *n_arg = 0;
+        *aflag = *lflag = *pflag = *rflag = *hflag = *n_arg = 0;
         *path1 = *path2 = NULL;
         optidx = 1;
         switch (cmdnum) {
         case I_GET:
+        case I_REGET:
         case I_PUT:
                 if ((optidx = parse_getput_flags(cmd, argv, argc,
-                    pflag, rflag)) == -1)
+                    aflag, pflag, rflag)) == -1)
                         return -1;
                 /* Get first pathname (mandatory) */
                 if (argc - optidx < 1) {
@@ -1179,6 +1199,11 @@ parse_args(const char **cpp, int *pflag, int *rflag, int *lflag, int *iflag,
                         /* Destination is not globbed */
                         undo_glob_escape(*path2);
                 }
+                if (*aflag && cmdnum == I_PUT) {
+                        /* XXX implement resume for uploads */
+                        error("Resume is not supported for uploads");
+                        return -1;
+                }
                 break;
         case I_LINK:
                 if ((optidx = parse_link_flags(cmd, argv, argc, sflag)) == -1)
@@ -1287,7 +1312,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd,
     int err_abort)
 {
         char *path1, *path2, *tmp;
-        int pflag = 0, rflag = 0, lflag = 0, iflag = 0, hflag = 0, sflag = 0;
+        int aflag = 0, hflag = 0, iflag = 0, lflag = 0, pflag = 0;
+        int rflag = 0, sflag = 0;
         int cmdnum, i;
         unsigned long n_arg = 0;
         Attrib a, *aa;
@@ -1296,9 +1322,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd,
         glob_t g;
 
         path1 = path2 = NULL;
-        cmdnum = parse_args(&cmd, &pflag, &rflag, &lflag, &iflag, &hflag,
-            &sflag, &n_arg, &path1, &path2);
-
+        cmdnum = parse_args(&cmd, &aflag, &hflag, &iflag, &lflag, &pflag,
+            &rflag, &sflag, &n_arg, &path1, &path2);
         if (iflag != 0)
                 err_abort = 0;
 
@@ -1313,8 +1338,12 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd,
                 /* Unrecognized command */
                 err = -1;
                 break;
+        case I_REGET:
+                aflag = 1;
+                /* FALLTHROUGH */
         case I_GET:
-                err = process_get(conn, path1, path2, *pwd, pflag, rflag);
+                err = process_get(conn, path1, path2, *pwd, pflag,
+                    rflag, aflag);
                 break;
         case I_PUT:
                 err = process_put(conn, path1, path2, *pwd, pflag, rflag);
@@ -1335,7 +1364,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd,
                 path1 = make_absolute(path1, *pwd);
                 remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g);
                 for (i = 0; g.gl_pathv[i] && !interrupted; i++) {
-                        printf("Removing %s\n", g.gl_pathv[i]);
+                        if (!quiet)
+                                printf("Removing %s\n", g.gl_pathv[i]);
                         err = do_rm(conn, g.gl_pathv[i]);
                         if (err != 0 && err_abort)
                                 break;
@@ -1359,24 +1389,24 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd,
                         break;
                 }
                 if ((aa = do_stat(conn, tmp, 0)) == NULL) {
-                        xfree(tmp);
+                        free(tmp);
                         err = 1;
                         break;
                 }
                 if (!(aa->flags & SSH2_FILEXFER_ATTR_PERMISSIONS)) {
                         error("Can't change directory: Can't check target");
-                        xfree(tmp);
+                        free(tmp);
                         err = 1;
                         break;
                 }
                 if (!S_ISDIR(aa->perm)) {
                         error("Can't change directory: \"%s\" is not "
                             "a directory", tmp);
-                        xfree(tmp);
+                        free(tmp);
                         err = 1;
                         break;
                 }
-                xfree(*pwd);
+                free(*pwd);
                 *pwd = tmp;
                 break;
         case I_LS:
@@ -1431,7 +1461,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd,
                 a.perm = n_arg;
                 remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g);
                 for (i = 0; g.gl_pathv[i] && !interrupted; i++) {
-                        printf("Changing mode on %s\n", g.gl_pathv[i]);
+                        if (!quiet)
+                                printf("Changing mode on %s\n", g.gl_pathv[i]);
                         err = do_setstat(conn, g.gl_pathv[i], &a);
                         if (err != 0 && err_abort)
                                 break;
@@ -1460,10 +1491,14 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd,
                         }
                         aa->flags &= SSH2_FILEXFER_ATTR_UIDGID;
                         if (cmdnum == I_CHOWN) {
-                                printf("Changing owner on %s\n", g.gl_pathv[i]);
+                                if (!quiet)
+                                        printf("Changing owner on %s\n",
+                                            g.gl_pathv[i]);
                                 aa->uid = n_arg;
                         } else {
-                                printf("Changing group on %s\n", g.gl_pathv[i]);
+                                if (!quiet)
+                                        printf("Changing group on %s\n",
+                                            g.gl_pathv[i]);
                                 aa->gid = n_arg;
                         }
                         err = do_setstat(conn, g.gl_pathv[i], aa);
@@ -1504,10 +1539,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd,
 
         if (g.gl_pathc)
                 globfree(&g);
-        if (path1)
-                xfree(path1);
-        if (path2)
-                xfree(path2);
+        free(path1);
+        free(path2);
 
         /* If an unignored error occurs in batch mode we should abort. */
         if (err_abort && err != 0)
@@ -1617,8 +1650,8 @@ complete_cmd_parse(EditLine *el, char *cmd, int lastarg, char quote,
                 complete_display(list, 0);
 
                 for (y = 0; list[y] != NULL; y++)  
-                        xfree(list[y]); 
-                xfree(list);
+                        free(list[y]);  
+                free(list);
                 return count;
         }
 
@@ -1631,7 +1664,7 @@ complete_cmd_parse(EditLine *el, char *cmd, int lastarg, char quote,
         list[count] = NULL;
 
         if (count == 0) {
-                xfree(list);
+                free(list);
                 return 0;
         }
 
@@ -1641,8 +1674,8 @@ complete_cmd_parse(EditLine *el, char *cmd, int lastarg, char quote,
                 complete_display(list, 0);
 
         for (y = 0; list[y]; y++)  
-                xfree(list[y]); 
-        xfree(list);
+                free(list[y]);  
+        free(list);
 
         if (tmp != NULL) {
                 tmplen = strlen(tmp);
@@ -1663,7 +1696,7 @@ complete_cmd_parse(EditLine *el, char *cmd, int lastarg, char quote,
                         if (y > 0 && el_insertstr(el, argterm) == -1)
                                 fatal("el_insertstr failed.");
                 }
-                xfree(tmp);
+                free(tmp);
         }
 
         return count;
@@ -1694,8 +1727,9 @@ complete_match(EditLine *el, struct sftp_conn *conn, char *remote_path,
     char *file, int remote, int lastarg, char quote, int terminated)
 {
         glob_t g;
-        char *tmp, *tmp2, ins[3];
+        char *tmp, *tmp2, ins[8];
         u_int i, hadglob, pwdlen, len, tmplen, filelen, cesc, isesc, isabs;
+        int clen;
         const LineInfo *lf;
         
         /* Glob from "file" location */
@@ -1727,7 +1761,7 @@ complete_match(EditLine *el, struct sftp_conn *conn, char *remote_path,
                 if (tmp[tmplen] == '/')
                         pwdlen = tmplen + 1;    /* track last seen '/' */
         }
-        xfree(tmp);
+        free(tmp);
 
         if (g.gl_matchc == 0) 
                 goto out;
@@ -1742,7 +1776,7 @@ complete_match(EditLine *el, struct sftp_conn *conn, char *remote_path,
 
         tmp2 = complete_ambiguous(file, g.gl_pathv, g.gl_matchc);
         tmp = path_strip(tmp2, isabs ? NULL : remote_path);
-        xfree(tmp2);
+        free(tmp2);
 
         if (tmp == NULL)
                 goto out;
@@ -1764,10 +1798,13 @@ complete_match(EditLine *el, struct sftp_conn *conn, char *remote_path,
                 tmp2 = tmp + filelen - cesc;
                 len = strlen(tmp2); 
                 /* quote argument on way out */
-                for (i = 0; i < len; i++) {
+                for (i = 0; i < len; i += clen) {
+                        if ((clen = mblen(tmp2 + i, len - i)) < 0 ||
+                            (size_t)clen > sizeof(ins) - 2)
+                                fatal("invalid multibyte character");
                         ins[0] = '\\';
-                        ins[1] = tmp2[i];
-                        ins[2] = '\0';
+                        memcpy(ins + 1, tmp2 + i, clen);
+                        ins[clen + 1] = '\0';
                         switch (tmp2[i]) {
                         case '\'':
                         case '"':
@@ -1804,7 +1841,7 @@ complete_match(EditLine *el, struct sftp_conn *conn, char *remote_path,
                 if (i > 0 && el_insertstr(el, ins) == -1)
                         fatal("el_insertstr failed.");
         }
-        xfree(tmp);
+        free(tmp);
 
  out:
         globfree(&g);
@@ -1816,7 +1853,8 @@ static unsigned char
 complete(EditLine *el, int ch)
 {
         char **argv, *line, quote; 
-        u_int argc, carg, cursor, len, terminated, ret = CC_ERROR;
+        int argc, carg;
+        u_int cursor, len, terminated, ret = CC_ERROR;
         const LineInfo *lf;
         struct complete_ctx *complete_ctx;
 
@@ -1830,7 +1868,7 @@ complete(EditLine *el, int ch)
         memcpy(line, lf->buffer, cursor);
         line[cursor] = '\0';
         argv = makeargv(line, &carg, 1, &quote, &terminated);
-        xfree(line);
+        free(line);
 
         /* Get all the arguments on the line */
         len = lf->lastchar - lf->buffer;
@@ -1842,7 +1880,7 @@ complete(EditLine *el, int ch)
         /* Ensure cursor is at EOL or a argument boundary */
         if (line[cursor] != ' ' && line[cursor] != '\0' &&
             line[cursor] != '\n') {
-                xfree(line);
+                free(line);
                 return ret;
         }
 
@@ -1870,7 +1908,7 @@ complete(EditLine *el, int ch)
                         ret = CC_REDISPLAY;
         }
 
-        xfree(line);    
+        free(line);     
         return ret;
 }
 #endif /* USE_LIBEDIT */
@@ -1922,31 +1960,30 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2)
                 dir = make_absolute(dir, remote_path);
 
                 if (remote_is_dir(conn, dir) && file2 == NULL) {
-                        printf("Changing to: %s\n", dir);
+                        if (!quiet)
+                                printf("Changing to: %s\n", dir);
                         snprintf(cmd, sizeof cmd, "cd \"%s\"", dir);
                         if (parse_dispatch_command(conn, cmd,
                             &remote_path, 1) != 0) {
-                                xfree(dir);
-                                xfree(remote_path);
-                                xfree(conn);
+                                free(dir);
+                                free(remote_path);
+                                free(conn);
                                 return (-1);
                         }
                 } else {
                         /* XXX this is wrong wrt quoting */
-                        if (file2 == NULL)
-                                snprintf(cmd, sizeof cmd, "get %s", dir);
-                        else
-                                snprintf(cmd, sizeof cmd, "get %s %s", dir,
-                                    file2);
-
+                        snprintf(cmd, sizeof cmd, "get%s %s%s%s",
+                            global_aflag ? " -a" : "", dir,
+                            file2 == NULL ? "" : " ",
+                            file2 == NULL ? "" : file2);
                         err = parse_dispatch_command(conn, cmd,
                             &remote_path, 1);
-                        xfree(dir);
-                        xfree(remote_path);
-                        xfree(conn);
+                        free(dir);
+                        free(remote_path);
+                        free(conn);
                         return (err);
                 }
-                xfree(dir);
+                free(dir);
         }
 
         setlinebuf(stdout);
@@ -2004,8 +2041,8 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2)
                 if (err != 0)
                         break;
         }
-        xfree(remote_path);
-        xfree(conn);
+        free(remote_path);
+        free(conn);
 
 #ifdef USE_LIBEDIT
         if (el != NULL)
@@ -2112,6 +2149,7 @@ main(int argc, char **argv)
 
         /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
         sanitise_stdfd();
+        setlocale(LC_CTYPE, "");
 
         __progname = ssh_get_progname(argv[0]);
         memset(&args, '\0', sizeof(args));
@@ -2126,7 +2164,7 @@ main(int argc, char **argv)
         infile = stdin;
 
         while ((ch = getopt(argc, argv,
-            "1246hpqrvCc:D:i:l:o:s:S:b:B:F:P:R:")) != -1) {
+            "1246ahpqrvCc:D:i:l:o:s:S:b:B:F:P:R:")) != -1) {
                 switch (ch) {
                 /* Passed through to ssh(1) */
                 case '4':
@@ -2143,6 +2181,8 @@ main(int argc, char **argv)
                         addargs(&args, "%s", optarg);
                         break;
                 case 'q':
+                        ll = SYSLOG_LEVEL_ERROR;
+                        quiet = 1;
                         showprogress = 0;
                         addargs(&args, "-%c", ch);
                         break;
@@ -2164,6 +2204,9 @@ main(int argc, char **argv)
                 case '2':
                         sshver = 2;
                         break;
+                case 'a':
+                        global_aflag = 1;
+                        break;
                 case 'B':
                         copy_buffer_len = strtol(optarg, &cp, 10);
                         if (copy_buffer_len == 0 || *cp != '\0')
@@ -2178,7 +2221,7 @@ main(int argc, char **argv)
                             (infile = fopen(optarg, "r")) == NULL)
                                 fatal("%s (%s).", strerror(errno), optarg);
                         showprogress = 0;
-                        batchmode = 1;
+                        quiet = batchmode = 1;
                         addargs(&args, "-obatchmode yes");
                         break;
                 case 'p':
@@ -2275,7 +2318,7 @@ main(int argc, char **argv)
         if (conn == NULL)
                 fatal("Couldn't initialise connection to server");
 
-        if (!batchmode) {
+        if (!quiet) {
                 if (sftp_direct == NULL)
                         fprintf(stderr, "Connected to %s.\n", host);
                 else
diff --git a/ssh-add.0 b/ssh-add.0
index ed43dc8cc..bcd1e7322 100644
--- a/ssh-add.0
+++ b/ssh-add.0
@@ -116,4 +116,4 @@ AUTHORS
      created OpenSSH.  Markus Friedl contributed the support for SSH protocol
      versions 1.5 and 2.0.
 
-OpenBSD 5.3                    December 3, 2012                    OpenBSD 5.3
+OpenBSD 5.4                    December 3, 2012                    OpenBSD 5.4
diff --git a/ssh-add.c b/ssh-add.c
index b9c7a0211..b309582f5 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-add.c,v 1.105 2012/12/05 15:42:52 markus Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.106 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -90,7 +90,7 @@ clear_pass(void)
 {
         if (pass) {
                 memset(pass, 0, strlen(pass));
-                xfree(pass);
+                free(pass);
                 pass = NULL;
         }
 }
@@ -215,7 +215,7 @@ add_file(AuthenticationConnection *ac, const char *filename, int key_only)
                         pass = read_passphrase(msg, RP_ALLOW_STDIN);
                         if (strcmp(pass, "") == 0) {
                                 clear_pass();
-                                xfree(comment);
+                                free(comment);
                                 buffer_free(&keyblob);
                                 return -1;
                         }
@@ -246,9 +246,9 @@ add_file(AuthenticationConnection *ac, const char *filename, int key_only)
         if (blacklisted_key(private, &fp) == 1) {
                 fprintf(stderr, "Public key %s blacklisted (see "
                     "ssh-vulnkey(1)); refusing to add it\n", fp);
-                xfree(fp);
+                free(fp);
                 key_free(private);
-                xfree(comment);
+                free(comment);
                 return -1;
         }
 
@@ -290,8 +290,8 @@ add_file(AuthenticationConnection *ac, const char *filename, int key_only)
                 fprintf(stderr, "The user must confirm each use of the key\n");
  out:
         if (certpath != NULL)
-                xfree(certpath);
-        xfree(comment);
+                free(certpath);
+        free(comment);
         key_free(private);
 
         return ret;
@@ -316,7 +316,7 @@ update_card(AuthenticationConnection *ac, int add, const char *id)
                     add ? "add" : "remove", id);
                 ret = -1;
         }
-        xfree(pin);
+        free(pin);
         return ret;
 }
 
@@ -338,14 +338,14 @@ list_identities(AuthenticationConnection *ac, int do_fp)
                                     SSH_FP_HEX);
                                 printf("%d %s %s (%s)\n",
                                     key_size(key), fp, comment, key_type(key));
-                                xfree(fp);
+                                free(fp);
                         } else {
                                 if (!key_write(key, stdout))
                                         fprintf(stderr, "key_write failed");
                                 fprintf(stdout, " %s\n", comment);
                         }
                         key_free(key);
-                        xfree(comment);
+                        free(comment);
                 }
         }
         if (!had_identities) {
@@ -371,7 +371,7 @@ lock_agent(AuthenticationConnection *ac, int lock)
                         passok = 0;
                 }
                 memset(p2, 0, strlen(p2));
-                xfree(p2);
+                free(p2);
         }
         if (passok && ssh_lock_agent(ac, lock, p1)) {
                 fprintf(stderr, "Agent %slocked.\n", lock ? "" : "un");
@@ -379,7 +379,7 @@ lock_agent(AuthenticationConnection *ac, int lock)
         } else
                 fprintf(stderr, "Failed to %slock agent.\n", lock ? "" : "un");
         memset(p1, 0, strlen(p1));
-        xfree(p1);
+        free(p1);
         return (ret);
 }
 
diff --git a/ssh-agent.0 b/ssh-agent.0
index 578984815..e5f0f7342 100644
--- a/ssh-agent.0
+++ b/ssh-agent.0
@@ -120,4 +120,4 @@ AUTHORS
      created OpenSSH.  Markus Friedl contributed the support for SSH protocol
      versions 1.5 and 2.0.
 
-OpenBSD 5.3                    November 21, 2010                   OpenBSD 5.3
+OpenBSD 5.4                    November 21, 2010                   OpenBSD 5.4
diff --git a/ssh-agent.c b/ssh-agent.c
index b9498e6ef..c3b11729c 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.172 2011/06/03 01:37:40 dtucker Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.177 2013/07/20 01:50:20 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -106,7 +106,7 @@ typedef struct identity {
         Key *key;
         char *comment;
         char *provider;
-        u_int death;
+        time_t death;
         u_int confirm;
 } Identity;
 
@@ -122,7 +122,7 @@ int max_fd = 0;
 
 /* pid of shell == parent of agent */
 pid_t parent_pid = -1;
-u_int parent_alive_interval = 0;
+time_t parent_alive_interval = 0;
 
 /* pathname and directory for AUTH_SOCKET */
 char socket_name[MAXPATHLEN];
@@ -134,8 +134,8 @@ char *lock_passwd = NULL;
 
 extern char *__progname;
 
-/* Default lifetime (0 == forever) */
-static int lifetime = 0;
+/* Default lifetime in seconds (0 == forever) */
+static long lifetime = 0;
 
 static void
 close_socket(SocketEntry *e)
@@ -172,10 +172,9 @@ static void
 free_identity(Identity *id)
 {
         key_free(id->key);
-        if (id->provider != NULL)
-                xfree(id->provider);
-        xfree(id->comment);
-        xfree(id);
+        free(id->provider);
+        free(id->comment);
+        free(id);
 }
 
 /* return matching private key for given public key */
@@ -203,7 +202,7 @@ confirm_key(Identity *id)
         if (ask_permission("Allow use of key %s?\nKey fingerprint %s.",
             id->comment, p))
                 ret = 0;
-        xfree(p);
+        free(p);
 
         return (ret);
 }
@@ -230,7 +229,7 @@ process_request_identities(SocketEntry *e, int version)
                         u_int blen;
                         key_to_blob(id->key, &blob, &blen);
                         buffer_put_string(&msg, blob, blen);
-                        xfree(blob);
+                        free(blob);
                 }
                 buffer_put_cstring(&msg, id->comment);
         }
@@ -348,10 +347,9 @@ process_sign_request2(SocketEntry *e)
         buffer_append(&e->output, buffer_ptr(&msg),
             buffer_len(&msg));
         buffer_free(&msg);
-        xfree(data);
-        xfree(blob);
-        if (signature != NULL)
-                xfree(signature);
+        free(data);
+        free(blob);
+        free(signature);
         datafellows = odatafellows;
 }
 
@@ -378,7 +376,7 @@ process_remove_identity(SocketEntry *e, int version)
         case 2:
                 blob = buffer_get_string(&e->request, &blen);
                 key = key_from_blob(blob, blen);
-                xfree(blob);
+                free(blob);
                 break;
         }
         if (key != NULL) {
@@ -430,10 +428,10 @@ process_remove_all_identities(SocketEntry *e, int version)
 }
 
 /* removes expired keys and returns number of seconds until the next expiry */
-static u_int
+static time_t
 reaper(void)
 {
-        u_int deadline = 0, now = time(NULL);
+        time_t deadline = 0, now = monotime();
         Identity *id, *nxt;
         int version;
         Idtab *tab;
@@ -465,8 +463,9 @@ process_add_identity(SocketEntry *e, int version)
 {
         Idtab *tab = idtab_lookup(version);
         Identity *id;
-        int type, success = 0, death = 0, confirm = 0;
+        int type, success = 0, confirm = 0;
         char *type_name, *comment;
+        time_t death = 0;
         Key *k = NULL;
 #ifdef OPENSSL_HAS_ECC
         BIGNUM *exponent;
@@ -509,7 +508,7 @@ process_add_identity(SocketEntry *e, int version)
                         cert = buffer_get_string(&e->request, &len);
                         if ((k = key_from_blob(cert, len)) == NULL)
                                 fatal("Certificate parse failed");
-                        xfree(cert);
+                        free(cert);
                         key_add_private(k);
                         buffer_get_bignum2(&e->request, k->dsa->priv_key);
                         break;
@@ -520,7 +519,7 @@ process_add_identity(SocketEntry *e, int version)
                         curve = buffer_get_string(&e->request, NULL);
                         if (k->ecdsa_nid != key_curve_name_to_nid(curve))
                                 fatal("%s: curve names mismatch", __func__);
-                        xfree(curve);
+                        free(curve);
                         k->ecdsa = EC_KEY_new_by_curve_name(k->ecdsa_nid);
                         if (k->ecdsa == NULL)
                                 fatal("%s: EC_KEY_new_by_curve_name failed",
@@ -551,7 +550,7 @@ process_add_identity(SocketEntry *e, int version)
                         cert = buffer_get_string(&e->request, &len);
                         if ((k = key_from_blob(cert, len)) == NULL)
                                 fatal("Certificate parse failed");
-                        xfree(cert);
+                        free(cert);
                         key_add_private(k);
                         if ((exponent = BN_new()) == NULL)
                                 fatal("%s: BN_new failed", __func__);
@@ -583,7 +582,7 @@ process_add_identity(SocketEntry *e, int version)
                         cert = buffer_get_string(&e->request, &len);
                         if ((k = key_from_blob(cert, len)) == NULL)
                                 fatal("Certificate parse failed");
-                        xfree(cert);
+                        free(cert);
                         key_add_private(k);
                         buffer_get_bignum2(&e->request, k->rsa->d);
                         buffer_get_bignum2(&e->request, k->rsa->iqmp);
@@ -591,11 +590,11 @@ process_add_identity(SocketEntry *e, int version)
                         buffer_get_bignum2(&e->request, k->rsa->q);
                         break;
                 default:
-                        xfree(type_name);
+                        free(type_name);
                         buffer_clear(&e->request);
                         goto send;
                 }
-                xfree(type_name);
+                free(type_name);
                 break;
         }
         /* enable blinding */
@@ -613,13 +612,13 @@ process_add_identity(SocketEntry *e, int version)
         }
         comment = buffer_get_string(&e->request, NULL);
         if (k == NULL) {
-                xfree(comment);
+                free(comment);
                 goto send;
         }
         while (buffer_len(&e->request)) {
                 switch ((type = buffer_get_char(&e->request))) {
                 case SSH_AGENT_CONSTRAIN_LIFETIME:
-                        death = time(NULL) + buffer_get_int(&e->request);
+                        death = monotime() + buffer_get_int(&e->request);
                         break;
                 case SSH_AGENT_CONSTRAIN_CONFIRM:
                         confirm = 1;
@@ -627,14 +626,14 @@ process_add_identity(SocketEntry *e, int version)
                 default:
                         error("process_add_identity: "
                             "Unknown constraint type %d", type);
-                        xfree(comment);
+                        free(comment);
                         key_free(k);
                         goto send;
                 }
         }
         success = 1;
         if (lifetime && !death)
-                death = time(NULL) + lifetime;
+                death = monotime() + lifetime;
         if ((id = lookup_identity(k, version)) == NULL) {
                 id = xcalloc(1, sizeof(Identity));
                 id->key = k;
@@ -643,7 +642,7 @@ process_add_identity(SocketEntry *e, int version)
                 tab->nentries++;
         } else {
                 key_free(k);
-                xfree(id->comment);
+                free(id->comment);
         }
         id->comment = comment;
         id->death = death;
@@ -665,7 +664,7 @@ process_lock_agent(SocketEntry *e, int lock)
         if (locked && !lock && strcmp(passwd, lock_passwd) == 0) {
                 locked = 0;
                 memset(lock_passwd, 0, strlen(lock_passwd));
-                xfree(lock_passwd);
+                free(lock_passwd);
                 lock_passwd = NULL;
                 success = 1;
         } else if (!locked && lock) {
@@ -674,7 +673,7 @@ process_lock_agent(SocketEntry *e, int lock)
                 success = 1;
         }
         memset(passwd, 0, strlen(passwd));
-        xfree(passwd);
+        free(passwd);
 
         buffer_put_int(&e->output, 1);
         buffer_put_char(&e->output,
@@ -701,7 +700,8 @@ static void
 process_add_smartcard_key(SocketEntry *e)
 {
         char *provider = NULL, *pin;
-        int i, type, version, count = 0, success = 0, death = 0, confirm = 0;
+        int i, type, version, count = 0, success = 0, confirm = 0;
+        time_t death = 0;
         Key **keys = NULL, *k;
         Identity *id;
         Idtab *tab;
@@ -712,7 +712,7 @@ process_add_smartcard_key(SocketEntry *e)
         while (buffer_len(&e->request)) {
                 switch ((type = buffer_get_char(&e->request))) {
                 case SSH_AGENT_CONSTRAIN_LIFETIME:
-                        death = time(NULL) + buffer_get_int(&e->request);
+                        death = monotime() + buffer_get_int(&e->request);
                         break;
                 case SSH_AGENT_CONSTRAIN_CONFIRM:
                         confirm = 1;
@@ -724,7 +724,7 @@ process_add_smartcard_key(SocketEntry *e)
                 }
         }
         if (lifetime && !death)
-                death = time(NULL) + lifetime;
+                death = monotime() + lifetime;
 
         count = pkcs11_add_provider(provider, pin, &keys);
         for (i = 0; i < count; i++) {
@@ -747,12 +747,9 @@ process_add_smartcard_key(SocketEntry *e)
                 keys[i] = NULL;
         }
 send:
-        if (pin)
-                xfree(pin);
-        if (provider)
-                xfree(provider);
-        if (keys)
-                xfree(keys);
+        free(pin);
+        free(provider);
+        free(keys);
         buffer_put_int(&e->output, 1);
         buffer_put_char(&e->output,
             success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE);
@@ -768,7 +765,7 @@ process_remove_smartcard_key(SocketEntry *e)
 
         provider = buffer_get_string(&e->request, NULL);
         pin = buffer_get_string(&e->request, NULL);
-        xfree(pin);
+        free(pin);
 
         for (version = 1; version < 3; version++) {
                 tab = idtab_lookup(version);
@@ -786,7 +783,7 @@ process_remove_smartcard_key(SocketEntry *e)
         else
                 error("process_remove_smartcard_key:"
                     " pkcs11_del_provider failed");
-        xfree(provider);
+        free(provider);
         buffer_put_int(&e->output, 1);
         buffer_put_char(&e->output,
             success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE);
@@ -931,9 +928,10 @@ static int
 prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl, u_int *nallocp,
     struct timeval **tvpp)
 {
-        u_int i, sz, deadline;
+        u_int i, sz;
         int n = 0;
         static struct timeval tv;
+        time_t deadline;
 
         for (i = 0; i < sockets_alloc; i++) {
                 switch (sockets[i].type) {
@@ -951,10 +949,8 @@ prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl, u_int *nallocp,
 
         sz = howmany(n+1, NFDBITS) * sizeof(fd_mask);
         if (*fdrp == NULL || sz > *nallocp) {
-                if (*fdrp)
-                        xfree(*fdrp);
-                if (*fdwp)
-                        xfree(*fdwp);
+                free(*fdrp);
+                free(*fdwp);
                 *fdrp = xmalloc(sz);
                 *fdwp = xmalloc(sz);
                 *nallocp = sz;
@@ -1348,9 +1344,8 @@ skip:
         if (ac > 0)
                 parent_alive_interval = 10;
         idtab_init();
-        if (!d_flag)
-                signal(SIGINT, SIG_IGN);
         signal(SIGPIPE, SIG_IGN);
+        signal(SIGINT, d_flag ? cleanup_handler : SIG_IGN);
         signal(SIGHUP, cleanup_handler);
         signal(SIGTERM, cleanup_handler);
         nalloc = 0;
diff --git a/ssh-dss.c b/ssh-dss.c
index ede5e21e5..322ec9fd8 100644
--- a/ssh-dss.c
+++ b/ssh-dss.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-dss.c,v 1.27 2010/08/31 09:58:37 djm Exp $ */
+/* $OpenBSD: ssh-dss.c,v 1.28 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -137,17 +137,17 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen,
                 if (strcmp("ssh-dss", ktype) != 0) {
                         error("ssh_dss_verify: cannot handle type %s", ktype);
                         buffer_free(&b);
-                        xfree(ktype);
+                        free(ktype);
                         return -1;
                 }
-                xfree(ktype);
+                free(ktype);
                 sigblob = buffer_get_string(&b, &len);
                 rlen = buffer_len(&b);
                 buffer_free(&b);
                 if (rlen != 0) {
                         error("ssh_dss_verify: "
                             "remaining bytes in signature %d", rlen);
-                        xfree(sigblob);
+                        free(sigblob);
                         return -1;
                 }
         }
@@ -169,7 +169,7 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen,
 
         /* clean up */
         memset(sigblob, 0, len);
-        xfree(sigblob);
+        free(sigblob);
 
         /* sha1 the data */
         EVP_DigestInit(&md, evp_md);
diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c
index 085468ee7..766338941 100644
--- a/ssh-ecdsa.c
+++ b/ssh-ecdsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-ecdsa.c,v 1.5 2012/01/08 13:17:11 miod Exp $ */
+/* $OpenBSD: ssh-ecdsa.c,v 1.6 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
@@ -119,16 +119,16 @@ ssh_ecdsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
         if (strcmp(key_ssh_name_plain(key), ktype) != 0) {
                 error("%s: cannot handle type %s", __func__, ktype);
                 buffer_free(&b);
-                xfree(ktype);
+                free(ktype);
                 return -1;
         }
-        xfree(ktype);
+        free(ktype);
         sigblob = buffer_get_string(&b, &len);
         rlen = buffer_len(&b);
         buffer_free(&b);
         if (rlen != 0) {
                 error("%s: remaining bytes in signature %d", __func__, rlen);
-                xfree(sigblob);
+                free(sigblob);
                 return -1;
         }
 
@@ -149,7 +149,7 @@ ssh_ecdsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
 
         /* clean up */
         memset(sigblob, 0, len);
-        xfree(sigblob);
+        free(sigblob);
 
         /* hash the data */
         EVP_DigestInit(&md, evp_md);
diff --git a/ssh-keygen.0 b/ssh-keygen.0
index 3c7a64753..2b0e9a692 100644
--- a/ssh-keygen.0
+++ b/ssh-keygen.0
@@ -543,4 +543,4 @@ AUTHORS
      created OpenSSH.  Markus Friedl contributed the support for SSH protocol
      versions 1.5 and 2.0.
 
-OpenBSD 5.3                    January 19, 2013                    OpenBSD 5.3
+OpenBSD 5.4                      June 27, 2013                     OpenBSD 5.4
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 0d84ebd1e..753cc625b 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: ssh-keygen.1,v 1.115 2013/01/19 07:13:25 jmc Exp $
+.\"     $OpenBSD: ssh-keygen.1,v 1.116 2013/06/27 14:05:37 jmc Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: January 19 2013 $
+.Dd $Mdocdate: June 27 2013 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -512,8 +512,7 @@ of two times separated by a colon to indicate an explicit time interval.
 The start time may be specified as a date in YYYYMMDD format, a time
 in YYYYMMDDHHMMSS format or a relative time (to the current time) consisting
 of a minus sign followed by a relative time in the format described in the
-.Sx TIME FORMATS
-section of
+TIME FORMATS section of
 .Xr sshd_config 5 .
 The end time may be specified as a YYYYMMDD date, a YYYYMMDDHHMMSS time or
 a relative time starting with a plus character.
diff --git a/ssh-keygen.c b/ssh-keygen.c
index d1a205e18..03c444d42 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.225 2013/02/10 23:32:10 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.230 2013/07/20 01:44:37 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -252,7 +252,7 @@ load_identity(char *filename)
                             RP_ALLOW_STDIN);
                 prv = key_load_private(filename, pass, NULL);
                 memset(pass, 0, strlen(pass));
-                xfree(pass);
+                free(pass);
         }
         return prv;
 }
@@ -288,7 +288,7 @@ do_convert_to_ssh2(struct passwd *pw, Key *k)
         dump_base64(stdout, blob, len);
         fprintf(stdout, "%s\n", SSH_COM_PUBLIC_END);
         key_free(k);
-        xfree(blob);
+        free(blob);
         exit(0);
 }
 
@@ -415,12 +415,12 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
         debug("ignore (%d %d %d %d)", i1, i2, i3, i4);
         if (strcmp(cipher, "none") != 0) {
                 error("unsupported cipher %s", cipher);
-                xfree(cipher);
+                free(cipher);
                 buffer_free(&b);
-                xfree(type);
+                free(type);
                 return NULL;
         }
-        xfree(cipher);
+        free(cipher);
 
         if (strstr(type, "dsa")) {
                 ktype = KEY_DSA;
@@ -428,11 +428,11 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
                 ktype = KEY_RSA;
         } else {
                 buffer_free(&b);
-                xfree(type);
+                free(type);
                 return NULL;
         }
         key = key_new_private(ktype);
-        xfree(type);
+        free(type);
 
         switch (key->type) {
         case KEY_DSA:
@@ -475,7 +475,7 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
         /* try the key */
         key_sign(key, &sig, &slen, data, sizeof(data));
         key_verify(key, sig, slen, data, sizeof(data));
-        xfree(sig);
+        free(sig);
         return key;
 }
 
@@ -524,7 +524,7 @@ do_convert_from_ssh2(struct passwd *pw, Key **k, int *private)
                 fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
         encoded[0] = '\0';
         while ((blen = get_line(fp, line, sizeof(line))) != -1) {
-                if (line[blen - 1] == '\\')
+                if (blen > 0 && line[blen - 1] == '\\')
                         escaped++;
                 if (strncmp(line, "----", 4) == 0 ||
                     strstr(line, ": ") != NULL) {
@@ -746,15 +746,15 @@ do_download(struct passwd *pw)
                             fp, key_type(keys[i]));
                         if (log_level >= SYSLOG_LEVEL_VERBOSE)
                                 printf("%s\n", ra);
-                        xfree(ra);
-                        xfree(fp);
+                        free(ra);
+                        free(fp);
                 } else {
                         key_write(keys[i], stdout);
                         fprintf(stdout, "\n");
                 }
                 key_free(keys[i]);
         }
-        xfree(keys);
+        free(keys);
         pkcs11_terminate();
         exit(0);
 #else
@@ -791,13 +791,13 @@ do_fingerprint(struct passwd *pw)
                 if (log_level >= SYSLOG_LEVEL_VERBOSE)
                         printf("%s\n", ra);
                 key_free(public);
-                xfree(comment);
-                xfree(ra);
-                xfree(fp);
+                free(comment);
+                free(ra);
+                free(fp);
                 exit(0);
         }
         if (comment) {
-                xfree(comment);
+                free(comment);
                 comment = NULL;
         }
 
@@ -856,8 +856,8 @@ do_fingerprint(struct passwd *pw)
                     comment ? comment : "no comment", key_type(public));
                 if (log_level >= SYSLOG_LEVEL_VERBOSE)
                         printf("%s\n", ra);
-                xfree(ra);
-                xfree(fp);
+                free(ra);
+                free(fp);
                 key_free(public);
                 invalid = 0;
         }
@@ -980,8 +980,8 @@ printhost(FILE *f, const char *name, Key *public, int ca, int hash)
                     key_type(public));
                 if (log_level >= SYSLOG_LEVEL_VERBOSE)
                         printf("%s\n", ra);
-                xfree(ra);
-                xfree(fp);
+                free(ra);
+                free(fp);
         } else {
                 if (hash && (name = host_hash(name, NULL, 0)) == NULL)
                         fatal("hash_host failed");
@@ -1007,7 +1007,7 @@ do_known_hosts(struct passwd *pw, const char *name)
                 if (strlcpy(identity_file, cp, sizeof(identity_file)) >=
                     sizeof(identity_file))
                         fatal("Specified known hosts path too long");
-                xfree(cp);
+                free(cp);
                 have_identity = 1;
         }
         if ((in = fopen(identity_file, "r")) == NULL)
@@ -1238,7 +1238,7 @@ do_change_passphrase(struct passwd *pw)
                 private = key_load_private(identity_file, old_passphrase,
                     &comment);
                 memset(old_passphrase, 0, strlen(old_passphrase));
-                xfree(old_passphrase);
+                free(old_passphrase);
                 if (private == NULL) {
                         printf("Bad passphrase.\n");
                         exit(1);
@@ -1261,30 +1261,30 @@ do_change_passphrase(struct passwd *pw)
                 if (strcmp(passphrase1, passphrase2) != 0) {
                         memset(passphrase1, 0, strlen(passphrase1));
                         memset(passphrase2, 0, strlen(passphrase2));
-                        xfree(passphrase1);
-                        xfree(passphrase2);
+                        free(passphrase1);
+                        free(passphrase2);
                         printf("Pass phrases do not match.  Try again.\n");
                         exit(1);
                 }
                 /* Destroy the other copy. */
                 memset(passphrase2, 0, strlen(passphrase2));
-                xfree(passphrase2);
+                free(passphrase2);
         }
 
         /* Save the file using the new passphrase. */
         if (!key_save_private(private, identity_file, passphrase1, comment)) {
                 printf("Saving the key failed: %s.\n", identity_file);
                 memset(passphrase1, 0, strlen(passphrase1));
-                xfree(passphrase1);
+                free(passphrase1);
                 key_free(private);
-                xfree(comment);
+                free(comment);
                 exit(1);
         }
         /* Destroy the passphrase and the copy of the key in memory. */
         memset(passphrase1, 0, strlen(passphrase1));
-        xfree(passphrase1);
+        free(passphrase1);
         key_free(private);               /* Destroys contents */
-        xfree(comment);
+        free(comment);
 
         printf("Your identification has been saved with the new passphrase.\n");
         exit(0);
@@ -1301,7 +1301,7 @@ do_print_resource_record(struct passwd *pw, char *fname, char *hname)
         struct stat st;
 
         if (fname == NULL)
-                ask_filename(pw, "Enter file in which the key is");
+                fatal("%s: no filename", __func__);
         if (stat(fname, &st) < 0) {
                 if (errno == ENOENT)
                         return 0;
@@ -1312,11 +1312,11 @@ do_print_resource_record(struct passwd *pw, char *fname, char *hname)
         if (public != NULL) {
                 export_dns_rr(hname, public, stdout, print_generic);
                 key_free(public);
-                xfree(comment);
+                free(comment);
                 return 1;
         }
         if (comment)
-                xfree(comment);
+                free(comment);
 
         printf("failed to read v2 public key from %s.\n", fname);
         exit(1);
@@ -1354,7 +1354,7 @@ do_change_comment(struct passwd *pw)
                 private = key_load_private(identity_file, passphrase, &comment);
                 if (private == NULL) {
                         memset(passphrase, 0, strlen(passphrase));
-                        xfree(passphrase);
+                        free(passphrase);
                         printf("Bad passphrase.\n");
                         exit(1);
                 }
@@ -1385,13 +1385,13 @@ do_change_comment(struct passwd *pw)
         if (!key_save_private(private, identity_file, passphrase, new_comment)) {
                 printf("Saving the key failed: %s.\n", identity_file);
                 memset(passphrase, 0, strlen(passphrase));
-                xfree(passphrase);
+                free(passphrase);
                 key_free(private);
-                xfree(comment);
+                free(comment);
                 exit(1);
         }
         memset(passphrase, 0, strlen(passphrase));
-        xfree(passphrase);
+        free(passphrase);
         public = key_from_private(private);
         key_free(private);
 
@@ -1412,7 +1412,7 @@ do_change_comment(struct passwd *pw)
         fprintf(f, " %s\n", new_comment);
         fclose(f);
 
-        xfree(comment);
+        free(comment);
 
         printf("The comment in your key file has been changed.\n");
         exit(0);
@@ -1529,7 +1529,7 @@ load_pkcs11_key(char *path)
                 }
                 key_free(keys[i]);
         }
-        xfree(keys);
+        free(keys);
         key_free(public);
         return private;
 #else
@@ -1573,7 +1573,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
                         fatal("No PKCS#11 key matching %s found", ca_key_path);
         } else if ((ca = load_identity(tmp)) == NULL)
                 fatal("Couldn't load CA key \"%s\"", tmp);
-        xfree(tmp);
+        free(tmp);
 
         for (i = 0; i < argc; i++) {
                 /* Split list of principals */
@@ -1586,7 +1586,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
                                 if (*(plist[n] = xstrdup(cp)) == '\0')
                                         fatal("Empty principal name");
                         }
-                        xfree(otmp);
+                        free(otmp);
                 }
         
                 tmp = tilde_expand_filename(argv[i], pw->pw_uid);
@@ -1624,7 +1624,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
                 if ((cp = strrchr(tmp, '.')) != NULL && strcmp(cp, ".pub") == 0)
                         *cp = '\0';
                 xasprintf(&out, "%s-cert.pub", tmp);
-                xfree(tmp);
+                free(tmp);
 
                 if ((fd = open(out, O_WRONLY|O_CREAT|O_TRUNC, 0644)) == -1)
                         fatal("Could not open \"%s\" for writing: %s", out,
@@ -1647,7 +1647,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
                 }
 
                 key_free(public);
-                xfree(out);
+                free(out);
         }
         pkcs11_terminate();
         exit(0);
@@ -1744,7 +1744,7 @@ parse_cert_times(char *timespec)
 
         if (cert_valid_to <= cert_valid_from)
                 fatal("Empty certificate validity interval");
-        xfree(from);
+        free(from);
 }
 
 static void
@@ -1797,7 +1797,8 @@ add_cert_option(char *opt)
 static void
 show_options(const Buffer *optbuf, int v00, int in_critical)
 {
-        u_char *name, *data;
+        char *name;
+        u_char *data;
         u_int dlen;
         Buffer options, option;
 
@@ -1822,13 +1823,13 @@ show_options(const Buffer *optbuf, int v00, int in_critical)
                     strcmp(name, "source-address") == 0)) {
                         data = buffer_get_string(&option, NULL);
                         printf(" %s\n", data);
-                        xfree(data);
+                        free(data);
                 } else {
                         printf(" UNKNOWN OPTION (len %u)\n",
                             buffer_len(&option));
                         buffer_clear(&option);
                 }
-                xfree(name);
+                free(name);
                 if (buffer_len(&option) != 0)
                         fatal("Option corrupt: extra data at end");
         }
@@ -2038,6 +2039,7 @@ update_krl_from_file(struct passwd *pw, const char *file, const Key *ca,
         }
         if (strcmp(path, "-") != 0)
                 fclose(krl_spec);
+        free(path);
 }
 
 static void
@@ -2063,7 +2065,7 @@ do_gen_krl(struct passwd *pw, int updating, int argc, char **argv)
                 tmp = tilde_expand_filename(ca_key_path, pw->pw_uid);
                 if ((ca = key_load_public(tmp, NULL)) == NULL)
                         fatal("Cannot load CA public key %s", tmp);
-                xfree(tmp);
+                free(tmp);
         }
 
         if (updating)
@@ -2090,6 +2092,8 @@ do_gen_krl(struct passwd *pw, int updating, int argc, char **argv)
         close(fd);
         buffer_free(&kbuf);
         ssh_krl_free(krl);
+        if (ca != NULL)
+                key_free(ca);
 }
 
 static void
@@ -2210,7 +2214,7 @@ main(int argc, char **argv)
         /* we need this for the home * directory.  */
         pw = getpwuid(getuid());
         if (!pw) {
-                printf("You don't exist, go away!\n");
+                printf("No user exists for uid %lu\n", (u_long)getuid());
                 exit(1);
         }
         if (gethostname(hostname, sizeof(hostname)) < 0) {
@@ -2599,14 +2603,14 @@ passphrase_again:
                          */
                         memset(passphrase1, 0, strlen(passphrase1));
                         memset(passphrase2, 0, strlen(passphrase2));
-                        xfree(passphrase1);
-                        xfree(passphrase2);
+                        free(passphrase1);
+                        free(passphrase2);
                         printf("Passphrases do not match.  Try again.\n");
                         goto passphrase_again;
                 }
                 /* Clear the other copy of the passphrase. */
                 memset(passphrase2, 0, strlen(passphrase2));
-                xfree(passphrase2);
+                free(passphrase2);
         }
 
         if (identity_comment) {
@@ -2620,12 +2624,12 @@ passphrase_again:
         if (!key_save_private(private, identity_file, passphrase1, comment)) {
                 printf("Saving the key failed: %s.\n", identity_file);
                 memset(passphrase1, 0, strlen(passphrase1));
-                xfree(passphrase1);
+                free(passphrase1);
                 exit(1);
         }
         /* Clear the passphrase. */
         memset(passphrase1, 0, strlen(passphrase1));
-        xfree(passphrase1);
+        free(passphrase1);
 
         /* Clear the private key and the random number generator. */
         key_free(private);
@@ -2660,8 +2664,8 @@ passphrase_again:
                 printf("%s %s\n", fp, comment);
                 printf("The key's randomart image is:\n");
                 printf("%s\n", ra);
-                xfree(ra);
-                xfree(fp);
+                free(ra);
+                free(fp);
         }
 
         key_free(public);
diff --git a/ssh-keyscan.0 b/ssh-keyscan.0
index 559c5a1f4..3ea99c320 100644
--- a/ssh-keyscan.0
+++ b/ssh-keyscan.0
@@ -106,4 +106,4 @@ BUGS
      This is because it opens a connection to the ssh port, reads the public
      key, and drops the connection as soon as it gets the key.
 
-OpenBSD 5.3                     April 11, 2012                     OpenBSD 5.3
+OpenBSD 5.4                      July 16, 2013                     OpenBSD 5.4
diff --git a/ssh-keyscan.1 b/ssh-keyscan.1
index f2b0fc8fa..c35ea05e0 100644
--- a/ssh-keyscan.1
+++ b/ssh-keyscan.1
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: ssh-keyscan.1,v 1.30 2012/04/11 13:34:17 djm Exp $
+.\"     $OpenBSD: ssh-keyscan.1,v 1.31 2013/07/16 00:07:52 schwarze Exp $
 .\"
 .\" Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
 .\"
@@ -6,7 +6,7 @@
 .\" permitted provided that due credit is given to the author and the
 .\" OpenBSD project by leaving this copyright notice intact.
 .\"
-.Dd $Mdocdate: April 11 2012 $
+.Dd $Mdocdate: July 16 2013 $
 .Dt SSH-KEYSCAN 1
 .Os
 .Sh NAME
@@ -164,9 +164,9 @@ $ ssh-keyscan -t rsa,dsa,ecdsa -f ssh_hosts | \e
 .Xr sshd 8
 .Sh AUTHORS
 .An -nosplit
-.An David Mazieres Aq dm@lcs.mit.edu
+.An David Mazieres Aq Mt dm@lcs.mit.edu
 wrote the initial version, and
-.An Wayne Davison Aq wayned@users.sourceforge.net
+.An Wayne Davison Aq Mt wayned@users.sourceforge.net
 added support for protocol version 2.
 .Sh BUGS
 It generates "Connection closed by remote host" messages on the consoles
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index c9de130f4..8b807c10a 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keyscan.c,v 1.86 2012/04/11 13:34:17 djm Exp $ */
+/* $OpenBSD: ssh-keyscan.c,v 1.87 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
  *
@@ -263,7 +263,7 @@ keygrab_ssh2(con *c)
                 exit(1);
         }
         nonfatal_fatal = 0;
-        xfree(c->c_kex);
+        free(c->c_kex);
         c->c_kex = NULL;
         packet_close();
 
@@ -329,7 +329,7 @@ conalloc(char *iname, char *oname, int keytype)
         do {
                 name = xstrsep(&namelist, ",");
                 if (!name) {
-                        xfree(namebase);
+                        free(namebase);
                         return (-1);
                 }
         } while ((s = tcpconnect(name)) < 0);
@@ -363,10 +363,10 @@ confree(int s)
         if (s >= maxfd || fdcon[s].c_status == CS_UNUSED)
                 fatal("confree: attempt to free bad fdno %d", s);
         close(s);
-        xfree(fdcon[s].c_namebase);
-        xfree(fdcon[s].c_output_name);
+        free(fdcon[s].c_namebase);
+        free(fdcon[s].c_output_name);
         if (fdcon[s].c_status == CS_KEYS)
-                xfree(fdcon[s].c_data);
+                free(fdcon[s].c_data);
         fdcon[s].c_status = CS_UNUSED;
         fdcon[s].c_keytype = 0;
         TAILQ_REMOVE(&tq, &fdcon[s], c_link);
@@ -553,8 +553,8 @@ conloop(void)
                 } else if (FD_ISSET(i, r))
                         conread(i);
         }
-        xfree(r);
-        xfree(e);
+        free(r);
+        free(e);
 
         c = TAILQ_FIRST(&tq);
         while (c && (c->c_tv.tv_sec < now.tv_sec ||
diff --git a/ssh-keysign.0 b/ssh-keysign.0
index a2e9eec2b..808828a07 100644
--- a/ssh-keysign.0
+++ b/ssh-keysign.0
@@ -48,4 +48,4 @@ HISTORY
 AUTHORS
      Markus Friedl <markus@openbsd.org>
 
-OpenBSD 5.3                     August 31, 2010                    OpenBSD 5.3
+OpenBSD 5.4                      July 16, 2013                     OpenBSD 5.4
diff --git a/ssh-keysign.8 b/ssh-keysign.8
index 5e09e0271..5e0b2d232 100644
--- a/ssh-keysign.8
+++ b/ssh-keysign.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-keysign.8,v 1.12 2010/08/31 11:54:45 djm Exp $
+.\" $OpenBSD: ssh-keysign.8,v 1.13 2013/07/16 00:07:52 schwarze Exp $
 .\"
 .\" Copyright (c) 2002 Markus Friedl.  All rights reserved.
 .\"
@@ -22,7 +22,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: August 31 2010 $
+.Dd $Mdocdate: July 16 2013 $
 .Dt SSH-KEYSIGN 8
 .Os
 .Sh NAME
@@ -88,4 +88,4 @@ information corresponding with the private keys above.
 first appeared in
 .Ox 3.2 .
 .Sh AUTHORS
-.An Markus Friedl Aq markus@openbsd.org
+.An Markus Friedl Aq Mt markus@openbsd.org
diff --git a/ssh-keysign.c b/ssh-keysign.c
index 1deb7e141..9a6653c7c 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keysign.c,v 1.36 2011/02/16 00:31:14 djm Exp $ */
+/* $OpenBSD: ssh-keysign.c,v 1.37 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Copyright (c) 2002 Markus Friedl.  All rights reserved.
  *
@@ -78,7 +78,7 @@ valid_request(struct passwd *pw, char *host, Key **ret, u_char *data,
         p = buffer_get_string(&b, &len);
         if (len != 20 && len != 32)
                 fail++;
-        xfree(p);
+        free(p);
 
         if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST)
                 fail++;
@@ -90,13 +90,13 @@ valid_request(struct passwd *pw, char *host, Key **ret, u_char *data,
         p = buffer_get_string(&b, NULL);
         if (strcmp("ssh-connection", p) != 0)
                 fail++;
-        xfree(p);
+        free(p);
 
         /* method */
         p = buffer_get_string(&b, NULL);
         if (strcmp("hostbased", p) != 0)
                 fail++;
-        xfree(p);
+        free(p);
 
         /* pubkey */
         pkalg = buffer_get_string(&b, NULL);
@@ -109,8 +109,8 @@ valid_request(struct passwd *pw, char *host, Key **ret, u_char *data,
                 fail++;
         else if (key->type != pktype)
                 fail++;
-        xfree(pkalg);
-        xfree(pkblob);
+        free(pkalg);
+        free(pkblob);
 
         /* client host name, handle trailing dot */
         p = buffer_get_string(&b, &len);
@@ -121,14 +121,14 @@ valid_request(struct passwd *pw, char *host, Key **ret, u_char *data,
                 fail++;
         else if (strncasecmp(host, p, len - 1) != 0)
                 fail++;
-        xfree(p);
+        free(p);
 
         /* local user */
         p = buffer_get_string(&b, NULL);
 
         if (strcmp(pw->pw_name, p) != 0)
                 fail++;
-        xfree(p);
+        free(p);
 
         /* end of message */
         if (buffer_len(&b) != 0)
@@ -233,7 +233,7 @@ main(int argc, char **argv)
         data = buffer_get_string(&b, &dlen);
         if (valid_request(pw, host, &key, data, dlen) < 0)
                 fatal("not a valid request");
-        xfree(host);
+        free(host);
 
         found = 0;
         for (i = 0; i < NUM_KEYTYPES; i++) {
@@ -248,7 +248,7 @@ main(int argc, char **argv)
 
         if (key_sign(keys[i], &signature, &slen, data, dlen) != 0)
                 fatal("key_sign failed");
-        xfree(data);
+        free(data);
 
         /* send reply */
         buffer_clear(&b);
diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c
index 82b11daf5..6c9f9d2c1 100644
--- a/ssh-pkcs11-client.c
+++ b/ssh-pkcs11-client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11-client.c,v 1.3 2012/01/16 20:34:09 miod Exp $ */
+/* $OpenBSD: ssh-pkcs11-client.c,v 1.4 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
  *
@@ -121,7 +121,7 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
         buffer_put_string(&msg, blob, blen);
         buffer_put_string(&msg, from, flen);
         buffer_put_int(&msg, 0);
-        xfree(blob);
+        free(blob);
         send_msg(&msg);
         buffer_clear(&msg);
 
@@ -131,7 +131,7 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
                         memcpy(to, signature, slen);
                         ret = slen;
                 }
-                xfree(signature);
+                free(signature);
         }
         buffer_free(&msg);
         return (ret);
@@ -205,11 +205,11 @@ pkcs11_add_provider(char *name, char *pin, Key ***keysp)
                 *keysp = xcalloc(nkeys, sizeof(Key *));
                 for (i = 0; i < nkeys; i++) {
                         blob = buffer_get_string(&msg, &blen);
-                        xfree(buffer_get_string(&msg, NULL));
+                        free(buffer_get_string(&msg, NULL));
                         k = key_from_blob(blob, blen);
                         wrap_key(k->rsa);
                         (*keysp)[i] = k;
-                        xfree(blob);
+                        free(blob);
                 }
         } else {
                 nkeys = -1;
diff --git a/ssh-pkcs11-helper.0 b/ssh-pkcs11-helper.0
index dcfaa222a..d9ea34248 100644
--- a/ssh-pkcs11-helper.0
+++ b/ssh-pkcs11-helper.0
@@ -22,4 +22,4 @@ HISTORY
 AUTHORS
      Markus Friedl <markus@openbsd.org>
 
-OpenBSD 5.3                    February 10, 2010                   OpenBSD 5.3
+OpenBSD 5.4                      July 16, 2013                     OpenBSD 5.4
diff --git a/ssh-pkcs11-helper.8 b/ssh-pkcs11-helper.8
index 9bdaadc01..3728c4e4e 100644
--- a/ssh-pkcs11-helper.8
+++ b/ssh-pkcs11-helper.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-pkcs11-helper.8,v 1.3 2010/02/10 23:20:38 markus Exp $
+.\" $OpenBSD: ssh-pkcs11-helper.8,v 1.4 2013/07/16 00:07:52 schwarze Exp $
 .\"
 .\" Copyright (c) 2010 Markus Friedl.  All rights reserved.
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: February 10 2010 $
+.Dd $Mdocdate: July 16 2013 $
 .Dt SSH-PKCS11-HELPER 8
 .Os
 .Sh NAME
@@ -40,4 +40,4 @@ is not intended to be invoked by the user, but from
 first appeared in
 .Ox 4.7 .
 .Sh AUTHORS
-.An Markus Friedl Aq markus@openbsd.org
+.An Markus Friedl Aq Mt markus@openbsd.org
diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c
index fcb5defc0..39b2e7c56 100644
--- a/ssh-pkcs11-helper.c
+++ b/ssh-pkcs11-helper.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11-helper.c,v 1.4 2012/07/02 12:13:26 dtucker Exp $ */
+/* $OpenBSD: ssh-pkcs11-helper.c,v 1.6 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
  *
@@ -79,7 +79,7 @@ del_keys_by_name(char *name)
                 nxt = TAILQ_NEXT(ki, next);
                 if (!strcmp(ki->providername, name)) {
                         TAILQ_REMOVE(&pkcs11_keylist, ki, next);
-                        xfree(ki->providername);
+                        free(ki->providername);
                         key_free(ki->key);
                         free(ki);
                 }
@@ -130,15 +130,15 @@ process_add(void)
                         key_to_blob(keys[i], &blob, &blen);
                         buffer_put_string(&msg, blob, blen);
                         buffer_put_cstring(&msg, name);
-                        xfree(blob);
+                        free(blob);
                         add_key(keys[i], name);
                 }
-                xfree(keys);
+                free(keys);
         } else {
                 buffer_put_char(&msg, SSH_AGENT_FAILURE);
         }
-        xfree(pin);
-        xfree(name);
+        free(pin);
+        free(name);
         send_msg(&msg);
         buffer_free(&msg);
 }
@@ -157,8 +157,8 @@ process_del(void)
                  buffer_put_char(&msg, SSH_AGENT_SUCCESS);
         else
                  buffer_put_char(&msg, SSH_AGENT_FAILURE);
-        xfree(pin);
-        xfree(name);
+        free(pin);
+        free(name);
         send_msg(&msg);
         buffer_free(&msg);
 }
@@ -195,10 +195,9 @@ process_sign(void)
         } else {
                 buffer_put_char(&msg, SSH_AGENT_FAILURE);
         }
-        xfree(data);
-        xfree(blob);
-        if (signature != NULL)
-                xfree(signature);
+        free(data);
+        free(blob);
+        free(signature);
         send_msg(&msg);
         buffer_free(&msg);
 }
@@ -274,7 +273,6 @@ main(int argc, char **argv)
         LogLevel log_level = SYSLOG_LEVEL_ERROR;
         char buf[4*4096];
 
-        extern char *optarg;
         extern char *__progname;
 
         TAILQ_INIT(&pkcs11_keylist);
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
index 1f4c1c8e4..618c07526 100644
--- a/ssh-pkcs11.c
+++ b/ssh-pkcs11.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11.c,v 1.6 2010/06/08 21:32:19 markus Exp $ */
+/* $OpenBSD: ssh-pkcs11.c,v 1.8 2013/07/12 00:20:00 djm Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
  *
@@ -120,9 +120,9 @@ pkcs11_provider_unref(struct pkcs11_provider *p)
         if (--p->refcount <= 0) {
                 if (p->valid)
                         error("pkcs11_provider_unref: %p still valid", p);
-                xfree(p->slotlist);
-                xfree(p->slotinfo);
-                xfree(p);
+                free(p->slotlist);
+                free(p->slotinfo);
+                free(p);
         }
 }
 
@@ -180,9 +180,8 @@ pkcs11_rsa_finish(RSA *rsa)
                         rv = k11->orig_finish(rsa);
                 if (k11->provider)
                         pkcs11_provider_unref(k11->provider);
-                if (k11->keyid)
-                        xfree(k11->keyid);
-                xfree(k11);
+                free(k11->keyid);
+                free(k11);
         }
         return (rv);
 }
@@ -264,13 +263,13 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
                 pin = read_passphrase(prompt, RP_ALLOW_EOF);
                 if (pin == NULL)
                         return (-1);    /* bail out */
-                if ((rv = f->C_Login(si->session, CKU_USER, pin, strlen(pin)))
-                    != CKR_OK) {
-                        xfree(pin);
+                if ((rv = f->C_Login(si->session, CKU_USER,
+                    (u_char *)pin, strlen(pin))) != CKR_OK) {
+                        free(pin);
                         error("C_Login failed: %lu", rv);
                         return (-1);
                 }
-                xfree(pin);
+                free(pin);
                 si->logged_in = 1;
         }
         key_filter[1].pValue = k11->keyid;
@@ -329,7 +328,7 @@ pkcs11_rsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx,
 
 /* remove trailing spaces */
 static void
-rmspace(char *buf, size_t len)
+rmspace(u_char *buf, size_t len)
 {
         size_t i;
 
@@ -367,8 +366,8 @@ pkcs11_open_session(struct pkcs11_provider *p, CK_ULONG slotidx, char *pin)
                 return (-1);
         }
         if (login_required && pin) {
-                if ((rv = f->C_Login(session, CKU_USER, pin, strlen(pin)))
-                    != CKR_OK) {
+                if ((rv = f->C_Login(session, CKU_USER,
+                    (u_char *)pin, strlen(pin))) != CKR_OK) {
                         error("C_Login failed: %lu", rv);
                         if ((rv = f->C_CloseSession(session)) != CKR_OK)
                                 error("C_CloseSession failed: %lu", rv);
@@ -470,7 +469,7 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, Key ***keysp,
                         }
                 }
                 for (i = 0; i < 3; i++)
-                        xfree(attribs[i].pValue);
+                        free(attribs[i].pValue);
         }
         if ((rv = f->C_FindObjectsFinal(session)) != CKR_OK)
                 error("C_FindObjectsFinal failed: %lu", rv);
@@ -579,11 +578,9 @@ fail:
         if (need_finalize && (rv = f->C_Finalize(NULL)) != CKR_OK)
                 error("C_Finalize failed: %lu", rv);
         if (p) {
-                if (p->slotlist)
-                        xfree(p->slotlist);
-                if (p->slotinfo)
-                        xfree(p->slotinfo);
-                xfree(p);
+                free(p->slotlist);
+                free(p->slotinfo);
+                free(p);
         }
         if (handle)
                 dlclose(handle);
diff --git a/ssh-rsa.c b/ssh-rsa.c
index c6355fa09..30f96abc2 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-rsa.c,v 1.45 2010/08/31 09:58:37 djm Exp $ */
+/* $OpenBSD: ssh-rsa.c,v 1.46 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org>
  *
@@ -72,7 +72,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp,
 
                 error("ssh_rsa_sign: RSA_sign failed: %s",
                     ERR_error_string(ecode, NULL));
-                xfree(sig);
+                free(sig);
                 return -1;
         }
         if (len < slen) {
@@ -82,7 +82,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp,
                 memset(sig, 0, diff);
         } else if (len > slen) {
                 error("ssh_rsa_sign: slen %u slen2 %u", slen, len);
-                xfree(sig);
+                free(sig);
                 return -1;
         }
         /* encode signature */
@@ -98,7 +98,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp,
         }
         buffer_free(&b);
         memset(sig, 's', slen);
-        xfree(sig);
+        free(sig);
 
         return 0;
 }
@@ -131,23 +131,23 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
         if (strcmp("ssh-rsa", ktype) != 0) {
                 error("ssh_rsa_verify: cannot handle type %s", ktype);
                 buffer_free(&b);
-                xfree(ktype);
+                free(ktype);
                 return -1;
         }
-        xfree(ktype);
+        free(ktype);
         sigblob = buffer_get_string(&b, &len);
         rlen = buffer_len(&b);
         buffer_free(&b);
         if (rlen != 0) {
                 error("ssh_rsa_verify: remaining bytes in signature %d", rlen);
-                xfree(sigblob);
+                free(sigblob);
                 return -1;
         }
         /* RSA_verify expects a signature of RSA_size */
         modlen = RSA_size(key->rsa);
         if (len > modlen) {
                 error("ssh_rsa_verify: len %u > modlen %u", len, modlen);
-                xfree(sigblob);
+                free(sigblob);
                 return -1;
         } else if (len < modlen) {
                 u_int diff = modlen - len;
@@ -161,7 +161,7 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
         nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1;
         if ((evp_md = EVP_get_digestbynid(nid)) == NULL) {
                 error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid);
-                xfree(sigblob);
+                free(sigblob);
                 return -1;
         }
         EVP_DigestInit(&md, evp_md);
@@ -171,7 +171,7 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
         ret = openssh_RSA_verify(nid, digest, dlen, sigblob, len, key->rsa);
         memset(digest, 'd', sizeof(digest));
         memset(sigblob, 's', len);
-        xfree(sigblob);
+        free(sigblob);
         debug("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : "");
         return ret;
 }
@@ -262,7 +262,6 @@ openssh_RSA_verify(int type, u_char *hash, u_int hashlen,
         }
         ret = 1;
 done:
-        if (decrypted)
-                xfree(decrypted);
+        free(decrypted);
         return ret;
 }
diff --git a/ssh-vulnkey.c b/ssh-vulnkey.c
index f8125e0bb..ca1a5be74 100644
--- a/ssh-vulnkey.c
+++ b/ssh-vulnkey.c
@@ -94,7 +94,7 @@ describe_key(const char *filename, u_long linenum, const char *msg,
                 printf(":%lu: %s: %s %u %s %s\n", linenum, msg,
                     key_type(key), key_size(key), fp, comment);
         }
-        xfree(fp);
+        free(fp);
 }
 
 static int
@@ -247,8 +247,7 @@ do_filename(const char *filename, int quiet_open)
                                 ret = 0;
                         found = 1;
                 }
-                if (comment)
-                        xfree(comment);
+                free(comment);
         }
 
         return ret;
@@ -282,12 +281,12 @@ do_user(const char *dir)
         for (i = 0; default_files[i]; i++) {
                 xasprintf(&file, "%s/%s", dir, default_files[i]);
                 if (stat(file, &st) < 0 && errno == ENOENT) {
-                        xfree(file);
+                        free(file);
                         continue;
                 }
                 if (!do_filename(file, 0))
                         ret = 0;
-                xfree(file);
+                free(file);
         }
 
         return ret;
diff --git a/ssh.0 b/ssh.0
index f6b642bc8..adc1ee421 100644
--- a/ssh.0
+++ b/ssh.0
@@ -5,11 +5,13 @@ NAME
 
 SYNOPSIS
      ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]
-         [-D [bind_address:]port] [-e escape_char] [-F configfile] [-I pkcs11]
-         [-i identity_file] [-L [bind_address:]port:host:hostport]
-         [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
+         [-D [bind_address:]port] [-E log_file] [-e escape_char]
+         [-F configfile] [-I pkcs11] [-i identity_file]
+         [-L [bind_address:]port:host:hostport] [-l login_name] [-m mac_spec]
+         [-O ctl_cmd] [-o option] [-p port]
          [-R [bind_address:]port:host:hostport] [-S ctl_path] [-W host:port]
          [-w local_tun[:remote_tun]] [user@]hostname [command]
+     ssh -Q protocol_feature
 
 DESCRIPTION
      ssh (SSH client) is a program for logging into a remote machine and for
@@ -102,6 +104,9 @@ DESCRIPTION
              be bound for local use only, while an empty address or `*'
              indicates that the port should be available from all interfaces.
 
+     -E log_file
+             Append debug logs to log_file instead of standard error.
+
      -e escape_char
              Sets the escape character for sessions with a pty (default: `~').
              The escape character is only recognized at the beginning of a
@@ -289,6 +294,14 @@ DESCRIPTION
              Port to connect to on the remote host.  This can be specified on
              a per-host basis in the configuration file.
 
+     -Q protocol_feature
+             Queries ssh for the algorithms supported for the specified
+             version 2 protocol_feature.  The queriable features are:
+             ``cipher'' (supported symmetric ciphers), ``MAC'' (supported
+             message integrity codes), ``KEX'' (key exchange algorithms),
+             ``key'' (key types).  Protocol features are treated case-
+             insensitively.
+
      -q      Quiet mode.  Causes most warning and diagnostic messages to be
              suppressed.
 
@@ -788,7 +801,7 @@ FILES
              This is the per-user configuration file.  The file format and
              configuration options are described in ssh_config(5).  Because of
              the potential for abuse, this file must have strict permissions:
-             read/write for the user, and not accessible by others.
+             read/write for the user, and not writable by others.
 
      ~/.ssh/environment
              Contains additional definitions for environment variables; see
@@ -919,4 +932,4 @@ AUTHORS
      created OpenSSH.  Markus Friedl contributed the support for SSH protocol
      versions 1.5 and 2.0.
 
-OpenBSD 5.3                     October 4, 2012                    OpenBSD 5.3
+OpenBSD 5.4                      July 18, 2013                     OpenBSD 5.4
diff --git a/ssh.1 b/ssh.1
index 5ac75e992..c0cc12f43 100644
--- a/ssh.1
+++ b/ssh.1
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.330 2012/10/04 13:21:50 markus Exp $
-.Dd $Mdocdate: October 4 2012 $
+.\" $OpenBSD: ssh.1,v 1.334 2013/07/18 01:12:26 djm Exp $
+.Dd $Mdocdate: July 18 2013 $
 .Dt SSH 1
 .Os
 .Sh NAME
@@ -47,6 +47,7 @@
 .Op Fl b Ar bind_address
 .Op Fl c Ar cipher_spec
 .Op Fl D Oo Ar bind_address : Oc Ns Ar port
+.Op Fl E Ar log_file
 .Op Fl e Ar escape_char
 .Op Fl F Ar configfile
 .Op Fl I Ar pkcs11
@@ -64,6 +65,8 @@
 .Oo Ar user Ns @ Oc Ns Ar hostname
 .Op Ar command
 .Ek
+.Nm
+.Fl Q Ar protocol_feature
 .Sh DESCRIPTION
 .Nm
 (SSH client) is a program for logging into a remote machine and for
@@ -217,6 +220,10 @@ indicates that the listening port be bound for local use only, while an
 empty address or
 .Sq *
 indicates that the port should be available from all interfaces.
+.It Fl E Ar log_file
+Append debug logs to
+.Ar log_file
+instead of standard error.
 .It Fl e Ar escape_char
 Sets the escape character for sessions with a pty (default:
 .Ql ~ ) .
@@ -482,6 +489,21 @@ For full details of the options listed below, and their possible values, see
 Port to connect to on the remote host.
 This can be specified on a
 per-host basis in the configuration file.
+.It Fl Q Ar protocol_feature
+Queries
+.Nm
+for the algorithms supported for the specified version 2
+.Ar protocol_feature .
+The queriable features are:
+.Dq cipher
+(supported symmetric ciphers),
+.Dq MAC
+(supported message integrity codes),
+.Dq KEX
+(key exchange algorithms),
+.Dq key
+(key types).
+Protocol features are treated case-insensitively.
 .It Fl q
 Quiet mode.
 Causes most warning and diagnostic messages to be suppressed.
@@ -732,9 +754,7 @@ implements public key authentication protocol automatically,
 using one of the DSA, ECDSA or RSA algorithms.
 Protocol 1 is restricted to using only RSA keys,
 but protocol 2 may use any.
-The
-.Sx HISTORY
-section of
+The HISTORY section of
 .Xr ssl 8
 (on non-OpenBSD systems, see
 .nh
@@ -794,9 +814,7 @@ instead of a set of public/private keys,
 signed certificates are used.
 This has the advantage that a single trusted certification authority
 can be used in place of many public/private keys.
-See the
-.Sx CERTIFICATES
-section of
+See the CERTIFICATES section of
 .Xr ssh-keygen 1
 for more information.
 .Pp
@@ -1323,7 +1341,7 @@ This is the per-user configuration file.
 The file format and configuration options are described in
 .Xr ssh_config 5 .
 Because of the potential for abuse, this file must have strict permissions:
-read/write for the user, and not accessible by others.
+read/write for the user, and not writable by others.
 It may be group-writable provided that the group in question contains only
 the user.
 .Pp
diff --git a/ssh.c b/ssh.c
index 19732cb4d..219a46677 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.373 2013/02/22 22:09:01 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.381 2013/07/25 00:29:10 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -197,9 +197,9 @@ usage(void)
 {
         fprintf(stderr,
 "usage: ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]\n"
-"           [-D [bind_address:]port] [-e escape_char] [-F configfile]\n"
-"           [-I pkcs11] [-i identity_file]\n"
-"           [-L [bind_address:]port:host:hostport]\n"
+"           [-D [bind_address:]port] [-E log_file] [-e escape_char]\n"
+"           [-F configfile] [-I pkcs11] [-i identity_file]\n"
+"           [-L [bind_address:]port:host:hostport] [-Q protocol_feature]\n"
 "           [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]\n"
 "           [-R [bind_address:]port:host:hostport] [-S ctl_path]\n"
 "           [-W host:port] [-w local_tun[:remote_tun]]\n"
@@ -226,7 +226,7 @@ tilde_expand_paths(char **paths, u_int num_paths)
 
         for (i = 0; i < num_paths; i++) {
                 cp = tilde_expand_filename(paths[i], original_real_uid);
-                xfree(paths[i]);
+                free(paths[i]);
                 paths[i] = cp;
         }
 }
@@ -238,7 +238,7 @@ int
 main(int ac, char **av)
 {
         int i, r, opt, exit_status, use_syslog;
-        char *p, *cp, *line, *argv0, buf[MAXPATHLEN], *host_arg;
+        char *p, *cp, *line, *argv0, buf[MAXPATHLEN], *host_arg, *logfile;
         char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV];
         struct stat st;
         struct passwd *pw;
@@ -299,7 +299,7 @@ main(int ac, char **av)
         /* Get user data. */
         pw = getpwuid(original_real_uid);
         if (!pw) {
-                logit("You don't exist, go away!");
+                logit("No user exists for uid %lu", (u_long)original_real_uid);
                 exit(255);
         }
         /* Take a copy of the returned structure. */
@@ -322,11 +322,12 @@ main(int ac, char **av)
         /* Parse command-line arguments. */
         host = NULL;
         use_syslog = 0;
+        logfile = NULL;
         argv0 = av[0];
 
  again:
         while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx"
-            "ACD:F:I:KL:MNO:PR:S:TVw:W:XYy")) != -1) {
+            "ACD:E:F:I:KL:MNO:PQ:R:S:TVw:W:XYy")) != -1) {
                 switch (opt) {
                 case '1':
                         options.protocol = SSH_PROTO_1;
@@ -356,6 +357,9 @@ main(int ac, char **av)
                 case 'y':
                         use_syslog = 1;
                         break;
+                case 'E':
+                        logfile = xstrdup(optarg);
+                        break;
                 case 'Y':
                         options.forward_x11 = 1;
                         options.forward_x11_trusted = 1;
@@ -385,6 +389,22 @@ main(int ac, char **av)
                 case 'P':       /* deprecated */
                         options.use_privileged_port = 0;
                         break;
+                case 'Q':       /* deprecated */
+                        cp = NULL;
+                        if (strcasecmp(optarg, "cipher") == 0)
+                                cp = cipher_alg_list();
+                        else if (strcasecmp(optarg, "mac") == 0)
+                                cp = mac_alg_list();
+                        else if (strcasecmp(optarg, "kex") == 0)
+                                cp = kex_alg_list();
+                        else if (strcasecmp(optarg, "key") == 0)
+                                cp = key_alg_list();
+                        if (cp == NULL)
+                                fatal("Unsupported query \"%s\"", optarg);
+                        printf("%s\n", cp);
+                        free(cp);
+                        exit(0);
+                        break;
                 case 'a':
                         options.forward_agent = 0;
                         break;
@@ -427,9 +447,8 @@ main(int ac, char **av)
                         } else {
                                 if (options.log_level < SYSLOG_LEVEL_DEBUG3)
                                         options.log_level++;
-                                break;
                         }
-                        /* FALLTHROUGH */
+                        break;
                 case 'V':
                         fprintf(stderr, "%s, %s\n",
                             SSH_RELEASE, SSLeay_version(SSLEAY_VERSION));
@@ -454,7 +473,7 @@ main(int ac, char **av)
                         if (parse_forward(&fwd, optarg, 1, 0)) {
                                 stdio_forward_host = fwd.listen_host;
                                 stdio_forward_port = fwd.listen_port;
-                                xfree(fwd.connect_host);
+                                free(fwd.connect_host);
                         } else {
                                 fprintf(stderr,
                                     "Bad stdio forwarding specification '%s'\n",
@@ -582,7 +601,7 @@ main(int ac, char **av)
                             line, "command-line", 0, &dummy, SSHCONF_USERCONF)
                             != 0)
                                 exit(255);
-                        xfree(line);
+                        free(line);
                         break;
                 case 's':
                         subsystem_flag = 1;
@@ -663,18 +682,28 @@ main(int ac, char **av)
 
         /*
          * Initialize "log" output.  Since we are the client all output
-         * actually goes to stderr.
+         * goes to stderr unless otherwise specified by -y or -E.
          */
+        if (use_syslog && logfile != NULL)
+                fatal("Can't specify both -y and -E");
+        if (logfile != NULL) {
+                log_redirect_stderr_to(logfile);
+                free(logfile);
+        }
         log_init(argv0,
             options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level,
             SYSLOG_FACILITY_USER, !use_syslog);
 
+        if (debug_flag)
+                logit("%s, %s", SSH_VERSION, SSLeay_version(SSLEAY_VERSION));
+
         /*
          * Read per-user configuration file.  Ignore the system wide config
          * file if the user specifies a config file on the command line.
          */
         if (config != NULL) {
-                if (!read_config_file(config, host, &options, SSHCONF_USERCONF))
+                if (strcasecmp(config, "none") != 0 &&
+                    !read_config_file(config, host, &options, SSHCONF_USERCONF))
                         fatal("Can't open user config file %.100s: "
                             "%.100s", config, strerror(errno));
         } else {
@@ -749,7 +778,7 @@ main(int ac, char **av)
                     "p", portstr, "u", pw->pw_name, "L", shorthost,
                     (char *)NULL);
                 debug3("expanded LocalCommand: %s", options.local_command);
-                xfree(cp);
+                free(cp);
         }
 
         /* force lowercase for hostkey matching */
@@ -761,24 +790,24 @@ main(int ac, char **av)
 
         if (options.proxy_command != NULL &&
             strcmp(options.proxy_command, "none") == 0) {
-                xfree(options.proxy_command);
+                free(options.proxy_command);
                 options.proxy_command = NULL;
         }
         if (options.control_path != NULL &&
             strcmp(options.control_path, "none") == 0) {
-                xfree(options.control_path);
+                free(options.control_path);
                 options.control_path = NULL;
         }
 
         if (options.control_path != NULL) {
                 cp = tilde_expand_filename(options.control_path,
                     original_real_uid);
-                xfree(options.control_path);
+                free(options.control_path);
                 options.control_path = percent_expand(cp, "h", host,
                     "l", thishost, "n", host_arg, "r", options.user,
                     "p", portstr, "u", pw->pw_name, "L", shorthost,
                     (char *)NULL);
-                xfree(cp);
+                free(cp);
         }
         if (muxclient_command != 0 && options.control_path == NULL)
                 fatal("No ControlPath specified for \"-O\" command");
@@ -929,13 +958,11 @@ main(int ac, char **av)
                                 sensitive_data.keys[i] = NULL;
                         }
                 }
-                xfree(sensitive_data.keys);
+                free(sensitive_data.keys);
         }
         for (i = 0; i < options.num_identity_files; i++) {
-                if (options.identity_files[i]) {
-                        xfree(options.identity_files[i]);
-                        options.identity_files[i] = NULL;
-                }
+                free(options.identity_files[i]);
+                options.identity_files[i] = NULL;
                 if (options.identity_keys[i]) {
                         key_free(options.identity_keys[i]);
                         options.identity_keys[i] = NULL;
@@ -995,6 +1022,7 @@ control_persist_detach(void)
                 if (devnull > STDERR_FILENO)
                         close(devnull);
         }
+        daemon(1, 1);
         setproctitle("%s [mux]", options.control_path);
 }
 
@@ -1453,6 +1481,11 @@ ssh_session2(void)
 
         if (!no_shell_flag || (datafellows & SSH_BUG_DUMMYCHAN))
                 id = ssh_session2_open();
+        else {
+                packet_set_interactive(
+                    options.control_master == SSHCTL_MASTER_NO,
+                    options.ip_qos_interactive, options.ip_qos_bulk);
+        }
 
         /* If we don't expect to open a new session, then disallow it */
         if (options.control_master == SSHCTL_MASTER_NO &&
@@ -1525,7 +1558,7 @@ load_public_identity_files(void)
                             xstrdup(options.pkcs11_provider); /* XXX */
                         n_ids++;
                 }
-                xfree(keys);
+                free(keys);
         }
 #endif /* ENABLE_PKCS11 */
         if ((pw = getpwuid(original_real_uid)) == NULL)
@@ -1538,7 +1571,7 @@ load_public_identity_files(void)
         for (i = 0; i < options.num_identity_files; i++) {
                 if (n_ids >= SSH_MAX_IDENTITY_FILES ||
                     strcasecmp(options.identity_files[i], "none") == 0) {
-                        xfree(options.identity_files[i]);
+                        free(options.identity_files[i]);
                         continue;
                 }
                 cp = tilde_expand_filename(options.identity_files[i],
@@ -1546,7 +1579,7 @@ load_public_identity_files(void)
                 filename = percent_expand(cp, "d", pwdir,
                     "u", pwname, "l", thishost, "h", host,
                     "r", options.user, (char *)NULL);
-                xfree(cp);
+                free(cp);
                 public = key_load_public(filename, NULL);
                 debug("identity file %s type %d", filename,
                     public ? public->type : -1);
@@ -1558,15 +1591,15 @@ load_public_identity_files(void)
                                 logit("Public key %s blacklisted (see "
                                     "ssh-vulnkey(1)); refusing to send it",
                                     fp);
-                        xfree(fp);
+                        free(fp);
                         if (!options.use_blacklisted_keys) {
                                 key_free(public);
-                                xfree(filename);
+                                free(filename);
                                 filename = NULL;
                                 public = NULL;
                         }
                 }
-                xfree(options.identity_files[i]);
+                free(options.identity_files[i]);
                 identity_files[n_ids] = filename;
                 identity_keys[n_ids] = public;
 
@@ -1579,14 +1612,14 @@ load_public_identity_files(void)
                 debug("identity file %s type %d", cp,
                     public ? public->type : -1);
                 if (public == NULL) {
-                        xfree(cp);
+                        free(cp);
                         continue;
                 }
                 if (!key_is_cert(public)) {
                         debug("%s: key %s type %s is not a certificate",
                             __func__, cp, key_type(public));
                         key_free(public);
-                        xfree(cp);
+                        free(cp);
                         continue;
                 }
                 identity_keys[n_ids] = public;
@@ -1599,9 +1632,9 @@ load_public_identity_files(void)
         memcpy(options.identity_keys, identity_keys, sizeof(identity_keys));
 
         bzero(pwname, strlen(pwname));
-        xfree(pwname);
+        free(pwname);
         bzero(pwdir, strlen(pwdir));
-        xfree(pwdir);
+        free(pwdir);
 }
 
 static void
diff --git a/ssh_config b/ssh_config
index 4281e7317..064b59359 100644
--- a/ssh_config
+++ b/ssh_config
@@ -1,4 +1,4 @@
-#       $OpenBSD: ssh_config,v 1.26 2010/01/11 01:39:46 dtucker Exp $
+#       $OpenBSD: ssh_config,v 1.27 2013/05/16 02:00:34 dtucker Exp $
 
 # This is the ssh client system-wide configuration file.  See
 # ssh_config(5) for more information.  This file provides defaults for
@@ -48,6 +48,7 @@ Host *
 #   PermitLocalCommand no
 #   VisualHostKey no
 #   ProxyCommand ssh -q -W %h:%p gateway.example.com
+#   RekeyLimit 1G 1h
     SendEnv LANG LC_*
     HashKnownHosts yes
     GSSAPIAuthentication yes
diff --git a/ssh_config.0 b/ssh_config.0
index 164d11817..bd9e1ad51 100644
--- a/ssh_config.0
+++ b/ssh_config.0
@@ -369,9 +369,9 @@ DESCRIPTION
              for protocol version 1, and ~/.ssh/id_dsa, ~/.ssh/id_ecdsa and
              ~/.ssh/id_rsa for protocol version 2.  Additionally, any
              identities represented by the authentication agent will be used
-             for authentication.  ssh(1) will try to load certificate
-             information from the filename obtained by appending -cert.pub to
-             the path of a specified IdentityFile.
+             for authentication unless IdentitiesOnly is set.  ssh(1) will try
+             to load certificate information from the filename obtained by
+             appending -cert.pub to the path of a specified IdentityFile.
 
              The file name may use the tilde syntax to refer to a user's home
              directory or one of the following escape characters: `%d' (local
@@ -384,6 +384,18 @@ DESCRIPTION
              of identities tried (this behaviour differs from that of other
              configuration directives).
 
+             IdentityFile may be used in conjunction with IdentitiesOnly to
+             select which identities in an agent are offered during
+             authentication.
+
+     IgnoreUnknown
+             Specifies a pattern-list of unknown options to be ignored if they
+             are encountered in configuration parsing.  This may be used to
+             suppress errors if ssh_config contains options that are
+             unrecognised by ssh(1).  It is recommended that IgnoreUnknown be
+             listed early in the configuration file as it will not be applied
+             to unknown options that appear before it.
+
      IPQoS   Specifies the IPv4 type-of-service or DSCP class for connections.
              Accepted values are ``af11'', ``af12'', ``af13'', ``af21'',
              ``af22'', ``af23'', ``af31'', ``af32'', ``af33'', ``af41'',
@@ -552,11 +564,18 @@ DESCRIPTION
 
      RekeyLimit
              Specifies the maximum amount of data that may be transmitted
-             before the session key is renegotiated.  The argument is the
-             number of bytes, with an optional suffix of `K', `M', or `G' to
-             indicate Kilobytes, Megabytes, or Gigabytes, respectively.  The
-             default is between `1G' and `4G', depending on the cipher.  This
-             option applies to protocol version 2 only.
+             before the session key is renegotiated, optionally followed a
+             maximum amount of time that may pass before the session key is
+             renegotiated.  The first argument is specified in bytes and may
+             have a suffix of `K', `M', or `G' to indicate Kilobytes,
+             Megabytes, or Gigabytes, respectively.  The default is between
+             `1G' and `4G', depending on the cipher.  The optional second
+             value is specified in seconds and may use any of the units
+             documented in the TIME FORMATS section of sshd_config(5).  The
+             default value for RekeyLimit is ``default none'', which means
+             that rekeying is performed after the cipher's default amount of
+             data has been sent or received and no time based rekeying is
+             done.  This option applies to protocol version 2 only.
 
      RemoteForward
              Specifies that a TCP port on the remote machine be forwarded over
@@ -773,4 +792,4 @@ AUTHORS
      created OpenSSH.  Markus Friedl contributed the support for SSH protocol
      versions 1.5 and 2.0.
 
-OpenBSD 5.3                     January 8, 2013                    OpenBSD 5.3
+OpenBSD 5.4                      June 27, 2013                     OpenBSD 5.4
diff --git a/ssh_config.5 b/ssh_config.5
index fa852acb1..127540a60 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.161 2013/01/08 18:49:04 markus Exp $
-.Dd $Mdocdate: January 8 2013 $
+.\" $OpenBSD: ssh_config.5,v 1.166 2013/06/27 14:05:37 jmc Exp $
+.Dd $Mdocdate: June 27 2013 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -494,8 +494,7 @@ option is also enabled.
 .It Cm ForwardX11Timeout
 Specify a timeout for untrusted X11 forwarding
 using the format described in the
-.Sx TIME FORMATS
-section of
+TIME FORMATS section of
 .Xr sshd_config 5 .
 X11 connections received by
 .Xr ssh 1
@@ -684,7 +683,9 @@ and
 .Pa ~/.ssh/id_rsa
 for protocol version 2.
 Additionally, any identities represented by the authentication agent
-will be used for authentication.
+will be used for authentication unless
+.Cm IdentitiesOnly
+is set.
 .Xr ssh 1
 will try to load certificate information from the filename obtained by
 appending
@@ -713,6 +714,22 @@ Multiple
 .Cm IdentityFile
 directives will add to the list of identities tried (this behaviour
 differs from that of other configuration directives).
+.Pp
+.Cm IdentityFile
+may be used in conjunction with
+.Cm IdentitiesOnly
+to select which identities in an agent are offered during authentication.
+.It Cm IgnoreUnknown
+Specifies a pattern-list of unknown options to be ignored if they are
+encountered in configuration parsing.
+This may be used to suppress errors if
+.Nm
+contains options that are unrecognised by
+.Xr ssh 1 .
+It is recommended that
+.Cm IgnoreUnknown
+be listed early in the configuration file as it will not be applied
+to unknown options that appear before it.
 .It Cm IPQoS
 Specifies the IPv4 type-of-service or DSCP class for connections.
 Accepted values are
@@ -987,8 +1004,9 @@ The default is
 This option applies to protocol version 2 only.
 .It Cm RekeyLimit
 Specifies the maximum amount of data that may be transmitted before the
-session key is renegotiated.
-The argument is the number of bytes, with an optional suffix of
+session key is renegotiated, optionally followed a maximum amount of
+time that may pass before the session key is renegotiated.
+The first argument is specified in bytes and may have a suffix of
 .Sq K ,
 .Sq M ,
 or
@@ -999,6 +1017,16 @@ The default is between
 and
 .Sq 4G ,
 depending on the cipher.
+The optional second value is specified in seconds and may use any of the
+units documented in the
+TIME FORMATS section of
+.Xr sshd_config 5 .
+The default value for
+.Cm RekeyLimit
+is
+.Dq default none ,
+which means that rekeying is performed after the cipher's default amount
+of data has been sent or received and no time based rekeying is done.
 This option applies to protocol version 2 only.
 .It Cm RemoteForward
 Specifies that a TCP port on the remote machine be forwarded over
@@ -1310,9 +1338,7 @@ The default is
 .Dq no .
 Note that this option applies to protocol version 2 only.
 .Pp
-See also
-.Sx VERIFYING HOST KEYS
-in
+See also VERIFYING HOST KEYS in
 .Xr ssh 1 .
 .It Cm VisualHostKey
 If this flag is set to
diff --git a/sshconnect.c b/sshconnect.c
index 1fa1d5963..ad960fdbf 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.237 2013/02/22 19:13:56 markus Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.238 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -112,7 +112,7 @@ ssh_proxy_connect(const char *host, u_short port, const char *proxy_command)
         xasprintf(&tmp, "exec %s", proxy_command);
         command_string = percent_expand(tmp, "h", host, "p", strport,
             "r", options.user, (char *)NULL);
-        xfree(tmp);
+        free(tmp);
 
         /* Create pipes for communicating with the proxy. */
         if (pipe(pin) < 0 || pipe(pout) < 0)
@@ -166,7 +166,7 @@ ssh_proxy_connect(const char *host, u_short port, const char *proxy_command)
         close(pout[1]);
 
         /* Free the command name. */
-        xfree(command_string);
+        free(command_string);
 
         /* Set the connection file descriptors. */
         packet_set_connection(pout[0], pin[1]);
@@ -315,7 +315,7 @@ timeout_connect(int sockfd, const struct sockaddr *serv_addr,
                 fatal("Bogus return (%d) from select()", rc);
         }
 
-        xfree(fdset);
+        free(fdset);
 
  done:
         if (result == 0 && *timeoutp > 0) {
@@ -534,7 +534,7 @@ ssh_exchange_identification(int timeout_ms)
                 debug("ssh_exchange_identification: %s", buf);
         }
         server_version_string = xstrdup(buf);
-        xfree(fdset);
+        free(fdset);
 
         /*
          * Check that the versions match.  In future this might accept
@@ -610,8 +610,7 @@ confirm(const char *prompt)
                         ret = 0;
                 if (p && strncasecmp(p, "yes", 3) == 0)
                         ret = 1;
-                if (p)
-                        xfree(p);
+                free(p);
                 if (ret != -1)
                         return ret;
         }
@@ -835,8 +834,8 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
                         ra = key_fingerprint(host_key, SSH_FP_MD5,
                             SSH_FP_RANDOMART);
                         logit("Host key fingerprint is %s\n%s\n", fp, ra);
-                        xfree(ra);
-                        xfree(fp);
+                        free(ra);
+                        free(fp);
                 }
                 break;
         case HOST_NEW:
@@ -896,8 +895,8 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
                             options.visual_host_key ? "\n" : "",
                             options.visual_host_key ? ra : "",
                             msg2);
-                        xfree(ra);
-                        xfree(fp);
+                        free(ra);
+                        free(fp);
                         if (!confirm(msg))
                                 goto fail;
                 }
@@ -1103,8 +1102,8 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
                 }
         }
 
-        xfree(ip);
-        xfree(host);
+        free(ip);
+        free(host);
         if (host_hostkeys != NULL)
                 free_hostkeys(host_hostkeys);
         if (ip_hostkeys != NULL)
@@ -1126,8 +1125,8 @@ fail:
         }
         if (raw_key != NULL)
                 key_free(raw_key);
-        xfree(ip);
-        xfree(host);
+        free(ip);
+        free(host);
         if (host_hostkeys != NULL)
                 free_hostkeys(host_hostkeys);
         if (ip_hostkeys != NULL)
@@ -1144,7 +1143,7 @@ verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key)
 
         fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
         debug("Server host key: %s %s", key_type(host_key), fp);
-        xfree(fp);
+        free(fp);
 
         /* XXX certs are not yet supported for DNS */
         if (!key_is_cert(host_key) && options.verify_host_key_dns &&
@@ -1209,7 +1208,7 @@ ssh_login(Sensitive *sensitive, const char *orighost,
                 ssh_kex(host, hostaddr);
                 ssh_userauth1(local_user, server_user, host, sensitive);
         }
-        xfree(local_user);
+        free(local_user);
 }
 
 void
@@ -1227,7 +1226,7 @@ ssh_put_password(char *password)
         strlcpy(padded, password, size);
         packet_put_string(padded, size);
         memset(padded, 0, size);
-        xfree(padded);
+        free(padded);
 }
 
 /* print all known host keys for a given host, but skip keys of given type */
@@ -1254,8 +1253,8 @@ show_other_keys(struct hostkeys *hostkeys, Key *key)
                     key_type(found->key), fp);
                 if (options.visual_host_key)
                         logit("%s", ra);
-                xfree(ra);
-                xfree(fp);
+                free(ra);
+                free(fp);
                 ret = 1;
         }
         return ret;
@@ -1278,7 +1277,7 @@ warn_changed_key(Key *host_key)
             key_type(host_key), fp);
         error("Please contact your system administrator.");
 
-        xfree(fp);
+        free(fp);
 }
 
 /*
diff --git a/sshconnect1.c b/sshconnect1.c
index fd07bbf74..d285e23c0 100644
--- a/sshconnect1.c
+++ b/sshconnect1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect1.c,v 1.70 2006/11/06 21:25:28 markus Exp $ */
+/* $OpenBSD: sshconnect1.c,v 1.71 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -84,7 +84,7 @@ try_agent_authentication(void)
 
                 /* Try this identity. */
                 debug("Trying RSA authentication via agent with '%.100s'", comment);
-                xfree(comment);
+                free(comment);
 
                 /* Tell the server that we are willing to authenticate using this key. */
                 packet_start(SSH_CMSG_AUTH_RSA);
@@ -231,7 +231,7 @@ try_rsa_authentication(int idx)
          */
         if (type == SSH_SMSG_FAILURE) {
                 debug("Server refused our key.");
-                xfree(comment);
+                free(comment);
                 return 0;
         }
         /* Otherwise, the server should respond with a challenge. */
@@ -270,14 +270,14 @@ try_rsa_authentication(int idx)
                                 quit = 1;
                         }
                         memset(passphrase, 0, strlen(passphrase));
-                        xfree(passphrase);
+                        free(passphrase);
                         if (private != NULL || quit)
                                 break;
                         debug2("bad passphrase given, try again...");
                 }
         }
         /* We no longer need the comment. */
-        xfree(comment);
+        free(comment);
 
         if (private == NULL) {
                 if (!options.batch_mode && perm_ok)
@@ -412,7 +412,7 @@ try_challenge_response_authentication(void)
                 packet_check_eom();
                 snprintf(prompt, sizeof prompt, "%s%s", challenge,
                     strchr(challenge, '\n') ? "" : "\nResponse: ");
-                xfree(challenge);
+                free(challenge);
                 if (i != 0)
                         error("Permission denied, please try again.");
                 if (options.cipher == SSH_CIPHER_NONE)
@@ -420,13 +420,13 @@ try_challenge_response_authentication(void)
                             "Response will be transmitted in clear text.");
                 response = read_passphrase(prompt, 0);
                 if (strcmp(response, "") == 0) {
-                        xfree(response);
+                        free(response);
                         break;
                 }
                 packet_start(SSH_CMSG_AUTH_TIS_RESPONSE);
                 ssh_put_password(response);
                 memset(response, 0, strlen(response));
-                xfree(response);
+                free(response);
                 packet_send();
                 packet_write_wait();
                 type = packet_read();
@@ -459,7 +459,7 @@ try_password_authentication(char *prompt)
                 packet_start(SSH_CMSG_AUTH_PASSWORD);
                 ssh_put_password(password);
                 memset(password, 0, strlen(password));
-                xfree(password);
+                free(password);
                 packet_send();
                 packet_write_wait();
 
diff --git a/sshconnect2.c b/sshconnect2.c
index 77b02e3bf..93818c991 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.192 2013/02/17 23:16:57 dtucker Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.198 2013/06/05 12:52:38 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -146,10 +146,10 @@ order_hostkeyalgs(char *host, struct sockaddr *hostaddr, u_short port)
         if (*first != '\0')
                 debug3("%s: prefer hostkeyalgs: %s", __func__, first);
 
-        xfree(first);
-        xfree(last);
-        xfree(hostname);
-        xfree(oavail);
+        free(first);
+        free(last);
+        free(hostname);
+        free(oavail);
         free_hostkeys(hostkeys);
 
         return ret;
@@ -229,12 +229,13 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
                 orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS];
                 xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS], 
                     "%s,null", orig);
-                xfree(gss);
+                free(gss);
         }
 #endif
 
-        if (options.rekey_limit)
-                packet_set_rekey_limit((u_int32_t)options.rekey_limit);
+        if (options.rekey_limit || options.rekey_interval)
+                packet_set_rekey_limits((u_int32_t)options.rekey_limit,
+                    (time_t)options.rekey_interval);
 
         /* start key exchange */
         kex = kex_setup(myproposal);
@@ -445,7 +446,7 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
         if (packet_remaining() > 0) {
                 char *reply = packet_get_string(NULL);
                 debug2("service_accept: %s", reply);
-                xfree(reply);
+                free(reply);
         } else {
                 debug2("buggy server: service_accept w/o service");
         }
@@ -492,15 +493,12 @@ userauth(Authctxt *authctxt, char *authlist)
         if (authctxt->method != NULL && authctxt->method->cleanup != NULL)
                 authctxt->method->cleanup(authctxt);
 
-        if (authctxt->methoddata) {
-                xfree(authctxt->methoddata);
-                authctxt->methoddata = NULL;
-        }
+        free(authctxt->methoddata);
+        authctxt->methoddata = NULL;
         if (authlist == NULL) {
                 authlist = authctxt->authlist;
         } else {
-                if (authctxt->authlist)
-                        xfree(authctxt->authlist);
+                free(authctxt->authlist);
                 authctxt->authlist = authlist;
         }
         for (;;) {
@@ -548,10 +546,10 @@ input_userauth_banner(int type, u_int32_t seq, void *ctxt)
                 msg = xmalloc(len * 4 + 1); /* max expansion from strnvis() */
                 strnvis(msg, raw, len * 4 + 1, VIS_SAFE|VIS_OCTAL|VIS_NOSLASH);
                 fprintf(stderr, "%s", msg);
-                xfree(msg);
+                free(msg);
         }
-        xfree(raw);
-        xfree(lang);
+        free(raw);
+        free(lang);
 }
 
 /* ARGSUSED */
@@ -562,16 +560,12 @@ input_userauth_success(int type, u_int32_t seq, void *ctxt)
 
         if (authctxt == NULL)
                 fatal("input_userauth_success: no authentication context");
-        if (authctxt->authlist) {
-                xfree(authctxt->authlist);
-                authctxt->authlist = NULL;
-        }
+        free(authctxt->authlist);
+        authctxt->authlist = NULL;
         if (authctxt->method != NULL && authctxt->method->cleanup != NULL)
                 authctxt->method->cleanup(authctxt);
-        if (authctxt->methoddata) {
-                xfree(authctxt->methoddata);
-                authctxt->methoddata = NULL;
-        }
+        free(authctxt->methoddata);
+        authctxt->methoddata = NULL;
         authctxt->success = 1;                  /* break out */
 }
 
@@ -602,8 +596,12 @@ input_userauth_failure(int type, u_int32_t seq, void *ctxt)
         partial = packet_get_char();
         packet_check_eom();
 
-        if (partial != 0)
+        if (partial != 0) {
                 logit("Authenticated with partial success.");
+                /* reset state */
+                pubkey_cleanup(authctxt);
+                pubkey_prepare(authctxt);
+        }
         debug("Authentications that can continue: %s", authlist);
 
         userauth(authctxt, authlist);
@@ -656,7 +654,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt)
         }
         fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
         debug2("input_userauth_pk_ok: fp %s", fp);
-        xfree(fp);
+        free(fp);
 
         /*
          * search keys in the reverse order, because last candidate has been
@@ -672,8 +670,8 @@ input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt)
 done:
         if (key != NULL)
                 key_free(key);
-        xfree(pkalg);
-        xfree(pkblob);
+        free(pkalg);
+        free(pkblob);
 
         /* try another method if we did not send a packet */
         if (sent == 0)
@@ -823,7 +821,7 @@ input_gssapi_response(int type, u_int32_t plen, void *ctxt)
         if (oidlen <= 2 ||
             oidv[0] != SSH_GSS_OIDTYPE ||
             oidv[1] != oidlen - 2) {
-                xfree(oidv);
+                free(oidv);
                 debug("Badly encoded mechanism OID received");
                 userauth(authctxt, NULL);
                 return;
@@ -834,7 +832,7 @@ input_gssapi_response(int type, u_int32_t plen, void *ctxt)
 
         packet_check_eom();
 
-        xfree(oidv);
+        free(oidv);
 
         if (GSS_ERROR(process_gssapi_token(ctxt, GSS_C_NO_BUFFER))) {
                 /* Start again with next method on list */
@@ -863,7 +861,7 @@ input_gssapi_token(int type, u_int32_t plen, void *ctxt)
 
         status = process_gssapi_token(ctxt, &recv_tok);
 
-        xfree(recv_tok.value);
+        free(recv_tok.value);
 
         if (GSS_ERROR(status)) {
                 /* Start again with the next method in the list */
@@ -880,7 +878,7 @@ input_gssapi_errtok(int type, u_int32_t plen, void *ctxt)
         Gssctxt *gssctxt;
         gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
         gss_buffer_desc recv_tok;
-        OM_uint32 status, ms;
+        OM_uint32 ms;
         u_int len;
 
         if (authctxt == NULL)
@@ -893,10 +891,10 @@ input_gssapi_errtok(int type, u_int32_t plen, void *ctxt)
         packet_check_eom();
 
         /* Stick it into GSSAPI and see what it says */
-        status = ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds,
+        (void)ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds,
             &recv_tok, &send_tok, NULL);
 
-        xfree(recv_tok.value);
+        free(recv_tok.value);
         gss_release_buffer(&ms, &send_tok);
 
         /* Server will be returning a failed packet after this one */
@@ -906,20 +904,19 @@ input_gssapi_errtok(int type, u_int32_t plen, void *ctxt)
 void
 input_gssapi_error(int type, u_int32_t plen, void *ctxt)
 {
-        OM_uint32 maj, min;
         char *msg;
         char *lang;
 
-        maj=packet_get_int();
-        min=packet_get_int();
+        /* maj */(void)packet_get_int();
+        /* min */(void)packet_get_int();
         msg=packet_get_string(NULL);
         lang=packet_get_string(NULL);
 
         packet_check_eom();
 
         debug("Server GSSAPI Error:\n%s", msg);
-        xfree(msg);
-        xfree(lang);
+        free(msg);
+        free(lang);
 }
 
 int
@@ -1002,7 +999,7 @@ userauth_passwd(Authctxt *authctxt)
         packet_put_char(0);
         packet_put_cstring(password);
         memset(password, 0, strlen(password));
-        xfree(password);
+        free(password);
         packet_add_padding(64);
         packet_send();
 
@@ -1035,8 +1032,8 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt)
         lang = packet_get_string(NULL);
         if (strlen(info) > 0)
                 logit("%s", info);
-        xfree(info);
-        xfree(lang);
+        free(info);
+        free(lang);
         packet_start(SSH2_MSG_USERAUTH_REQUEST);
         packet_put_cstring(authctxt->server_user);
         packet_put_cstring(authctxt->service);
@@ -1048,7 +1045,7 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt)
         password = read_passphrase(prompt, 0);
         packet_put_cstring(password);
         memset(password, 0, strlen(password));
-        xfree(password);
+        free(password);
         password = NULL;
         while (password == NULL) {
                 snprintf(prompt, sizeof(prompt),
@@ -1065,16 +1062,16 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt)
                 retype = read_passphrase(prompt, 0);
                 if (strcmp(password, retype) != 0) {
                         memset(password, 0, strlen(password));
-                        xfree(password);
+                        free(password);
                         logit("Mismatch; try again, EOF to quit.");
                         password = NULL;
                 }
                 memset(retype, 0, strlen(retype));
-                xfree(retype);
+                free(retype);
         }
         packet_put_cstring(password);
         memset(password, 0, strlen(password));
-        xfree(password);
+        free(password);
         packet_add_padding(64);
         packet_send();
 
@@ -1129,13 +1126,13 @@ jpake_password_to_secret(Authctxt *authctxt, const char *crypt_scheme,
 
         bzero(password, strlen(password));
         bzero(crypted, strlen(crypted));
-        xfree(password);
-        xfree(crypted);
+        free(password);
+        free(crypted);
 
         if ((ret = BN_bin2bn(secret, secret_len, NULL)) == NULL)
                 fatal("%s: BN_bin2bn (secret)", __func__);
         bzero(secret, secret_len);
-        xfree(secret);
+        free(secret);
 
         return ret;
 }
@@ -1173,8 +1170,8 @@ input_userauth_jpake_server_step1(int type, u_int32_t seq, void *ctxt)
         pctx->s = jpake_password_to_secret(authctxt, crypt_scheme, salt);
         bzero(crypt_scheme, strlen(crypt_scheme));
         bzero(salt, strlen(salt));
-        xfree(crypt_scheme);
-        xfree(salt);
+        free(crypt_scheme);
+        free(salt);
         JPAKE_DEBUG_BN((pctx->s, "%s: s = ", __func__));
 
         /* Calculate step 2 values */
@@ -1189,8 +1186,8 @@ input_userauth_jpake_server_step1(int type, u_int32_t seq, void *ctxt)
 
         bzero(x3_proof, x3_proof_len);
         bzero(x4_proof, x4_proof_len);
-        xfree(x3_proof);
-        xfree(x4_proof);
+        free(x3_proof);
+        free(x4_proof);
 
         JPAKE_DEBUG_CTX((pctx, "step 2 sending in %s", __func__));
 
@@ -1201,7 +1198,7 @@ input_userauth_jpake_server_step1(int type, u_int32_t seq, void *ctxt)
         packet_send();
 
         bzero(x2_s_proof, x2_s_proof_len);
-        xfree(x2_s_proof);
+        free(x2_s_proof);
 
         /* Expect step 2 packet from peer */
         dispatch_set(SSH2_MSG_USERAUTH_JPAKE_SERVER_STEP2,
@@ -1241,7 +1238,7 @@ input_userauth_jpake_server_step2(int type, u_int32_t seq, void *ctxt)
             &pctx->h_k_cid_sessid, &pctx->h_k_cid_sessid_len);
 
         bzero(x4_s_proof, x4_s_proof_len);
-        xfree(x4_s_proof);
+        free(x4_s_proof);
 
         JPAKE_DEBUG_CTX((pctx, "confirm sending in %s", __func__));
 
@@ -1323,7 +1320,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id)
 
         fp = key_fingerprint(id->key, SSH_FP_MD5, SSH_FP_HEX);
         debug3("sign_and_send_pubkey: %s %s", key_type(id->key), fp);
-        xfree(fp);
+        free(fp);
 
         if (key_to_blob(id->key, &blob, &bloblen) == 0) {
                 /* we cannot handle this key */
@@ -1358,7 +1355,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id)
         ret = identity_sign(id, &signature, &slen,
             buffer_ptr(&b), buffer_len(&b));
         if (ret == -1) {
-                xfree(blob);
+                free(blob);
                 buffer_free(&b);
                 return 0;
         }
@@ -1378,11 +1375,11 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id)
                         buffer_put_cstring(&b, key_ssh_name(id->key));
                 buffer_put_string(&b, blob, bloblen);
         }
-        xfree(blob);
+        free(blob);
 
         /* append signature */
         buffer_put_string(&b, signature, slen);
-        xfree(signature);
+        free(signature);
 
         /* skip session id and packet type */
         if (buffer_len(&b) < skip + 1)
@@ -1422,7 +1419,7 @@ send_pubkey_test(Authctxt *authctxt, Identity *id)
         if (!(datafellows & SSH_BUG_PKAUTH))
                 packet_put_cstring(key_ssh_name(id->key));
         packet_put_string(blob, bloblen);
-        xfree(blob);
+        free(blob);
         packet_send();
         return 1;
 }
@@ -1441,8 +1438,11 @@ load_identity_file(char *filename, int userprovided)
                 return NULL;
         }
         private = key_load_private_type(KEY_UNSPEC, filename, "", NULL, &perm_ok);
-        if (!perm_ok)
+        if (!perm_ok) {
+                if (private != NULL)
+                        key_free(private);
                 return NULL;
+        }
         if (private == NULL) {
                 if (options.batch_mode)
                         return NULL;
@@ -1459,7 +1459,7 @@ load_identity_file(char *filename, int userprovided)
                                 quit = 1;
                         }
                         memset(passphrase, 0, strlen(passphrase));
-                        xfree(passphrase);
+                        free(passphrase);
                         if (private != NULL || quit)
                                 break;
                         debug2("bad passphrase given, try again...");
@@ -1524,7 +1524,7 @@ pubkey_prepare(Authctxt *authctxt)
                 /* If IdentitiesOnly set and key not found then don't use it */
                 if (!found && options.identities_only) {
                         TAILQ_REMOVE(&files, id, next);
-                        bzero(id, sizeof(id));
+                        bzero(id, sizeof(*id));
                         free(id);
                 }
         }
@@ -1538,7 +1538,7 @@ pubkey_prepare(Authctxt *authctxt)
                                 /* agent keys from the config file are preferred */
                                 if (key_equal(key, id->key)) {
                                         key_free(key);
-                                        xfree(comment);
+                                        free(comment);
                                         TAILQ_REMOVE(&files, id, next);
                                         TAILQ_INSERT_TAIL(preferred, id, next);
                                         id->ac = ac;
@@ -1584,9 +1584,8 @@ pubkey_cleanup(Authctxt *authctxt)
                 TAILQ_REMOVE(&authctxt->keys, id, next);
                 if (id->key)
                         key_free(id->key);
-                if (id->filename)
-                        xfree(id->filename);
-                xfree(id);
+                free(id->filename);
+                free(id);
         }
 }
 
@@ -1684,9 +1683,9 @@ input_userauth_info_req(int type, u_int32_t seq, void *ctxt)
                 logit("%s", name);
         if (strlen(inst) > 0)
                 logit("%s", inst);
-        xfree(name);
-        xfree(inst);
-        xfree(lang);
+        free(name);
+        free(inst);
+        free(lang);
 
         num_prompts = packet_get_int();
         /*
@@ -1707,8 +1706,8 @@ input_userauth_info_req(int type, u_int32_t seq, void *ctxt)
 
                 packet_put_cstring(response);
                 memset(response, 0, strlen(response));
-                xfree(response);
-                xfree(prompt);
+                free(response);
+                free(prompt);
         }
         packet_check_eom(); /* done with parsing incoming message. */
 
@@ -1828,12 +1827,12 @@ userauth_hostbased(Authctxt *authctxt)
         if (p == NULL) {
                 error("userauth_hostbased: cannot get local ipaddr/name");
                 key_free(private);
-                xfree(blob);
+                free(blob);
                 return 0;
         }
         xasprintf(&chost, "%s.", p);
         debug2("userauth_hostbased: chost %s", chost);
-        xfree(p);
+        free(p);
 
         service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" :
             authctxt->service;
@@ -1862,9 +1861,9 @@ userauth_hostbased(Authctxt *authctxt)
         buffer_free(&b);
         if (ok != 0) {
                 error("key_sign failed");
-                xfree(chost);
-                xfree(pkalg);
-                xfree(blob);
+                free(chost);
+                free(pkalg);
+                free(blob);
                 return 0;
         }
         packet_start(SSH2_MSG_USERAUTH_REQUEST);
@@ -1877,10 +1876,10 @@ userauth_hostbased(Authctxt *authctxt)
         packet_put_cstring(authctxt->local_user);
         packet_put_string(signature, slen);
         memset(signature, 's', slen);
-        xfree(signature);
-        xfree(chost);
-        xfree(pkalg);
-        xfree(blob);
+        free(signature);
+        free(chost);
+        free(pkalg);
+        free(blob);
 
         packet_send();
         return 1;
@@ -1935,8 +1934,8 @@ userauth_jpake(Authctxt *authctxt)
 
         bzero(x1_proof, x1_proof_len);
         bzero(x2_proof, x2_proof_len);
-        xfree(x1_proof);
-        xfree(x2_proof);
+        free(x1_proof);
+        free(x2_proof);
 
         /* Expect step 1 packet from peer */
         dispatch_set(SSH2_MSG_USERAUTH_JPAKE_SERVER_STEP1,
@@ -2013,8 +2012,7 @@ authmethod_get(char *authlist)
 
         if (supported == NULL || strcmp(authlist, supported) != 0) {
                 debug3("start over, passed a different list %s", authlist);
-                if (supported != NULL)
-                        xfree(supported);
+                free(supported);
                 supported = xstrdup(authlist);
                 preferred = options.preferred_authentications;
                 debug3("preferred %s", preferred);
@@ -2035,9 +2033,10 @@ authmethod_get(char *authlist)
                     authmethod_is_enabled(current)) {
                         debug3("authmethod_is_enabled %s", name);
                         debug("Next authentication method: %s", name);
-                        xfree(name);
+                        free(name);
                         return current;
                 }
+                free(name);
         }
 }
 
diff --git a/sshd.0 b/sshd.0
index 83f9a881b..c48b987f9 100644
--- a/sshd.0
+++ b/sshd.0
@@ -5,8 +5,9 @@ NAME
 
 SYNOPSIS
      sshd [-46DdeiqTt] [-b bits] [-C connection_spec]
-          [-c host_certificate_file] [-f config_file] [-g login_grace_time]
-          [-h host_key_file] [-k key_gen_time] [-o option] [-p port] [-u len]
+          [-c host_certificate_file] [-E log_file] [-f config_file]
+          [-g login_grace_time] [-h host_key_file] [-k key_gen_time]
+          [-o option] [-p port] [-u len]
 
 DESCRIPTION
      sshd (OpenSSH Daemon) is the daemon program for ssh(1).  Together these
@@ -60,8 +61,10 @@ DESCRIPTION
              option is only intended for debugging for the server.  Multiple
              -d options increase the debugging level.  Maximum is 3.
 
-     -e      When this option is specified, sshd will send the output to the
-             standard error instead of the system log.
+     -E log_file
+             Append debug logs to log_file instead of the system log.
+
+     -e      Write debug logs to standard error instead of the system log.
 
      -f config_file
              Specifies the name of the configuration file.  The default is
@@ -634,4 +637,4 @@ CAVEATS
      System security is not improved unless rshd, rlogind, and rexecd are
      disabled (thus completely disabling rlogin and rsh into the machine).
 
-OpenBSD 5.3                     October 4, 2012                    OpenBSD 5.3
+OpenBSD 5.4                      June 27, 2013                     OpenBSD 5.4
diff --git a/sshd.8 b/sshd.8
index e7ec82e64..b91f08cff 100644
--- a/sshd.8
+++ b/sshd.8
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.267 2012/10/04 13:21:50 markus Exp $
-.Dd $Mdocdate: October 4 2012 $
+.\" $OpenBSD: sshd.8,v 1.270 2013/06/27 14:05:37 jmc Exp $
+.Dd $Mdocdate: June 27 2013 $
 .Dt SSHD 8
 .Os
 .Sh NAME
@@ -47,6 +47,7 @@
 .Op Fl b Ar bits
 .Op Fl C Ar connection_spec
 .Op Fl c Ar host_certificate_file
+.Op Fl E Ar log_file
 .Op Fl f Ar config_file
 .Op Fl g Ar login_grace_time
 .Op Fl h Ar host_key_file
@@ -149,10 +150,12 @@ Multiple
 .Fl d
 options increase the debugging level.
 Maximum is 3.
+.It Fl E Ar log_file
+Append debug logs to
+.Ar log_file
+instead of the system log.
 .It Fl e
-When this option is specified,
-.Nm
-will send the output to the standard error instead of the system log.
+Write debug logs to standard error instead of the system log.
 .It Fl f Ar config_file
 Specifies the name of the configuration file.
 The default is
@@ -567,9 +570,7 @@ is enabled.
 Specifies that in addition to public key authentication, either the canonical
 name of the remote host or its IP address must be present in the
 comma-separated list of patterns.
-See
-.Sx PATTERNS
-in
+See PATTERNS in
 .Xr ssh_config 5
 for more information on patterns.
 .Pp
diff --git a/sshd.c b/sshd.c
index 0c260a50d..72e9eaf47 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.397 2013/02/11 21:21:58 dtucker Exp $ */
+/* $OpenBSD: sshd.c,v 1.404 2013/07/19 07:37:48 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -106,6 +106,7 @@
 #include "canohost.h"
 #include "hostfile.h"
 #include "auth.h"
+#include "authfd.h"
 #include "misc.h"
 #include "msg.h"
 #include "dispatch.h"
@@ -198,6 +199,10 @@ char *server_version_string = NULL;
 /* for rekeying XXX fixme */
 Kex *xxx_kex;
 
+/* Daemon's agent connection */
+AuthenticationConnection *auth_conn = NULL;
+int have_agent = 0;
+
 /*
  * Any really sensitive data in the application is contained in this
  * structure. The idea is that this structure could be locked into memory so
@@ -210,6 +215,7 @@ struct {
         Key     *server_key;            /* ephemeral server key */
         Key     *ssh1_host_key;         /* ssh1 host key */
         Key     **host_keys;            /* all private host keys */
+        Key     **host_pubkeys;         /* all public host keys */
         Key     **host_certificates;    /* all public host certificates */
         int     have_ssh1_key;
         int     have_ssh2_key;
@@ -658,6 +664,8 @@ privsep_preauth(Authctxt *authctxt)
                 debug2("Network child is on pid %ld", (long)pid);
 
                 pmonitor->m_pid = pid;
+                if (have_agent)
+                        auth_conn = ssh_get_authentication_connection();
                 if (box != NULL)
                         ssh_sandbox_parent_preauth(box, pid);
                 monitor_child_preauth(authctxt, pmonitor);
@@ -772,6 +780,8 @@ list_hostkey_types(void)
         for (i = 0; i < options.num_host_key_files; i++) {
                 key = sensitive_data.host_keys[i];
                 if (key == NULL)
+                        key = sensitive_data.host_pubkeys[i];
+                if (key == NULL)
                         continue;
                 switch (key->type) {
                 case KEY_RSA:
@@ -824,6 +834,8 @@ get_hostkey_by_type(int type, int need_private)
                         break;
                 default:
                         key = sensitive_data.host_keys[i];
+                        if (key == NULL && !need_private)
+                                key = sensitive_data.host_pubkeys[i];
                         break;
                 }
                 if (key != NULL && key->type == type)
@@ -853,6 +865,14 @@ get_hostkey_by_index(int ind)
         return (sensitive_data.host_keys[ind]);
 }
 
+Key *
+get_hostkey_public_by_index(int ind)
+{
+        if (ind < 0 || ind >= options.num_host_key_files)
+                return (NULL);
+        return (sensitive_data.host_pubkeys[ind]);
+}
+
 int
 get_hostkey_index(Key *key)
 {
@@ -865,6 +885,8 @@ get_hostkey_index(Key *key)
                 } else {
                         if (key == sensitive_data.host_keys[i])
                                 return (i);
+                        if (key == sensitive_data.host_pubkeys[i])
+                                return (i);
                 }
         }
         return (-1);
@@ -905,8 +927,9 @@ usage(void)
             SSH_RELEASE, SSLeay_version(SSLEAY_VERSION));
         fprintf(stderr,
 "usage: sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-c host_cert_file]\n"
-"            [-f config_file] [-g login_grace_time] [-h host_key_file]\n"
-"            [-k key_gen_time] [-o option] [-p port] [-u len]\n"
+"            [-E log_file] [-f config_file] [-g login_grace_time]\n"
+"            [-h host_key_file] [-k key_gen_time] [-o option] [-p port]\n"
+"            [-u len]\n"
         );
         exit(1);
 }
@@ -977,7 +1000,7 @@ recv_rexec_state(int fd, Buffer *conf)
         cp = buffer_get_string(&m, &len);
         if (conf != NULL)
                 buffer_append(conf, cp, len + 1);
-        xfree(cp);
+        free(cp);
 
         if (buffer_get_int(&m)) {
                 if (sensitive_data.server_key != NULL)
@@ -1028,7 +1051,9 @@ server_accept_inetd(int *sock_in, int *sock_out)
         if ((fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) {
                 dup2(fd, STDIN_FILENO);
                 dup2(fd, STDOUT_FILENO);
-                if (fd > STDOUT_FILENO)
+                if (!log_stderr)
+                        dup2(fd, STDERR_FILENO);
+                if (fd > (log_stderr ? STDERR_FILENO : STDOUT_FILENO))
                         close(fd);
         }
         debug("inetd sockets after dupping: %d, %d", *sock_in, *sock_out);
@@ -1139,7 +1164,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
                 if (received_sighup)
                         sighup_restart();
                 if (fdset != NULL)
-                        xfree(fdset);
+                        free(fdset);
                 fdset = (fd_set *)xcalloc(howmany(maxfd + 1, NFDBITS),
                     sizeof(fd_mask));
 
@@ -1188,8 +1213,8 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
                         *newsock = accept(listen_socks[i],
                             (struct sockaddr *)&from, &fromlen);
                         if (*newsock < 0) {
-                                if (errno != EINTR && errno != EAGAIN &&
-                                    errno != EWOULDBLOCK)
+                                if (errno != EINTR && errno != EWOULDBLOCK &&
+                                    errno != ECONNABORTED && errno != EAGAIN)
                                         error("accept: %.100s",
                                             strerror(errno));
                                 if (errno == EMFILE || errno == ENFILE)
@@ -1340,12 +1365,14 @@ main(int ac, char **av)
         int sock_in = -1, sock_out = -1, newsock = -1;
         const char *remote_ip;
         int remote_port;
-        char *line;
+        char *line, *logfile = NULL;
         int config_s[2] = { -1 , -1 };
         u_int n;
         u_int64_t ibytes, obytes;
         mode_t new_umask;
         Key *key;
+        Key *pubkey;
+        int keytype;
         Authctxt *authctxt;
         struct connection_info *connection_info = get_connection_info(0, 0);
 
@@ -1378,7 +1405,7 @@ main(int ac, char **av)
         initialize_server_options(&options);
 
         /* Parse command-line arguments. */
-        while ((opt = getopt(ac, av, "f:p:b:k:h:g:u:o:C:dDeiqrtQRT46")) != -1) {
+        while ((opt = getopt(ac, av, "f:p:b:k:h:g:u:o:C:dDeE:iqrtQRT46")) != -1) {
                 switch (opt) {
                 case '4':
                         options.address_family = AF_INET;
@@ -1407,6 +1434,9 @@ main(int ac, char **av)
                 case 'D':
                         no_daemon_flag = 1;
                         break;
+                case 'E':
+                        logfile = xstrdup(optarg);
+                        /* FALLTHROUGH */
                 case 'e':
                         log_stderr = 1;
                         break;
@@ -1485,7 +1515,7 @@ main(int ac, char **av)
                         if (process_server_config_line(&options, line,
                             "command-line", 0, NULL, NULL) != 0)
                                 exit(1);
-                        xfree(line);
+                        free(line);
                         break;
                 case '?':
                 default:
@@ -1504,6 +1534,11 @@ main(int ac, char **av)
 
         OpenSSL_add_all_algorithms();
 
+        /* If requested, redirect the logs to the specified logfile. */
+        if (logfile != NULL) {
+                log_redirect_stderr_to(logfile);
+                free(logfile);
+        }
         /*
          * Force logging to stderr until we have loaded the private host
          * key (unless started from inetd)
@@ -1612,32 +1647,55 @@ main(int ac, char **av)
         } else {
                 memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd));
                 privsep_pw = pwcopy(privsep_pw);
-                xfree(privsep_pw->pw_passwd);
+                free(privsep_pw->pw_passwd);
                 privsep_pw->pw_passwd = xstrdup("*");
         }
         endpwent();
 
-        /* load private host keys */
+        /* load host keys */
         sensitive_data.host_keys = xcalloc(options.num_host_key_files,
             sizeof(Key *));
-        for (i = 0; i < options.num_host_key_files; i++)
+        sensitive_data.host_pubkeys = xcalloc(options.num_host_key_files,
+            sizeof(Key *));
+        for (i = 0; i < options.num_host_key_files; i++) {
                 sensitive_data.host_keys[i] = NULL;
+                sensitive_data.host_pubkeys[i] = NULL;
+        }
+
+        if (options.host_key_agent) {
+                if (strcmp(options.host_key_agent, SSH_AUTHSOCKET_ENV_NAME))
+                        setenv(SSH_AUTHSOCKET_ENV_NAME,
+                            options.host_key_agent, 1);
+                have_agent = ssh_agent_present();
+        }
 
         for (i = 0; i < options.num_host_key_files; i++) {
                 key = key_load_private(options.host_key_files[i], "", NULL);
+                pubkey = key_load_public(options.host_key_files[i], NULL);
                 sensitive_data.host_keys[i] = key;
-                if (key == NULL) {
+                sensitive_data.host_pubkeys[i] = pubkey;
+
+                if (key == NULL && pubkey != NULL && pubkey->type != KEY_RSA1 &&
+                    have_agent) {
+                        debug("will rely on agent for hostkey %s",
+                            options.host_key_files[i]);
+                        keytype = pubkey->type;
+                } else if (key != NULL) {
+                        keytype = key->type;
+                } else {
                         error("Could not load host key: %s",
                             options.host_key_files[i]);
                         sensitive_data.host_keys[i] = NULL;
+                        sensitive_data.host_pubkeys[i] = NULL;
                         continue;
                 }
-                if (auth_key_is_revoked(key, 1)) {
-                        key_free(key);
+                if (auth_key_is_revoked(key != NULL ? key : pubkey, 1)) {
                         sensitive_data.host_keys[i] = NULL;
+                        sensitive_data.host_pubkeys[i] = NULL;
                         continue;
                 }
-                switch (key->type) {
+
+                switch (keytype) {
                 case KEY_RSA1:
                         sensitive_data.ssh1_host_key = key;
                         sensitive_data.have_ssh1_key = 1;
@@ -1648,8 +1706,8 @@ main(int ac, char **av)
                         sensitive_data.have_ssh2_key = 1;
                         break;
                 }
-                debug("private host key: #%d type %d %s", i, key->type,
-                    key_type(key));
+                debug("private host key: #%d type %d %s", i, keytype,
+                    key_type(key ? key : pubkey));
         }
         if ((options.protocol & SSH_PROTO_1) && !sensitive_data.have_ssh1_key) {
                 logit("Disabling protocol version 1. Could not load host key");
@@ -1819,7 +1877,8 @@ main(int ac, char **av)
 
         /* Chdir to the root directory so that the current disk can be
            unmounted if desired. */
-        chdir("/");
+        if (chdir("/") == -1)
+                error("chdir(\"/\"): %s", strerror(errno));
 
         /* ignore SIGPIPE */
         signal(SIGPIPE, SIG_IGN);
@@ -2079,9 +2138,11 @@ main(int ac, char **av)
         buffer_init(&loginmsg);
         auth_debug_reset();
 
-        if (use_privsep)
+        if (use_privsep) {
                 if (privsep_preauth(authctxt) == 1)
                         goto authenticated;
+        } else if (compat20 && have_agent)
+                auth_conn = ssh_get_authentication_connection();
 
         /* perform the key exchange */
         /* authenticate user and start session */
@@ -2368,7 +2429,7 @@ do_ssh1_kex(void)
                 MD5_Update(&md, sensitive_data.ssh1_cookie, SSH_SESSION_KEY_LENGTH);
                 MD5_Final(session_key + 16, &md);
                 memset(buf, 0, bytes);
-                xfree(buf);
+                free(buf);
                 for (i = 0; i < 16; i++)
                         session_id[i] = session_key[i] ^ session_key[i + 16];
         }
@@ -2395,6 +2456,23 @@ do_ssh1_kex(void)
         packet_write_wait();
 }
 
+void
+sshd_hostkey_sign(Key *privkey, Key *pubkey, u_char **signature, u_int *slen,
+    u_char *data, u_int dlen)
+{
+        if (privkey) {
+                if (PRIVSEP(key_sign(privkey, signature, slen, data, dlen) < 0))
+                        fatal("%s: key_sign failed", __func__);
+        } else if (use_privsep) {
+                if (mm_key_sign(pubkey, signature, slen, data, dlen) < 0)
+                        fatal("%s: pubkey_sign failed", __func__);
+        } else {
+                if (ssh_agent_sign(auth_conn, pubkey, signature, slen, data,
+                    dlen))
+                        fatal("%s: ssh_agent_sign failed", __func__);
+        }
+}
+
 /*
  * SSH2 key exchange: diffie-hellman-group1-sha1
  */
@@ -2426,6 +2504,10 @@ do_ssh2_kex(void)
         if (options.kex_algorithms != NULL)
                 myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms;
 
+        if (options.rekey_limit || options.rekey_interval)
+                packet_set_rekey_limits((u_int32_t)options.rekey_limit,
+                    (time_t)options.rekey_interval);
+
         myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types();
 
 #ifdef GSSAPI
@@ -2490,6 +2572,7 @@ do_ssh2_kex(void)
         kex->load_host_public_key=&get_hostkey_public_by_type;
         kex->load_host_private_key=&get_hostkey_private_by_type;
         kex->host_key_index=&get_hostkey_index;
+        kex->sign = sshd_hostkey_sign;
 
         xxx_kex = kex;
 
diff --git a/sshd_config b/sshd_config
index 5de6846ef..9cfe28d03 100644
--- a/sshd_config
+++ b/sshd_config
@@ -1,4 +1,4 @@
-#       $OpenBSD: sshd_config,v 1.89 2013/02/06 00:20:42 dtucker Exp $
+#       $OpenBSD: sshd_config,v 1.90 2013/05/16 04:09:14 dtucker Exp $
 
 # This is the sshd server system-wide configuration file.  See
 # sshd_config(5) for more information.
@@ -29,6 +29,9 @@
 #KeyRegenerationInterval 1h
 #ServerKeyBits 1024
 
+# Ciphers and keying
+#RekeyLimit default none
+
 # Logging
 # obsoletes QuietMode and FascistLogging
 #SyslogFacility AUTH
diff --git a/sshd_config.0 b/sshd_config.0
index 2648db3d4..5f1df7b58 100644
--- a/sshd_config.0
+++ b/sshd_config.0
@@ -90,6 +90,13 @@ DESCRIPTION
              example, it would not be possible to attempt password or
              keyboard-interactive authentication before public key.
 
+             For keyboard interactive authentication it is also possible to
+             restrict authentication to a specific device by appending a colon
+             followed by the device identifier ``bsdauth'', ``pam'', or
+             ``skey'', depending on the server configuration.  For example,
+             ``keyboard-interactive:bsdauth'' would restrict keyboard
+             interactive authentication to the ``bsdauth'' device.
+
              This option is only available for SSH protocol 2 and will yield a
              fatal error if enabled if protocol 1 is also enabled.  Note that
              each authentication method listed should also be explicitly
@@ -99,7 +106,8 @@ DESCRIPTION
 
      AuthorizedKeysCommand
              Specifies a program to be used to look up the user's public keys.
-             The program will be invoked with a single argument of the
+             The program must be owned by root and not writable by group or
+             others.  It will be invoked with a single argument of the
              username being authenticated, and should produce on standard
              output zero or more lines of authorized_keys output (see
              AUTHORIZED_KEYS in sshd(8)).  If a key supplied by
@@ -322,7 +330,16 @@ DESCRIPTION
              sshd(8) will refuse to use a file if it is group/world-
              accessible.  It is possible to have multiple host key files.
              ``rsa1'' keys are used for version 1 and ``dsa'', ``ecdsa'' or
-             ``rsa'' are used for version 2 of the SSH protocol.
+             ``rsa'' are used for version 2 of the SSH protocol.  It is also
+             possible to specify public host key files instead.  In this case
+             operations on the private key will be delegated to an
+             ssh-agent(1).
+
+     HostKeyAgent
+             Identifies the UNIX-domain socket used to communicate with an
+             agent that has access to the private host keys.  If
+             ``SSH_AUTH_SOCK'' is specified, the location of the socket will
+             be read from the SSH_AUTH_SOCK environment variable.
 
      IgnoreRhosts
              Specifies that .rhosts and .shosts files will not be used in
@@ -461,8 +478,9 @@ DESCRIPTION
              KbdInteractiveAuthentication, KerberosAuthentication,
              MaxAuthTries, MaxSessions, PasswordAuthentication,
              PermitEmptyPasswords, PermitOpen, PermitRootLogin, PermitTunnel,
-             PubkeyAuthentication, RhostsRSAAuthentication, RSAAuthentication,
-             X11DisplayOffset, X11Forwarding and X11UseLocalHost.
+             PubkeyAuthentication, RekeyLimit, RhostsRSAAuthentication,
+             RSAAuthentication, X11DisplayOffset, X11Forwarding and
+             X11UseLocalHost.
 
      MaxAuthTries
              Specifies the maximum number of authentication attempts permitted
@@ -571,6 +589,21 @@ DESCRIPTION
              default is ``yes''.  Note that this option applies to protocol
              version 2 only.
 
+     RekeyLimit
+             Specifies the maximum amount of data that may be transmitted
+             before the session key is renegotiated, optionally followed a
+             maximum amount of time that may pass before the session key is
+             renegotiated.  The first argument is specified in bytes and may
+             have a suffix of `K', `M', or `G' to indicate Kilobytes,
+             Megabytes, or Gigabytes, respectively.  The default is between
+             `1G' and `4G', depending on the cipher.  The optional second
+             value is specified in seconds and may use any of the units
+             documented in the TIME FORMATS section.  The default value for
+             RekeyLimit is ``default none'', which means that rekeying is
+             performed after the cipher's default amount of data has been sent
+             or received and no time based rekeying is done.  This option
+             applies to protocol version 2 only.
+
      RevokedKeys
              Specifies revoked public keys.  Keys listed in this file will be
              refused for public key authentication.  Note that if this file is
@@ -777,4 +810,4 @@ AUTHORS
      versions 1.5 and 2.0.  Niels Provos and Markus Friedl contributed support
      for privilege separation.
 
-OpenBSD 5.3                    February 6, 2013                    OpenBSD 5.3
+OpenBSD 5.4                      July 19, 2013                     OpenBSD 5.4
diff --git a/sshd_config.5 b/sshd_config.5
index 251d847fd..faf93fc90 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.156 2013/02/06 00:20:42 dtucker Exp $
-.Dd $Mdocdate: February 6 2013 $
+.\" $OpenBSD: sshd_config.5,v 1.162 2013/07/19 07:37:48 markus Exp $
+.Dd $Mdocdate: July 19 2013 $
 .Dt SSHD_CONFIG 5
 .Os
 .Sh NAME
@@ -144,9 +144,7 @@ The allow/deny directives are processed in the following order:
 and finally
 .Cm AllowGroups .
 .Pp
-See
-.Sx PATTERNS
-in
+See PATTERNS in
 .Xr ssh_config 5
 for more information on patterns.
 .It Cm AllowTcpForwarding
@@ -186,9 +184,7 @@ The allow/deny directives are processed in the following order:
 and finally
 .Cm AllowGroups .
 .Pp
-See
-.Sx PATTERNS
-in
+See PATTERNS in
 .Xr ssh_config 5
 for more information on patterns.
 .It Cm AuthenticationMethods
@@ -207,6 +203,20 @@ Only methods that are next in one or more lists are offered at each stage,
 so for this example, it would not be possible to attempt password or
 keyboard-interactive authentication before public key.
 .Pp
+For keyboard interactive authentication it is also possible to
+restrict authentication to a specific device by appending a
+colon followed by the device identifier
+.Dq bsdauth ,
+.Dq pam ,
+or
+.Dq skey ,
+depending on the server configuration.
+For example,
+.Dq keyboard-interactive:bsdauth
+would restrict keyboard interactive authentication to the
+.Dq bsdauth
+device.
+.Pp
 This option is only available for SSH protocol 2 and will yield a fatal
 error if enabled if protocol 1 is also enabled.
 Note that each authentication method listed should also be explicitly enabled
@@ -215,11 +225,10 @@ The default is not to require multiple authentication; successful completion
 of a single authentication method is sufficient.
 .It Cm AuthorizedKeysCommand
 Specifies a program to be used to look up the user's public keys.
-The program will be invoked with a single argument of the username
+The program must be owned by root and not writable by group or others.
+It will be invoked with a single argument of the username
 being authenticated, and should produce on standard output zero or
-more lines of authorized_keys output (see
-.Sx AUTHORIZED_KEYS
-in
+more lines of authorized_keys output (see AUTHORIZED_KEYS in
 .Xr sshd 8 ) .
 If a key supplied by AuthorizedKeysCommand does not successfully authenticate
 and authorize the user then public key authentication continues using the usual
@@ -234,7 +243,7 @@ than running authorized keys commands.
 Specifies the file that contains the public keys that can be used
 for user authentication.
 The format is described in the
-.Sx AUTHORIZED_KEYS FILE FORMAT
+AUTHORIZED_KEYS FILE FORMAT
 section of
 .Xr sshd 8 .
 .Cm AuthorizedKeysFile
@@ -258,9 +267,7 @@ When using certificates signed by a key listed in
 this file lists names, one of which must appear in the certificate for it
 to be accepted for authentication.
 Names are listed one per line preceded by key options (as described
-in
-.Sx AUTHORIZED_KEYS FILE FORMAT
-in
+in AUTHORIZED_KEYS FILE FORMAT in
 .Xr sshd 8 ) .
 Empty lines and comments starting with
 .Ql #
@@ -442,9 +449,7 @@ The allow/deny directives are processed in the following order:
 and finally
 .Cm AllowGroups .
 .Pp
-See
-.Sx PATTERNS
-in
+See PATTERNS in
 .Xr ssh_config 5
 for more information on patterns.
 .It Cm DenyUsers
@@ -463,9 +468,7 @@ The allow/deny directives are processed in the following order:
 and finally
 .Cm AllowGroups .
 .Pp
-See
-.Sx PATTERNS
-in
+See PATTERNS in
 .Xr ssh_config 5
 for more information on patterns.
 .It Cm ForceCommand
@@ -602,6 +605,18 @@ keys are used for version 1 and
 or
 .Dq rsa
 are used for version 2 of the SSH protocol.
+It is also possible to specify public host key files instead.
+In this case operations on the private key will be delegated
+to an
+.Xr ssh-agent 1 .
+.It Cm HostKeyAgent
+Identifies the UNIX-domain socket used to communicate
+with an agent that has access to the private host keys.
+If
+.Dq SSH_AUTH_SOCK
+is specified, the location of the socket will be read from the
+.Ev SSH_AUTH_SOCK
+environment variable.
 .It Cm IgnoreRhosts
 Specifies that
 .Pa .rhosts
@@ -805,8 +820,7 @@ and
 .Cm Address .
 The match patterns may consist of single entries or comma-separated
 lists and may use the wildcard and negation operators described in the
-.Sx PATTERNS
-section of
+PATTERNS section of
 .Xr ssh_config 5 .
 .Pp
 The patterns in an
@@ -858,6 +872,7 @@ Available keywords are
 .Cm PermitRootLogin ,
 .Cm PermitTunnel ,
 .Cm PubkeyAuthentication ,
+.Cm RekeyLimit ,
 .Cm RhostsRSAAuthentication ,
 .Cm RSAAuthentication ,
 .Cm X11DisplayOffset ,
@@ -1066,6 +1081,32 @@ Specifies whether public key authentication is allowed.
 The default is
 .Dq yes .
 Note that this option applies to protocol version 2 only.
+.It Cm RekeyLimit
+Specifies the maximum amount of data that may be transmitted before the
+session key is renegotiated, optionally followed a maximum amount of
+time that may pass before the session key is renegotiated.
+The first argument is specified in bytes and may have a suffix of
+.Sq K ,
+.Sq M ,
+or
+.Sq G
+to indicate Kilobytes, Megabytes, or Gigabytes, respectively.
+The default is between
+.Sq 1G
+and
+.Sq 4G ,
+depending on the cipher.
+The optional second value is specified in seconds and may use any of the
+units documented in the
+.Sx TIME FORMATS
+section.
+The default value for
+.Cm RekeyLimit
+is
+.Dq default none ,
+which means that rekeying is performed after the cipher's default amount
+of data has been sent or received and no time based rekeying is done.
+This option applies to protocol version 2 only.
 .It Cm RevokedKeys
 Specifies revoked public keys.
 Keys listed in this file will be refused for public key authentication.
@@ -1074,9 +1115,7 @@ be refused for all users.
 Keys may be specified as a text file, listing one public key per line, or as
 an OpenSSH Key Revocation List (KRL) as generated by
 .Xr ssh-keygen 1 .
-For more information on KRLs, see the
-.Sx KEY REVOCATION LISTS
-section in
+For more information on KRLs, see the KEY REVOCATION LISTS section in
 .Xr ssh-keygen 1 .
 .It Cm RhostsRSAAuthentication
 Specifies whether rhosts or /etc/hosts.equiv authentication together
@@ -1168,9 +1207,7 @@ listed in the certificate's principals list.
 Note that certificates that lack a list of principals will not be permitted
 for authentication using
 .Cm TrustedUserCAKeys .
-For more details on certificates, see the
-.Sx CERTIFICATES
-section in
+For more details on certificates, see the CERTIFICATES section in
 .Xr ssh-keygen 1 .
 .It Cm UseDNS
 Specifies whether
diff --git a/sshlogin.c b/sshlogin.c
index 54629f747..2688d8d7b 100644
--- a/sshlogin.c
+++ b/sshlogin.c
@@ -97,7 +97,7 @@ store_lastlog_message(const char *user, uid_t uid)
         time_string = sys_auth_get_lastlogin_msg(user, uid);
         if (time_string != NULL) {
                 buffer_append(&loginmsg, time_string, strlen(time_string));
-                xfree(time_string);
+                free(time_string);
         }
 # else
         last_login_time = get_last_login_time(uid, user, hostname,
diff --git a/sshlogin.h b/sshlogin.h
index 500d3fefd..52119a979 100644
--- a/sshlogin.h
+++ b/sshlogin.h
@@ -15,7 +15,7 @@
 void    record_login(pid_t, const char *, const char *, uid_t,
     const char *, struct sockaddr *, socklen_t);
 void   record_logout(pid_t, const char *, const char *);
-time_t  get_last_login_time(uid_t, const char *, char *, u_int);
+time_t  get_last_login_time(uid_t, const char *, char *, size_t);
 
 #ifdef LOGIN_NEEDS_UTMPX
 void    record_utmp_only(pid_t, const char *, const char *, const char *,
diff --git a/uidswap.c b/uidswap.c
index cdd7309e3..26d17f93a 100644
--- a/uidswap.c
+++ b/uidswap.c
@@ -90,8 +90,7 @@ temporarily_use_uid(struct passwd *pw)
                 if (getgroups(saved_egroupslen, saved_egroups) < 0)
                         fatal("getgroups: %.100s", strerror(errno));
         } else { /* saved_egroupslen == 0 */
-                if (saved_egroups != NULL)
-                        xfree(saved_egroups);
+                free(saved_egroups);
         }
 
         /* set and save the user's groups */
@@ -109,8 +108,7 @@ temporarily_use_uid(struct passwd *pw)
                         if (getgroups(user_groupslen, user_groups) < 0)
                                 fatal("getgroups: %.100s", strerror(errno));
                 } else { /* user_groupslen == 0 */
-                        if (user_groups)
-                                xfree(user_groups);
+                        free(user_groups);
                 }
         }
         /* Set the effective uid to the given (unprivileged) uid. */
diff --git a/umac.c b/umac.c
index 0567c37f9..99416a510 100644
--- a/umac.c
+++ b/umac.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: umac.c,v 1.4 2011/10/19 10:39:48 djm Exp $ */
+/* $OpenBSD: umac.c,v 1.7 2013/07/22 05:00:17 djm Exp $ */
 /* -----------------------------------------------------------------------
  * 
  * umac.c -- C Implementation UMAC Message Authentication
@@ -132,13 +132,13 @@ typedef unsigned int	UWORD;  /* Register */
 /* ---------------------------------------------------------------------- */
 
 #if HAVE_SWAP32
-#define LOAD_UINT32_REVERSED(p)         (swap32(*(UINT32 *)(p)))
+#define LOAD_UINT32_REVERSED(p)         (swap32(*(const UINT32 *)(p)))
 #define STORE_UINT32_REVERSED(p,v)      (*(UINT32 *)(p) = swap32(v))
 #else /* HAVE_SWAP32 */
 
-static UINT32 LOAD_UINT32_REVERSED(void *ptr)
+static UINT32 LOAD_UINT32_REVERSED(const void *ptr)
 {
-    UINT32 temp = *(UINT32 *)ptr;
+    UINT32 temp = *(const UINT32 *)ptr;
     temp = (temp >> 24) | ((temp & 0x00FF0000) >> 8 )
          | ((temp & 0x0000FF00) << 8 ) | (temp << 24);
     return (UINT32)temp;
@@ -159,7 +159,7 @@ static void STORE_UINT32_REVERSED(void *ptr, UINT32 x)
  */
 
 #if (__LITTLE_ENDIAN__)
-#define LOAD_UINT32_LITTLE(ptr)     (*(UINT32 *)(ptr))
+#define LOAD_UINT32_LITTLE(ptr)     (*(const UINT32 *)(ptr))
 #define STORE_UINT32_BIG(ptr,x)     STORE_UINT32_REVERSED(ptr,x)
 #else
 #define LOAD_UINT32_LITTLE(ptr)     LOAD_UINT32_REVERSED(ptr)
@@ -184,7 +184,7 @@ typedef AES_KEY aes_int_key[1];
 #define aes_encryption(in,out,int_key)                  \
   AES_encrypt((u_char *)(in),(u_char *)(out),(AES_KEY *)int_key)
 #define aes_key_setup(key,int_key)                      \
-  AES_set_encrypt_key((u_char *)(key),UMAC_KEY_LEN*8,int_key)
+  AES_set_encrypt_key((const u_char *)(key),UMAC_KEY_LEN*8,int_key)
 
 /* The user-supplied UMAC key is stretched using AES in a counter
  * mode to supply all random bits needed by UMAC. The kdf function takes
@@ -240,7 +240,7 @@ static void pdf_init(pdf_ctx *pc, aes_int_key prf_key)
     aes_encryption(pc->nonce, pc->cache, pc->prf_key);
 }
 
-static void pdf_gen_xor(pdf_ctx *pc, UINT8 nonce[8], UINT8 buf[8])
+static void pdf_gen_xor(pdf_ctx *pc, const UINT8 nonce[8], UINT8 buf[8])
 {
     /* 'ndx' indicates that we'll be using the 0th or 1st eight bytes
      * of the AES output. If last time around we returned the ndx-1st
@@ -254,19 +254,21 @@ static void pdf_gen_xor(pdf_ctx *pc, UINT8 nonce[8], UINT8 buf[8])
 #elif (UMAC_OUTPUT_LEN > 8)
 #define LOW_BIT_MASK 0
 #endif
-
-    UINT8 tmp_nonce_lo[4];
+    union {
+        UINT8 tmp_nonce_lo[4];
+        UINT32 align;
+    } t;
 #if LOW_BIT_MASK != 0
     int ndx = nonce[7] & LOW_BIT_MASK;
 #endif
-    *(UINT32 *)tmp_nonce_lo = ((UINT32 *)nonce)[1];
-    tmp_nonce_lo[3] &= ~LOW_BIT_MASK; /* zero last bit */
+    *(UINT32 *)t.tmp_nonce_lo = ((const UINT32 *)nonce)[1];
+    t.tmp_nonce_lo[3] &= ~LOW_BIT_MASK; /* zero last bit */
     
-    if ( (((UINT32 *)tmp_nonce_lo)[0] != ((UINT32 *)pc->nonce)[1]) ||
-         (((UINT32 *)nonce)[0] != ((UINT32 *)pc->nonce)[0]) )
+    if ( (((UINT32 *)t.tmp_nonce_lo)[0] != ((UINT32 *)pc->nonce)[1]) ||
+         (((const UINT32 *)nonce)[0] != ((UINT32 *)pc->nonce)[0]) )
     {
-        ((UINT32 *)pc->nonce)[0] = ((UINT32 *)nonce)[0];
-        ((UINT32 *)pc->nonce)[1] = ((UINT32 *)tmp_nonce_lo)[0];
+        ((UINT32 *)pc->nonce)[0] = ((const UINT32 *)nonce)[0];
+        ((UINT32 *)pc->nonce)[1] = ((UINT32 *)t.tmp_nonce_lo)[0];
         aes_encryption(pc->nonce, pc->cache, pc->prf_key);
     }
     
@@ -333,7 +335,7 @@ typedef struct {
 
 #if (UMAC_OUTPUT_LEN == 4)
 
-static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen)
+static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen)
 /* NH hashing primitive. Previous (partial) hash result is loaded and     
 * then stored via hp pointer. The length of the data pointed at by "dp",
 * "dlen", is guaranteed to be divisible by L1_PAD_BOUNDARY (32).  Key
@@ -343,7 +345,7 @@ static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen)
     UINT64 h;
     UWORD c = dlen / 32;
     UINT32 *k = (UINT32 *)kp;
-    UINT32 *d = (UINT32 *)dp;
+    const UINT32 *d = (const UINT32 *)dp;
     UINT32 d0,d1,d2,d3,d4,d5,d6,d7;
     UINT32 k0,k1,k2,k3,k4,k5,k6,k7;
     
@@ -368,7 +370,7 @@ static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen)
 
 #elif (UMAC_OUTPUT_LEN == 8)
 
-static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen)
+static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen)
 /* Same as previous nh_aux, but two streams are handled in one pass,
  * reading and writing 16 bytes of hash-state per call.
  */
@@ -376,7 +378,7 @@ static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen)
   UINT64 h1,h2;
   UWORD c = dlen / 32;
   UINT32 *k = (UINT32 *)kp;
-  UINT32 *d = (UINT32 *)dp;
+  const UINT32 *d = (const UINT32 *)dp;
   UINT32 d0,d1,d2,d3,d4,d5,d6,d7;
   UINT32 k0,k1,k2,k3,k4,k5,k6,k7,
         k8,k9,k10,k11;
@@ -415,7 +417,7 @@ static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen)
 
 #elif (UMAC_OUTPUT_LEN == 12)
 
-static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen)
+static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen)
 /* Same as previous nh_aux, but two streams are handled in one pass,
  * reading and writing 24 bytes of hash-state per call.
 */
@@ -423,7 +425,7 @@ static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen)
     UINT64 h1,h2,h3;
     UWORD c = dlen / 32;
     UINT32 *k = (UINT32 *)kp;
-    UINT32 *d = (UINT32 *)dp;
+    const UINT32 *d = (const UINT32 *)dp;
     UINT32 d0,d1,d2,d3,d4,d5,d6,d7;
     UINT32 k0,k1,k2,k3,k4,k5,k6,k7,
         k8,k9,k10,k11,k12,k13,k14,k15;
@@ -470,7 +472,7 @@ static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen)
 
 #elif (UMAC_OUTPUT_LEN == 16)
 
-static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen)
+static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen)
 /* Same as previous nh_aux, but two streams are handled in one pass,
  * reading and writing 24 bytes of hash-state per call.
 */
@@ -478,7 +480,7 @@ static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen)
     UINT64 h1,h2,h3,h4;
     UWORD c = dlen / 32;
     UINT32 *k = (UINT32 *)kp;
-    UINT32 *d = (UINT32 *)dp;
+    const UINT32 *d = (const UINT32 *)dp;
     UINT32 d0,d1,d2,d3,d4,d5,d6,d7;
     UINT32 k0,k1,k2,k3,k4,k5,k6,k7,
         k8,k9,k10,k11,k12,k13,k14,k15,
@@ -539,7 +541,7 @@ static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen)
 
 /* ---------------------------------------------------------------------- */
 
-static void nh_transform(nh_ctx *hc, UINT8 *buf, UINT32 nbytes)
+static void nh_transform(nh_ctx *hc, const UINT8 *buf, UINT32 nbytes)
 /* This function is a wrapper for the primitive NH hash functions. It takes
  * as argument "hc" the current hash context and a buffer which must be a
  * multiple of L1_PAD_BOUNDARY. The key passed to nh_aux is offset
@@ -614,7 +616,7 @@ static void nh_init(nh_ctx *hc, aes_int_key prf_key)
 
 /* ---------------------------------------------------------------------- */
 
-static void nh_update(nh_ctx *hc, UINT8 *buf, UINT32 nbytes)
+static void nh_update(nh_ctx *hc, const UINT8 *buf, UINT32 nbytes)
 /* Incorporate nbytes of data into a nh_ctx, buffer whatever is not an    */
 /* even multiple of HASH_BUF_BYTES.                                       */
 {
@@ -709,7 +711,7 @@ static void nh_final(nh_ctx *hc, UINT8 *result)
 
 /* ---------------------------------------------------------------------- */
 
-static void nh(nh_ctx *hc, UINT8 *buf, UINT32 padded_len,
+static void nh(nh_ctx *hc, const UINT8 *buf, UINT32 padded_len,
                UINT32 unpadded_len, UINT8 *result)
 /* All-in-one nh_update() and nh_final() equivalent.
  * Assumes that padded_len is divisible by L1_PAD_BOUNDARY and result is
@@ -1047,7 +1049,7 @@ static int uhash_free(uhash_ctx_t ctx)
 #endif
 /* ---------------------------------------------------------------------- */
 
-static int uhash_update(uhash_ctx_t ctx, u_char *input, long len)
+static int uhash_update(uhash_ctx_t ctx, const u_char *input, long len)
 /* Given len bytes of data, we parse it into L1_KEY_LEN chunks and
  * hash each one with NH, calling the polyhash on each NH output.
  */
@@ -1057,7 +1059,7 @@ static int uhash_update(uhash_ctx_t ctx, u_char *input, long len)
     UINT8 *nh_result = (UINT8 *)&result_buf;
     
     if (ctx->msg_len + len <= L1_KEY_LEN) {
-        nh_update(&ctx->hash, (UINT8 *)input, len);
+        nh_update(&ctx->hash, (const UINT8 *)input, len);
         ctx->msg_len += len;
     } else {
     
@@ -1072,7 +1074,7 @@ static int uhash_update(uhash_ctx_t ctx, u_char *input, long len)
              /* bytes to complete the current nh_block.                  */
              if (bytes_hashed) {
                  bytes_remaining = (L1_KEY_LEN - bytes_hashed);
-                 nh_update(&ctx->hash, (UINT8 *)input, bytes_remaining);
+                 nh_update(&ctx->hash, (const UINT8 *)input, bytes_remaining);
                  nh_final(&ctx->hash, nh_result);
                  ctx->msg_len += bytes_remaining;
                  poly_hash(ctx,(UINT32 *)nh_result);
@@ -1082,7 +1084,7 @@ static int uhash_update(uhash_ctx_t ctx, u_char *input, long len)
 
              /* Hash directly from input stream if enough bytes */
              while (len >= L1_KEY_LEN) {
-                 nh(&ctx->hash, (UINT8 *)input, L1_KEY_LEN,
+                 nh(&ctx->hash, (const UINT8 *)input, L1_KEY_LEN,
                                    L1_KEY_LEN, nh_result);
                  ctx->msg_len += L1_KEY_LEN;
                  len -= L1_KEY_LEN;
@@ -1093,7 +1095,7 @@ static int uhash_update(uhash_ctx_t ctx, u_char *input, long len)
 
          /* pass remaining < L1_KEY_LEN bytes of input data to NH */
          if (len) {
-             nh_update(&ctx->hash, (UINT8 *)input, len);
+             nh_update(&ctx->hash, (const UINT8 *)input, len);
              ctx->msg_len += len;
          }
      }
@@ -1209,14 +1211,14 @@ int umac_delete(struct umac_ctx *ctx)
     if (ctx) {
         if (ALLOC_BOUNDARY)
             ctx = (struct umac_ctx *)ctx->free_ptr;
-        xfree(ctx);
+        free(ctx);
     }
     return (1);
 }
 
 /* ---------------------------------------------------------------------- */
 
-struct umac_ctx *umac_new(u_char key[])
+struct umac_ctx *umac_new(const u_char key[])
 /* Dynamically allocate a umac_ctx struct, initialize variables, 
  * generate subkeys from key. Align to 16-byte boundary.
  */
@@ -1233,7 +1235,7 @@ struct umac_ctx *umac_new(u_char key[])
             ctx = (struct umac_ctx *)((u_char *)ctx + bytes_to_add);
         }
         ctx->free_ptr = octx;
-        aes_key_setup(key,prf_key);
+        aes_key_setup(key, prf_key);
         pdf_init(&ctx->pdf, prf_key);
         uhash_init(&ctx->hash, prf_key);
     }
@@ -1243,18 +1245,18 @@ struct umac_ctx *umac_new(u_char key[])
 
 /* ---------------------------------------------------------------------- */
 
-int umac_final(struct umac_ctx *ctx, u_char tag[], u_char nonce[8])
+int umac_final(struct umac_ctx *ctx, u_char tag[], const u_char nonce[8])
 /* Incorporate any pending data, pad, and generate tag */
 {
     uhash_final(&ctx->hash, (u_char *)tag);
-    pdf_gen_xor(&ctx->pdf, (UINT8 *)nonce, (UINT8 *)tag);
+    pdf_gen_xor(&ctx->pdf, (const UINT8 *)nonce, (UINT8 *)tag);
     
     return (1);
 }
 
 /* ---------------------------------------------------------------------- */
 
-int umac_update(struct umac_ctx *ctx, u_char *input, long len)
+int umac_update(struct umac_ctx *ctx, const u_char *input, long len)
 /* Given len bytes of data, we parse it into L1_KEY_LEN chunks and   */
 /* hash each one, calling the PDF on the hashed output whenever the hash- */
 /* output buffer is full.                                                 */
diff --git a/umac.h b/umac.h
index 6795112a3..7fb770f8a 100644
--- a/umac.h
+++ b/umac.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: umac.h,v 1.2 2012/10/04 13:21:50 markus Exp $ */
+/* $OpenBSD: umac.h,v 1.3 2013/07/22 12:20:02 djm Exp $ */
 /* -----------------------------------------------------------------------
  * 
  * umac.h -- C Implementation UMAC Message Authentication
@@ -52,7 +52,7 @@
     extern "C" {
 #endif
 
-struct umac_ctx *umac_new(u_char key[]);
+struct umac_ctx *umac_new(const u_char key[]);
 /* Dynamically allocate a umac_ctx struct, initialize variables, 
  * generate subkeys from key.
  */
@@ -62,10 +62,10 @@ int umac_reset(struct umac_ctx *ctx);
 /* Reset a umac_ctx to begin authenicating a new message */
 #endif
 
-int umac_update(struct umac_ctx *ctx, u_char *input, long len);
+int umac_update(struct umac_ctx *ctx, const u_char *input, long len);
 /* Incorporate len bytes pointed to by input into context ctx */
 
-int umac_final(struct umac_ctx *ctx, u_char tag[], u_char nonce[8]);
+int umac_final(struct umac_ctx *ctx, u_char tag[], const u_char nonce[8]);
 /* Incorporate any pending data and the ctr value, and return tag. 
  * This function returns error code if ctr < 0. 
  */
@@ -117,9 +117,9 @@ int uhash(uhash_ctx_t ctx,
 #endif
 
 /* matching umac-128 API, we reuse umac_ctx, since it's opaque */
-struct umac_ctx *umac128_new(u_char key[]);
-int umac128_update(struct umac_ctx *ctx, u_char *input, long len);
-int umac128_final(struct umac_ctx *ctx, u_char tag[], u_char nonce[8]);
+struct umac_ctx *umac128_new(const u_char key[]);
+int umac128_update(struct umac_ctx *ctx, const u_char *input, long len);
+int umac128_final(struct umac_ctx *ctx, u_char tag[], const u_char nonce[8]);
 int umac128_delete(struct umac_ctx *ctx);
 
 #ifdef __cplusplus
diff --git a/uuencode.c b/uuencode.c
index 09d80d2fc..294c74304 100644
--- a/uuencode.c
+++ b/uuencode.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: uuencode.c,v 1.26 2010/08/31 11:54:45 djm Exp $ */
+/* $OpenBSD: uuencode.c,v 1.27 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -29,6 +29,7 @@
 #include <netinet/in.h>
 #include <resolv.h>
 #include <stdio.h>
+#include <stdlib.h>
 
 #include "xmalloc.h"
 #include "uuencode.h"
@@ -67,7 +68,7 @@ uudecode(const char *src, u_char *target, size_t targsize)
         /* and remove trailing whitespace because __b64_pton needs this */
         *p = '\0';
         len = __b64_pton(encoded, target, targsize);
-        xfree(encoded);
+        free(encoded);
         return len;
 }
 
@@ -90,5 +91,5 @@ dump_base64(FILE *fp, const u_char *data, u_int len)
         }
         if (i % 70 != 69)
                 fprintf(fp, "\n");
-        xfree(buf);
+        free(buf);
 }
diff --git a/version.h b/version.h
index f4f5a68c8..7a30d0dd7 100644
--- a/version.h
+++ b/version.h
@@ -1,8 +1,8 @@
-/* $OpenBSD: version.h,v 1.66 2013/02/10 21:19:34 markus Exp $ */
+/* $OpenBSD: version.h,v 1.67 2013/07/25 00:57:37 djm Exp $ */
 
-#define SSH_VERSION     "OpenSSH_6.2"
+#define SSH_VERSION     "OpenSSH_6.3"
 
-#define SSH_PORTABLE    "p2"
+#define SSH_PORTABLE    "p1"
 #define SSH_RELEASE_MINIMUM     SSH_VERSION SSH_PORTABLE
 #ifdef SSH_EXTRAVERSION
 #define SSH_RELEASE     SSH_RELEASE_MINIMUM " " SSH_EXTRAVERSION
diff --git a/xmalloc.c b/xmalloc.c
index 9985b4cc2..92f781fd0 100644
--- a/xmalloc.c
+++ b/xmalloc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: xmalloc.c,v 1.27 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: xmalloc.c,v 1.28 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -73,14 +73,6 @@ xrealloc(void *ptr, size_t nmemb, size_t size)
         return new_ptr;
 }
 
-void
-xfree(void *ptr)
-{
-        if (ptr == NULL)
-                fatal("xfree: NULL pointer given as argument");
-        free(ptr);
-}
-
 char *
 xstrdup(const char *str)
 {
diff --git a/xmalloc.h b/xmalloc.h
index fb217a45c..261dfd612 100644
--- a/xmalloc.h
+++ b/xmalloc.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: xmalloc.h,v 1.13 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: xmalloc.h,v 1.14 2013/05/17 00:13:14 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -19,7 +19,6 @@
 void    *xmalloc(size_t);
 void    *xcalloc(size_t, size_t);
 void    *xrealloc(void *, size_t, size_t);
-void     xfree(void *);
 char    *xstrdup(const char *);
 int      xasprintf(char **, const char *, ...)
                 __attribute__((__format__ (printf, 2, 3)))