1 files changed, 824 insertions, 859 deletions

diff --git a/ChangeLog b/ChangeLog
index 6d7a7d265..0307f62e0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,827 @@
+commit aede1c34243a6f7feae2fb2cb686ade5f9be6f3d
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Oct 17 11:01:20 2018 +1100
+
+    Require OpenSSL 1.1.x series 1.1.0g or greater
+    
+    Previous versions have a bug with EVP_CipherInit() when passed a
+    NULL EVP_CIPHER, per https://github.com/openssl/openssl/pull/4613
+    
+    ok dtucker@
+
+commit 08300c211409c212e010fe2e2f2883e573a04ce2
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Oct 17 08:12:02 2018 +1100
+
+    unbreak compilation with --with-ssl-engine
+    
+    Missing last argument to OPENSSL_init_crypto()
+
+commit 1673274aee67ce0eb6f00578b6f3d2bcbd58f937
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Tue Oct 16 14:45:57 2018 +1100
+
+    Remove gcc spectre mitigation flags.
+    
+    Current impementions of the gcc spectre mitigation flags cause
+    miscompilations when combined with other flags and do not provide much
+    protection.  Found by fweimer at redhat.com, ok djm@
+
+commit 4e23deefd7959ef83c73ed9cce574423438f6133
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Oct 16 10:51:52 2018 +1100
+
+    Avoid deprecated OPENSSL_config when using 1.1.x
+    
+    OpenSSL 1.1.x soft-deprecated OPENSSL_config in favour of
+    OPENSSL_init_crypto; pointed out by Jakub Jelen
+
+commit 797cdd9c8468ed1125ce60d590ae3f1397866af4
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Oct 12 16:58:47 2018 +1100
+
+    Don't avoid our *sprintf replacements.
+    
+    Don't let systems with broken printf(3) avoid our replacements
+    via asprintf(3)/vasprintf(3) calling libc internally.  From djm@
+
+commit e526127cbd2f8ad88fb41229df0c9b850c722830
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Oct 12 16:43:35 2018 +1100
+
+    Check if snprintf understands %zu.
+    
+    If the platforms snprintf and friends don't understand %zu, use the
+    compat replacement.  Prevents segfaults on those platforms.
+
+commit cf39f875191708c5f2f1a3c1c9019f106e74aea3
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Oct 12 09:48:05 2018 +1100
+
+    remove stale link, tweak
+
+commit a7205e68decf7de2005810853b4ce6b222b65e2a
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Oct 12 09:47:20 2018 +1100
+
+    update version numbers ahead of release
+
+commit 1a4a9cf80f5b92b9d1dadd0bfa8867c04d195391
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Oct 11 03:48:04 2018 +0000
+
+    upstream: don't send new-style rsa-sha2-*-cert-v01@openssh.com names to
+    
+    older OpenSSH that can't handle them. spotted by Adam Eijdenberg; ok dtucker
+    
+    OpenBSD-Commit-ID: 662bbc402e3d7c9b6c322806269698106a6ae631
+
+commit dc8ddcdf1a95e011c263486c25869bb5bf4e30ec
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Oct 11 13:08:59 2018 +1100
+
+    update depends
+
+commit 26841ac265603fd2253e6832e03602823dbb4022
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Oct 11 13:02:11 2018 +1100
+
+    some more duplicated key algorithm lines
+    
+    From Adam Eijdenberg
+
+commit 5d9d17603bfbb620195a4581025052832b4c4adc
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Oct 11 11:56:36 2018 +1100
+
+    fix duplicated algorithm specification lines
+    
+    Spotted by Adam Eijdenberg
+
+commit ebfafd9c7a5b2a7fb515ee95dbe0e44e11d0a663
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Oct 11 00:52:46 2018 +0000
+
+    upstream: typo in plain RSA algorithm counterpart names for
+    
+    certificates; spotted by Adam Eijdenberg; ok dtucker@
+    
+    OpenBSD-Commit-ID: bfcdeb6f4fc9e7607f5096574c8f118f2e709e00
+
+commit c29b111e7d87c2324ff71c80653dd8da168c13b9
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Oct 11 11:29:35 2018 +1100
+
+    check pw_passwd != NULL here too
+    
+    Again, for systems with broken NIS implementations.
+    
+    Prompted by coolbugcheckers AT gmail.com
+
+commit fe8e8f349a553ef4c567acd418aac769a82b7729
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Oct 11 11:03:15 2018 +1100
+
+    check for NULL return from shadow_pw()
+    
+    probably unreachable on this platform; pointed out by
+    coolbugcheckers AT gmail.com
+
+commit acc59cbe7a1fb169e1c3caba65a39bd74d6e030d
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Wed Oct 10 16:43:49 2018 +0000
+
+    upstream: introducing openssh 7.9
+    
+    OpenBSD-Commit-ID: 42d526a9fe01a40dd299ac58014d3349adf40e25
+
+commit 12731158c75c8760a8bea06350eeb3e763fe1a07
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Oct 11 10:29:29 2018 +1100
+
+    supply callback to PEM_read_bio_PrivateKey
+    
+    OpenSSL 1.1.0i has changed the behaviour of their PEM APIs,
+    so that empty passphrases are interpreted differently. This
+    probabalistically breaks loading some keys, because the PEM format
+    is terrible and doesn't include a proper MAC.
+    
+    Avoid this by providing a basic callback to avoid passing empty
+    passphrases to OpenSSL in cases where one is required.
+    
+    Based on patch from Jakub Jelen in bz#2913; ok dtucker@
+
+commit d1d301a1dd5d6cc3a9ed93ab7ab09dda4cb456e0
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Oct 10 14:57:00 2018 +1100
+
+    in pick_salt() avoid dereference of NULL passwords
+    
+    Apparently some NIS implementations can leave pw->pw_passwd (or the
+    shadow equivalent) NULL.
+    
+    bz#2909; based on patch from Todd Eigenschink
+
+commit edbb6febccee084d212fdc0cb05b40cb1c646ab1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Oct 9 05:42:23 2018 +0000
+
+    upstream: Treat all PEM_read_bio_PrivateKey() errors when a passphrase
+    
+    is specified as "incorrect passphrase" instead of trying to choose between
+    that and "invalid format".
+    
+    libcrypto can return ASN1 parsing errors rather than the expected
+    decrypt error in certain infrequent cases when trying to decrypt/parse
+    PEM private keys when supplied with an invalid passphrase.
+    
+    Report and repro recipe from Thomas Deutschmann in bz#2901
+    
+    ok markus@
+    
+    OpenBSD-Commit-ID: b1d4cd92395f9743f81c0d23aab2524109580870
+
+commit 2581333d564d8697837729b3d07d45738eaf5a54
+Author: naddy@openbsd.org <naddy@openbsd.org>
+Date:   Fri Oct 5 14:26:09 2018 +0000
+
+    upstream: Support using service names for port numbers.
+    
+    * Try to resolve a port specification with getservbyname(3) if a
+     numeric conversion fails.
+    * Make the "Port" option in ssh_config handle its argument as a
+     port rather than a plain integer.
+    
+    ok dtucker@ deraadt@
+    
+    OpenBSD-Commit-ID: e7f03633133205ab3dfbc67f9df7475fabae660d
+
+commit e0d6501e86734c48c8c503f81e1c0926e98c5c4c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Oct 4 07:47:35 2018 +0000
+
+    upstream: when the peer sends a channel-close message, make sure we
+    
+    close the local extended read fd (stderr) along with the regular read fd
+    (stdout). Avoids weird stuck processed in multiplexing mode.
+    
+    Report and analysis by Nelson Elhage and Geoffrey Thomas in bz#2863
+    
+    ok dtucker@ markus@
+    
+    OpenBSD-Commit-ID: a48a2467fe938de4de69d2e7193d5fa701f12ae9
+
+commit 6f1aabb128246f445e33b8844fad3de9cb1d18cb
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Oct 4 01:04:52 2018 +0000
+
+    upstream: factor out channel status formatting from
+    
+    channel_open_message() so we can use it in other debug messages
+    
+    OpenBSD-Commit-ID: 9c3903ca28fcabad57f566c9d0045b41ab7d52ba
+
+commit f1dd179e122bdfdb7ca3072d9603607740efda05
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Oct 4 00:10:11 2018 +0000
+
+    upstream: include a little more information about the status and
+    
+    disposition of channel's extended (stderr) fd; makes debugging some things a
+    bit easier. No behaviour change.
+    
+    OpenBSD-Commit-ID: 483eb6467dc7d5dbca8eb109c453e7a43075f7ce
+
+commit 2d1428b11c8b6f616f070f2ecedce12328526944
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Oct 4 00:04:41 2018 +0000
+
+    upstream: explicit_bzero here to be consistent with other kex*.c;
+    
+    report from coolbugcheckers AT gmail.com
+    
+    OpenBSD-Commit-ID: a90f146c5b5f5b1408700395e394f70b440856cb
+
+commit 5eff5b858e717e901e6af6596306a114de9f79f2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Oct 3 06:38:35 2018 +0000
+
+    upstream: Allow ssh_config IdentityAgent directive to accept
+    
+    environment variable names as well as explicit paths. ok dtucker@
+    
+    OpenBSD-Commit-ID: 2f0996e103876c53d8c9dd51dcce9889d700767b
+
+commit a46ac4d86b25414d78b632e8173578b37e5f8a83
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Oct 2 12:51:58 2018 +0000
+
+    upstream: mention INFO@openssh.com for sending SIGINFO
+    
+    OpenBSD-Commit-ID: 132471eeb0df658210afd27852fe65131b26e900
+
+commit ff3a411cae0b484274b7900ef52ff4dad3e12876
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Oct 2 22:49:40 2018 +1000
+
+    only support SIGINFO on systems with SIGINFO
+
+commit cd98925c6405e972dc9f211afc7e75e838abe81c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Oct 2 12:40:07 2018 +0000
+
+    upstream: Add server support for signalling sessions via the SSH
+    
+    channel/ session protocol. Signalling is only supported to sesssions that are
+    not subsystems and were not started with a forced command.
+    
+    Long requested in bz#1424
+    
+    Based on a patch from markus@ and reworked by dtucker@;
+    ok markus@ dtucker@
+    
+    OpenBSD-Commit-ID: 4bea826f575862eaac569c4bedd1056a268be1c3
+
+commit dba50258333f2604a87848762af07ba2cc40407a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 26 07:32:44 2018 +0000
+
+    upstream: remove big ugly TODO comment from start of file. Some of
+    
+    the mentioned tasks are obsolete and, of the remainder, most are already
+    captured in PROTOCOL.mux where they better belong
+    
+    OpenBSD-Commit-ID: 16d9d76dee42a5bb651c9d6740f7f0ef68aeb407
+
+commit 92b61a38ee9b765f5049f03cd1143e13f3878905
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 26 07:30:05 2018 +0000
+
+    upstream: Document mux proxy mode; added by Markus in openssh-7.4
+    
+    Also add a little bit of information about the overall packet format
+    
+    OpenBSD-Commit-ID: bdb6f6ea8580ef96792e270cae7857786ad84a95
+
+commit 9d883a1ce4f89b175fd77405ff32674620703fb2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 26 01:48:57 2018 +0000
+
+    upstream: s/process_mux_master/mux_master_process/ in mux master
+    
+    function names,
+    
+    Gives better symmetry with the existing mux_client_*() names and makes
+    it more obvious when a message comes from the master vs client (they
+    are interleved in ControlMaster=auto mode).
+    
+    no functional change beyond prefixing a could of log messages with
+    __func__ where they were previously lacking.
+    
+    OpenBSD-Commit-ID: b01f7c3fdf92692e1713a822a89dc499333daf75
+
+commit c2fa53cd6462da82d3a851dc3a4a3f6b920337c8
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sat Sep 22 14:41:24 2018 +1000
+
+    Remove unused variable in _ssh_compat_fflush.
+
+commit d1b3540c21212624af907488960d703c7d987b42
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Thu Sep 20 18:08:43 2018 +1000
+
+    Import updated moduli.
+
+commit b5e412a8993ad17b9e1141c78408df15d3d987e1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Sep 21 12:46:22 2018 +0000
+
+    upstream: Allow ssh_config ForwardX11Timeout=0 to disable the
+    
+    timeout and allow X11 connections in untrusted mode indefinitely. ok dtucker@
+    
+    OpenBSD-Commit-ID: ea1ceed3f540b48e5803f933e59a03b20db10c69
+
+commit cb24d9fcc901429d77211f274031653476864ec6
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Sep 21 12:23:17 2018 +0000
+
+    upstream: when compiled with GSSAPI support, cache supported method
+    
+    OIDs by calling ssh_gssapi_prepare_supported_oids() regardless of whether
+    GSSAPI authentication is enabled in the main config.
+    
+    This avoids sandbox violations for configurations that enable GSSAPI
+    auth later, e.g.
+    
+    Match user djm
+            GSSAPIAuthentication yes
+    
+    bz#2107; ok dtucker@
+    
+    OpenBSD-Commit-ID: a5dd42d87c74e27cfb712b15b0f97ab20e0afd1d
+
+commit bbc8af72ba68da014d4de6e21a85eb5123384226
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Sep 21 12:20:12 2018 +0000
+
+    upstream: In sshkey_in_file(), ignore keys that are considered for
+    
+    being too short (i.e. SSH_ERR_KEY_LENGTH). These keys will not be considered
+    to be "in the file". This allows key revocation lists to contain short keys
+    without the entire revocation list being considered invalid.
+    
+    bz#2897; ok dtucker
+    
+    OpenBSD-Commit-ID: d9f3d857d07194a42ad7e62889a74dc3f9d9924b
+
+commit 383a33d160cefbfd1b40fef81f72eadbf9303a66
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Sep 21 03:11:36 2018 +0000
+
+    upstream: Treat connections with ProxyJump specified the same as ones
+    
+    with a ProxyCommand set with regards to hostname canonicalisation (i.e. don't
+    try to canonicalise the hostname unless CanonicalizeHostname is set to
+    'always').
+    
+    Patch from Sven Wegener via bz#2896
+    
+    OpenBSD-Commit-ID: 527ff501cf98bf65fb4b29ed0cb847dda10f4d37
+
+commit 0cbed248ed81584129b67c348dbb801660f25a6a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Sep 20 23:40:16 2018 +0000
+
+    upstream: actually make CASignatureAlgorithms available as a config
+    
+    option
+    
+    OpenBSD-Commit-ID: 93fa7ff58314ed7b1ab7744090a6a91232e6ae52
+
+commit 62528870c0ec48cd86a37dd7320fb85886c3e6ee
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Sep 20 08:07:03 2018 +0000
+
+    upstream: Import updated moduli.
+    
+    OpenBSD-Commit-ID: 04431e8e7872f49a2129bf080a6b73c19d576d40
+
+commit e6933a2ffa0659d57f3c7b7c457b2c62b2a84613
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Thu Sep 20 06:58:48 2018 +0000
+
+    upstream: reorder CASignatureAlgorithms, and add them to the
+    
+    various -o lists; ok djm
+    
+    OpenBSD-Commit-ID: ecb88baecc3c54988b4d1654446ea033da359288
+
+commit aa083aa9624ea7b764d5a81c4c676719a1a3e42b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Sep 20 03:31:49 2018 +0000
+
+    upstream: fix "ssh -Q sig" to show correct signature algorithm list
+    
+    (it was erroneously showing certificate algorithms); prompted by markus@
+    
+    OpenBSD-Commit-ID: 1cdee002f2f0c21456979deeb887fc889afb154d
+
+commit ecac7e1f7add6b28874959a11f2238d149dc2c07
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Sep 20 03:30:44 2018 +0000
+
+    upstream: add CASignatureAlgorithms option for the client, allowing
+    
+    it to specify which signature algorithms may be used by CAs when signing
+    certificates. Useful if you want to ban RSA/SHA1; ok markus@
+    
+    OpenBSD-Commit-ID: 9159e5e9f67504829bf53ff222057307a6e3230f
+
+commit 86e5737c39153af134158f24d0cab5827cbd5852
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Sep 20 03:28:06 2018 +0000
+
+    upstream: Add sshd_config CASignatureAlgorithms option to allow
+    
+    control over which signature algorithms a CA may use when signing
+    certificates. In particular, this allows a sshd to ban certificates signed
+    with RSA/SHA1.
+    
+    ok markus@
+    
+    OpenBSD-Commit-ID: b05c86ef8b52b913ed48d54a9b9c1a7714d96bac
+
+commit f80e68ea7d62e2dfafc12f1a60ab544ae4033a0f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 19 02:03:02 2018 +0000
+
+    upstream: Make "ssh-add -q" do what it says on the tin: silence
+    
+    output from successful operations.
+    
+    Based on patch from Thijs van Dijk; ok dtucker@ deraadt@
+    
+    OpenBSD-Commit-ID: c4f754ecc055c10af166116ce7515104aa8522e1
+
+commit 5e532320e9e51de720d5f3cc2596e95d29f6e98f
+Author: millert@openbsd.org <millert@openbsd.org>
+Date:   Mon Sep 17 15:40:14 2018 +0000
+
+    upstream: When choosing a prime from the moduli file, avoid
+    
+    re-using the linenum variable for something that is not a line number to
+    avoid the confusion that resulted in the bug in rev. 1.64.  This also lets us
+    pass the actual linenum to parse_prime() so the error messages include the
+    correct line number.  OK markus@ some time ago.
+    
+    OpenBSD-Commit-ID: 4d8e5d3e924d6e8eb70053e3defa23c151a00084
+
+commit cce8cbe0ed7d1ba3a575310e0b63c193326ae616
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Sat Sep 15 19:44:06 2018 +1000
+
+    Fix openssl-1.1 fallout for --without-openssl.
+    
+    ok djm@
+
+commit 149519b9f201dac755f3cba4789f4d76fecf0ee1
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Sep 15 19:37:48 2018 +1000
+
+    add futex(2) syscall to seccomp sandbox
+    
+    Apparently needed for some glibc/openssl combinations.
+    
+    Patch from Arkadiusz Miśkiewicz
+
+commit 4488ae1a6940af704c4dbf70f55bf2f756a16536
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Sep 15 19:36:55 2018 +1000
+
+    really add source for authopt_fuzz this time
+
+commit 9201784b4a257c8345fbd740bcbdd70054885707
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Sep 15 19:35:40 2018 +1000
+
+    remove accidentally checked-in authopt_fuzz binary
+
+commit beb9e522dc7717df08179f9e59f36b361bfa14ab
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Sep 14 05:26:27 2018 +0000
+
+    upstream: second try, deals properly with missing and private-only
+    
+    Use consistent format in debug log for keys readied, offered and
+    received during public key authentication.
+    
+    This makes it a little easier to see what is going on, as each message
+    now contains (where available) the key filename, its type and fingerprint,
+    and whether the key is hosted in an agent or a token.
+    
+    OpenBSD-Commit-ID: f1c6a8e9cfc4e108c359db77f24f9a40e1e25ea7
+
+commit 6bc5a24ac867bfdc3ed615589d69ac640f51674b
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Sep 14 15:16:34 2018 +1000
+
+    fuzzer harness for authorized_keys option parsing
+
+commit 6c8b82fc6929b6a9a3f645151b6ec26c5507d9ef
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Sep 14 04:44:04 2018 +0000
+
+    upstream: revert following; deals badly with agent keys
+    
+    revision 1.285
+    date: 2018/09/14 04:17:12;  author: djm;  state: Exp;  lines: +47 -26;  commitid: lflGFcNb2X2HebaK;
+    Use consistent format in debug log for keys readied, offered and
+    received during public key authentication.
+    
+    This makes it a little easier to see what is going on, as each message
+    now contains the key filename, its type and fingerprint, and whether
+    the key is hosted in an agent or a token.
+    
+    OpenBSD-Commit-ID: e496bd004e452d4b051f33ed9ae6a54ab918f56d
+
+commit 6da046f9c3374ce7e269ded15d8ff8bc45017301
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Sep 14 04:17:44 2018 +0000
+
+    upstream: garbage-collect moribund ssh_new_private() API.
+    
+    OpenBSD-Commit-ID: 7c05bf13b094093dfa01848a9306c82eb6e95f6c
+
+commit 1f24ac5fc05252ceb1c1d0e8cab6a283b883c780
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Sep 14 04:17:12 2018 +0000
+
+    upstream: Use consistent format in debug log for keys readied,
+    
+    offered and received during public key authentication.
+    
+    This makes it a little easier to see what is going on, as each message
+    now contains the key filename, its type and fingerprint, and whether
+    the key is hosted in an agent or a token.
+    
+    OpenBSD-Commit-ID: 2a01d59285a8a7e01185bb0a43316084b4f06a1f
+
+commit 488c9325bb7233e975dbfbf89fa055edc3d3eddc
+Author: millert@openbsd.org <millert@openbsd.org>
+Date:   Thu Sep 13 15:23:32 2018 +0000
+
+    upstream: Fix warnings caused by user_from_uid() and group_from_gid()
+    
+    now returning const char *.
+    
+    OpenBSD-Commit-ID: b5fe571ea77cfa7b9035062829ab05eb87d7cc6f
+
+commit 0aa1f230846ebce698e52051a107f3127024a05a
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Sep 14 10:31:47 2018 +1000
+
+    allow SIGUSR1 as synonym for SIGINFO
+    
+    Lets users on those unfortunate operating systems that lack SIGINFO
+    still be able to obtain progress information from unit tests :)
+
+commit d64e78526596f098096113fcf148216798c327ff
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Sep 13 19:05:48 2018 +1000
+
+    add compat header
+
+commit a3fd8074e2e2f06602e25618721f9556c731312c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Sep 13 09:03:20 2018 +0000
+
+    upstream: missed a bit of openssl-1.0.x API in this unittest
+    
+    OpenBSD-Regress-ID: a73a54d7f7381856a3f3a2d25947bee7a9a5dbc9
+
+commit 86e0a9f3d249d5580390daf58e015e68b01cef10
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Sep 13 05:06:51 2018 +0000
+
+    upstream: use only openssl-1.1.x API here too
+    
+    OpenBSD-Regress-ID: ae877064597c349954b1b443769723563cecbc8f
+
+commit 48f54b9d12c1c79fba333bc86d455d8f4cda8cfc
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Sep 13 12:13:50 2018 +1000
+
+    adapt -portable to OpenSSL 1.1x API
+    
+    Polyfill missing API with replacement functions extracted from LibreSSL
+
+commit 86112951d63d48839f035b5795be62635a463f99
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Sep 13 12:12:42 2018 +1000
+
+    forgot to stage these test files in commit d70d061
+
+commit 482d23bcacdd3664f21cc82a5135f66fc598275f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Sep 13 02:08:33 2018 +0000
+
+    upstream: hold our collective noses and use the openssl-1.1.x API in
+    
+    OpenSSH; feedback and ok tb@ jsing@ markus@
+    
+    OpenBSD-Commit-ID: cacbcac87ce5da0d3ca7ef1b38a6f7fb349e4417
+
+commit d70d061828730a56636ab6f1f24fe4a8ccefcfc1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 12 01:36:45 2018 +0000
+
+    upstream: Include certs with multiple RSA signature variants in
+    
+    test data Ensure that cert->signature_key is populated correctly
+    
+    OpenBSD-Regress-ID: 56e68f70fe46cb3a193ca207385bdb301fd6603a
+
+commit f803b2682992cfededd40c91818b653b5d923ef5
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 12 01:23:48 2018 +0000
+
+    upstream: test revocation by explicit hash and by fingerprint
+    
+    OpenBSD-Regress-ID: 079c18a9ab9663f4af419327c759fc1e2bc78fd8
+
+commit 2de78bc7da70e1338b32feeefcc6045cf49efcd4
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 12 01:22:43 2018 +0000
+
+    upstream: s/sshkey_demote/sshkey_from_private/g
+    
+    OpenBSD-Regress-ID: 782bde7407d94a87aa8d1db7c23750e09d4443c4
+
+commit 41c115a5ea1cb79a6a3182773c58a23f760e8076
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Sep 12 16:50:01 2018 +1000
+
+    delete the correct thing; kexfuzz binary
+
+commit f0fcd7e65087db8c2496f13ed39d772f8e38b088
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 12 06:18:59 2018 +0000
+
+    upstream: fix edit mistake; spotted by jmc@
+    
+    OpenBSD-Commit-ID: dd724e1c52c9d6084f4cd260ec7e1b2b138261c6
+
+commit 4cc259bac699f4d2a5c52b92230f9e488c88a223
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 12 01:34:02 2018 +0000
+
+    upstream: add SSH_ALLOWED_CA_SIGALGS - the default list of
+    
+    signature algorithms that are allowed for CA signatures. Notably excludes
+    ssh-dsa.
+    
+    ok markus@
+    
+    OpenBSD-Commit-ID: 1628e4181dc8ab71909378eafe5d06159a22deb4
+
+commit ba9e788315b1f6a350f910cb2a9e95b2ce584e89
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 12 01:32:54 2018 +0000
+
+    upstream: add sshkey_check_cert_sigtype() that checks a
+    
+    cert->signature_type against a supplied whitelist; ok markus
+    
+    OpenBSD-Commit-ID: caadb8073292ed7a9535e5adc067d11d356d9302
+
+commit a70fd4ad7bd9f2ed223ff635a3d41e483057f23b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 12 01:31:30 2018 +0000
+
+    upstream: add cert->signature_type field and keep it in sync with
+    
+    certificate signature wrt loading and certification operations; ok markus@
+    
+    OpenBSD-Commit-ID: e8b8b9f76b66707a0cd926109c4383db8f664df3
+
+commit 357128ac48630a9970e3af0e6ff820300a28da47
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 12 01:30:10 2018 +0000
+
+    upstream: Add "ssh -Q sig" to allow listing supported signature
+    
+    algorithms ok markus@
+    
+    OpenBSD-Commit-ID: 7a8c6eb6c249dc37823ba5081fce64876d10fe2b
+
+commit 9405c6214f667be604a820c6823b27d0ea77937d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 12 01:21:34 2018 +0000
+
+    upstream: allow key revocation by SHA256 hash and allow ssh-keygen
+    
+    to create KRLs using SHA256/base64 key fingerprints; ok markus@
+    
+    OpenBSD-Commit-ID: a0590fd34e7f1141f2873ab3acc57442560e6a94
+
+commit 50e2687ee0941c0ea216d6ffea370ffd2c1f14b9
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 12 01:19:12 2018 +0000
+
+    upstream: log certificate fingerprint in authentication
+    
+    success/failure message (previously we logged only key ID and CA key
+    fingerprint).
+    
+    ok markus@
+    
+    OpenBSD-Commit-ID: a8ef2d172b7f1ddbcce26d6434b2de6d94f6c05d
+
+commit de37ca909487d23e5844aca289b3f5e75d3f1e1f
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Sep 7 04:26:56 2018 +0000
+
+    upstream: Add FALLTHROUGH comments where appropriate. Patch from
+    
+    jjelen at redhat via bz#2687.
+    
+    OpenBSD-Commit-ID: c48eb457be697a19d6d2950c6d0879f3ccc851d3
+
+commit 247766cd3111d5d8c6ea39833a3257ca8fb820f2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Sep 7 01:42:54 2018 +0000
+
+    upstream: ssh -MM requires confirmation for all operations that
+    
+    change the multiplexing state, not just new sessions.
+    
+    mention that confirmation is checked via ssh-askpass
+    
+    OpenBSD-Commit-ID: 0f1b45551ebb9cc5c9a4fe54ad3b23ce90f1f5c2
+
+commit db8bb80e3ac1bcb3e1305d846cd98c6b869bf03f
+Author: mestre@openbsd.org <mestre@openbsd.org>
+Date:   Tue Aug 28 12:25:53 2018 +0000
+
+    upstream: fix misplaced parenthesis inside if-clause. it's harmless
+    
+    and the only issue is showing an unknown error (since it's not defined)
+    during fatal(), if it ever an error occurs inside that condition.
+    
+    OK deraadt@ markus@ djm@
+    
+    OpenBSD-Commit-ID: acb0a8e6936bfbe590504752d01d1d251a7101d8
+
+commit 086cc614f550b7d4f100c95e472a6b6b823938ab
+Author: mestre@openbsd.org <mestre@openbsd.org>
+Date:   Tue Aug 28 12:17:45 2018 +0000
+
+    upstream: fix build with DEBUG_PK enabled
+    
+    OK dtucker@
+    
+    OpenBSD-Commit-ID: ec1568cf27726e9638a0415481c20c406e7b441c
+
+commit 2678833013e97f8b18f09779b7f70bcbf5eb2ab2
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Sep 7 14:41:53 2018 +1000
+
+    Handle ngroups>_SC_NGROUPS_MAX.
+    
+    Based on github pull request #99 from Darren Maffat at Oracle: Solaris'
+    getgrouplist considers _SC_NGROUPS_MAX more of a guideline and can return
+    a larger number of groups.  In this case, retry getgrouplist with a
+    larger array and defer allocating groups_byname.  ok djm@
+
+commit 039bf2a81797b8f3af6058d34005a4896a363221
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Sep 7 14:06:57 2018 +1000
+
+    Initial len for the fmt=NULL case.
+    
+    Patch from jjelen at redhat via bz#2687.  (OpenSSH never calls
+    setproctitle with a null format so len is always initialized).
+
+commit ea9c06e11d2e8fb2f4d5e02f8a41e23d2bd31ca9
+Author: Darren Tucker <dtucker@dtucker.net>
+Date:   Fri Sep 7 14:01:39 2018 +1000
+
+    Include stdlib.h.
+    
+    Patch from jjelen at redhat via bz#2687.
+
+commit 9617816dbe73ec4d65075f4d897443f63a97c87f
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Aug 27 13:08:01 2018 +1000
+
+    document some more regress control env variables
+    
+    Specifically SKIP_UNIT, USE_VALGRING and LTESTS. Sort the list of
+    environment variables.
+    
+    Based on patch from Jakub Jelen
+
 commit 71508e06fab14bc415a79a08f5535ad7bffa93d9
 Author: Damien Miller <djm@mindrot.org>
 Date:   Thu Aug 23 15:41:42 2018 +1000
@@ -8880,862 +9704,3 @@ Date:   Thu Oct 20 03:42:09 2016 +1100
     Remote channels .orig and .rej files.
     
     These files were incorrectly added during an OpenBSD sync.
-
-commit 246aa842a4ad368d8ce030495e657ef3a0e1f95c
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Tue Oct 18 17:32:54 2016 +0000
-
-    upstream commit
-    
-    Remove channel_input_port_forward_request(); the only caller
-    was the recently-removed SSH1 server code so it's now dead code.  ok markus@
-    
-    Upstream-ID: 05453983230a1f439562535fec2818f63f297af9
-
-commit 2c6697c443d2c9c908260eed73eb9143223e3ec9
-Author: millert@openbsd.org <millert@openbsd.org>
-Date:   Tue Oct 18 12:41:22 2016 +0000
-
-    upstream commit
-    
-    Install a signal handler for tty-generated signals and
-    wait for the ssh child to suspend before suspending sftp.  This lets ssh
-    restore the terminal mode as needed when it is suspended at the password
-    prompt.  OK dtucker@
-    
-    Upstream-ID: a31c1f42aa3e2985dcc91e46e6a17bd22e372d69
-
-commit fd2a8f1033fa2316fff719fd5176968277560158
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Sat Oct 15 19:56:25 2016 +0000
-
-    upstream commit
-    
-    various formatting fixes, specifically removing Dq;
-    
-    Upstream-ID: 81e85df2b8e474f5f93d66e61d9a4419ce87347c
-
-commit 8f866d8a57b9a2dc5dd04504e27f593b551618e3
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Wed Oct 19 03:26:09 2016 +1100
-
-    Import readpassphrase.c rev 1.26.
-    
-    Author: miller@openbsd.org:
-    Avoid generate SIGTTOU when restoring the terminal mode.  If we get
-    SIGTTOU it means the process is not in the foreground process group
-    which, in most cases, means that the shell has taken control of the tty.
-    Requiring the user the fg the process in this case doesn't make sense
-    and can result in both SIGTSTP and SIGTTOU being sent which can lead to
-    the process being suspended again immediately after being brought into
-    the foreground.
-
-commit f901440cc844062c9bab0183d133f7ccc58ac3a5
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Wed Oct 19 03:23:16 2016 +1100
-
-    Import readpassphrase.c rev 1.25.
-    
-    Wrap <readpassphrase.h> so internal calls go direct and
-    readpassphrase is weak.
-    
-    (DEF_WEAK is a no-op in portable.)
-
-commit 032147b69527e5448a511049b2d43dbcae582624
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Sat Oct 15 05:51:12 2016 +1100
-
-    Move DEF_WEAK into defines.h.
-    
-    As well pull in more recent changes from OpenBSD these will start to
-    arrive so put it where the definition is shared.
-
-commit e0259a82ddd950cfb109ddee86fcebbc09c6bd04
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Sat Oct 15 04:34:46 2016 +1100
-
-    Remove do_pam_set_tty which is dead code.
-    
-    The callers of do_pam_set_tty were removed in 2008, so this is now dead
-    code.  bz#2604, pointed out by jjelen at redhat.com.
-
-commit ca04de83f210959ad2ed870a30ba1732c3ae00e3
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Oct 13 18:53:43 2016 +1100
-
-    unbreak principals-command test
-    
-    Undo inconsistetly updated variable name.
-
-commit 1723ec92eb485ce06b4cbf49712d21975d873909
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Oct 11 21:49:54 2016 +0000
-
-    upstream commit
-    
-    fix the KEX fuzzer - the previous method of obtaining the
-    packet contents was broken. This now uses the new per-packet input hook, so
-    it sees exact post-decrypt packets and doesn't have to pass packet integrity
-    checks. ok markus@
-    
-    Upstream-Regress-ID: 402fb6ffabd97de590e8e57b25788949dce8d2fd
-
-commit 09f997893f109799cddbfce6d7e67f787045cbb2
-Author: natano@openbsd.org <natano@openbsd.org>
-Date:   Thu Oct 6 09:31:38 2016 +0000
-
-    upstream commit
-    
-    Move USER out of the way to unbreak the BUILDUSER
-    mechanism. ok tb
-    
-    Upstream-Regress-ID: 74ab9687417dd071d62316eaadd20ddad1d5af3c
-
-commit 3049a012c482a7016f674db168f23fd524edce27
-Author: bluhm@openbsd.org <bluhm@openbsd.org>
-Date:   Fri Sep 30 11:55:20 2016 +0000
-
-    upstream commit
-    
-    In ssh tests set REGRESS_FAIL_EARLY with ?= so that the
-    environment can change it. OK djm@
-    
-    Upstream-Regress-ID: 77bcb50e47b68c7209c7f0a5a020d73761e5143b
-
-commit 39af7b444db28c1cb01b7ea468a4f574a44f375b
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Oct 11 21:47:45 2016 +0000
-
-    upstream commit
-    
-    Add a per-packet input hook that is called with the
-    decrypted packet contents. This will be used for fuzzing; ok markus@
-    
-    Upstream-ID: a3221cee6b1725dd4ae1dd2c13841b4784cb75dc
-
-commit ec165c392ca54317dbe3064a8c200de6531e89ad
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Mon Oct 10 19:28:48 2016 +0000
-
-    upstream commit
-    
-    Unregister the KEXINIT handler after message has been
-    received. Otherwise an unauthenticated peer can repeat the KEXINIT and cause
-    allocation of up to 128MB -- until the connection is closed. Reported by
-    shilei-c at 360.cn
-    
-    Upstream-ID: 43649ae12a27ef94290db16d1a98294588b75c05
-
-commit 29d40319392e6e19deeca9d45468aa1119846e50
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Oct 13 04:07:20 2016 +1100
-
-    Import rev 1.24 from OpenBSD.
-    
-    revision 1.24
-    date: 2013/11/24 23:51:29;  author: deraadt;  state: Exp;  lines: +4 -4;
-    most obvious unsigned char casts for ctype
-    ok jca krw ingo
-
-commit 12069e56221de207ed666c2449dedb431a2a7ca2
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Oct 13 04:04:44 2016 +1100
-
-    Import rev 1.23 from OpenBSD.  Fixes bz#2619.
-    
-    revision 1.23
-    date: 2010/05/14 13:30:34;  author: millert;  state: Exp;  lines: +41 -39;
-    Defer installing signal handlers until echo is disabled so that we
-    get suspended normally when not the foreground process.  Fix potential
-    infinite loop when restoring terminal settings if process is in the
-    background when restore occurs.  OK miod@
-
-commit 7508d83eff89af069760b4cc587305588a64e415
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Oct 13 03:53:51 2016 +1100
-
-    If we don't have TCSASOFT, define it to zero.
-    
-    This makes it a no-op when we use it below, which allows us to re-sync
-    those lines with the upstream and make future updates easier.
-
-commit aae4dbd4c058d3b1fe1eb5c4e6ddf35827271377
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Fri Oct 7 14:41:52 2016 +0000
-
-    upstream commit
-    
-    tidy up the formatting in this file. more specifically,
-    replace .Dq, which looks appalling, with .Cm, where appropriate;
-    
-    Upstream-ID: ff8e90aa0343d9bb56f40a535e148607973cc738
-
-commit a571dbcc7b7b25371174569b13df5159bc4c6c7a
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Oct 4 21:34:40 2016 +0000
-
-    upstream commit
-    
-    add a comment about implicitly-expected checks to
-    sshkey_ec_validate_public()
-    
-    Upstream-ID: 74a7f71c28f7c13a50f89fc78e7863b9cd61713f
-
-commit 2f78a2a698f4222f8e05cad57ac6e0c3d1faff00
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Sep 30 20:24:46 2016 +0000
-
-    upstream commit
-    
-    fix some -Wpointer-sign warnings in the new mux proxy; ok
-    markus@
-    
-    Upstream-ID: b1ba7b3769fbc6b7f526792a215b0197f5e55dfd
-
-commit ca71c36645fc26fcd739a8cfdc702cec85607761
-Author: bluhm@openbsd.org <bluhm@openbsd.org>
-Date:   Wed Sep 28 20:09:52 2016 +0000
-
-    upstream commit
-    
-    Add a makefile rule to create the ssh library when
-    regress needs it.  This allows to run the ssh regression tests without doing
-    a "make build" before. Discussed with dtucker@ and djm@; OK djm@
-    
-    Upstream-Regress-ID: ce489bd53afcd471225a125b4b94565d4717c025
-
-commit ce44c970f913d2a047903dba8670554ac42fc479
-Author: bluhm@openbsd.org <bluhm@openbsd.org>
-Date:   Mon Sep 26 21:34:38 2016 +0000
-
-    upstream commit
-    
-    Allow to run ssh regression tests as root.  If the user
-    is already root, the test should not expect that SUDO is set.  If ssh needs
-    another user, use sudo or doas to switch from root if necessary. OK dtucker@
-    
-    Upstream-Regress-ID: b464e55185ac4303529e3e6927db41683aaeace2
-
-commit 8d0578478586e283e751ca51e7b0690631da139a
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Fri Sep 30 09:19:13 2016 +0000
-
-    upstream commit
-    
-    ssh proxy mux mode (-O proxy; idea from Simon Tatham): - mux
-    client speaks the ssh-packet protocol directly over unix-domain socket. - mux
-    server acts as a proxy, translates channel IDs and relays to the server. - no
-    filedescriptor passing necessary. - combined with unix-domain forwarding it's
-    even possible to run mux client   and server on different machines. feedback
-    & ok djm@
-    
-    Upstream-ID: 666a2fb79f58e5c50e246265fb2b9251e505c25b
-
-commit b7689155f3f5c4999846c07a852b1c7a43b09cec
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Sep 28 21:44:52 2016 +0000
-
-    upstream commit
-    
-    put back some pre-auth zlib bits that I shouldn't have
-    removed - they are still used by the client. Spotted by naddy@
-    
-    Upstream-ID: 80919468056031037d56a1f5b261c164a6f90dc2
-
-commit 4577adead6a7d600c8e764619d99477a08192c8f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Sep 28 20:32:42 2016 +0000
-
-    upstream commit
-    
-    restore pre-auth compression support in the client -- the
-    previous commit was intended to remove it from the server only.
-    
-    remove a few server-side pre-auth compression bits that escaped
-    
-    adjust wording of Compression directive in sshd_config(5)
-    
-    pointed out by naddy@ ok markus@
-    
-    Upstream-ID: d23696ed72a228dacd4839dd9f2dec424ba2016b
-
-commit 80d1c963b4dc84ffd11d09617b39c4bffda08956
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Wed Sep 28 17:59:22 2016 +0000
-
-    upstream commit
-    
-    use a separate TOKENS section, as we've done for
-    sshd_config(5); help/ok djm
-    
-    Upstream-ID: 640e32b5e4838e4363738cdec955084b3579481d
-
-commit 1cfd5c06efb121e58e8b6671548fda77ef4b4455
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Sep 29 03:19:23 2016 +1000
-
-    Remove portability support for mmap
-    
-    We no longer need to wrap/replace mmap for portability now that
-    pre-auth compression has been removed from OpenSSH.
-
-commit 0082fba4efdd492f765ed4c53f0d0fbd3bdbdf7f
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Sep 28 16:33:06 2016 +0000
-
-    upstream commit
-    
-    Remove support for pre-authentication compression. Doing
-    compression early in the protocol probably seemed reasonable in the 1990s,
-    but today it's clearly a bad idea in terms of both cryptography (cf. multiple
-    compression oracle attacks in TLS) and attack surface.
-    
-    Moreover, to support it across privilege-separation zlib needed
-    the assistance of a complex shared-memory manager that made the
-    required attack surface considerably larger.
-    
-    Prompted by Guido Vranken pointing out a compiler-elided security
-    check in the shared memory manager found by Stack
-    (http://css.csail.mit.edu/stack/); ok deraadt@ markus@
-    
-    NB. pre-auth authentication has been disabled by default in sshd
-    for >10 years.
-    
-    Upstream-ID: 32af9771788d45a0779693b41d06ec199d849caf
-
-commit 27c3a9c2aede2184856b5de1e6eca414bb751c38
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Sep 26 21:16:11 2016 +0000
-
-    upstream commit
-    
-    Avoid a theoretical signed integer overflow should
-    BN_num_bytes() ever violate its manpage and return a negative value. Improve
-    order of tests to avoid confusing increasingly pedantic compilers.
-    
-    Reported by Guido Vranken from stack (css.csail.mit.edu/stack)
-    unstable optimisation analyser output.  ok deraadt@
-    
-    Upstream-ID: f8508c830c86d8f36c113985e52bf8eedae23505
-
-commit 8663e51c80c6aa3d750c6d3bcff6ee05091922be
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Sep 28 07:40:33 2016 +1000
-
-    fix mdoc2man.awk formatting for top-level lists
-    
-    Reported by Glenn Golden
-    Diagnosis and fix from Ingo Schwarze
-
-commit b97739dc21570209ed9d4e7beee0c669ed23b097
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Sep 22 21:15:41 2016 +0000
-
-    upstream commit
-    
-    missing bit from previous commit
-    
-    Upstream-ID: 438d5ed6338b28b46e822eb13eee448aca31df37
-
-commit de6a175a99d22444e10d19ad3fffef39bc3ee3bb
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Thu Sep 22 19:19:01 2016 +0000
-
-    upstream commit
-    
-    organise the token stuff into a separate section; ok
-    markus for an earlier version of the diff ok/tweaks djm
-    
-    Upstream-ID: 81a6daa506a4a5af985fce7cf9e59699156527c8
-
-commit 16277fc45ffc95e4ffc3d45971ff8320b974de2b
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Sep 22 17:55:13 2016 +0000
-
-    upstream commit
-    
-    mention curve25519-sha256 KEX
-    
-    Upstream-ID: 33ae1f433ce4795ffa6203761fbdf86e0d7ffbaf
-
-commit 0493766d5676c7ca358824ea8d3c90f6047953df
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Sep 22 17:52:53 2016 +0000
-
-    upstream commit
-    
-    support plain curve25519-sha256 KEX algorithm now that it
-    is approaching standardisation (same algorithm is currently supported as
-    curve25519-sha256@libssh.org)
-    
-    Upstream-ID: 5e2b6db2e72667048cf426da43c0ee3fc777baa2
-
-commit f31c654b30a6f02ce0b8ea8ab81791b675489628
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Thu Sep 22 02:29:57 2016 +0000
-
-    upstream commit
-    
-    If ssh receives a PACKET_DISCONNECT during userauth it
-    will cause ssh_dispatch_run(DISPATCH_BLOCK, ...) to return without the
-    session being authenticated.  Check for this and exit if necessary.  ok djm@
-    
-    Upstream-ID: b3afe126c0839d2eae6cddd41ff2ba317eda0903
-
-commit 1622649b7a829fc8dc313042a43a974f0f3e8a99
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Sep 21 19:53:12 2016 +0000
-
-    upstream commit
-    
-    correctly return errors from kex_send_ext_info(). Fix from
-    Sami Farin via https://github.com/openssh/openssh-portable/pull/50
-    
-    Upstream-ID: c85999af28aaecbf92cfa2283381df81e839b42c
-
-commit f83a0cfe16c7a73627b46a9a94e40087d60f32fb
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Sep 21 17:44:20 2016 +0000
-
-    upstream commit
-    
-    cast uint64_t for printf
-    
-    Upstream-ID: 76d23e89419ccbd2320f92792a6d878211666ac1
-
-commit 5f63ab474f58834feca4f35c498be03b7dd38a16
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Sep 21 17:03:54 2016 +0000
-
-    upstream commit
-    
-    disable tests for affirmative negated match after backout of
-    match change
-    
-    Upstream-Regress-ID: acebb8e5042f03d66d86a50405c46c4de0badcfd
-
-commit a5ad3a9db5a48f350f257a67b62fafd719ecb7e0
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Sep 21 16:55:42 2016 +0000
-
-    upstream commit
-    
-    Revert two recent changes to negated address matching. The
-    new behaviour offers unintuitive surprises. We'll find a better way to deal
-    with single negated matches.
-    
-    match.c 1.31:
-    > fix matching for pattern lists that contain a single negated match,
-    > e.g. "Host !example"
-    >
-    > report and patch from Robin Becker. bz#1918 ok dtucker@
-    
-    addrmatch.c 1.11:
-    > fix negated address matching where the address list consists of a
-    > single negated match, e.g. "Match addr !192.20.0.1"
-    >
-    > Report and patch from Jakub Jelen. bz#2397 ok dtucker@
-    
-    Upstream-ID: ec96c770f0f5b9a54e5e72fda25387545e9c80c6
-
-commit 119b7a2ca0ef2bf3f81897ae10301b8ca8cba844
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Sep 21 01:35:12 2016 +0000
-
-    upstream commit
-    
-    test all the AuthorizedPrincipalsCommand % expansions
-    
-    Upstream-Regress-ID: 0a79a84dfaa59f958e46b474c3db780b454d30e3
-
-commit bfa9d969ab6235d4938ce069d4db7e5825c56a19
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Sep 21 01:34:45 2016 +0000
-
-    upstream commit
-    
-    add a way for principals command to get see key ID and serial
-    too
-    
-    Upstream-ID: 0d30978bdcf7e8eaeee4eea1b030eb2eb1823fcb
-
-commit 920585b826af1c639e4ed78b2eba01fd2337b127
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Sep 16 06:09:31 2016 +0000
-
-    upstream commit
-    
-    add a note on kexfuzz' limitations
-    
-    Upstream-Regress-ID: 03804d4a0dbc5163e1a285a4c8cc0a76a4e864ec
-
-commit 0445ff184080b196e12321998b4ce80b0f33f8d1
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Fri Sep 16 01:01:41 2016 +0000
-
-    upstream commit
-    
-    fix for newer modp DH groups
-    (diffie-hellman-group14-sha256 etc)
-    
-    Upstream-Regress-ID: fe942c669959462b507516ae1634fde0725f1c68
-
-commit 28652bca29046f62c7045e933e6b931de1d16737
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Mon Sep 19 19:02:19 2016 +0000
-
-    upstream commit
-    
-    move inbound NEWKEYS handling to kex layer; otherwise
-    early NEWKEYS causes NULL deref; found by Robert Swiecki/honggfuzz; fixed
-    with & ok djm@
-    
-    Upstream-ID: 9a68b882892e9f51dc7bfa9f5a423858af358b2f
-
-commit 492710894acfcc2f173d14d1d45bd2e688df605d
-Author: natano@openbsd.org <natano@openbsd.org>
-Date:   Mon Sep 19 07:52:42 2016 +0000
-
-    upstream commit
-    
-    Replace two more arc4random() loops with
-    arc4random_buf().
-    
-    tweaks and ok dtucker
-    ok deraadt
-    
-    Upstream-ID: 738d3229130ccc7eac975c190276ca6fcf0208e4
-
-commit 1036356324fecc13099ac6e986b549f6219327d7
-Author: tedu@openbsd.org <tedu@openbsd.org>
-Date:   Sat Sep 17 18:00:27 2016 +0000
-
-    upstream commit
-    
-    replace two arc4random loops with arc4random_buf ok
-    deraadt natano
-    
-    Upstream-ID: e18ede972d1737df54b49f011fa4f3917a403f48
-
-commit 00df97ff68a49a756d4b977cd02283690f5dfa34
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Sep 14 20:11:26 2016 +0000
-
-    upstream commit
-    
-    take fingerprint of correct key for
-    AuthorizedPrincipalsCommand
-    
-    Upstream-ID: 553581a549cd6a3e73ce9f57559a325cc2cb1f38
-
-commit e7907c1cb938b96dd33d27c2fea72c4e08c6b2f6
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Wed Sep 14 05:42:25 2016 +0000
-
-    upstream commit
-    
-    add %-escapes to AuthorizedPrincipalsCommand to match those
-    supported for AuthorizedKeysCommand (key, key type, fingerprint, etc) and a
-    few more to provide access to the certificate's CA key; 'looks ok' dtucker@
-    
-    Upstream-ID: 6b00fd446dbebe67f4e4e146d2e492d650ae04eb
-
-commit 2b939c272a81c4d0c47badeedbcb2ba7c128ccda
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Wed Sep 14 00:45:31 2016 +0000
-
-    upstream commit
-    
-    Improve test coverage of ssh-keygen -T a bit.
-    
-    Upstream-Regress-ID: 8851668c721bcc2b400600cfc5a87644cc024e72
-
-commit 44d82fc83be6c5ccd70881c2dac1a73e5050398b
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Sep 12 02:25:46 2016 +0000
-
-    upstream commit
-    
-    Add testcase for ssh-keygen -j, -J and -K options for
-    moduli screening. Does not currently test generation as that is extremely
-    slow.
-    
-    Upstream-Regress-ID: 9de6ce801377ed3ce0a63a1413f1cd5fd3c2d062
-
-commit 44e5f756d286bc3a1a5272ea484ee276ba3ac5c2
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Aug 23 08:17:04 2016 +0000
-
-    upstream commit
-    
-    add tests for addr_match_list()
-    
-    Upstream-Regress-ID: fae2d1fef84687ece584738a924c7bf969616c8e
-
-commit 445e218878035b59c704c18406e8aeaff4c8aa25
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Sep 12 23:39:34 2016 +0000
-
-    upstream commit
-    
-    handle certs in rsa_hash_alg_from_ident(), saving an
-    unnecessary special case elsewhere.
-    
-    Upstream-ID: 901cb081c59d6d2698b57901c427f3f6dc7397d4
-
-commit 130f5df4fa37cace8c079dccb690e5cafbf00751
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Sep 12 23:31:27 2016 +0000
-
-    upstream commit
-    
-    list all supported signature algorithms in the
-    server-sig-algs Reported by mb AT smartftp.com in bz#2547 and (independantly)
-    Ron Frederick; ok markus@
-    
-    Upstream-ID: ddf702d721f54646b11ef2cee6d916666cb685cd
-
-commit 8f750ccfc07acb8aa98be5a5dd935033a6468cfd
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Mon Sep 12 14:43:58 2016 +1000
-
-    Remove no-op brackets to resync with upstream.
-
-commit 7050896e7395866278c19c2ff080c26152619d1d
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Mon Sep 12 13:57:28 2016 +1000
-
-    Resync ssh-keygen -W error message with upstream.
-
-commit 43cceff82cc20413cce58ba3375e19684e62cec4
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Mon Sep 12 13:55:37 2016 +1000
-
-    Move ssh-keygen -W handling code to match upstream
-
-commit af48d541360b1d7737b35740a4b1ca34e1652cd9
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Mon Sep 12 13:52:17 2016 +1000
-
-    Move ssh-keygen -T handling code to match upstream.
-
-commit d8c3cfbb018825c6c86547165ddaf11924901c49
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Mon Sep 12 13:30:50 2016 +1000
-
-    Move -M handling code to match upstream.
-
-commit 7b63cf6dbbfa841c003de57d1061acbf2ff22364
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Sep 12 03:29:16 2016 +0000
-
-    upstream commit
-    
-    Spaces->tabs.
-    
-    Upstream-ID: f4829dfc3f36318273f6082b379ac562eead70b7
-
-commit 11e5e644536821ceb3bb4dd8487fbf0588522887
-Author: dtucker@openbsd.org <dtucker@openbsd.org>
-Date:   Mon Sep 12 03:25:20 2016 +0000
-
-    upstream commit
-    
-    Style whitespace fix.  Also happens to remove a no-op
-    diff with portable.
-    
-    Upstream-ID: 45d90f9a62ad56340913a433a9453eb30ceb8bf3
-
-commit 9136ec134c97a8aff2917760c03134f52945ff3c
-Author: deraadt@openbsd.org <deraadt@openbsd.org>
-Date:   Mon Sep 12 01:22:38 2016 +0000
-
-    upstream commit
-    
-    Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then
-    use those definitions rather than pulling <sys/param.h> and unknown namespace
-    pollution. ok djm markus dtucker
-    
-    Upstream-ID: 712cafa816c9f012a61628b66b9fbd5687223fb8
-
-commit f219fc8f03caca7ac82a38ed74bbd6432a1195e7
-Author: jmc@openbsd.org <jmc@openbsd.org>
-Date:   Wed Sep 7 18:39:24 2016 +0000
-
-    upstream commit
-    
-    sort; from matthew martin
-    
-    Upstream-ID: 73cec7f7ecc82d37a4adffad7745e4684de67ce7
-
-commit 06ce56b05def9460aecc7cdb40e861a346214793
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Tue Sep 6 09:22:56 2016 +0000
-
-    upstream commit
-    
-    ssh_set_newkeys: print correct block counters on
-    rekeying; ok djm@
-    
-    Upstream-ID: 32bb7a9cb9919ff5bab28d50ecef3a2b2045dd1e
-
-commit e5e8d9114ac6837a038f4952994ca95a97fafe8d
-Author: markus@openbsd.org <markus@openbsd.org>
-Date:   Tue Sep 6 09:14:05 2016 +0000
-
-    upstream commit
-    
-    update ext_info_c every time we receive a kexinit msg;
-    fixes sending of ext_info if privsep is disabled; report Aris Adamantiadis &
-    Mancha; ok djm@
-    
-    Upstream-ID: 2ceaa1076e19dbd3542254b4fb8e42d608f28856
-
-commit da95318dbedbaa1335323dba370975c2f251afd8
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Sep 5 14:02:42 2016 +0000
-
-    upstream commit
-    
-    remove 3des-cbc from the client's default proposal;
-    64-bit block ciphers are not safe in 2016 and we don't want to wait until
-    attacks like sweet32 are extended to SSH.
-    
-    As 3des-cbc was the only mandatory cipher in the SSH RFCs, this may
-    cause problems connecting to older devices using the defaults, but
-    it's highly likely that such devices already need explicit
-    configuration for KEX and hostkeys anyway.
-    
-    ok deraadt, markus, dtucker
-    
-    Upstream-ID: a505dfe65c6733af0f751b64cbc4bb7e0761bc2f
-
-commit b33ad6d997d36edfea65e243cd12ccd01f413549
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Mon Sep 5 13:57:31 2016 +0000
-
-    upstream commit
-    
-    enforce expected request flow for GSSAPI calls; thanks to
-    Jakub Jelen for testing; ok markus@
-    
-    Upstream-ID: d4bc0e70e1be403735d3d9d7e176309b1fd626b9
-
-commit 0bb2980260fb24e5e0b51adac471395781b66261
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Mon Sep 12 11:07:00 2016 +1000
-
-    Restore ssh-keygen's -J and -j option handling.
-    
-    These were incorrectly removed in the 1d9a2e28 sync commit.
-
-commit 775f8a23f2353f5869003c57a213d14b28e0736e
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 31 10:48:07 2016 +1000
-
-    tighten PAM monitor calls
-    
-    only allow kbd-interactive ones when that authentication method is
-    enabled. Prompted by Solar Designer
-
-commit 7fd0ea8a1db4bcfb3d8cd9df149e5d571ebea1f4
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Aug 30 07:50:21 2016 +0000
-
-    upstream commit
-    
-    restrict monitor auth calls to be allowed only when their
-    respective authentication methods are enabled in the configuration.
-    
-    prompted by Solar Designer; ok markus dtucker
-    
-    Upstream-ID: 6eb3f89332b3546d41d6dbf5a8e6ff920142b553
-
-commit b38b95f5bcc52278feb839afda2987933f68ff96
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Aug 29 11:47:07 2016 +1000
-
-    Tighten monitor state-machine flow for PAM calls
-    
-    (attack surface reduction)
-
-commit dc664d1bd0fc91b24406a3e9575b81c285b8342b
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Sun Aug 28 22:28:12 2016 +0000
-
-    upstream commit
-    
-    fix uninitialised optlen in getsockopt() call; harmless
-    on Unix/BSD but potentially crashy on Cygwin. Reported by James Slepicka ok
-    deraadt@
-    
-    Upstream-ID: 1987ccee508ba5b18f016c85100d7ac3f70ff965
-
-commit 5bcc1e2769f7d6927d41daf0719a9446ceab8dd7
-Author: guenther@openbsd.org <guenther@openbsd.org>
-Date:   Sat Aug 27 04:05:12 2016 +0000
-
-    upstream commit
-    
-    Pull in <sys/time.h> for struct timeval
-    
-    ok deraadt@
-    
-    Upstream-ID: ae34525485a173bccd61ac8eefeb91c57e3b7df6
-
-commit fa4a4c96b19127dc2fd4e92f20d99c0c7f34b538
-Author: guenther@openbsd.org <guenther@openbsd.org>
-Date:   Sat Aug 27 04:04:56 2016 +0000
-
-    upstream commit
-    
-    Pull in <stdlib.h> for NULL
-    
-    ok deraadt@
-    
-    Upstream-ID: 7baa6a0f1e049bb3682522b4b95a26c866bfc043
-
-commit ae363d74ccc1451185c0c8bd4631e28c67c7fd36
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Aug 25 23:57:54 2016 +0000
-
-    upstream commit
-    
-    add a sIgnore opcode that silently ignores options and
-    use it to suppress noisy deprecation warnings for the Protocol directive.
-    
-    req henning, ok markus
-    
-    Upstream-ID: 9fe040aca3d6ff393f6f7e60045cdd821dc4cbe0
-
-commit a94c60306643ae904add6e8ed219e4be3494255c
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Thu Aug 25 23:56:51 2016 +0000
-
-    upstream commit
-    
-    remove superfluous NOTREACHED comment
-    
-    Upstream-ID: a7485c1f1be618e8c9e38fd9be46c13b2d03b90c
-
-commit fc041c47144ce28cf71353124a8a5d183cd6a251
-Author: otto@openbsd.org <otto@openbsd.org>
-Date:   Tue Aug 23 16:21:45 2016 +0000
-
-    upstream commit
-    
-    fix previous, a condition was modified incorrectly; ok
-    markus@ deraadt@
-    
-    Upstream-ID: c443e339768e7ed396dff3bb55f693e7d3641453
-
-commit 23555eb13a9b0550371a16dcf8beaab7a5806a64
-Author: djm@openbsd.org <djm@openbsd.org>
-Date:   Tue Aug 23 08:17:42 2016 +0000
-
-    upstream commit
-    
-    downgrade an error() to a debug2() to match similar cases
-    in addr_match_list()
-    
-    Upstream-ID: 07c3d53e357214153d9d08f234411e0d1a3d6f5c