1 files changed, 9351 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
new file mode 100644
index 000000000..e008ec9f3
--- /dev/null
+++ b/ChangeLog
@@ -0,0 +1,9351 @@
+commit 66bf74a92131b7effe49fb0eefe5225151869dc5
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Oct 2 19:33:20 2017 +0000
+
+    upstream commit
+    
+    Fix PermitOpen crash; spotted by benno@, ok dtucker@ deraadt@
+    
+    Upstream-ID: c2cc84ffac070d2e1ff76182c70ca230a387983c
+
+commit d63b38160a59039708fd952adc75a0b3da141560
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sun Oct 1 10:32:25 2017 +1100
+
+    update URL again
+    
+    I spotted a typo in the draft so uploaded a new version...
+
+commit 6f64f596430cd3576c529f07acaaf2800aa17d58
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sun Oct 1 10:01:56 2017 +1100
+
+    sync release notes URL
+
+commit 35ff70a04dd71663a5ac1e73b90d16d270a06e0d
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sun Oct 1 10:01:25 2017 +1100
+
+    sync contrib/ssh-copy-id with upstream
+
+commit 290843b8ede85f8b30bf29cd7dceb805c3ea5b66
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sun Oct 1 09:59:19 2017 +1100
+
+    update version in RPM spec files
+
+commit 4e4e0bb223c5be88d87d5798c75cc6b0d4fef31d
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sun Oct 1 09:58:24 2017 +1100
+
+    update agent draft URL
+
+commit e4a798f001d2ecd8bf025c1d07658079f27cc604
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Sep 30 22:26:33 2017 +0000
+
+    upstream commit
+    
+    openssh-7.6; ok deraadt@
+    
+    Upstream-ID: a39c3a5b63a1baae109ae1ae4c7c34c2a59acde0
+
+commit 5fa1407e16e7e5fda9769d53b626ce39d5588d4d
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Wed Sep 27 06:45:53 2017 +0000
+
+    upstream commit
+    
+    tweak EposeAuthinfo; diff from lars nooden
+    
+    tweaked by sthen; ok djm dtucker
+    
+    Upstream-ID: 8f2ea5d2065184363e8be7a0ba24d98a3b259748
+
+commit bba69c246f0331f657fd6ec97724df99fc1ad174
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Sep 28 16:06:21 2017 -0700
+
+    don't fatal ./configure for LibreSSL
+
+commit 04dc070e8b4507d9d829f910b29be7e3b2414913
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Sep 28 14:54:34 2017 -0700
+
+    abort in configure when only openssl-1.1.x found
+    
+    We don't support openssl-1.1.x yet (see multiple threads on the
+    openssh-unix-dev@ mailing list for the reason), but previously
+    ./configure would accept it and the compilation would subsequently
+    fail. This makes ./configure display an explicit error message and
+    abort.
+    
+    ok dtucker@
+
+commit 74c1c3660acf996d9dc329e819179418dc115f2c
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Sep 27 07:44:41 2017 +1000
+
+    Check for and handle calloc(p, 0) = NULL.
+    
+    On some platforms (AIX, maybe others) allocating zero bytes of memory
+    via the various *alloc functions returns NULL, which is permitted
+    by the standards.  Autoconf has some macros for detecting this (with
+    the exception of calloc for some reason) so use these and if necessary
+    activate shims for them.  ok djm@
+
+commit 6a9481258a77b0b54b2a313d1761c87360c5f1f5
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Thu Sep 21 19:18:12 2017 +0000
+
+    upstream commit
+    
+    test reverse dynamic forwarding with SOCKS
+    
+    Upstream-Regress-ID: 95cf290470f7e5e2f691e4bc6ba19b91eced2f79
+
+commit 1b9f321605733754df60fac8c1d3283c89b74455
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Sep 26 16:55:55 2017 +1000
+
+    sync missing changes in dynamic-forward.sh
+
+commit 44fc334c7a9ebdd08addb6d5fa005369897fddeb
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Sep 25 09:48:10 2017 +1000
+
+    Add minimal strsignal for platforms without it.
+
+commit 218e6f98df566fb9bd363f6aa47018cb65ede196
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Sep 24 13:45:34 2017 +0000
+
+    upstream commit
+    
+    fix inverted test on channel open failure path that
+    "upgraded" a transient failure into a fatal error; reported by sthen and also
+    seen by benno@; ok sthen@
+    
+    Upstream-ID: b58b3fbb79ba224599c6cd6b60c934fc46c68472
+
+commit c704f641f7b8777497dc82e81f2ac89afec7e401
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Sep 24 09:50:01 2017 +0000
+
+    upstream commit
+    
+    write the correct buffer when tunnel forwarding; doesn't
+    matter on OpenBSD (they are the same) but does matter on portable where we
+    use an output filter to translate os-specific tun/tap headers
+    
+    Upstream-ID: f1ca94eff48404827b12e1d12f6139ee99a72284
+
+commit 55486f5cef117354f0c64f991895835077b7c7f7
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Sep 23 22:04:07 2017 +0000
+
+    upstream commit
+    
+    fix tunnel forwarding problem introduced in refactor;
+    reported by stsp@ ok markus@
+    
+    Upstream-ID: 81a731cdae1122c8522134095d1a8b60fa9dcd04
+
+commit 609d7a66ce578abf259da2d5f6f68795c2bda731
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Thu Sep 21 19:16:53 2017 +0000
+
+    upstream commit
+    
+    Add 'reverse' dynamic forwarding which combines dynamic
+    forwarding (-D) with remote forwarding (-R) where the remote-forwarded port
+    expects SOCKS-requests.
+    
+    The SSH server code is unchanged and the parsing happens at the SSH
+    clients side. Thus the full SOCKS-request is sent over the forwarded
+    channel and the client parses c->output. Parsing happens in
+    channel_before_prepare_select(), _before_ the select bitmask is
+    computed in the pre[] handlers, but after network input processing
+    in the post[] handlers.
+    
+    help and ok djm@
+    
+    Upstream-ID: aa25a6a3851064f34fe719e0bf15656ad5a64b89
+
+commit 36945fa103176c00b39731e1fc1919a0d0808b81
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Sep 20 05:19:00 2017 +0000
+
+    upstream commit
+    
+    Use strsignal in debug message instead of casting for the
+    benefit of portable where sig_atomic_t might not be int.  "much nicer"
+    deraadt@
+    
+    Upstream-ID: 2dac6c1e40511c700bd90664cd263ed2299dcf79
+
+commit 3e8d185af326bf183b6f78597d5e3d2eeb2dc40e
+Author: millert@openbsd.org <millert@openbsd.org>
+Date:   Tue Sep 19 12:10:30 2017 +0000
+
+    upstream commit
+    
+    Use explicit_bzero() instead of bzero() before free() to
+    prevent the compiler from optimizing away the bzero() call.  OK djm@
+    
+    Upstream-ID: cdc6197e64c9684c7250e23d60863ee1b53cef1d
+
+commit 5b8da1f53854c0923ec6e927e86709e4d72737b6
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Sep 19 04:24:22 2017 +0000
+
+    upstream commit
+    
+    fix use-after-free in ~^Z escape handler path, introduced
+    in channels.c refactor; spotted by millert@ "makes sense" deraadt@
+    
+    Upstream-ID: 8fa2cdc65c23ad6420c1e59444b0c955b0589b22
+
+commit a3839d8d2b89ff1a80cadd4dd654336710de2c9e
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Sep 18 12:03:24 2017 +0000
+
+    upstream commit
+    
+    Prevent type mismatch warning in debug on platforms where
+    sig_atomic_t != int.  ok djm@
+    
+    Upstream-ID: 306e2375eb0364a4c68e48f091739bea4f4892ed
+
+commit 30484e5e5f0b63d2c6ba32c6b85f06b6c6fa55fc
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Sep 18 09:41:52 2017 +0000
+
+    upstream commit
+    
+    Add braces missing after channels refactor.  ok markus@
+    
+    Upstream-ID: 72ab325c84e010680dbc88f226e2aa96b11a3980
+
+commit b79569190b9b76dfacc6d996faa482f16e8fc026
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Sep 19 12:29:23 2017 +1000
+
+    add freezero(3) replacement
+    
+    ok dtucker@
+
+commit 161af8f5ec0961b10cc032efb5cc1b44ced5a92e
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Sep 19 10:18:56 2017 +1000
+
+    move FORTIFY_SOURCE into hardening options group
+    
+    It's still on by default, but now it's possible to turn it off using
+    --without-hardening. This is useful since it's known to cause problems
+    with some -fsanitize options. ok dtucker@
+
+commit 09eacf856e0fe1a6e3fe597ec8032b7046292914
+Author: bluhm@openbsd.org <bluhm@openbsd.org>
+Date:   Wed Sep 13 14:58:26 2017 +0000
+
+    upstream commit
+    
+    Print SKIPPED if sudo and doas configuration is missing.
+    Prevents that running the regression test with wrong environment is reported
+    as failure.  Keep the fatal there to avoid interfering with other setups for
+    portable ssh. OK dtucker@
+    
+    Upstream-Regress-ID: f0dc60023caef496ded341ac5aade2a606fa234e
+
+commit cdede10899892f25f1ccdccd7a3fe5e5ef0aa49a
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Aug 7 03:52:55 2017 +0000
+
+    upstream commit
+    
+    Remove obsolete privsep=no fallback test.
+    
+    Upstream-Regress-ID: 7d6e1baa1678ac6be50c2a1555662eb1047638df
+
+commit ec218c105daa9f5b192f7aa890fdb2d4fdc4e9d8
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Aug 7 00:53:51 2017 +0000
+
+    upstream commit
+    
+    Remove non-privsep test since disabling privsep is now
+    deprecated.
+    
+    Upstream-Regress-ID: 77ad3f3d8d52e87f514a80f285c6c1229b108ce8
+
+commit 239c57d5bc2253e27e3e6ad7ac52ec8c377ee24e
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jul 28 10:32:08 2017 +0000
+
+    upstream commit
+    
+    Don't call fatal from stop_sshd since it calls cleanup
+    which calls stop_sshd which will probably fail in the same way.  Instead,
+    just bail. Differentiate between sshd dying without cleanup and not shutting
+    down.
+    
+    Upstream-Regress-ID: f97315f538618b349e2b0bea02d6b0c9196c6bc4
+
+commit aea59a0d9f120f2a87c7f494a0d9c51eaa79b8ba
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Sep 14 04:32:21 2017 +0000
+
+    upstream commit
+    
+    Revert commitid: gJtIN6rRTS3CHy9b.
+    
+    -------------
+    identify the case where SSHFP records are missing but other DNS RR
+    types are present and display a more useful error message for this
+    case; patch by Thordur Bjornsson; bz#2501; ok dtucker@
+    -------------
+    
+    This caused unexpected failures when VerifyHostKeyDNS=yes, SSHFP results
+    are missing but the user already has the key in known_hosts
+    
+    Spotted by dtucker@
+    
+    Upstream-ID: 97e31742fddaf72046f6ffef091ec0d823299920
+
+commit 871f1e4374420b07550041b329627c474abc3010
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Sep 12 18:01:35 2017 +1000
+
+    adapt portable to channels API changes
+
+commit 4ec0bb9f9ad7b4eb0af110fa8eddf8fa199e46bb
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Sep 12 07:55:48 2017 +0000
+
+    upstream commit
+    
+    unused variable
+    
+    Upstream-ID: 2f9ba09f2708993d35eac5aa71df910dcc52bac1
+
+commit 9145a73ce2ba30c82bbf91d7205bfd112529449f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Sep 12 07:32:04 2017 +0000
+
+    upstream commit
+    
+    fix tun/tap forwarding case in previous
+    
+    Upstream-ID: 43ebe37a930320e24bca6900dccc39857840bc53
+
+commit 9f53229c2ac97dbc6f5a03657de08a1150a9ac7e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Sep 12 06:35:31 2017 +0000
+
+    upstream commit
+    
+    Make remote channel ID a u_int
+    
+    Previously we tracked the remote channel IDs in an int, but this is
+    strictly incorrect: the wire protocol uses uint32 and there is nothing
+    in-principle stopping a SSH implementation from sending, say, 0xffff0000.
+    
+    In practice everyone numbers their channels sequentially, so this has
+    never been a problem.
+    
+    ok markus@
+    
+    Upstream-ID: b9f4cd3dc53155b4a5c995c0adba7da760d03e73
+
+commit dbee4119b502e3f8b6cd3282c69c537fd01d8e16
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Sep 12 06:32:07 2017 +0000
+
+    upstream commit
+    
+    refactor channels.c
+    
+    Move static state to a "struct ssh_channels" that is allocated at
+    runtime and tracked as a member of struct ssh.
+    
+    Explicitly pass "struct ssh" to all channels functions.
+    
+    Replace use of the legacy packet APIs in channels.c.
+    
+    Rework sshd_config PermitOpen handling: previously the configuration
+    parser would call directly into the channels layer. After the refactor
+    this is not possible, as the channels structures are allocated at
+    connection time and aren't available when the configuration is parsed.
+    The server config parser now tracks PermitOpen itself and explicitly
+    configures the channels code later.
+    
+    ok markus@
+    
+    Upstream-ID: 11828f161656b965cc306576422613614bea2d8f
+
+commit abd59663df37a42152e37980113ccaa405b9a282
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Sep 7 23:48:09 2017 +0000
+
+    upstream commit
+    
+    typo in comment
+    
+    Upstream-ID: a93b1e6f30f1f9b854b5b964b9fd092d0c422c47
+
+commit 149a8cd24ce9dd47c36f571738681df5f31a326c
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Mon Sep 4 06:34:43 2017 +0000
+
+    upstream commit
+    
+    tweak previous;
+    
+    Upstream-ID: bb8cc40b61b15f6a13d81da465ac5bfc65cbfc4b
+
+commit ec9d22cc251cc5acfe7b2bcef9cc7a1fe0e949d8
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Sep 8 12:44:13 2017 +1000
+
+    Fuzzer harnesses for sig verify and pubkey parsing
+    
+    These are some basic clang libfuzzer harnesses for signature
+    verification and public key parsing. Some assembly (metaphorical)
+    required.
+
+commit de35c382894964a896a63ecd5607d3a3b93af75d
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Sep 8 12:38:31 2017 +1000
+
+    Give configure ability to set CFLAGS/LDFLAGS later
+    
+    Some CFLAGS/LDFLAGS may disrupt the configure script's operation,
+    in particular santization and fuzzer options that break assumptions
+    about memory and file descriptor dispositions.
+    
+    This adds two flags to configure --with-cflags-after and
+    --with-ldflags-after that allow specifying additional compiler and
+    linker options that are added to the resultant Makefiles but not
+    used in the configure run itself.
+    
+    E.g.
+    
+    env CC=clang-3.9 ./configure \
+      --with-cflags-after=-fsantize=address \
+      --with-ldflags-after="-g -fsanitize=address"
+
+commit 22376d27a349f62c502fec3396dfe0fdcb2a40b7
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Sep 3 23:33:13 2017 +0000
+
+    upstream commit
+    
+    Expand ssh_config's StrictModes option with two new
+    settings:
+    
+    StrictModes=accept-new will automatically accept hitherto-unseen keys
+    but will refuse connections for changed or invalid hostkeys.
+    
+    StrictModes=off is the same as StrictModes=no
+    
+    Motivation:
+    
+    StrictModes=no combines two behaviours for host key processing:
+    automatically learning new hostkeys and continuing to connect to hosts
+    with invalid/changed hostkeys. The latter behaviour is quite dangerous
+    since it removes most of the protections the SSH protocol is supposed to
+    provide.
+    
+    Quite a few users want to automatically learn hostkeys however, so
+    this makes that feature available with less danger.
+    
+    At some point in the future, StrictModes=no will change to be a synonym
+    for accept-new, with its current behaviour remaining available via
+    StrictModes=off.
+    
+    bz#2400, suggested by Michael Samuel; ok markus
+    
+    Upstream-ID: 0f55502bf75fc93a74fb9853264a8276b9680b64
+
+commit ff3c42384033514e248ba5d7376aa033f4a2b99a
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Fri Sep 1 15:41:26 2017 +0000
+
+    upstream commit
+    
+    remove blank line;
+    
+    Upstream-ID: 2f46b51a0ddb3730020791719e94d3e418e9f423
+
+commit b828605d51f57851316d7ba402b4ae06cf37c55d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Sep 1 05:53:56 2017 +0000
+
+    upstream commit
+    
+    identify the case where SSHFP records are missing but
+    other DNS RR types are present and display a more useful error message for
+    this case; patch by Thordur Bjornsson; bz#2501; ok dtucker@
+    
+    Upstream-ID: 8f7a5a8344f684823d8317a9708b63e75be2c244
+
+commit 8042bad97e2789a50e8f742c3bcd665ebf0add32
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Sep 1 05:50:48 2017 +0000
+
+    upstream commit
+    
+    document available AuthenticationMethods; bz#2453 ok
+    dtucker@
+    
+    Upstream-ID: 2c70576f237bb699aff59889dbf2acba4276d3d0
+
+commit 71e5a536ec815d542b199f2ae6d646c0db9f1b58
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Aug 30 03:59:08 2017 +0000
+
+    upstream commit
+    
+    pass packet state down to some of the channels function
+    (more to come...); ok markus@
+    
+    Upstream-ID: d8ce7a94f4059d7ac1e01fb0eb01de0c4b36c81b
+
+commit 6227fe5b362239c872b91bbdee4bf63cf85aebc5
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Tue Aug 29 13:05:58 2017 +0000
+
+    upstream commit
+    
+    sort options;
+    
+    Upstream-ID: cf21d68cf54e81968bca629aaeddc87f0c684f3c
+
+commit 530591a5795a02d01c78877d58604723918aac87
+Author: dlg@openbsd.org <dlg@openbsd.org>
+Date:   Tue Aug 29 09:42:29 2017 +0000
+
+    upstream commit
+    
+    add a -q option to ssh-add to make it quiet on success.
+    
+    if you want to silence ssh-add without this you generally redirect
+    the output to /dev/null, but that can hide error output which you
+    should see.
+    
+    ok djm@
+    
+    Upstream-ID: 2f31b9b13f99dcf587e9a8ba443458e6c0d8997c
+
+commit a54eb27dd64b5eca3ba94e15cec3535124bd5029
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Aug 27 00:38:41 2017 +0000
+
+    upstream commit
+    
+    Increase the buffer sizes for user prompts to ensure that
+    they won't be truncated by snprintf.  Based on patch from cjwatson at
+    debian.org via bz#2768, ok djm@
+    
+    Upstream-ID: 6ffacf1abec8f40b469de5b94bfb29997d96af3e
+
+commit dd9d9b3381a4597b840d480b043823112039327e
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Aug 28 16:48:27 2017 +1000
+
+    Switch Capsicum header to sys/capsicum.h.
+    
+    FreeBSD's <sys/capability.h> was renamed to <sys/capsicum.h> in 2014 to
+    avoid future conflicts with POSIX capabilities (the last release that
+    didn't have it was 9.3) so switch to that.  Patch from des at des.no.
+
+commit f5e917ab105af5dd6429348d9bc463e52b263f92
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Sun Aug 27 08:55:40 2017 +1000
+
+    Add missing includes for bsd-err.c.
+    
+    Patch from cjwatson at debian.org via bz#2767.
+
+commit 878e029797cfc9754771d6f6ea17f8c89e11d225
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Aug 25 13:25:01 2017 +1000
+
+    Split platform_sys_dir_uid into its own file
+    
+    platform.o is too heavy for libssh.a use; it calls into the server on
+    many platforms. Move just the function needed by misc.c into its own
+    file.
+
+commit 07949bfe9133234eddd01715592aa0dde67745f0
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Aug 23 20:13:18 2017 +1000
+
+    misc.c needs functions from platform.c now
+
+commit b074c3c3f820000a21953441cea7699c4b17d72f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Aug 18 05:48:04 2017 +0000
+
+    upstream commit
+    
+    add a "quiet" flag to exited_cleanly() that supresses
+    errors about exit status (failure due to signal is still reported)
+    
+    Upstream-ID: db85c39c3aa08e6ff67fc1fb4ffa89f807a9d2f0
+
+commit de4ae07f12dabf8815ecede54235fce5d22e3f63
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Aug 18 05:36:45 2017 +0000
+
+    upstream commit
+    
+    Move several subprocess-related functions from various
+    locations to misc.c. Extend subprocess() to offer a little more control over
+    stdio disposition.
+    
+    feedback & ok dtucker@
+    
+    Upstream-ID: 3573dd7109d13ef9bd3bed93a3deb170fbfce049
+
+commit 643c2ad82910691b2240551ea8b14472f60b5078
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Aug 12 06:46:01 2017 +0000
+
+    upstream commit
+    
+    make "--" before the hostname terminate command-line
+    option processing completely; previous behaviour would not prevent further
+    options appearing after the hostname (ssh has a supported options after the
+    hostname for >20 years, so that's too late to change).
+    
+    ok deraadt@
+    
+    Upstream-ID: ef5ee50571b98ad94dcdf8282204e877ec88ad89
+
+commit 0f3455356bc284d7c6f4d3c1614d31161bd5dcc2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Aug 12 06:42:52 2017 +0000
+
+    upstream commit
+    
+    Switch from aes256-cbc to aes256-ctr for encrypting
+    new-style private keys. The latter having the advantage of being supported
+    for no-OpenSSL builds; bz#2754 ok markus@
+    
+    Upstream-ID: 54179a2afd28f93470471030567ac40431e56909
+
+commit c4972d0a9bd6f898462906b4827e09b7caea2d9b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Aug 11 04:47:12 2017 +0000
+
+    upstream commit
+    
+    refuse to a private keys when its corresponding .pub key
+    does not match. bz#2737 ok dtucker@
+    
+    Upstream-ID: 54ff5e2db00037f9db8d61690f26ef8f16e0d913
+
+commit 4b3ecbb663c919132dddb3758e17a23089413519
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Aug 11 04:41:08 2017 +0000
+
+    upstream commit
+    
+    don't print verbose error message when ssh disconnects
+    under sftp; bz#2750; ok dtucker@
+    
+    Upstream-ID: 6d83708aed77b933c47cf155a87dc753ec01f370
+
+commit 42a8f8bc288ef8cac504c5c73f09ed610bc74a34
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Aug 11 04:16:35 2017 +0000
+
+    upstream commit
+    
+    Tweak previous keepalive commit: if last_time + keepalive
+    <= now instead of just "<" so client_alive_check will fire if the select
+    happens to return on exact second of the timeout.  ok djm@
+    
+    Upstream-ID: e02756bd6038d11bb8522bfd75a4761c3a684fcc
+
+commit b60ff20051ef96dfb207b6bfa45c0ad6c34a542a
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Aug 11 03:58:36 2017 +0000
+
+    upstream commit
+    
+    Keep track of the last time we actually heard from the
+    client and use this to also schedule a client_alive_check().  Prevents
+    activity on a forwarded port from indefinitely preventing the select timeout
+    so that client_alive_check() will eventually (although not optimally) be
+    called.
+    
+    Analysis by willchan at google com via bz#2756, feedback & ok djm@
+    
+    Upstream-ID: c08721e0bbda55c6d18e2760f3fe1b17fb71169e
+
+commit 94bc1e7ffba3cbdea8c7dcdab8376bf29283128f
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jul 28 14:50:59 2017 +1000
+
+    Expose list of completed auth methods to PAM
+    
+    bz#2408; ok dtucker@
+
+commit c78e6eec78c88acf8d51db90ae05a3e39458603d
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jul 21 14:38:16 2017 +1000
+
+    fix problems in tunnel forwarding portability code
+    
+    This fixes a few problems in the tun forwarding code, mostly to do
+    with host/network byte order confusion.
+    
+    Based on a  report and patch by stepe AT centaurus.uberspace.de;
+    bz#2735; ok dtucker@
+
+commit 2985d4062ebf4204bbd373456a810d558698f9f5
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Jul 25 09:22:25 2017 +0000
+
+    upstream commit
+    
+    Make WinSCP patterns for SSH_OLD_DHGEX more specific to
+    exclude WinSCP 5.10.x and up.  bz#2748, from martin at winscp.net, ok djm@
+    
+    Upstream-ID: 6fd7c32e99af3952db007aa180e73142ddbc741a
+
+commit 9f0e44e1a0439ff4646495d5735baa61138930a9
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jul 24 04:34:28 2017 +0000
+
+    upstream commit
+    
+    g/c unused variable; make a little more portable
+    
+    Upstream-ID: 3f5980481551cb823c6fb2858900f93fa9217dea
+
+commit 51676ec61491ec6d7cbd06082034e29b377b3bf6
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jul 23 23:37:02 2017 +0000
+
+    upstream commit
+    
+    Allow IPQoS=none in ssh/sshd to not set an explicit
+    ToS/DSCP value and just use the operating system default; ok dtucker@
+    
+    Upstream-ID: 77906ff8c7b660b02ba7cb1e47b17d66f54f1f7e
+
+commit 6c1fbd5a50d8d2415f06c920dd3b1279b741072d
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jul 21 14:24:26 2017 +1000
+
+    mention libedit
+
+commit dc2bd308768386b02c7337120203ca477e67ba62
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed Jul 19 08:30:41 2017 +0000
+
+    upstream commit
+    
+    fix support for unknown key types; ok djm@
+    
+    Upstream-ID: 53fb29394ed04d616d65b3748dee5aa06b07ab48
+
+commit fd0e8fa5f89d21290b1fb5f9d110ca4f113d81d9
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jul 19 01:15:02 2017 +0000
+
+    upstream commit
+    
+    switch from select() to poll() for the ssh-agent
+    mainloop; ok markus
+    
+    Upstream-ID: 4a94888ee67b3fd948fd10693973beb12f802448
+
+commit b1e72df2b813ecc15bd0152167bf4af5f91c36d3
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jul 14 03:18:21 2017 +0000
+
+    upstream commit
+    
+    Make ""Killed by signal 1" LogLevel verbose so it's not
+    shown at the default level.  Prevents it from appearing during ssh -J and
+    equivalent ProxyCommand configs. bz#1906, bz#2744, feedback&ok markus@
+    
+    Upstream-ID: debfaa7e859b272246c2f2633335d288d2e2ae28
+
+commit 1f3d202770a08ee6752ed2a234b7ca6f180eb498
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Thu Jul 13 19:16:33 2017 +0000
+
+    upstream commit
+    
+    man pages with pseudo synopses which list filenames end
+    up creating very ugly output in man -k; after some discussion with ingo, we
+    feel the simplest fix is to remove such SYNOPSIS sections: the info is hardly
+    helpful at page top, is contained already in FILES, and there are
+    sufficiently few that just zapping them is simple;
+    
+    ok schwarze, who also helpfully ran things through a build to check
+    output;
+    
+    Upstream-ID: 3e211b99457e2f4c925c5927d608e6f97431336c
+
+commit 7f13a4827fb28957161de4249bd6d71954f1f2ed
+Author: espie@openbsd.org <espie@openbsd.org>
+Date:   Mon Jul 10 14:09:59 2017 +0000
+
+    upstream commit
+    
+    zap redundant Makefile variables. okay djm@
+    
+    Upstream-ID: e39b3902fe1d6c4a7ba6a3c58e072219f3c1e604
+
+commit dc44dd3a9e2c9795394e6a7e1e71c929cbc70ce0
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Sat Jul 8 18:32:54 2017 +0000
+
+    upstream commit
+    
+    slightly rework previous, to avoid an article issue;
+    
+    Upstream-ID: 15a315f0460ddd3d4e2ade1f16d6c640a8c41b30
+
+commit 853edbe057a84ebd0024c8003e4da21bf2b469f7
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 7 03:53:12 2017 +0000
+
+    upstream commit
+    
+    When generating all hostkeys (ssh-keygen -A), clobber
+    existing keys if they exist but are zero length. zero-length keys could
+    previously be made if ssh-keygen failed part way through generating them, so
+    avoid that case too. bz#2561 reported by Krzysztof Cieplucha; ok dtucker@
+    
+    Upstream-ID: f662201c28ab8e1f086b5d43c59cddab5ade4044
+
+commit 43616876ba68a2ffaece6a6c792def4b039f2d6e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jul 1 22:55:44 2017 +0000
+
+    upstream commit
+    
+    actually remove these files
+    
+    Upstream-ID: 1bd41cba06a7752de4df304305a8153ebfb6b0ac
+
+commit 83fa3a044891887369ce8b487ce88d713a04df48
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jul 1 13:50:45 2017 +0000
+
+    upstream commit
+    
+    remove post-SSHv1 removal dead code from rsa.c and merge
+    the remaining bit that it still used into ssh-rsa.c; ok markus
+    
+    Upstream-ID: ac8a048d24dcd89594b0052ea5e3404b473bfa2f
+
+commit 738c73dca2c99ee78c531b4cbeefc2008fe438f0
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jul 14 14:26:36 2017 +1000
+
+    make explicit_bzero/memset safe for sz=0
+
+commit 8433d51e067e0829f5521c0c646b6fd3fe17e732
+Author: Tim Rice <tim@multitalents.net>
+Date:   Tue Jul 11 18:47:56 2017 -0700
+
+    modified:   configure.ac
+    UnixWare needs BROKEN_TCGETATTR_ICANON like Solaris
+    Analysis by Robbie Zhang
+
+commit ff3507aea9c7d30cd098e7801e156c68faff7cc7
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jul 7 11:21:27 2017 +1000
+
+    typo
+
+commit d79bceb9311a9c137d268f5bc481705db4151810
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jun 30 04:17:23 2017 +0000
+
+    upstream commit
+    
+    Only call close once in confree().  ssh_packet_close will
+    close the FD so only explicitly close non-SSH channels.  bz#2734, from
+    bagajjal at microsoft.com, ok djm@
+    
+    Upstream-ID: a81ce0c8b023527167739fccf1732b154718ab02
+
+commit 197dc9728f062e23ce374f44c95a2b5f9ffa4075
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Thu Jun 29 15:40:25 2017 +1000
+
+    Update link for my patches.
+
+commit a98339edbc1fc21342a390f345179a9c3031bef7
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jun 28 01:09:22 2017 +0000
+
+    upstream commit
+    
+    Allow ssh-keygen to use a key held in ssh-agent as a CA when
+    signing certificates. bz#2377 ok markus
+    
+    Upstream-ID: fb42e920b592edcbb5b50465739a867c09329c8f
+
+commit c9cdef35524bd59007e17d5bd2502dade69e2dfb
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jun 24 06:35:24 2017 +0000
+
+    upstream commit
+    
+    regress test for ExposeAuthInfo
+    
+    Upstream-Regress-ID: 190e5b6866376f4061c411ab157ca4d4e7ae86fd
+
+commit f17ee61cad25d210edab69d04ed447ad55fe80c1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jun 24 07:08:57 2017 +0000
+
+    upstream commit
+    
+    correct env var name
+    
+    Upstream-ID: 721e761c2b1d6a4dcf700179f16fd53a1dadb313
+
+commit 40962198e3b132cecdb32e9350acd4294e6a1082
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Sat Jun 24 06:57:04 2017 +0000
+
+    upstream commit
+    
+    spelling;
+    
+    Upstream-ID: 606f933c8e2d0be902ea663946bc15e3eee40b25
+
+commit 33f86265d7e8a0e88d3a81745d746efbdd397370
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jun 24 06:38:11 2017 +0000
+
+    upstream commit
+    
+    don't pass pointer to struct sshcipher between privsep
+    processes, just redo the lookup in each using the already-passed cipher name.
+    bz#2704 based on patch from Brooks Davis; ok markus dtucker
+    
+    Upstream-ID: 2eab434c09bdf549dafd7da3e32a0d2d540adbe0
+
+commit 8f574959272ac7fe9239c4f5d10fd913f8920ab0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jun 24 06:34:38 2017 +0000
+
+    upstream commit
+    
+    refactor authentication logging
+    
+    optionally record successful auth methods and public credentials
+    used in a file accessible to user sessions
+    
+    feedback and ok markus@
+    
+    Upstream-ID: 090b93036967015717b9a54fd0467875ae9d32fb
+
+commit e2004d4bb7eb01c663dd3a3e7eb224f1ccdc9bba
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Sat Jun 24 06:28:50 2017 +0000
+
+    upstream commit
+    
+    word fix;
+    
+    Upstream-ID: 8539bdaf2366603a34a9b2f034527ca13bb795c5
+
+commit 4540428cd0adf039bcf5a8a27f2d5cdf09191513
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jun 24 05:37:44 2017 +0000
+
+    upstream commit
+    
+    switch sshconnect.c from (slightly abused) select() to
+    poll(); ok deraadt@ a while back
+    
+    Upstream-ID: efc1937fc591bbe70ac9e9542bb984f354c8c175
+
+commit 6f8ca3b92540fa1a9b91670edc98d15448e3d765
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jun 24 05:35:05 2017 +0000
+
+    upstream commit
+    
+    use HostKeyAlias if specified instead of hostname for
+    matching host certificate principal names; bz#2728; ok dtucker@
+    
+    Upstream-ID: dc2e11c83ae9201bbe74872a0c895ae9725536dd
+
+commit 8904ffce057b80a7472955f1ec00d7d5c250076c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jun 24 05:24:11 2017 +0000
+
+    upstream commit
+    
+    no need to call log_init to reinitialise logged PID in
+    child sessions, since we haven't called openlog() in log_init() since 1999;
+    ok markus@
+    
+    Upstream-ID: 0906e4002af5d83d3d544df75e1187c932a3cf2e
+
+commit e238645d789cd7eb47541b66aea2a887ea122c9b
+Author: mestre@openbsd.org <mestre@openbsd.org>
+Date:   Fri Jun 23 07:24:48 2017 +0000
+
+    upstream commit
+    
+    When using the escape sequence &~ the code path is
+    client_loop() -> client_simple_escape_filter() -> process_escapes() -> fork()
+    and the pledge for this path lacks the proc promise and therefore aborts the
+    process. The solution is to just add proc the promise to this specific
+    pledge.
+    
+    Reported by Gregoire Jadi gjadi ! omecha.info
+    Insight with tb@, OK jca@
+    
+    Upstream-ID: 63c05e30c28209519f476023b65b0b1b0387a05b
+
+commit 5abbb31c4e7a6caa922cc1cbb14e87a77f9d19d3
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jun 23 03:30:42 2017 +0000
+
+    upstream commit
+    
+    Import regenerated moduli.
+    
+    Upstream-ID: b25bf747544265b39af74fe0716dc8d9f5b63b95
+
+commit 849c5468b6d9b4365784c5dd88e3f1fb568ba38f
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jun 23 03:25:53 2017 +0000
+
+    upstream commit
+    
+    Run the screen twice so we end up with more candidate
+    groups.  ok djm@
+    
+    Upstream-ID: b92c93266d8234d493857bb822260dacf4366157
+
+commit 4626e39c7053c6486c1c8b708ec757e464623f5f
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Jun 14 00:31:38 2017 +0000
+
+    upstream commit
+    
+    Add user@host prefix to client's "Permisison denied"
+    messages, useful in particular when using "stacked" connections where it's
+    not clear which host is denying.  bz#2720, ok djm@ markus@
+    
+    Upstream-ID: de88e1e9dcb050c98e85377482d1287a9fe0d2be
+
+commit c948030d54911b2d3cddb96a7a8e9269e15d11cd
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jun 13 12:13:59 2017 +0000
+
+    upstream commit
+    
+    Do not require that unknown EXT_INFO extension values not
+    contain \0 characters. This would cause fatal connection errors if an
+    implementation sent e.g. string-encoded sub-values inside a value.
+    
+    Reported by Denis Bider; ok markus@
+    
+    Upstream-ID: 030e10fdc605563c040244c4b4f1d8ae75811a5c
+
+commit 6026f48dfca78b713e4a7f681ffa42a0afe0929e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jun 13 11:22:15 2017 +0000
+
+    upstream commit
+    
+    missing prototype.
+    
+    Upstream-ID: f443d2be9910fd2165a0667956d03343c46f66c9
+
+commit bcd1485075aa72ba9418003f5cc27af2b049c51b
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Jun 10 23:41:25 2017 +1000
+
+    portability for sftp globbed ls sort by mtime
+    
+    Include replacement timespeccmp() for systems that lack it.
+    Support time_t struct stat->st_mtime in addition to
+    timespec stat->st_mtim, as well as unsorted fallback.
+
+commit 072e172f1d302d2a2c6043ecbfb4004406717b96
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jun 10 06:36:46 2017 +0000
+
+    upstream commit
+    
+    print '?' instead of incorrect link count (that the
+    protocol doesn't provide) for remote listings. bz#2710 ok dtucker@
+    
+    Upstream-ID: c611f98a66302cea452ef10f13fff8cf0385242e
+
+commit 72be5b2f8e7dc37235e8c4b8d0bc7b5ee1301505
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jun 10 06:33:34 2017 +0000
+
+    upstream commit
+    
+    implement sorting for globbed ls; bz#2649 ok dtucker@
+    
+    Upstream-ID: ed3110f351cc9703411bf847ba864041fb7216a8
+
+commit 5b2f34a74aa6a524cd57e856b23e1b7b25007721
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jun 9 06:47:13 2017 +0000
+
+    upstream commit
+    
+    return failure rather than fatal() for more cases during
+    mux negotiations. Causes the session to fall back to a non-mux connection if
+    they occur. bz#2707 ok dtucker@
+    
+    Upstream-ID: d2a7892f464d434e1f615334a1c9d0cdb83b29ab
+
+commit 7f5637c4a67a49ef256cb4eedf14e8590ac30976
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jun 9 06:43:01 2017 +0000
+
+    upstream commit
+    
+    in description of public key authentication, mention that
+    the server will send debug messages to the client for some error conditions
+    after authentication has completed. bz#2709 ok dtucker
+    
+    Upstream-ID: 750127dbd58c5a2672c2d28bc35fe221fcc8d1dd
+
+commit 2076e4adb986512ce8c415dd194fd4e52136c4b4
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jun 9 06:40:24 2017 +0000
+
+    upstream commit
+    
+    better translate libcrypto errors by looking deeper in
+    the accursed error stack for codes that indicate the wrong passphrase was
+    supplied for a PEM key. bz#2699 ok dtucker@
+    
+    Upstream-ID: 4da4286326d570f4f0489459bb71f6297e54b681
+
+commit ad0531614cbe8ec424af3c0fa90c34a8e1ebee4c
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jun 9 04:40:04 2017 +0000
+
+    upstream commit
+    
+    Add comments referring to the relevant RFC sections for
+    rekeying behaviour.
+    
+    Upstream-ID: 6fc8e82485757a27633f9175ad00468f49a07d40
+
+commit ce9134260b9b1247e2385a1afed00c26112ba479
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jun 9 14:43:47 2017 +1000
+
+    drop two more privileges in the Solaris sandbox
+    
+    Drop PRIV_DAX_ACCESS and PRIV_SYS_IB_INFO.
+    Patch from huieying.lee AT oracle.com via bz#2723
+
+commit e0f609c8a2ab940374689ab8c854199c3c285a76
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Jun 9 13:36:29 2017 +1000
+
+    Wrap stdint.h include in #ifdef.
+
+commit 1de5e47a85850526a4fdaf77185134046c050f75
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jun 7 01:48:15 2017 +0000
+
+    upstream commit
+    
+    unbreak after sshv1 purge
+    
+    Upstream-Regress-ID: 8ea01a92d5f571b9fba88c1463a4254a7552d51b
+
+commit 550c053168123fcc0791f9952abad684704b5760
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Jun 6 09:12:17 2017 +0000
+
+    upstream commit
+    
+    Fix compression output stats broken in rev 1.201.  Patch
+    originally by Russell Coker via Debian bug #797964 and Christoph Biedl.  ok
+    djm@
+    
+    Upstream-ID: 83a1903b95ec2e4ed100703debb4b4a313b01016
+
+commit 55d06c6e72a9abf1c06a7ac2749ba733134a1f39
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jun 2 06:06:10 2017 +0000
+
+    upstream commit
+    
+    rationalise the long list of manual CDIAGFLAGS that we
+    add; most of these were redundant to -Wall -Wextra
+    
+    Upstream-ID: ea80f445e819719ccdcb237022cacfac990fdc5c
+
+commit 1527d9f61e6d50f6c2b4a3fa5b45829034b1b0b1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Jun 1 06:59:21 2017 +0000
+
+    upstream commit
+    
+    no need to bzero allocated space now that we use use
+    recallocarray; ok deraadt@
+    
+    Upstream-ID: 53333c62ccf97de60b8cb570608c1ba5ca5803c8
+
+commit cc812baf39b93d5355565da98648d8c31f955990
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Jun 1 06:58:25 2017 +0000
+
+    upstream commit
+    
+    unconditionally zero init size of buffer; ok markus@
+    deraadt@
+    
+    Upstream-ID: 218963e846d8f26763ba25afe79294547b99da29
+
+commit 65eb8fae0d7ba45ef4483a3cf0ae7fd0dbc7c226
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Jun 1 16:25:09 2017 +1000
+
+    avoid compiler warning
+
+commit 2d75d74272dc2a0521fce13cfe6388800c9a2406
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Jun 1 06:16:43 2017 +0000
+
+    upstream commit
+    
+    some warnings spotted by clang; ok markus@
+    
+    Upstream-ID: 24381d68ca249c5cee4388ceb0f383fa5b43991b
+
+commit 151c6e433a5f5af761c78de87d7b5d30a453cf5e
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Jun 1 15:25:13 2017 +1000
+
+    add recallocarray replacement and dependency
+    
+    recallocarray() needs getpagesize() so add a tiny replacement for that.
+
+commit 01e6f78924da308447e71e9a32c8a6104ef4e888
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Jun 1 15:16:24 2017 +1000
+
+    add *.0 manpage droppings
+
+commit 4b2e2d3fd9dccff357e1e26ce9a5f2e103837a36
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Jun 1 04:51:58 2017 +0000
+
+    upstream commit
+    
+    fix casts re constness
+    
+    Upstream-ID: e38f2bac162b37dbaf784d349c8327a6626fa266
+
+commit 75b8af8de805c0694b37fcf80ce82783b2acc86f
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed May 31 10:54:00 2017 +0000
+
+    upstream commit
+    
+    make sure we don't pass a NULL string to vfprintf
+    (triggered by the principals-command regress test); ok bluhm
+    
+    Upstream-ID: eb49854f274ab37a0b57056a6af379a0b7111990
+
+commit 84008608c9ee944d9f72f5100f31ccff743b10f2
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed May 31 10:04:29 2017 +0000
+
+    upstream commit
+    
+    use SO_ZEROIZE for privsep communication (if available)
+    
+    Upstream-ID: abcbb6d2f8039fc4367a6a78096e5d5c39de4a62
+
+commit 9e509d4ec97cb3d71696f1a2f1fdad254cbbce11
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Wed May 31 09:15:42 2017 +0000
+
+    upstream commit
+    
+    Switch to recallocarray() for a few operations.  Both
+    growth and shrinkage are handled safely, and there also is no need for
+    preallocation dances. Future changes in this area will be less error prone.
+    Review and one bug found by markus
+    
+    Upstream-ID: 822d664d6a5a1d10eccb23acdd53578a679d5065
+
+commit dc5dc45662773c0f7745c29cf77ae2d52723e55e
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Wed May 31 08:58:52 2017 +0000
+
+    upstream commit
+    
+    These shutdown() SHUT_RDWR are not needed before close()
+    ok djm markus claudio
+    
+    Upstream-ID: 36f13ae4ba10f5618cb9347933101eb4a98dbcb5
+
+commit 1e0cdf8efb745d0d1116e1aa22bdc99ee731695e
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed May 31 08:09:45 2017 +0000
+
+    upstream commit
+    
+    clear session keys from memory; ok djm@
+    
+    Upstream-ID: ecd178819868975affd5fd6637458b7c712b6a0f
+
+commit 92e9fe633130376a95dd533df6e5e6a578c1e6b8
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed May 31 07:00:13 2017 +0000
+
+    upstream commit
+    
+    remove now obsolete ctx from ssh_dispatch_run; ok djm@
+    
+    Upstream-ID: 9870aabf7f4d71660c31fda91b942b19a8e68d29
+
+commit 17ad5b346043c5bbc5befa864d0dbeb76be39390
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed May 31 05:34:14 2017 +0000
+
+    upstream commit
+    
+    use the ssh_dispatch_run_fatal variant
+    
+    Upstream-ID: 28c5b364e37c755d1b22652b8cd6735a05c625d8
+
+commit 39896b777320a6574dd06707aebac5fb98e666da
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed May 31 05:08:46 2017 +0000
+
+    upstream commit
+    
+    another ctx => ssh conversion (in GSSAPI code)
+    
+    Upstream-ID: 4d6574c3948075c60608d8e045af42fe5b5d8ae0
+
+commit 6116bd4ed354a71a733c8fd0f0467ce612f12911
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed May 31 14:56:07 2017 +1000
+
+    fix conversion of kexc25519s.c to struct ssh too
+    
+    git cvsimport missed this commit for some reason
+
+commit d40dbdc85b6fb2fd78485ba02225511b8cbf20d7
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed May 31 04:29:44 2017 +0000
+
+    upstream commit
+    
+    spell out that custom options/extensions should follow the
+    usual SSH naming rules, e.g. "extension@example.com"
+    
+    Upstream-ID: ab326666d2fad40769ec96b5a6de4015ffd97b8d
+
+commit 2a108277f976e8d0955c8b29d1dfde04dcbb3d5b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed May 31 04:17:12 2017 +0000
+
+    upstream commit
+    
+    one more void *ctx => struct ssh *ssh conversion
+    
+    Upstream-ID: d299d043471c10214cf52c03daa10f1c232759e2
+
+commit c04e979503e97f52b750d3b98caa6fe004ab2ab9
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed May 31 00:43:04 2017 +0000
+
+    upstream commit
+    
+    fix possible OOB strlen() in SOCKS4A hostname parsing;
+    ok markus@
+    
+    Upstream-ID: c67297cbeb0e5a19d81752aa18ec44d31270cd11
+
+commit a3bb250c93bfe556838c46ed965066afce61cffa
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Tue May 30 19:38:17 2017 +0000
+
+    upstream commit
+    
+    tweak previous;
+    
+    Upstream-ID: 66987651046c42d142f7318c9695fb81a6d14031
+
+commit 1112b534a6a7a07190e497e6bf86b0d5c5fb02dc
+Author: bluhm@openbsd.org <bluhm@openbsd.org>
+Date:   Tue May 30 18:58:37 2017 +0000
+
+    upstream commit
+    
+    Add RemoteCommand option to specify a command in the
+    ssh config file instead of giving it on the client's command line.  This
+    command will be executed on the remote host.  The feature allows to automate
+    tasks using ssh config. OK markus@
+    
+    Upstream-ID: 5d982fc17adea373a9c68cae1021ce0a0904a5ee
+
+commit eb272ea4099fd6157846f15c129ac5727933aa69
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Tue May 30 14:29:59 2017 +0000
+
+    upstream commit
+    
+    switch auth2 to ssh_dispatch API; ok djm@
+    
+    Upstream-ID: a752ca19e2782900dd83060b5c6344008106215f
+
+commit 5a146bbd4fdf5c571f9fb438e5210d28cead76d9
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Tue May 30 14:27:22 2017 +0000
+
+    upstream commit
+    
+    switch auth2-none.c to modern APIs; ok djm@
+    
+    Upstream-ID: 07252b58e064d332214bcabbeae8e08c44b2001b
+
+commit 60306b2d2f029f91927c6aa7c8e08068519a0fa2
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Tue May 30 14:26:49 2017 +0000
+
+    upstream commit
+    
+    switch auth2-passwd.c to modern APIs; ok djm@
+    
+    Upstream-ID: cba0a8b72b4f97adfb7e3b3fd2f8ba3159981fc7
+
+commit eb76698b91338bd798c978d4db2d6af624d185e4
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Tue May 30 14:25:42 2017 +0000
+
+    upstream commit
+    
+    switch auth2-hostbased.c to modern APIs; ok djm@
+    
+    Upstream-ID: 146af25c36daeeb83d5dbbb8ca52b5d25de88f4e
+
+commit 2ae666a8fc20b3b871b2f1b90ad65cc027336ccd
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Tue May 30 14:23:52 2017 +0000
+
+    upstream commit
+    
+    protocol handlers all get struct ssh passed; ok djm@
+    
+    Upstream-ID: 0ca9ea2a5d01a6d2ded94c5024456a930c5bfb5d
+
+commit 94583beb24a6c5fd19cedb9104ab2d2d5cd052b6
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Tue May 30 14:19:15 2017 +0000
+
+    upstream commit
+    
+    ssh: pass struct ssh to auth functions, too; ok djm@
+    
+    Upstream-ID: d13c509cc782f8f19728fbea47ac7cf36f6e85dd
+
+commit 5f4082d886c6173b9e90b9768c9a38a3bfd92c2b
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Tue May 30 14:18:15 2017 +0000
+
+    upstream commit
+    
+    sshd: pass struct ssh to auth functions; ok djm@
+    
+    Upstream-ID: b00a80c3460884ebcdd14ef550154c761aebe488
+
+commit 7da5df11ac788bc1133d8d598d298e33500524cc
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Tue May 30 14:16:41 2017 +0000
+
+    upstream commit
+    
+    remove unused wrapper functions from key.[ch]; ok djm@
+    
+    Upstream-ID: ea0f4016666a6817fc11f439dd4be06bab69707e
+
+commit ff7371afd08ac0bbd957d90451d4dcd0da087ef5
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Tue May 30 14:15:17 2017 +0000
+
+    upstream commit
+    
+    sshkey_new() might return NULL (pkcs#11 code only); ok
+    djm@
+    
+    Upstream-ID: de9f2ad4a42c0b430caaa7d08dea7bac943075dd
+
+commit beb965bbc5a984fa69fb1e2b45ebe766ae09d1ef
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Tue May 30 14:13:40 2017 +0000
+
+    upstream commit
+    
+    switch sshconnect.c to modern APIs; ok djm@
+    
+    Upstream-ID: 27be17f84b950d5e139b7a9b281aa487187945ad
+
+commit 00ed75c92d1f95fe50032835106c368fa22f0f02
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Tue May 30 14:10:53 2017 +0000
+
+    upstream commit
+    
+    switch auth2-pubkey.c to modern APIs; with & ok djm@
+    
+    Upstream-ID: 8f08d4316eb1b0c4ffe4a206c05cdd45ed1daf07
+
+commit 54d90ace1d3535b44d92a8611952dc109a74a031
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Tue May 30 08:52:19 2017 +0000
+
+    upstream commit
+    
+    switch from Key typedef with struct sshkey; ok djm@
+    
+    Upstream-ID: 3067d33e04efbe5131ce8f70668c47a58e5b7a1f
+
+commit c221219b1fbee47028dcaf66613f4f8d6b7640e9
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Tue May 30 08:49:58 2017 +0000
+
+    upstream commit
+    
+    remove ssh1 references; ok djm@
+    
+    Upstream-ID: fc23b7578e7b0a8daaec72946d7f5e58ffff5a3d
+
+commit afbfa68fa18081ef05a9cd294958509a5d3cda8b
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Tue May 30 08:49:32 2017 +0000
+
+    upstream commit
+    
+    revise sshkey_load_public(): remove ssh1 related
+    comments, remove extra open()/close() on keyfile, prevent leak of 'pub' if
+    'keyp' is NULL, replace strlcpy+cat with asprintf; ok djm@
+    
+    Upstream-ID: 6175e47cab5b4794dcd99c1175549a483ec673ca
+
+commit 813f55336a24fdfc45e7ed655fccc7d792e8f859
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri May 26 20:34:49 2017 +0000
+
+    upstream commit
+    
+    sshbuf_consume: reset empty buffer; ok djm@
+    
+    Upstream-ID: 0d4583ba57f69e369d38bbd7843d85cac37fa821
+
+commit 6cf711752cc2a7ffaad1fb4de18cae65715ed8bb
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri May 26 19:35:50 2017 +0000
+
+    upstream commit
+    
+    remove SSH_CHANNEL_XXX_DRAINING (ssh1 only); ok djm@
+    
+    Upstream-ID: e2e225b6ac67b84dd024f38819afff2554fafe42
+
+commit 364f0d5edea27767fb0f915ea7fc61aded88d3e8
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri May 26 19:34:12 2017 +0000
+
+    upstream commit
+    
+    remove channel_input_close_confirmation (ssh1 only); ok
+    djm@
+    
+    Upstream-ID: 8e7c8c38f322d255bb0294a5c0ebef53fdf576f1
+
+commit 8ba0fd40082751dbbc23a830433488bbfb1abdca
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri May 26 01:40:07 2017 +0000
+
+    upstream commit
+    
+    fix references to obsolete v00 cert format; spotted by
+    Jakub Jelen
+    
+    Upstream-ID: 7600ce193ab8fd19451acfe24fc2eb39d46b2c4f
+
+commit dcc714c65cfb81eb6903095b4590719e8690f3da
+Author: Mike Frysinger <vapier@chromium.org>
+Date:   Wed May 24 23:21:19 2017 -0400
+
+    configure: actually set cache vars when cross-compiling
+    
+    The cross-compiling fallback message says it's assuming the test
+    passed, but it didn't actually set the cache var which causes
+    later tests to fail.
+
+commit 947a3e829a5b8832a4768fd764283709a4ca7955
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat May 20 02:35:47 2017 +0000
+
+    upstream commit
+    
+    there's no reason to artificially limit the key path
+    here, just check that it fits PATH_MAX; spotted by Matthew Patton
+    
+    Upstream-ID: 858addaf2009c9cf04d80164a41b2088edb30b58
+
+commit 773224802d7cb250bb8b461546fcce10567b4b2e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri May 19 21:07:17 2017 +0000
+
+    upstream commit
+    
+    Now that we no longer support SSHv1, replace the contents
+    of this file with a pointer to
+    https://tools.ietf.org/html/draft-miller-ssh-agent-00 It's better edited,
+    doesn't need to document stuff we no longer implement and does document stuff
+    that we do implement (RSA SHA256/512 signature flags)
+    
+    Upstream-ID: da8cdc46bbcc266efabd565ddddd0d8e556f846e
+
+commit 54cd41a4663fad66406dd3c8fe0e4760ccd8a899
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed May 17 01:24:17 2017 +0000
+
+    upstream commit
+    
+    allow LogLevel in sshd_config Match blocks; ok dtucker
+    bz#2717
+    
+    Upstream-ID: 662e303be63148f47db1aa78ab81c5c2e732baa8
+
+commit 277abcda3f1b08d2376686f0ef20320160d4c8ab
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue May 16 16:56:15 2017 +0000
+
+    upstream commit
+    
+    remove duplicate check; spotted by Jakub Jelen
+    
+    Upstream-ID: 30c2996c1767616a8fdc49d4cee088efac69c3b0
+
+commit adb47ce839c977fa197e770c1be8f852508d65aa
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue May 16 16:54:05 2017 +0000
+
+    upstream commit
+    
+    mention that Ed25519 keys are valid as CA keys; spotted
+    by Jakub Jelen
+    
+    Upstream-ID: d3f6db58b30418cb1c3058211b893a1ffed3dfd4
+
+commit 6bdf70f01e700348bb4d8c064c31a0ab90896df6
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue May 9 14:35:03 2017 +1000
+
+    clean up regress files and add a .gitignore
+
+commit 7bdb2eeb1d3c26acdc409bd94532eefa252e440b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 8 22:57:38 2017 +0000
+
+    upstream commit
+    
+    remove hmac-ripemd160; ok dtucker
+    
+    Upstream-ID: 896e737ea0bad6e23327d1c127e02d5e9e9c654d
+
+commit 5f02bb1f99f70bb422be8a5c2b77ef853f1db554
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 8 06:11:06 2017 +0000
+
+    upstream commit
+    
+    make requesting bad ECDSA bits yield the same error
+    (SSH_ERR_KEY_LENGTH) as the same mistake for RSA/DSA
+    
+    Upstream-ID: bf40d3fee567c271e33f05ef8e4e0fa0b6f0ece6
+
+commit d757a4b633e8874629a1442c7c2e7b1b55d28c19
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 8 06:08:42 2017 +0000
+
+    upstream commit
+    
+    fix for new SSH_ERR_KEY_LENGTH error value
+    
+    Upstream-Regress-ID: c38a6e6174d4c3feca3518df150d4fbae0dca8dc
+
+commit 2e58a69508ac49c02d1bb6057300fa6a76db1045
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 8 06:03:39 2017 +0000
+
+    upstream commit
+    
+    helps if I commit the correct version of the file. fix
+    missing return statement.
+    
+    Upstream-ID: c86394a3beeb1ec6611e659bfa830254f325546c
+
+commit effaf526bfa57c0ac9056ca236becf52385ce8af
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 8 01:52:49 2017 +0000
+
+    upstream commit
+    
+    remove arcfour, blowfish and CAST here too
+    
+    Upstream-Regress-ID: c613b3bcbef75df1fe84ca4dc2d3ef253dc5e920
+
+commit 7461a5bc571696273252df28a1f1578968cae506
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 8 00:21:36 2017 +0000
+
+    upstream commit
+    
+    I was too aggressive with the scalpel in the last commit;
+    unbreak sshd, spotted quickly by naddy@
+    
+    Upstream-ID: fb7e75d2b2c7e6ca57dee00ca645e322dd49adbf
+
+commit bd636f40911094a39c2920bf87d2ec340533c152
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun May 7 23:15:59 2017 +0000
+
+    upstream commit
+    
+    Refuse RSA keys <1024 bits in length. Improve reporting
+    for keys that do not meet this requirement. ok markus@
+    
+    Upstream-ID: b385e2a7b13b1484792ee681daaf79e1e203df6c
+
+commit 70c1218fc45757a030285051eb4d209403f54785
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun May 7 23:13:42 2017 +0000
+
+    upstream commit
+    
+    Don't offer CBC ciphers by default in the client. ok
+    markus@
+    
+    Upstream-ID: 94c9ce8d0d1a085052e11c7f3307950fdc0901ef
+
+commit acaf34fd823235d549c633c0146ee03ac5956e82
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun May 7 23:12:57 2017 +0000
+
+    upstream commit
+    
+    As promised in last release announcement: remove
+    support for Blowfish, RC4 and CAST ciphers. ok markus@ deraadt@
+    
+    Upstream-ID: 21f8facdba3fd8da248df6417000867cec6ba222
+
+commit 3e371bd2124427403971db853fb2e36ce789b6fd
+Author: naddy@openbsd.org <naddy@openbsd.org>
+Date:   Fri May 5 10:42:49 2017 +0000
+
+    upstream commit
+    
+    more simplification and removal of SSHv1-related code;
+    ok djm@
+    
+    Upstream-ID: d2f041aa0b79c0ebd98c68a01e5a0bfab2cf3b55
+
+commit 2e9c324b3a7f15c092d118c2ac9490939f6228fd
+Author: naddy@openbsd.org <naddy@openbsd.org>
+Date:   Fri May 5 10:41:58 2017 +0000
+
+    upstream commit
+    
+    remove superfluous protocol 2 mentions; ok jmc@
+    
+    Upstream-ID: 0aaf7567c9f2e50fac5906b6a500a39c33c4664d
+
+commit 744bde79c3361e2153cb395a2ecdcee6c713585d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu May 4 06:10:57 2017 +0000
+
+    upstream commit
+    
+    since a couple of people have asked, leave a comment
+    explaining why we retain SSH v.1 support in the "delete all keys from agent"
+    path.
+    
+    Upstream-ID: 4b42dcfa339813c15fe9248a2c1b7ed41c21bbb4
+
+commit 0c378ff6d98d80bc465a4a6a787670fb9cc701ee
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu May 4 01:33:21 2017 +0000
+
+    upstream commit
+    
+    another tentacle: cipher_set_key_string() was only ever
+    used for SSHv1
+    
+    Upstream-ID: 7fd31eb6c48946f7e7cc12af0699fe8eb637e94a
+
+commit 9a82e24b986e3e0dc70849dbb2c19aa6c707b37f
+Author: naddy@openbsd.org <naddy@openbsd.org>
+Date:   Wed May 3 21:49:18 2017 +0000
+
+    upstream commit
+    
+    restore mistakenly deleted description of the
+    ConnectionAttempts option ok markus@
+    
+    Upstream-ID: 943002b1b7c470caea3253ba7b7348c359de0348
+
+commit 768405fddf64ff83aa6ef701ebb3c1f82d98a2f3
+Author: naddy@openbsd.org <naddy@openbsd.org>
+Date:   Wed May 3 21:08:09 2017 +0000
+
+    upstream commit
+    
+    remove miscellaneous SSH1 leftovers; ok markus@
+    
+    Upstream-ID: af23696022ae4d45a1abc2fb8b490d8d9dd63b7c
+
+commit 1a1b24f8229bf7a21f89df21987433283265527a
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Wed May 3 10:01:44 2017 +0000
+
+    upstream commit
+    
+    more protocol 1 bits removed; ok djm
+    
+    Upstream-ID: b5b977eaf756915acb56aef3604a650e27f7c2b9
+
+commit 2b6f799e9b230cf13a7eefc05ecead7d8569d6b5
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Wed May 3 06:32:02 2017 +0000
+
+    upstream commit
+    
+    more protocol 1 stuff to go; ok djm
+    
+    Upstream-ID: 307a30441d2edda480fd1661d998d36665671e47
+
+commit f10c0d32cde2084d2a0b19bc47d80cb93e85a093
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Tue May 2 17:04:09 2017 +0000
+
+    upstream commit
+    
+    rsa1 is no longer valid;
+    
+    Upstream-ID: 9953d09ed9841c44b7dcf7019fa874783a709d89
+
+commit 42b690b4fd0faef78c4d68225948b6e5c46c5163
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Tue May 2 14:06:37 2017 +0000
+
+    upstream commit
+    
+    add PubKeyAcceptedKeyTypes to the -o list: scp(1) has
+    it, so i guess this should too;
+    
+    Upstream-ID: 7fab32e869ca5831d09ab0c40d210b461d527a2c
+
+commit d852603214defd93e054de2877b20cc79c19d0c6
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Tue May 2 13:44:51 2017 +0000
+
+    upstream commit
+    
+    remove now obsolete protocol1 options from the -o
+    lists;
+    
+    Upstream-ID: 828e478a440bc5f9947672c392420510a362b3dd
+
+commit 8b60ce8d8111e604c711c4cdd9579ffe0edced74
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Tue May 2 09:05:58 2017 +0000
+
+    upstream commit
+    
+    more -O shuffle; ok djm
+    
+    Upstream-ID: c239991a3a025cdbb030b73e990188dd9bfbeceb
+
+commit 3575f0b12afe6b561681582fd3c34067d1196231
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue May 2 08:54:19 2017 +0000
+
+    upstream commit
+    
+    remove -1 / -2 options; pointed out by jmc@
+    
+    Upstream-ID: 65d2a816000741a95df1c7cfdb5fa8469fcc7daa
+
+commit 4f1ca823bad12e4f9614895eefe0d0073b84a28f
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Tue May 2 08:06:33 2017 +0000
+
+    upstream commit
+    
+    remove options -12 from usage();
+    
+    Upstream-ID: db7ceef25132e63b50ed05289bf447fece1d1270
+
+commit 6b84897f7fd39956b849eac7810319d8a9958568
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Tue May 2 07:13:31 2017 +0000
+
+    upstream commit
+    
+    tidy up -O somewhat; ok djm
+    
+    Upstream-ID: 804405f716bf7ef15c1f36ab48581ca16aeb4d52
+
+commit d1c6b7fdbdfe4a7a37ecd48a97f0796b061c2868
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 1 22:09:48 2017 +0000
+
+    upstream commit
+    
+    when freeing a bitmap, zero all it bytes; spotted by Ilya
+    Kaliman
+    
+    Upstream-ID: 834ac024f2c82389d6ea6b1c7d6701b3836e28e4
+
+commit 0f163983016c2988a92e039d18a7569f9ea8e071
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 1 14:08:26 2017 +0000
+
+    upstream commit
+    
+    this one I did forget to "cvs rm"
+    
+    Upstream-ID: 5781670c0578fe89663c9085ed3ba477cf7e7913
+
+commit 21ed00a8e26fe8a772bcca782175fafc2b0890ed
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 1 09:27:45 2017 +0000
+
+    upstream commit
+    
+    don't know why cvs didn't exterminate these the first
+    time around, I use rm -f and everuthing...
+    
+    pointed out by sobrado@
+    
+    Upstream-ID: a6c44a0c2885330d322ee01fcfd7f6f209b1e15d
+
+commit d29ba6f45086703fdcb894532848ada3427dfde6
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon May 1 13:53:07 2017 +1000
+
+    Define INT32_MAX and INT64_MAX if needed.
+
+commit 329037e389f02ec95c8e16bf93ffede94d3d44ce
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon May 1 13:19:41 2017 +1000
+
+    Wrap stdint.h in HAVE_STDINT_H
+
+commit f382362e8dfb6b277f16779ab1936399d7f2af78
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 1 02:27:11 2017 +0000
+
+    upstream commit
+    
+    remove unused variable
+    
+    Upstream-ID: 66011f00819d0e71b14700449a98414033284516
+
+commit dd369320d2435b630a5974ab270d686dcd92d024
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Apr 30 23:34:55 2017 +0000
+
+    upstream commit
+    
+    eliminate explicit specification of protocol in tests and
+    loops over protocol. We only support SSHv2 now.
+    
+    Upstream-Regress-ID: 0082838a9b8a382b7ee9cbf0c1b9db727784fadd
+
+commit 557f921aad004be15805e09fd9572969eb3d9321
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Apr 30 23:33:48 2017 +0000
+
+    upstream commit
+    
+    remove SSHv1 support from unit tests
+    
+    Upstream-Regress-ID: 395ca2aa48f1f7d23eefff6cb849ea733ca8bbfe
+
+commit e77e1562716fb3da413e4c2397811017b762f5e3
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 1 00:03:18 2017 +0000
+
+    upstream commit
+    
+    fixup setting ciphercontext->plaintext (lost in SSHv1 purge),
+    though it isn't really used for much anymore.
+    
+    Upstream-ID: 859b8bce84ff4865b32097db5430349d04b9b747
+
+commit f7849e6c83a4e0f602dea6c834a24091c622d68e
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon May 1 09:55:56 2017 +1000
+
+    remove configure --with-ssh1
+
+commit f4a6a88ddb6dba6d2f7bfb9e2c9879fcc9633043
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Apr 30 23:29:10 2017 +0000
+
+    upstream commit
+    
+    flense SSHv1 support from ssh-agent, considerably
+    simplifying it
+    
+    ok markus
+    
+    Upstream-ID: 71d772cdcefcb29f76e01252e8361e6fc2dfc365
+
+commit 930e8d2827853bc2e196c20c3e000263cc87fb75
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Apr 30 23:28:41 2017 +0000
+
+    upstream commit
+    
+    obliterate ssh1.h and some dead code that used it
+    
+    ok markus@
+    
+    Upstream-ID: 1ca9159a9fb95618f9d51e069ac8e1131a087343
+
+commit a3710d5d529a34b8f56aa62db798c70e85d576a0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Apr 30 23:28:12 2017 +0000
+
+    upstream commit
+    
+    exterminate the -1 flag from scp
+    
+    ok markus@
+    
+    Upstream-ID: 26d247f7065da15056b209cef5f594ff591b89db
+
+commit aebd0abfaa8a41e75d50f9f7934267b0a2d9acb4
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Apr 30 23:26:54 2017 +0000
+
+    upstream commit
+    
+    purge the last traces of SSHv1 from the TTY modes
+    handling code
+    
+    ok markus
+    
+    Upstream-ID: 963a19f1e06577377c38a3b7ce468f121b966195
+
+commit dfa641f758d4b8b2608ab1b00abaf88df0a8e36a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Apr 30 23:26:16 2017 +0000
+
+    upstream commit
+    
+    remove the (in)famous SSHv1 CRC compensation attack
+    detector.
+    
+    Despite your cameo in The Matrix movies, you will not be missed.
+    
+    ok markus
+    
+    Upstream-ID: 44261fce51a56d93cdb2af7b6e184be629f667e0
+
+commit e5d3bd36ef67d82092861f39b5bf422cb12b31a6
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Apr 30 23:25:03 2017 +0000
+
+    upstream commit
+    
+    undo some local debugging stuff that I committed by
+    accident
+    
+    Upstream-ID: fe5b31f69a60d47171836911f144acff77810217
+
+commit 3d6d09f2e90f4ad650ebda6520bf2da446f37f14
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Apr 30 23:23:54 2017 +0000
+
+    upstream commit
+    
+    remove SSHv1 support from packet and buffer APIs
+    
+    ok markus@
+    
+    Upstream-ID: bfc290053d40b806ecac46317d300677d80e1dc9
+
+commit 05164358577c82de18ed7373196bc7dbd8a3f79c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Apr 30 23:21:54 2017 +0000
+
+    upstream commit
+    
+    remove SSHv1-related buffers from client code
+    
+    Upstream-ID: dca5d01108f891861ceaf7ba1c0f2eb274e0c7dd
+
+commit 873d3e7d9a4707d0934fb4c4299354418f91b541
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Apr 30 23:18:44 2017 +0000
+
+    upstream commit
+    
+    remove KEY_RSA1
+    
+    ok markus@
+    
+    Upstream-ID: 7408517b077c892a86b581e19f82a163069bf133
+
+commit 788ac799a6efa40517f2ac0d895a610394298ffc
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Apr 30 23:18:22 2017 +0000
+
+    upstream commit
+    
+    remove SSHv1 configuration options and man pages bits
+    
+    ok markus@
+    
+    Upstream-ID: 84638c23546c056727b7a7d653c72574e0f19424
+
+commit e6882463a8ae0594aacb6d6575a6318a41973d84
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Apr 30 23:17:37 2017 +0000
+
+    upstream commit
+    
+    remove SSH1 make flag and associated files ok markus@
+    
+    Upstream-ID: ba9feacc5787337c413db7cf26ea3d53f854cfef
+
+commit cdccebdf85204bf7542b7fcc1aa2ea3f36661833
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Apr 30 23:15:04 2017 +0000
+
+    upstream commit
+    
+    remove SSHv1 ciphers; ok markus@
+    
+    Upstream-ID: e5ebc5e540d7f23a8c1266db1839794d4d177890
+
+commit 97f4d3083b036ce3e68d6346a6140a22123d5864
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Apr 30 23:13:25 2017 +0000
+
+    upstream commit
+    
+    remove compat20/compat13/compat15 variables
+    
+    ok markus@
+    
+    Upstream-ID: 43802c035ceb3fef6c50c400e4ecabf12354691c
+
+commit 99f95ba82673d33215dce17bfa1512b57f54ec09
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Apr 30 23:11:45 2017 +0000
+
+    upstream commit
+    
+    remove options.protocol and client Protocol
+    configuration knob
+    
+    ok markus@
+    
+    Upstream-ID: 5a967f5d06e2d004b0235457b6de3a9a314e9366
+
+commit 56912dea6ef63dae4eb1194e5d88973a7c6c5740
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Apr 30 23:10:43 2017 +0000
+
+    upstream commit
+    
+    unifdef WITH_SSH1 ok markus@
+    
+    Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7
+
+commit d4084cd230f7319056559b00db8b99296dad49d5
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Sat Apr 29 06:06:01 2017 +0000
+
+    upstream commit
+    
+    tweak previous;
+    
+    Upstream-ID: a3abc6857455299aa42a046d232b7984568bceb9
+
+commit 249516e428e8461b46340a5df5d5ed1fbad2ccce
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Apr 29 04:12:25 2017 +0000
+
+    upstream commit
+    
+    allow ssh-keygen to include arbitrary string or flag
+    certificate extensions and critical options. ok markus@ dtucker@
+    
+    Upstream-ID: 2cf28dd6c5489eb9fc136e0b667ac3ea10241646
+
+commit 47a287bb6ac936c26b4f3ae63279c02902ded3b9
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Fri Apr 28 06:15:03 2017 +0000
+
+    upstream commit
+    
+    sort;
+    
+    Upstream-ID: 7e6b56e52b039cf44d0418e9de9aca20a2d2d15a
+
+commit 36465a76a79ad5040800711b41cf5f32249d5120
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Apr 28 14:44:28 2017 +1000
+
+    Typo.
+    
+    Upstream-Regress-ID: 1e6b51ddf767cbad0a4e63eb08026c127e654308
+
+commit 9d18cb7bdeb00b20205fd13d412aae8c0e0457ed
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Apr 28 14:41:17 2017 +1000
+
+    Add 2 regress commits I applied by hand.
+    
+    Upstream-Regress-ID: 30c20180c87cbc99fa1020489fe7fd8245b6420c
+    Upstream-Regress-ID: 1e6b51ddf767cbad0a4e63eb08026c127e654308
+
+commit 9504ea6b27f9f0ece64e88582ebb9235e664a100
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Apr 28 14:33:43 2017 +1000
+
+    Merge integrity.sh rev 1.22.
+    
+    Merge missing bits from Colin Watson's patch in bz#2658 which make integrity
+    tests more robust against timeouts.  ok djm@
+
+commit 06ec837a34542627e2183a412d6a9d2236f22140
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Apr 28 14:30:03 2017 +1000
+
+    Id sync for integrity.sh rev 1.21 which pulls in some shell portability fixes
+
+commit e0194b471efe7d3daedc9cc66686cb1ab69d3be8
+Author: jsg@openbsd.org <jsg@openbsd.org>
+Date:   Mon Apr 17 11:02:31 2017 +0000
+
+    upstream commit
+    
+    Change COMPILER_VERSION tests which limited additional
+    warnings to gcc4 to instead skip them on gcc3 as clang can handle
+    -Wpointer-sign and -Wold-style-definition.
+    
+    Upstream-Regress-ID: e48d7dc13e48d9334b8195ef884dfbc51316012f
+
+commit 6830be90e71f46bcd182a9202b151eaf2b299434
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Apr 28 03:24:53 2017 +0000
+
+    upstream commit
+    
+    include key fingerprint in "Offering public key" debug
+    message
+    
+    Upstream-ID: 964749f820c2ed4cf6a866268b1a05e907315c52
+
+commit 066437187e16dcafcbc19f9402ef0e6575899b1d
+Author: millert@openbsd.org <millert@openbsd.org>
+Date:   Fri Apr 28 03:21:12 2017 +0000
+
+    upstream commit
+    
+    Avoid relying on implementation-specific behavior when
+    detecting whether the timestamp or file size overflowed.  If time_t and off_t
+    are not either 32-bit or 64-bit scp will exit with an error. OK djm@
+    
+    Upstream-ID: f31caae73ddab6df496b7bbbf7da431e267ad135
+
+commit 68d3a2a059183ebd83b15e54984ffaced04d2742
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Apr 28 03:20:27 2017 +0000
+
+    upstream commit
+    
+    Add SyslogFacility option to ssh(1) matching the
+    equivalent option in sshd(8).  bz#2705, patch from erahn at arista.com, ok
+    djm@
+    
+    Upstream-ID: d5115c2c0193ceb056ed857813b2a7222abda9ed
+
+commit e13aad66e73a14b062d13aee4e98f1e21a3f6a14
+Author: jsg@openbsd.org <jsg@openbsd.org>
+Date:   Thu Apr 27 13:40:05 2017 +0000
+
+    upstream commit
+    
+    remove a static array unused since rev 1.306 spotted by
+    clang ok djm@
+    
+    Upstream-ID: 249b3eed2446f6074ba2219ccc46919dd235a7b8
+
+commit 91bd2181866659f00714903e78e1c3edd4c45f3d
+Author: millert@openbsd.org <millert@openbsd.org>
+Date:   Thu Apr 27 11:53:12 2017 +0000
+
+    upstream commit
+    
+    Avoid potential signed int overflow when parsing the file
+    size. Use strtoul() instead of parsing manually.  OK djm@
+    
+    Upstream-ID: 1f82640861c7d905bbb05e7d935d46b0419ced02
+
+commit 17a54a03f5a1d35e33cc24e22cd7a9d0f6865dc4
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Apr 25 08:32:27 2017 +1000
+
+    Fix typo in "socketcall".
+    
+    Pointed out by jjelen at redhat.com.
+
+commit 8b0eee148f7cf8b248c30d1bae57300f2cc5aafd
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Apr 24 19:40:31 2017 +1000
+
+    Deny socketcall in seccomp filter on ppc64le.
+    
+    OpenSSL is using socket() calls (in FIPS mode) when handling ECDSA keys
+    in privsep child. The socket() syscall is already denied in the seccomp
+    filter, but in ppc64le kernel, it is implemented using socketcall()
+    syscall, which is not denied yet (only SYS_SHUTDOWN is allowed) and
+    therefore fails hard.
+    
+    Patch from jjelen at redhat.com.
+
+commit f8500b2be599053daa05248a86a743232ec6a536
+Author: schwarze@openbsd.org <schwarze@openbsd.org>
+Date:   Mon Apr 17 14:31:23 2017 +0000
+
+    upstream commit
+    
+    Recognize nl_langinfo(CODESET) return values "646" and ""
+    as aliases for "US-ASCII", useful for different versions of NetBSD and
+    Solaris. Found by dtucker@ and by Tom G. Christensen <tgc at jupiterrise dot
+    com>. OK dtucker@ deraadt@
+    
+    Upstream-ID: 38c2133817cbcae75c88c63599ac54228f0fa384
+
+commit 7480dfedf8c5c93baaabef444b3def9331e86ad5
+Author: jsg@openbsd.org <jsg@openbsd.org>
+Date:   Mon Apr 17 11:02:31 2017 +0000
+
+    upstream commit
+    
+    Change COMPILER_VERSION tests which limited additional
+    warnings to gcc4 to instead skip them on gcc3 as clang can handle
+    -Wpointer-sign and -Wold-style-definition.
+    
+    Upstream-ID: 5cbe348aa76dc1adf55be6c0e388fafaa945439a
+
+commit 4d827f0d75a53d3952288ab882efbddea7ffadfe
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Apr 4 00:24:56 2017 +0000
+
+    upstream commit
+    
+    disallow creation (of empty files) in read-only mode;
+    reported by Michal Zalewski, feedback & ok deraadt@
+    
+    Upstream-ID: 5d9c8f2fa8511d4ecf95322994ffe73e9283899b
+
+commit ef47843af0a904a21c920e619c5aec97b65dd9ac
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Sun Mar 26 00:18:52 2017 +0000
+
+    upstream commit
+    
+    incorrect renditions of this quote bother me
+    
+    Upstream-ID: 1662be3ebb7a71d543da088119c31d4d463a9e49
+
+commit d9048861bea842c4eba9c2dbbf97064cc2a5ef02
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Mar 31 11:04:43 2017 +1100
+
+    Check for and use gcc's -pipe.
+    
+    Speeds up configure and build by a couple of percent.  ok djm@
+
+commit 282cad2240c4fbc104c2f2df86d688192cbbe4bb
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Mar 29 16:34:44 2017 +1100
+
+    Import fmt_scaled.c rev 1.16 from OpenBSD.
+    
+    Fix overly-conservative overflow checks on mulitplications and add checks
+    on additions.  This allows scan_scaled to work up to +/-LLONG_MAX (LLONG_MIN
+    will still be flagged as a range error).  ok millert@
+
+commit c73a229e4edf98920f395e19fd310684fc6bb951
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Mar 29 16:34:02 2017 +1100
+
+    Import fmt_scaled.c rev 1.15 from OpenBSD.
+    
+    Collapse underflow and overflow checks into a single block.
+    ok djm@ millert@
+
+commit d427b73bf5a564f663d16546dbcbd84ba8b9d4af
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Mar 29 16:32:57 2017 +1100
+
+    Import fmt_scaled.c rev 1.14 from OpenBSD.
+    
+    Catch integer underflow in scan_scaled reported by Nicolas Iooss.
+    ok deraadt@ djm@
+
+commit d13281f2964abc5f2e535e1613c77fc61b0c53e7
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Mar 29 12:39:39 2017 +1100
+
+    Don't check privsep user or path when unprivileged
+    
+    If running with privsep (mandatory now) as a non-privileged user, we
+    don't chroot or change to an unprivileged user however we still checked
+    the existence of the user and directory.  Don't do those checks if we're
+    not going to use them.  Based in part on a patch from Lionel Fourquaux
+    via Corinna Vinschen, ok djm@
+
+commit f2742a481fe151e493765a3fbdef200df2ea7037
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Mar 29 10:50:31 2017 +1100
+
+    Remove SHA256 EVP wrapper implementation.
+    
+    All supported versions of OpenSSL should now have SHA256 so remove our
+    EVP wrapper implementaion.  ok djm@
+
+commit 5346f271fc76549caf4a8e65b5fba319be422fe9
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Mar 29 10:23:58 2017 +1100
+
+    Remove check for OpenSSL < 0.9.8g.
+    
+    We no longer support OpenSSL < 1.0.1 so remove check for unreliable ECC
+    in OpenSSL < 0.9.8g.
+
+commit 8fed0a5fe7b4e78a6810b133d8e91be9742ee0a1
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Mar 29 10:16:15 2017 +1100
+
+    Remove compat code for OpenSSL < 0.9.7.
+    
+    Resyncs that code with OpenBSD upstream.
+
+commit 608ec1f62ff22fdccc3952e51463d79c43cbd0d3
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Mar 29 09:50:54 2017 +1100
+
+    Remove SSHv1 code path.
+    
+    Server-side support for Protocol 1 has been removed so remove !compat20
+    PAM code path.
+
+commit 7af27bf538cbc493d609753f9a6d43168d438f1b
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Mar 24 09:44:56 2017 +1100
+
+    Enable ldns when using ldns-config.
+    
+    Actually enable ldns when attempting to use ldns-config.  bz#2697, patch
+    from fredrik at fornwall.net.
+
+commit 58b8cfa2a062b72139d7229ae8de567f55776f24
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Mar 22 12:43:02 2017 +1100
+
+    Missing header on Linux/s390
+    
+    Patch from Jakub Jelen
+
+commit 096fb65084593f9f3c1fc91b6d9052759a272a00
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Mar 20 22:08:06 2017 +0000
+
+    upstream commit
+    
+    remove /usr/bin/time calls around tests, makes diffing test
+    runs harder. Based on patch from Mike Frysinger
+    
+    Upstream-Regress-ID: 81c1083b14dcf473b23d2817882f40b346ebc95c
+
+commit 6b853c6f8ba5eecc50f3b57af8e63f8184eb0fa6
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Mar 21 08:47:55 2017 +1100
+
+    Fix syntax error on Linux/X32
+    
+    Patch from Mike Frysinger
+
+commit d38f05dbdd291212bc95ea80648b72b7177e9f4e
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Mar 20 13:38:27 2017 +1100
+
+    Add llabs() implementation.
+
+commit 72536316a219b7394996a74691a5d4ec197480f7
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Mar 20 12:23:04 2017 +1100
+
+    crank version numbers
+
+commit 3be52bc36bdfd24ded7e0f46999e7db520fb4e3f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Mar 20 01:18:59 2017 +0000
+
+    upstream commit
+    
+    openssh-7.5
+    
+    Upstream-ID: b8b9a4a949427c393cd868215e1724ceb3467ee5
+
+commit db84e52fe9cfad57f22e7e23c5fbf00092385129
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Mar 20 12:07:20 2017 +1100
+
+    I'm a doofus.
+    
+    Unbreak obvious syntax error.
+
+commit 89f04852db27643717c9c3a2b0dde97ae50099ee
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Mar 20 11:53:34 2017 +1100
+
+    on Cygwin, check paths from server for backslashes
+    
+    Pointed out by Jann Horn of Google Project Zero
+
+commit 7ef1f9bafc2cc8d97ff2fbd4f280002b6e8ea5d9
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Mar 20 11:48:34 2017 +1100
+
+    Yet another synonym for ASCII: "646"
+    
+    Used by NetBSD; this unbreaks mprintf() and friends there for the C
+    locale (caught by dtucker@ and his menagerie of test systems).
+
+commit 9165abfea3f68a0c684a6ed2e575e59bc31a3a6b
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Mar 20 09:58:34 2017 +1100
+
+    create test mux socket in /tmp
+    
+    Creating the socket in $OBJ could blow past the (quite limited)
+    path limit for Unix domain sockets. As a bandaid for bz#2660,
+    reported by Colin Watson; ok dtucker@
+
+commit 2adbe1e63bc313d03e8e84e652cc623af8ebb163
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed Mar 15 07:07:39 2017 +0000
+
+    upstream commit
+    
+    disallow KEXINIT before NEWKEYS; ok djm; report by
+    vegard.nossum at oracle.com
+    
+    Upstream-ID: 3668852d1f145050e62f1da08917de34cb0c5234
+
+commit 2fbf91684d76d38b9cf06550b69c9e41bca5a71c
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Thu Mar 16 14:05:46 2017 +1100
+
+    Include includes.h for compat bits.
+
+commit b55f634e96b9c5b0cd991e23a9ca181bec4bdbad
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Thu Mar 16 13:45:17 2017 +1100
+
+    Wrap stdint.h in #ifdef HAVE_STDINT_H
+
+commit 55a1117d7342a0bf8b793250cf314bab6b482b99
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Mar 16 11:22:42 2017 +1100
+
+    Adapt Cygwin config script to privsep knob removal
+    
+    Patch from Corinna Vinschen.
+
+commit 1a321bfdb91defe3c4d9cca5651724ae167e5436
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Wed Mar 15 03:52:30 2017 +0000
+
+    upstream commit
+    
+    accidents happen to the best of us; ok djm
+    
+    Upstream-ID: b7a9dbd71011ffde95e06f6945fe7197dedd1604
+
+commit 25f837646be8c2017c914d34be71ca435dfc0e07
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Mar 15 02:25:09 2017 +0000
+
+    upstream commit
+    
+    fix regression in 7.4: deletion of PKCS#11-hosted keys
+    would fail unless they were specified by full physical pathname. Report and
+    fix from Jakub Jelen via bz#2682; ok dtucker@
+    
+    Upstream-ID: 5b5bc20ca11cacb5d5eb29c3f93fd18425552268
+
+commit a8c5eeacf032a7d3408957e45dd7603cc1baf55f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Mar 15 02:19:09 2017 +0000
+
+    upstream commit
+    
+    Fix segfault when sshd attempts to load RSA1 keys (can
+    only happen when protocol v.1 support is enabled for the client). Reported by
+    Jakub Jelen in bz#2686; ok dtucker
+    
+    Upstream-ID: 8fdaec2ba4b5f65db1d094f6714ce64b25d871d7
+
+commit 66705948c0639a7061a0d0753266da7685badfec
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Mar 14 07:19:07 2017 +0000
+
+    upstream commit
+    
+    Mark the sshd_config UsePrivilegeSeparation option as
+    deprecated, effectively making privsep mandatory in sandboxing mode. ok
+    markus@ deraadt@
+    
+    (note: this doesn't remove the !privsep code paths, though that will
+    happen eventually).
+    
+    Upstream-ID: b4c52666256c4dd865f8ce9431af5d6ce2d74a0a
+
+commit f86586b03fe6cd8f595289bde200a94bc2c191af
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Mar 14 18:26:29 2017 +1100
+
+    Make seccomp-bpf sandbox work on Linux/X32
+    
+    Allow clock_gettime syscall with X32 bit masked off. Apparently
+    this is required for at least some kernel versions. bz#2142
+    Patch mostly by Colin Watson. ok dtucker@
+
+commit 2429cf78dd2a9741ce27ba25ac41c535274a0af6
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Mar 14 18:01:52 2017 +1100
+
+    require OpenSSL >=1.0.1
+
+commit e3ea335abeab731c68f2b2141bee85a4b0bf680f
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Mar 14 17:48:43 2017 +1100
+
+    Remove macro trickery; no binary change
+    
+    This stops the SC_ALLOW(), SC_ALLOW_ARG() and SC_DENY() macros
+    prepending __NR_ to the syscall number parameter and just makes
+    them explicit in the macro invocations.
+    
+    No binary change in stripped object file before/after.
+
+commit 5f1596e11d55539678c41f68aed358628d33d86f
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Mar 14 13:15:18 2017 +1100
+
+    support ioctls for ICA crypto card on Linux/s390
+    
+    Based on patch from Eduardo Barretto; ok dtucker@
+
+commit b1b22dd0df2668b322dda174e501dccba2cf5c44
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Mar 14 14:19:36 2017 +1100
+
+    Plumb conversion test into makefile.
+
+commit f57783f1ddfb4cdfbd612c6beb5ec01cb5b9a6b9
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Mar 14 01:20:29 2017 +0000
+
+    upstream commit
+    
+    Add unit test for convtime().
+    
+    Upstream-Regress-ID: 8717bc0ca4c21120f6dd3a1d3b7a363f707c31e1
+
+commit 8884b7247d094cd11ff9e39c325ba928c5bdbc6c
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Mar 14 01:10:07 2017 +0000
+
+    upstream commit
+    
+    Add ASSERT_LONG_* helpers.
+    
+    Upstream-Regress-ID: fe15beaea8f5063c7f21b0660c722648e3d76431
+
+commit c6774d21185220c0ba11e8fd204bf0ad1a432071
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Mar 14 00:55:37 2017 +0000
+
+    upstream commit
+    
+    Fix convtime() overflow test on boundary condition,
+    spotted by & ok djm.
+    
+    Upstream-ID: 51f14c507ea87a3022e63f574100613ab2ba5708
+
+commit f5746b40cfe6d767c8e128fe50c43274b31cd594
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Mar 14 00:25:03 2017 +0000
+
+    upstream commit
+    
+    Check for integer overflow when parsing times in
+    convtime().  Reported by nicolas.iooss at m4x.org, ok djm@
+    
+    Upstream-ID: 35e6a4e98f6fa24df50bfb8ba1307cf70e966f13
+
+commit f5907982f42a8d88a430b8a46752cbb7859ba979
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Mar 14 13:38:15 2017 +1100
+
+    Add a "unit" target to run only unit tests.
+
+commit 9e96b41682aed793fadbea5ccd472f862179fb02
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Mar 14 12:24:47 2017 +1100
+
+    Fix weakness in seccomp-bpf sandbox arg inspection
+    
+    Syscall arguments are passed via an array of 64-bit values in struct
+    seccomp_data, but we were only inspecting the bottom 32 bits and not
+    even those correctly for BE systems.
+    
+    Fortunately, the only case argument inspection was used was in the
+    socketcall filtering so using this for sandbox escape seems
+    impossible.
+    
+    ok dtucker
+
+commit 8ff3fc3f2f7c13e8968717bc2b895ee32c441275
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Mar 11 23:44:16 2017 +0000
+
+    upstream commit
+    
+    regress tests for loading certificates without public keys;
+    bz#2617 based on patch from Adam Eijdenberg; ok markus@ dtucker@
+    
+    Upstream-Regress-ID: 0145d19328ed995b73fe2d9da33596b17429d0d0
+
+commit 1e24552716194db8f2f620587b876158a9ef56ad
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Mar 11 23:40:26 2017 +0000
+
+    upstream commit
+    
+    allow ssh to use certificates accompanied by a private
+    key file but no corresponding plain *.pub public key. bz#2617 based on patch
+    from Adam Eijdenberg; ok dtucker@ markus@
+    
+    Upstream-ID: 295668dca2c39505281577217583ddd2bd4b00b9
+
+commit 0fb1a617a07b8df5de188dd5a0c8bf293d4bfc0e
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Sat Mar 11 13:07:35 2017 +0000
+
+    upstream commit
+    
+    Don't count the initial block twice when computing how
+    many bytes to discard for the work around for the attacks against CBC-mode.
+    ok djm@; report from Jean Paul, Kenny, Martin and Torben @ RHUL
+    
+    Upstream-ID: f445f509a4e0a7ba3b9c0dae7311cb42458dc1e2
+
+commit ef653dd5bd5777132d9f9ee356225f9ee3379504
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Mar 10 07:18:32 2017 +0000
+
+    upstream commit
+    
+    krl.c
+    
+    Upstream-ID: fc5e695d5d107d730182e2da7b23f00b489e0ee1
+
+commit d94c1dfef2ea30ca67b1204ada7c3b537c54f4d0
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sun Mar 12 10:48:14 2017 +1100
+
+    sync fmt_scaled.c with OpenBSD
+    
+    revision 1.13
+    date: 2017/03/11 23:37:23;  author: djm;  state: Exp;  lines: +14 -1;  commitid: jnFKyHkB3CEiEZ2R;
+    fix signed integer overflow in scan_scaled. Found by Nicolas Iooss
+    using AFL against ssh_config. ok deraadt@ millert@
+    ----------------------------
+    revision 1.12
+    date: 2013/11/29 19:00:51;  author: deraadt;  state: Exp;  lines: +6 -5;
+    fairly simple unsigned char casts for ctype
+    ok krw
+    ----------------------------
+    revision 1.11
+    date: 2012/11/12 14:07:20;  author: halex;  state: Exp;  lines: +4 -2;
+    make scan_scaled set errno to EINVAL rather than ERANGE if it encounters
+    an invalid multiplier, like the man page says it should
+    
+    "looks sensible" deraadt@, ok ian@
+    ----------------------------
+    revision 1.10
+    date: 2009/06/20 15:00:04;  author: martynas;  state: Exp;  lines: +4 -4;
+    use llabs instead of the home-grown version;  and some comment changes
+    ok ian@, millert@
+    ----------------------------
+
+commit 894221a63fa061e52e414ca58d47edc5fe645968
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 10 05:01:13 2017 +0000
+
+    upstream commit
+    
+    When updating hostkeys, accept RSA keys if
+    HostkeyAlgorithms contains any RSA keytype. Previously, ssh could ignore RSA
+    keys when any of the ssh-rsa-sha2-* methods was enabled in HostkeyAlgorithms
+    nit ssh-rsa (SHA1 signatures) was not. bz#2650 reported by Luis Ressel; ok
+    dtucker@
+    
+    Upstream-ID: c5e8cfee15c42f4a05d126158a0766ea06da79d2
+
+commit dd3e2298663f4cc1a06bc69582d00dcfee27d73c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 10 04:24:55 2017 +0000
+
+    upstream commit
+    
+    make hostname matching really insensitive to case;
+    bz#2685, reported by Petr Cerny; ok dtucker@
+    
+    Upstream-ID: e467622ff154269e36ba8b6c9e3d105e1c4a9253
+
+commit 77a9be9446697fe8b5499fe651f4a82a71a4b51f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 10 03:52:48 2017 +0000
+
+    upstream commit
+    
+    reword a comment to make it fit 80 columns
+    
+    Upstream-ID: 4ef509a66b96c7314bbcc87027c2af71fa9d0ba4
+
+commit 61b8ef6a66efaec07e023342cb94a10bdc2254dc
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 10 04:27:32 2017 +0000
+
+    upstream commit
+    
+    better match sshd config parser behaviour: fatal() if
+    line is overlong, increase line buffer to match sshd's; bz#2651 reported by
+    Don Fong; ok dtucker@
+    
+    Upstream-ID: b175ae7e0ba403833f1ee566edf10f67443ccd18
+
+commit db2597207e69912f2592cd86a1de8e948a9d7ffb
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 10 04:26:06 2017 +0000
+
+    upstream commit
+    
+    ensure hostname is lower-case before hashing it;
+    bz#2591 reported by Griff Miller II; ok dtucker@
+    
+    Upstream-ID: c3b8b93804f376bd00d859b8bcd9fc0d86b4db17
+
+commit df9936936c695f85c1038bd706d62edf752aca4b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 10 04:24:55 2017 +0000
+
+    upstream commit
+    
+    make hostname matching really insensitive to case;
+    bz#2685, reported by Petr Cerny; ok dtucker@
+    
+    Upstream-ID: e632b7a9bf0d0558d5ff56dab98b7cca6c3db549
+
+commit 67eed24bfa7645d88fa0b883745fccb22a0e527e
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Mar 10 04:11:00 2017 +0000
+
+    upstream commit
+    
+    Remove old null check from config dumper.  Patch from
+    jjelen at redhat.com vi bz#2687, ok djm@
+    
+    Upstream-ID: 824ab71467b78c4bab0dd1b3a38e8bc5f63dd528
+
+commit 183ba55aaaecca0206184b854ad6155df237adbe
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 10 04:07:20 2017 +0000
+
+    upstream commit
+    
+    fix regression in 7.4 server-sig-algs, where we were
+    accidentally excluding SHA2 RSA signature methods. bz#2680, patch from Nuno
+    Goncalves; ok dtucker@
+    
+    Upstream-ID: 81ac8bfb30960447740b9b8f6a214dcf322f12e8
+
+commit 66be4fe8c4435af5bbc82998501a142a831f1181
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Mar 10 03:53:11 2017 +0000
+
+    upstream commit
+    
+    Check for NULL return value from key_new.  Patch from
+    jjelen at redhat.com via bz#2687, ok djm@
+    
+    Upstream-ID: 059e33cd43cba88dc8caf0b1936fd4dd88fd5b8e
+
+commit ec2892b5c7fea199914cb3a6afb3af38f84990bf
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 10 03:52:48 2017 +0000
+
+    upstream commit
+    
+    reword a comment to make it fit 80 columns
+    
+    Upstream-ID: b4b48b4487c0821d16e812c40c9b09f03b28e349
+
+commit 7fadbb6da3f4122de689165651eb39985e1cba85
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Mar 10 03:48:57 2017 +0000
+
+    upstream commit
+    
+    Check for NULL argument to sshkey_read.  Patch from
+    jjelen at redhat.com via bz#2687, ok djm@
+    
+    Upstream-ID: c2d00c2ea50c4861d271d0a586f925cc64a87e0e
+
+commit 5a06b9e019e2b0b0f65a223422935b66f3749de3
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Mar 10 03:45:40 2017 +0000
+
+    upstream commit
+    
+    Plug some mem leaks mostly on error paths.  From jjelen
+    at redhat.com via bz#2687, ok djm@
+    
+    Upstream-ID: 3fb030149598957a51b7c8beb32bf92cf30c96f2
+
+commit f6edbe9febff8121f26835996b1229b5064d31b7
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Mar 10 03:24:48 2017 +0000
+
+    upstream commit
+    
+    Plug mem leak on GLOB_NOMATCH case.  From jjelen at
+    redhat.com via bz#2687, ok djm@
+    
+    Upstream-ID: 8016a7ae97719d3aa55fb723fc2ad3200058340d
+
+commit 566b3a46e89a2fda2db46f04f2639e92da64a120
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Mar 10 03:22:40 2017 +0000
+
+    upstream commit
+    
+    Plug descriptor leaks of auth_sock.  From jjelen at
+    redhat.com via bz#2687, ok djm@
+    
+    Upstream-ID: 248acb99a5ed2fdca37d1aa33c0fcee7be286d88
+
+commit 8a2834454c73dfc1eb96453c0e97690595f3f4c2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 10 03:18:24 2017 +0000
+
+    upstream commit
+    
+    correctly hash hosts with a port number. Reported by Josh
+    Powers in bz#2692; ok dtucker@
+    
+    Upstream-ID: 468e357ff143e00acc05bdd2803a696b3d4b6442
+
+commit 9747b9c742de409633d4753bf1a752cbd211e2d3
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 10 03:15:58 2017 +0000
+
+    upstream commit
+    
+    don't truncate off \r\n from long stderr lines; bz#2688,
+    reported by Brian Dyson; ok dtucker@
+    
+    Upstream-ID: cdfdc4ba90639af807397ce996153c88af046ca4
+
+commit 4a4b75adac862029a1064577eb5af299b1580cdd
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Mar 10 02:59:51 2017 +0000
+
+    upstream commit
+    
+    Validate digest arg in ssh_digest_final; from jjelen at
+    redhat.com via bz#2687, ok djm@
+    
+    Upstream-ID: dbe5494dfddfe523fab341a3dab5a79e7338f878
+
+commit bee0167be2340d8de4bdc1ab1064ec957c85a447
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Mar 10 13:40:18 2017 +1100
+
+    Check for NULL from malloc.
+    
+    Part of bz#2687, from jjelen at redhat.com.
+
+commit da39b09d43b137a5a3d071b51589e3efb3701238
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Mar 10 13:22:32 2017 +1100
+
+    If OSX is using launchd, remove screen no.
+    
+    Check for socket with and without screen number.  From Apple and Jakob
+    Schlyter via bz#2341, with contributions from Ron Frederick, ok djm@
+
+commit 8fb15311a011517eb2394bb95a467c209b8b336c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Mar 8 12:07:47 2017 +0000
+
+    upstream commit
+    
+    quote [host]:port in generated ProxyJump commandline; the
+    [ / ] characters can confuse some shells (e.g. zsh). Reported by Lauri
+    Tirkkonen via bugs@
+    
+    Upstream-ID: 65cdd161460e1351c3d778e974c1c2a4fa4bc182
+
+commit 18501151cf272a15b5f2c5e777f2e0933633c513
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Mar 6 02:03:20 2017 +0000
+
+    upstream commit
+    
+    Check l->hosts before dereferencing; fixes potential null
+    pointer deref. ok djm@
+    
+    Upstream-ID: 81c0327c6ec361da794b5c680601195cc23d1301
+
+commit d072370793f1a20f01ad827ba8fcd3b8f2c46165
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Mar 6 00:44:51 2017 +0000
+
+    upstream commit
+    
+    linenum is unsigned long so use %lu in log formats.  ok
+    deraadt@
+    
+    Upstream-ID: 9dc582d9bb887ebe0164e030d619fc20b1a4ea08
+
+commit 12d3767ba4c84c32150cbe6ff6494498780f12c9
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 3 06:13:11 2017 +0000
+
+    upstream commit
+    
+    fix ssh-keygen -H accidentally corrupting known_hosts that
+    contained already-hashed entries. HKF_MATCH_HOST_HASHED is only set by
+    hostkeys_foreach() when hostname matching is in use, so we need to look for
+    the hash marker explicitly.
+    
+    Upstream-ID: da82ad653b93e8a753580d3cf5cd448bc2520528
+
+commit d7abb771bd5a941b26144ba400a34563a1afa589
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Feb 28 06:10:08 2017 +0000
+
+    upstream commit
+    
+    small memleak: free fd_set on connection timeout (though
+    we are heading to exit anyway). From Tom Rix in bz#2683
+    
+    Upstream-ID: 10e3dadbb8199845b66581473711642d9e6741c4
+
+commit 78142e3ab3887e53a968d6e199bcb18daaf2436e
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Mon Feb 27 14:30:33 2017 +0000
+
+    upstream commit
+    
+    errant dot; from klemens nanni
+    
+    Upstream-ID: 83d93366a5acf47047298c5d3ebc5e7426f37921
+
+commit 8071a6924c12bb51406a9a64a4b2892675112c87
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Feb 24 03:16:34 2017 +0000
+
+    upstream commit
+    
+    might as well set the listener socket CLOEXEC
+    
+    Upstream-ID: 9c538433d6a0ca79f5f21decc5620e46fb68ab57
+
+commit d5499190559ebe374bcdfa8805408646ceffad64
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Feb 19 00:11:29 2017 +0000
+
+    upstream commit
+    
+    add test cases for C locale; ok schwarze@
+    
+    Upstream-Regress-ID: 783d75de35fbc923d46e2a5e6cee30f8f381ba87
+
+commit 011c8ffbb0275281a0cf330054cf21be10c43e37
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Feb 19 00:10:57 2017 +0000
+
+    upstream commit
+    
+    Add a common nl_langinfo(CODESET) alias for US-ASCII
+    "ANSI_X3.4-1968" that is used by Linux. Fixes mprintf output truncation for
+    non-UTF-8 locales on Linux spotted by dtucker@; ok deraadt@ schwarze@
+    
+    Upstream-ID: c6808956ebffd64066f9075d839f74ff0dd60719
+
+commit 0c4430a19b73058a569573492f55e4c9eeaae67b
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Feb 7 23:03:11 2017 +0000
+
+    upstream commit
+    
+    Remove deprecated SSH1 options RSAAuthentication and
+    RhostsRSAAuthentication from regression test sshd_config.
+    
+    Upstream-Regress-ID: 8066b753d9dce7cf02ff87af5c727ff680d99491
+
+commit 3baa4cdd197c95d972ec3d07f1c0d08f2d7d9199
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Feb 17 02:32:05 2017 +0000
+
+    upstream commit
+    
+    Do not show rsa1 key type in usage when compiled without
+    SSH1 support.
+    
+    Upstream-ID: 068b5c41357a02f319957746fa4e84ea73960f57
+
+commit ecc35893715f969e98fee118481f404772de4132
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Feb 17 02:31:14 2017 +0000
+
+    upstream commit
+    
+    ifdef out "rsa1" from the list of supported keytypes when
+    compiled without SSH1 support.  Found by kdunlop at guralp.com, ok djm@
+    
+    Upstream-ID: cea93a26433d235bb1d64b1d990f19a9c160a70f
+
+commit 10577c6d96a55b877a960b2d0b75edef1b9945af
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Feb 17 02:04:15 2017 +0000
+
+    upstream commit
+    
+    For ProxyJump/-J, surround host name with brackets to
+    allow literal IPv6 addresses. From Dick Visser; ok dtucker@
+    
+    Upstream-ID: 3a5d3b0171250daf6a5235e91bce09c1d5746bf1
+
+commit b2afdaf1b52231aa23d2153f4a8c5a60a694dda4
+Author: jsg@openbsd.org <jsg@openbsd.org>
+Date:   Wed Feb 15 23:38:31 2017 +0000
+
+    upstream commit
+    
+    Fix memory leaks in match_filter_list() error paths.
+    
+    ok dtucker@ markus@
+    
+    Upstream-ID: c7f96ac0877f6dc9188bbc908100a8d246cc7f0e
+
+commit 6d5a41b38b55258213ecfaae9df7a758caa752a1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Feb 15 01:46:47 2017 +0000
+
+    upstream commit
+    
+    fix division by zero crash in "df" output when server
+    returns zero total filesystem blocks/inodes. Spotted by Guido Vranken; ok
+    dtucker@
+    
+    Upstream-ID: 6fb6c2ae6b289aa07b6232dbc0be54682ef5419f
+
+commit bd5d7d239525d595ecea92765334af33a45d9d63
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Sun Feb 12 15:45:15 2017 +1100
+
+    ifdef out EVP_R_PRIVATE_KEY_DECODE_ERROR
+    
+    EVP_R_PRIVATE_KEY_DECODE_ERROR was added in OpenSSL 1.0.0 so ifdef out
+    for the benefit of OpenSSL versions prior to that.
+
+commit 155d540d00ff55f063421ec182ec8ff2b7ab6cbe
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Feb 10 04:34:50 2017 +0000
+
+    upstream commit
+    
+    bring back r1.34 that was backed out for problems loading
+    public keys:
+    
+    translate OpenSSL error codes to something more
+    meaninful; bz#2522 reported by Jakub Jelen, ok dtucker@
+    
+    with additional fix from Jakub Jelen to solve the backout.
+    bz#2525 bz#2523 re-ok dtucker@
+    
+    Upstream-ID: a9d5bc0306f4473d9b4f4484f880e95f3c1cc031
+
+commit a287c5ad1e0bf9811c7b9221979b969255076019
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Feb 10 03:36:40 2017 +0000
+
+    upstream commit
+    
+    Sanitise escape sequences in key comments sent to printf
+    but preserve valid UTF-8 when the locale supports it; bz#2520 ok dtucker@
+    
+    Upstream-ID: e8eed28712ba7b22d49be534237eed019875bd1e
+
+commit e40269be388972848aafcca7060111c70aab5b87
+Author: millert@openbsd.org <millert@openbsd.org>
+Date:   Wed Feb 8 20:32:43 2017 +0000
+
+    upstream commit
+    
+    Avoid printf %s NULL.  From semarie@, OK djm@
+    
+    Upstream-ID: 06beef7344da0208efa9275d504d60d2a5b9266c
+
+commit 5b90709ab8704dafdb31e5651073b259d98352bc
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Feb 6 09:22:51 2017 +0000
+
+    upstream commit
+    
+    Restore \r\n newline sequence for server ident string. The CR
+    got lost in the flensing of SSHv1. Pointed out by Stef Bon
+    
+    Upstream-ID: 5333fd43ce5396bf5999496096fac5536e678fac
+
+commit 97c31c46ee2e6b46dfffdfc4f90bbbf188064cbc
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Feb 3 23:01:42 2017 +0000
+
+    upstream commit
+    
+    unit test for match_filter_list() function; still want a
+    better name for this...
+    
+    Upstream-Regress-ID: 840ad6118552c35111f0a897af9c8d93ab8de92a
+
+commit f1a193464a7b77646f0d0cedc929068e4a413ab4
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Feb 3 23:05:57 2017 +0000
+
+    upstream commit
+    
+    use ssh_packet_set_log_preamble() to include connection
+    username in packet log messages, e.g.
+    
+    Connection closed by invalid user foo 10.1.1.1 port 44056 [preauth]
+    
+    ok markus@ bz#113
+    
+    Upstream-ID: 3591b88bdb5416d6066fb3d49d8fff2375bf1a15
+
+commit 07edd7e9537ab32aa52abb5fb2a915c350fcf441
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Feb 3 23:03:33 2017 +0000
+
+    upstream commit
+    
+    add ssh_packet_set_log_preamble() to allow inclusion of a
+    preamble string in disconnect messages; ok markus@
+    
+    Upstream-ID: 34cb41182cd76d414c214ccb01c01707849afead
+
+commit 68bc8cfa7642d3ccbf2cd64281c16b8b9205be59
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Feb 3 23:01:19 2017 +0000
+
+    upstream commit
+    
+    support =- for removing methods from algorithms lists,
+    e.g. Ciphers=-*cbc; suggested by Cristian Ionescu-Idbohrn in bz#2671 "I like
+    it" markus@
+    
+    Upstream-ID: c78c38f9f81a963b33d0eade559f6048add24a6d
+
+commit c924b2ef941028a1f31e6e94f54dfeeeef462a4e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Feb 3 05:05:56 2017 +0000
+
+    upstream commit
+    
+    allow form-feed characters at EOL; bz#2431 ok dtucker@
+    
+    Upstream-ID: 1f453afaba6da2ae69d6afdf1ae79a917552f1a2
+
+commit 523db8540b720c4d21ab0ff6f928476c70c38aab
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Feb 3 16:01:22 2017 +1100
+
+    prefer to use ldns-config to find libldns
+    
+    Should fix bz#2603 - "Build with ldns and without kerberos support
+    fails if ldns compiled with kerberos support" by including correct
+    cflags/libs
+    
+    ok dtucker@
+
+commit c998bf0afa1a01257a53793eba57941182e9e0b7
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Feb 3 02:56:00 2017 +0000
+
+    upstream commit
+    
+    Make ssh_packet_set_rekey_limits take u32 for the number of
+    seconds until rekeying (negative values are rejected at config parse time).
+    This allows the removal of some casts and a signed vs unsigned comparison
+    warning.
+    
+    rekey_time is cast to int64 for the comparison which is a no-op
+    on OpenBSD, but should also do the right thing in -portable on
+    anything still using 32bit time_t (until the system time actually
+    wraps, anyway).
+    
+    some early guidance deraadt@, ok djm@
+    
+    Upstream-ID: c9f18613afb994a07e7622eb326f49de3d123b6c
+
+commit 3ec5fa4ba97d4c4853620daea26a33b9f1fe3422
+Author: jsg@openbsd.org <jsg@openbsd.org>
+Date:   Thu Feb 2 10:54:25 2017 +0000
+
+    upstream commit
+    
+    In vasnmprintf() return an error if malloc fails and
+    don't set a function argument to the address of free'd memory.
+    
+    ok djm@
+    
+    Upstream-ID: 1efffffff2f51d53c9141f245b90ac23d33b9779
+
+commit 858252fb1d451ebb0969cf9749116c8f0ee42753
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Feb 1 02:59:09 2017 +0000
+
+    upstream commit
+    
+    Return true reason for port forwarding failures where
+    feasible rather than always "administratively prohibited".  bz#2674, ok djm@
+    
+    Upstream-ID: d901d9887951774e604ca970e1827afaaef9e419
+
+commit 6ba9f893838489add6ec4213c7a997b425e4a9e0
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jan 30 23:27:39 2017 +0000
+
+    upstream commit
+    
+    Small correction to the known_hosts section on when it is
+    updated. Patch from lkppo at free.fr some time ago, pointed out by smallm at
+    sdf.org
+    
+    Upstream-ID: 1834d7af179dea1a12ad2137f84566664af225d5
+
+commit c61d5ec3c11e7ff9779b6127421d9f166cf10915
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Feb 3 14:10:34 2017 +1100
+
+    Remove _XOPEN_SOURCE from wide char detection.
+    
+    Having _XOPEN_SOURCE unconditionally causes problems on some platforms
+    and configurations, notably Solaris 64-bit binaries.  It was there for
+    the benefit of Linux put the required bits in the *-*linux* section.
+    
+    Patch from yvoinov at gmail.com.
+
+commit f25ee13b3e81fd80efeb871dc150fe49d7fc8afd
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 30 05:22:14 2017 +0000
+
+    upstream commit
+    
+    fully unbreak: some $SSH invocations did not have -F
+    specified and could pick up the ~/.ssh/config of the user running the tests
+    
+    Upstream-Regress-ID: f362d1892c0d3e66212d5d3fc02d915c58ef6b89
+
+commit 6956e21fb26652887475fe77ea40d2efcf25908b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 30 04:54:07 2017 +0000
+
+    upstream commit
+    
+    partially unbreak: was not specifying hostname on some
+    $SSH invocations
+    
+    Upstream-Regress-ID: bc8a5e98e57bad0a92ef4f34ed91c1d18294e2cc
+
+commit 52763dd3fe0a4678dafdf7aeb32286e514130afc
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 30 01:03:00 2017 +0000
+
+    upstream commit
+    
+    revise keys/principals command hang fix (bz#2655) to
+    consume entire output, avoiding sending SIGPIPE to subprocesses early; ok
+    dtucker@
+    
+    Upstream-ID: 7cb04b31a61f8c78c4e48ceededcd2fd5c4ee1bc
+
+commit 381a2615a154a82c4c53b787f4a564ef894fe9ac
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 30 00:38:50 2017 +0000
+
+    upstream commit
+    
+    small cleanup post SSHv1 removal:
+    
+    remove SSHv1-isms in commented examples
+    
+    reorder token table to group deprecated and compile-time conditional tokens
+    better
+    
+    fix config dumping code for some compile-time conditional options that
+    weren't being correctly skipped (SSHv1 and PKCS#11)
+    
+    Upstream-ID: f2e96b3cb3158d857c5a91ad2e15925df3060105
+
+commit 4833d01591b7eb049489d9558b65f5553387ed43
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 30 00:34:01 2017 +0000
+
+    upstream commit
+    
+    some explicit NULL tests when dumping configured
+    forwardings; from Karsten Weiss
+    
+    Upstream-ID: 40957b8dea69672b0e50df6b4a91a94e3e37f72d
+
+commit 326e2fae9f2e3e067b5651365eba86b35ee5a6b2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 30 00:32:28 2017 +0000
+
+    upstream commit
+    
+    misplaced braces in test; from Karsten Weiss
+    
+    Upstream-ID: f7b794074d3aae8e35b69a91d211c599c94afaae
+
+commit 3e032a95e46bfaea9f9e857678ac8fa5f63997fb
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jan 30 00:32:03 2017 +0000
+
+    upstream commit
+    
+    don't dereference authctxt before testing != NULL, it
+    causes compilers to make assumptions; from Karsten Weiss
+    
+    Upstream-ID: 794243aad1e976ebc717885b7a97a25e00c031b2
+
+commit 01cfaa2b1cfb84f3cdd32d1bf82b120a8d30e057
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jan 6 02:51:16 2017 +0000
+
+    upstream commit
+    
+    use correct ssh-add program; bz#2654, from Colin Watson
+    
+    Upstream-Regress-ID: 7042a36e1bdaec6562f6e57e9d047efe9c7a6030
+
+commit e5c7ec67cdc42ae2584085e0fc5cc5ee91133cf5
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jan 6 02:26:10 2017 +0000
+
+    upstream commit
+    
+    Account for timeouts in the integrity tests as failures.
+    
+    If the first test in a series for a given MAC happens to modify the low
+    bytes of a packet length, then ssh will time out and this will be
+    interpreted as a test failure.  Patch from cjwatson at debian.org via
+    bz#2658.
+    
+    Upstream-Regress-ID: e7467613b0badedaa300bc6fc7495ec2f44e2fb9
+
+commit dbaf599b61bd6e0f8469363a8c8e7f633b334018
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jan 6 02:09:25 2017 +0000
+
+    upstream commit
+    
+    Make forwarding test less racy by using unix domain
+    sockets instead of TCP ports where possible.  Patch from cjwatson at
+    debian.org via bz#2659.
+    
+    Upstream-Regress-ID: 4756375aac5916ef9d25452a1c1d5fa9e90299a9
+
+commit 9390b0031ebd6eb5488d3bc4d4333c528dffc0a6
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Jan 29 21:35:23 2017 +0000
+
+    upstream commit
+    
+    Fix typo in ~C error message for bad port forward
+    cancellation. bz#2672, from Brad Marshall via Colin Watson and Ubuntu's
+    bugtracker.
+    
+    Upstream-ID: 0d4a7e5ead6cc59c9a44b4c1e5435ab3aada09af
+
+commit 4ba15462ca38883b8a61a1eccc093c79462d5414
+Author: guenther@openbsd.org <guenther@openbsd.org>
+Date:   Sat Jan 21 11:32:04 2017 +0000
+
+    upstream commit
+    
+    The POSIX APIs that that sockaddrs all ignore the s*_len
+    field in the incoming socket, so userspace doesn't need to set it unless it
+    has its own reasons for tracking the size along with the sockaddr.
+    
+    ok phessler@ deraadt@ florian@
+    
+    Upstream-ID: ca6e49e2f22f2b9e81d6d924b90ecd7e422e7437
+
+commit a1187bd3ef3e4940af849ca953a1b849dae78445
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Fri Jan 6 16:28:12 2017 +0000
+
+    upstream commit
+    
+    keep the tokens list sorted;
+    
+    Upstream-ID: b96239dae4fb3aa94146bb381afabcc7740a1638
+
+commit b64077f9767634715402014f509e58decf1e140d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jan 6 09:27:52 2017 +0000
+
+    upstream commit
+    
+    fix previous
+    
+    Upstream-ID: c107d6a69bc22325d79fbf78a2a62e04bcac6895
+
+commit 5e820e9ea2e949aeb93071fe31c80b0c42f2b2de
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jan 6 03:53:58 2017 +0000
+
+    upstream commit
+    
+    show a useful error message when included config files
+    can't be opened; bz#2653, ok dtucker@
+    
+    Upstream-ID: f598b73b5dfe497344cec9efc9386b4e5a3cb95b
+
+commit 13bd2e2d622d01dc85d22b94520a5b243d006049
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jan 6 03:45:41 2017 +0000
+
+    upstream commit
+    
+    sshd_config is documented to set
+    GSSAPIStrictAcceptorCheck=yes by default, so actually make it do this.
+    bz#2637 ok dtucker
+    
+    Upstream-ID: 99ef8ac51f17f0f7aec166cb2e34228d4d72a665
+
+commit f89b928534c9e77f608806a217d39a2960cc7fd0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jan 6 03:41:58 2017 +0000
+
+    upstream commit
+    
+    Avoid confusing error message when attempting to use
+    ssh-keyscan built without SSH protocol v.1 to scan for v.1 keys; bz#2583
+    
+    Upstream-ID: 5d214abd3a21337d67c6dcc5aa6f313298d0d165
+
+commit 0999533014784579aa6f01c2d3a06e3e8804b680
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jan 6 02:34:54 2017 +0000
+
+    upstream commit
+    
+    Re-add '%k' token for AuthorizedKeysCommand which was
+    lost during the re-org in rev 1.235.  bz#2656, from jboning at gmail.com.
+    
+    Upstream-ID: 2884e203c02764d7b3fe7472710d9c24bdc73e38
+
+commit 51045869fa084cdd016fdd721ea760417c0a3bf3
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jan 4 05:37:40 2017 +0000
+
+    upstream commit
+    
+    unbreak Unix domain socket forwarding for root; ok
+    markus@
+    
+    Upstream-ID: 6649c76eb7a3fa15409373295ca71badf56920a2
+
+commit 58fca12ba967ea5c768653535604e1522d177e44
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Jan 16 09:08:32 2017 +1100
+
+    Remove LOGIN_PROGRAM.
+    
+    UseLogin is gone, remove leftover.  bz#2665, from cjwatson at debian.org
+
+commit b108ce92aae0ca0376dce9513d953be60e449ae1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jan 4 02:21:43 2017 +0000
+
+    upstream commit
+    
+    relax PKCS#11 whitelist a bit to allow libexec as well as
+    lib directories.
+    
+    Upstream-ID: cf5617958e2e2d39f8285fd3bc63b557da484702
+
+commit c7995f296b9222df2846f56ecf61e5ae13d7a53d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jan 3 05:46:51 2017 +0000
+
+    upstream commit
+    
+    check number of entries in SSH2_FXP_NAME response; avoids
+    unreachable overflow later. Reported by Jann Horn
+    
+    Upstream-ID: b6b2b434a6d6035b1644ca44f24cd8104057420f
+
+commit ddd3d34e5c7979ca6f4a3a98a7d219a4ed3d98c2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Dec 30 22:08:02 2016 +0000
+
+    upstream commit
+    
+    fix deadlock when keys/principals command produces a lot of
+    output and a key is matched early; bz#2655, patch from jboning AT gmail.com
+    
+    Upstream-ID: e19456429bf99087ea994432c16d00a642060afe
+
+commit 30eee7d1b2fec33c14870cc11910610be5d2aa6f
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Dec 20 12:16:11 2016 +1100
+
+    Re-add missing "Prerequisites" header and fix typo
+    
+    Patch from HARUYAMA Seigo <haruyama at unixuser org>.
+
+commit c8c60f3663165edd6a52632c6ddbfabfce1ca865
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Dec 19 22:35:23 2016 +0000
+
+    upstream commit
+    
+    use standard /bin/sh equality test; from Mike Frysinger
+    
+    Upstream-Regress-ID: 7b6f0b63525f399844c8ac211003acb8e4b0bec2
+
+commit 4a354fc231174901f2629437c2a6e924a2dd6772
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Dec 19 15:59:26 2016 +1100
+
+    crank version numbers for release
+
+commit 5f8d0bb8413d4d909cc7aa3c616fb0538224c3c9
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Dec 19 04:55:51 2016 +0000
+
+    upstream commit
+    
+    openssh-7.4
+    
+    Upstream-ID: 1ee404adba6bbe10ae9277cbae3a94abe2867b79
+
+commit 3a8213ea0ed843523e34e55ab9c852332bab4c7b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Dec 19 04:55:18 2016 +0000
+
+    upstream commit
+    
+    remove testcase that depends on exact output and
+    behaviour of snprintf(..., "%s", NULL)
+    
+    Upstream-Regress-ID: cab4288531766bd9593cb556613b91a2eeefb56f
+
+commit eae735a82d759054f6ec7b4e887fb7a5692c66d7
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Dec 19 03:32:57 2016 +0000
+
+    upstream commit
+    
+    Use LOGNAME to get current user and fall back to whoami if
+    not set. Mainly to benefit -portable since some platforms don't have whoami.
+    
+    Upstream-Regress-ID: e3a16b7836a3ae24dc8f8a4e43fdf8127a60bdfa
+
+commit 0d2f88428487518eea60602bd593989013831dcf
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Dec 16 03:51:19 2016 +0000
+
+    upstream commit
+    
+    Add regression test for AllowUsers and DenyUsers.  Patch from
+    Zev Weiss <zev at bewilderbeest.net>
+    
+    Upstream-Regress-ID: 8f1aac24d52728398871dac14ad26ea38b533fb9
+
+commit 3bc8180a008929f6fe98af4a56fb37d04444b417
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Dec 16 15:02:24 2016 +1100
+
+    Add missing monitor.h include.
+    
+    Fixes warning pointed out by Zev Weiss <zev at bewilderbeest.net>
+
+commit 410681f9015d76cc7b137dd90dac897f673244a0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Dec 16 02:48:55 2016 +0000
+
+    upstream commit
+    
+    revert to rev1.2; the new bits in this test depend on changes
+    to ssh that aren't yet committed
+    
+    Upstream-Regress-ID: 828ffc2c7afcf65d50ff2cf3dfc47a073ad39123
+
+commit 2f2ffa4fbe4b671bbffa0611f15ba44cff64d58e
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Dec 16 01:06:27 2016 +0000
+
+    upstream commit
+    
+    Move the "stop sshd" code into its own helper function.
+    Patch from Zev Weiss <zev at bewilderbeest.net>, ok djm@
+    
+    Upstream-Regress-ID: a113dea77df5bd97fb4633ea31f3d72dbe356329
+
+commit e15e7152331e3976b35475fd4e9c72897ad0f074
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Dec 16 01:01:07 2016 +0000
+
+    upstream commit
+    
+    regression test for certificates along with private key
+    with no public half. bz#2617, mostly from Adam Eijdenberg
+    
+    Upstream-Regress-ID: 2e74dc2c726f4dc839609b3ce045466b69f01115
+
+commit 9a70ec085faf6e55db311cd1a329f1a35ad2a500
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Dec 15 23:50:37 2016 +0000
+
+    upstream commit
+    
+    Use $SUDO to read pidfile in case root's umask is
+    restricted.  From portable.
+    
+    Upstream-Regress-ID: f6b1c7ffbc5a0dfb7d430adb2883344899174a98
+
+commit fe06b68f824f8f55670442fb31f2c03526dd326c
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Dec 15 21:29:05 2016 +0000
+
+    upstream commit
+    
+    Add missing braces in DenyUsers code.  Patch from zev at
+    bewilderbeest.net, ok deraadt@
+    
+    Upstream-ID: d747ace338dcf943b077925f90f85f789714b54e
+
+commit dcc7d74242a574fd5c4afbb4224795b1644321e7
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Dec 15 21:20:41 2016 +0000
+
+    upstream commit
+    
+    Fix text in error message.  Patch from zev at
+    bewilderbeest.net.
+    
+    Upstream-ID: deb0486e175e7282f98f9a15035d76c55c84f7f6
+
+commit b737e4d7433577403a31cff6614f6a1b0b5e22f4
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Dec 14 00:36:34 2016 +0000
+
+    upstream commit
+    
+    disable Unix-domain socket forwarding when privsep is
+    disabled
+    
+    Upstream-ID: ab61516ae0faadad407857808517efa900a0d6d0
+
+commit 08a1e7014d65c5b59416a0e138c1f73f417496eb
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Dec 9 03:04:29 2016 +0000
+
+    upstream commit
+    
+    log connections dropped in excess of MaxStartups at
+    verbose LogLevel; bz#2613 based on diff from Tomas Kuthan; ok dtucker@
+    
+    Upstream-ID: 703ae690dbf9b56620a6018f8a3b2389ce76d92b
+
+commit 10e290ec00964b2bf70faab15a10a5574bb80527
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Dec 13 13:51:32 2016 +1100
+
+    Get default of TEST_SSH_UTF8 from environment.
+
+commit b9b8ba3f9ed92c6220b58d70d1e6d8aa3eea1104
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Dec 13 12:56:40 2016 +1100
+
+    Remove commented-out includes.
+    
+    These commented-out includes have "Still needed?" comments.  Since
+    they've been commented out for ~13 years I assert that they're not.
+
+commit 25275f1c9d5f01a0877d39444e8f90521a598ea0
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Dec 13 12:54:23 2016 +1100
+
+    Add prototype for strcasestr in compat library.
+
+commit afec07732aa2985142f3e0b9a01eb6391f523dec
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Dec 13 10:23:03 2016 +1100
+
+    Add strcasestr to compat library.
+    
+    Fixes build on (at least) Solaris 10.
+
+commit dda78a03af32e7994f132d923c2046e98b7c56c8
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Dec 12 13:57:10 2016 +1100
+
+    Force Turkish locales back to C/POSIX; bz#2643
+    
+    Turkish locales are unique in their handling of the letters 'i' and
+    'I' (yes, they are different letters) and OpenSSH isn't remotely
+    prepared to deal with that. For now, the best we can do is to force
+    OpenSSH to use the C/POSIX locale and try to preserve the UTF-8
+    encoding if possible.
+    
+    ok dtucker@
+
+commit c35995048f41239fc8895aadc3374c5f75180554
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Dec 9 12:52:02 2016 +1100
+
+    exit is in stdlib.h not unistd.h (that's _exit).
+
+commit d399a8b914aace62418c0cfa20341aa37a192f98
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Dec 9 12:33:25 2016 +1100
+
+    Include <unistd.h> for exit in utf8 locale test.
+
+commit 47b8c99ab3221188ad3926108dd9d36da3b528ec
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Thu Dec 8 15:48:34 2016 +1100
+
+    Check for utf8 local support before testing it.
+    
+    Check for utf8 local support and if not found, do not attempt to run the
+    utf8 tests.  Suggested by djm@
+
+commit 4089fc1885b3a2822204effbb02b74e3da58240d
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Thu Dec 8 12:57:24 2016 +1100
+
+    Use AC_PATH_TOOL for krb5-config.
+    
+    This will use the host-prefixed version when cross compiling; patch from
+    david.michael at coreos.com.
+
+commit b4867e0712c89b93be905220c82f0a15e6865d1e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Dec 6 07:48:01 2016 +0000
+
+    upstream commit
+    
+    make IdentityFile successfully load and use certificates that
+    have no corresponding bare public key. E.g. just a private id_rsa and
+    certificate id_rsa-cert.pub (and no id_rsa.pub).
+    
+    bz#2617 ok dtucker@
+    
+    Upstream-ID: c1e9699b8c0e3b63cc4189e6972e3522b6292604
+
+commit c9792783a98881eb7ed295680013ca97a958f8ac
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Nov 25 14:04:21 2016 +1100
+
+    Add a gnome-ssh-askpass3 target for GTK+3 version
+    
+    Based on patch from Colin Watson via bz#2640
+
+commit 7be85ae02b9de0993ce0a1d1e978e11329f6e763
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Nov 25 14:03:53 2016 +1100
+
+    Make gnome-ssh-askpass2.c GTK+3-friendly
+    
+    Patch from Colin Watson via bz#2640
+
+commit b9844a45c7f0162fd1b5465683879793d4cc4aaa
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Dec 4 23:54:02 2016 +0000
+
+    upstream commit
+    
+    Fix public key authentication when multiple
+    authentication is in use. Instead of deleting and re-preparing the entire
+    keys list, just reset the 'used' flags; the keys list is already in a good
+    order (with already- tried keys at the back)
+    
+    Analysis and patch from Vincent Brillault on bz#2642; ok dtucker@
+    
+    Upstream-ID: 7123f12dc2f3bcaae715853035a97923d7300176
+
+commit f2398eb774075c687b13af5bc22009eb08889abe
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Dec 4 22:27:25 2016 +0000
+
+    upstream commit
+    
+    Unlink PidFile on SIGHUP and always recreate it when the
+    new sshd starts. Regression tests (and possibly other things) depend on the
+    pidfile being recreated after SIGHUP, and unlinking it means it won't contain
+    a stale pid if sshd fails to restart.  ok djm@ markus@
+    
+    Upstream-ID: 132dd6dda0c77dd49d2f15b2573b5794f6160870
+
+commit 85aa2efeba51a96bf6834f9accf2935d96150296
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Nov 30 03:01:33 2016 +0000
+
+    upstream commit
+    
+    test new behaviour of cert force-command restriction vs.
+    authorized_key/ principals
+    
+    Upstream-Regress-ID: 399efa7469d40c404c0b0a295064ce75d495387c
+
+commit 5d333131cd8519d022389cfd3236280818dae1bc
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Wed Nov 30 06:54:26 2016 +0000
+
+    upstream commit
+    
+    tweak previous; while here fix up FILES and AUTHORS;
+    
+    Upstream-ID: 93f6e54086145a75df8d8ec7d8689bdadbbac8fa
+
+commit 786d5994da79151180cb14a6cf157ebbba61c0cc
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Nov 30 03:07:37 2016 +0000
+
+    upstream commit
+    
+    add a whitelist of paths from which ssh-agent will load
+    (via ssh-pkcs11-helper) a PKCS#11 module; ok markus@
+    
+    Upstream-ID: fe79769469d9cd6d26fe0dc15751b83ef2a06e8f
+
+commit 7844f357cdd90530eec81340847783f1f1da010b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Nov 30 03:00:05 2016 +0000
+
+    upstream commit
+    
+    Add a sshd_config DisableForwaring option that disables
+    X11, agent, TCP, tunnel and Unix domain socket forwarding, as well as
+    anything else we might implement in the future.
+    
+    This, like the 'restrict' authorized_keys flag, is intended to be a
+    simple and future-proof way of restricting an account. Suggested as
+    a complement to 'restrict' by Jann Horn; ok markus@
+    
+    Upstream-ID: 203803f66e533a474086b38a59ceb4cf2410fcf7
+
+commit fd6dcef2030d23c43f986d26979f84619c10589d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Nov 30 02:57:40 2016 +0000
+
+    upstream commit
+    
+    When a forced-command appears in both a certificate and
+    an authorized keys/principals command= restriction, refuse to accept the
+    certificate unless they are identical.
+    
+    The previous (documented) behaviour of having the certificate forced-
+    command override the other could be a bit confused and more error-prone.
+    
+    Pointed out by Jann Horn of Project Zero; ok dtucker@
+    
+    Upstream-ID: 79d811b6eb6bbe1221bf146dde6928f92d2cd05f
+
+commit 7fc4766ac78abae81ee75b22b7550720bfa28a33
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Nov 30 00:28:31 2016 +0000
+
+    upstream commit
+    
+    On startup, check to see if sshd is already daemonized
+    and if so, skip the call to daemon() and do not rewrite the PidFile.  This
+    means that when sshd re-execs itself on SIGHUP the process ID will no longer
+    change.  Should address bz#2641.  ok djm@ markus@.
+    
+    Upstream-ID: 5ea0355580056fb3b25c1fd6364307d9638a37b9
+
+commit c9f880c195c65f1dddcbc4ce9d6bfea7747debcc
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Nov 30 13:51:49 2016 +1100
+
+    factor out common PRNG reseed before privdrop
+    
+    Add a call to RAND_poll() to ensure than more than pid+time gets
+    stirred into child processes states. Prompted by analysis from Jann
+    Horn at Project Zero. ok dtucker@
+
+commit 79e4829ec81dead1b30999e1626eca589319a47f
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Nov 25 03:02:01 2016 +0000
+
+    upstream commit
+    
+    Allow PuTTY interop tests to run unattended.  bz#2639,
+    patch from cjwatson at debian.org.
+    
+    Upstream-Regress-ID: 4345253558ac23b2082aebabccd48377433b6fe0
+
+commit 504c3a9a1bf090f6b27260fc3e8ea7d984d163dc
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Nov 25 02:56:49 2016 +0000
+
+    upstream commit
+    
+    Reverse args to sshd-log-wrapper.  Matches change in
+    portable, where it allows sshd do be optionally run under Valgrind.
+    
+    Upstream-Regress-ID: b438d1c6726dc5caa2a45153e6103a0393faa906
+
+commit bd13017736ec2f8f9ca498fe109fb0035f322733
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Nov 25 02:49:18 2016 +0000
+
+    upstream commit
+    
+    Fix typo in trace message; from portable.
+    
+    Upstream-Regress-ID: 4c4a2ba0d37faf5fd230a91b4c7edb5699fbd73a
+
+commit 7da751d8b007c7f3e814fd5737c2351440d78b4c
+Author: tb@openbsd.org <tb@openbsd.org>
+Date:   Tue Nov 1 13:43:27 2016 +0000
+
+    upstream commit
+    
+    Clean up MALLOC_OPTIONS.  For the unittests, move
+    MALLOC_OPTIONS and TEST_ENV to unittets/Makefile.inc.
+    
+    ok otto
+    
+    Upstream-Regress-ID: 890d497e0a38eeddfebb11cc429098d76cf29f12
+
+commit 36f58e68221bced35e06d1cca8d97c48807a8b71
+Author: tb@openbsd.org <tb@openbsd.org>
+Date:   Mon Oct 31 23:45:08 2016 +0000
+
+    upstream commit
+    
+    Remove the obsolete A and P flags from MALLOC_OPTIONS.
+    
+    ok dtucker
+    
+    Upstream-Regress-ID: 6cc25024c8174a87e5734a0dc830194be216dd59
+
+commit b0899ee26a6630883c0f2350098b6a35e647f512
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Nov 29 03:54:50 2016 +0000
+
+    upstream commit
+    
+    Factor out code to disconnect from controlling terminal
+    into its own function.  ok djm@
+    
+    Upstream-ID: 39fd9e8ebd7222615a837312face5cc7ae962885
+
+commit 54d022026aae4f53fa74cc636e4a032d9689b64d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 25 23:24:45 2016 +0000
+
+    upstream commit
+    
+    use sshbuf_allocate() to pre-allocate the buffer used for
+    loading keys. This avoids implicit realloc inside the buffer code, which
+    might theoretically leave fragments of the key on the heap. This doesn't
+    appear to happen in practice for normal sized keys, but was observed for
+    novelty oversize ones.
+    
+    Pointed out by Jann Horn of Project Zero; ok markus@
+    
+    Upstream-ID: d620e1d46a29fdea56aeadeda120879eddc60ab1
+
+commit a9c746088787549bb5b1ae3add7d06a1b6d93d5e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 25 23:22:04 2016 +0000
+
+    upstream commit
+    
+    split allocation out of sshbuf_reserve() into a separate
+    sshbuf_allocate() function; ok markus@
+    
+    Upstream-ID: 11b8a2795afeeb1418d508a2c8095b3355577ec2
+
+commit f0ddedee460486fa0e32fefb2950548009e5026e
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed Nov 23 23:14:15 2016 +0000
+
+    upstream commit
+    
+    allow ClientAlive{Interval,CountMax} in Match; ok dtucker,
+    djm
+    
+    Upstream-ID: 8beb4c1eadd588f1080b58932281983864979f55
+
+commit 1a6f9d2e2493d445cd9ee496e6e3c2a2f283f66a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Nov 8 22:04:34 2016 +0000
+
+    upstream commit
+    
+    unbreak DenyUsers; reported by henning@
+    
+    Upstream-ID: 1c67d4148f5e953c35acdb62e7c08ae8e33f7cb2
+
+commit 010359b32659f455fddd2bd85fd7cc4d7a3b994a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Nov 6 05:46:37 2016 +0000
+
+    upstream commit
+    
+    Validate address ranges for AllowUser/DenyUsers at
+    configuration load time and refuse to accept bad ones. It was previously
+    possible to specify invalid CIDR address ranges (e.g. djm@127.1.2.3/55) and
+    these would always match.
+    
+    Thanks to Laurence Parry for a detailed bug report. ok markus (for
+    a previous diff version)
+    
+    Upstream-ID: 9dfcdd9672b06e65233ea4434c38226680d40bfb
+
+commit efb494e81d1317209256b38b49f4280897c61e69
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Oct 28 03:33:52 2016 +0000
+
+    upstream commit
+    
+    Improve pkcs11_add_provider() logging: demote some
+    excessively verbose error()s to debug()s, include PKCS#11 provider name and
+    slot in log messages where possible. bz#2610, based on patch from Jakub Jelen
+    
+    Upstream-ID: 3223ef693cfcbff9079edfc7e89f55bf63e1973d
+
+commit 5ee3fb5affd7646f141749483205ade5fc54adaf
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Nov 1 08:12:33 2016 +1100
+
+    Use ptrace(PT_DENY_ATTACH, ..) on OS X.
+
+commit 315d2a4e674d0b7115574645cb51f968420ebb34
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Oct 28 14:34:07 2016 +1100
+
+    Unbreak AES-CTR ciphers on old (~0.9.8) OpenSSL
+    
+    ok dtucker@
+
+commit a9ff3950b8e80ff971b4d44bbce96df27aed28af
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Oct 28 14:26:58 2016 +1100
+
+    Move OPENSSL_NO_RIPEMD160 to compat.
+    
+    Move OPENSSL_NO_RIPEMD160 to compat and add ifdefs to mac.c around the
+    ripemd160 MACs.
+
+commit bce58885160e5db2adda3054c3b81fe770f7285a
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Oct 28 13:52:31 2016 +1100
+
+    Check if RIPEMD160 is disabled in OpenSSL.
+
+commit d924640d4c355d1b5eca1f4cc60146a9975dbbff
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Oct 28 13:38:19 2016 +1100
+
+    Skip ssh1 specfic ciphers.
+    
+    cipher-3des1.c and cipher-bf1.c are specific to sshv1 so don't even try
+    to compile them when Protocol 1 is not enabled.
+
+commit 79d078e7a49caef746516d9710ec369ba45feab6
+Author: jsg@openbsd.org <jsg@openbsd.org>
+Date:   Tue Oct 25 04:08:13 2016 +0000
+
+    upstream commit
+    
+    Fix logic in add_local_forward() that inverted a test
+    when code was refactored out into bind_permitted().  This broke ssh port
+    forwarding for non-priv ports as a non root user.
+    
+    ok dtucker@ 'looks good' deraadt@
+    
+    Upstream-ID: ddb8156ca03cc99997de284ce7777536ff9570c9
+
+commit a903e315dee483e555c8a3a02c2946937f9b4e5d
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Oct 24 01:09:17 2016 +0000
+
+    upstream commit
+    
+    Remove dead breaks, found via opencoverage.net.  ok
+    deraadt@
+    
+    Upstream-ID: ad9cc655829d67fad219762810770787ba913069
+
+commit b4e96b4c9bea4182846e4942ba2048e6d708ee54
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Oct 26 08:43:25 2016 +1100
+
+    Use !=NULL instead of >0 for getdefaultproj.
+    
+    getdefaultproj() returns a pointer so test it for NULL inequality
+    instead of >0.  Fixes compiler warning and is more correct.  Patch from
+    David Binderman.
+
+commit 1c4ef0b808d3d38232aeeb1cebb7e9a43def42c5
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Oct 23 22:04:05 2016 +0000
+
+    upstream commit
+    
+    Factor out "can bind to low ports" check into its own function.  This will
+    make it easier for Portable to support platforms with permissions models
+    other than uid==0 (eg bz#2625).  ok djm@, "doesn't offend me too much"
+    deraadt@.
+    
+    Upstream-ID: 86213df4183e92b8f189a6d2dac858c994bfface
+
+commit 0b9ee623d57e5de7e83e66fd61a7ba9a5be98894
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Oct 19 23:21:56 2016 +0000
+
+    upstream commit
+    
+    When tearing down ControlMaster connecctions, don't
+    pollute stderr when LogLevel=quiet.  Patch from Tim Kuijsten via tech@.
+    
+    Upstream-ID: d9b3a68b2a7c2f2fc7f74678e29a4618d55ceced
+
+commit 09e6a7d8354224933febc08ddcbc2010f542284e
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Oct 24 09:06:18 2016 +1100
+
+    Wrap stdint.h include in ifdef.
+
+commit 08d9e9516e587b25127545c029e5464b2e7f2919
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Oct 21 09:46:46 2016 +1100
+
+    Fix formatting.
+
+commit 461f50e7ab8751d3a55e9158c44c13031db7ba1d
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Oct 21 06:55:58 2016 +1100
+
+    Update links to https.
+    
+    www.openssh.com now supports https and ftp.openbsd.org no longer
+    supports ftp.  Make all links to these https.
+
+commit dd4e7212a6141f37742de97795e79db51e4427ad
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Oct 21 06:48:46 2016 +1100
+
+    Update host key generation examples.
+    
+    Remove ssh1 host key generation, add ssh-keygen -A
+
+commit 6d49ae82634c67e9a4d4af882bee20b40bb8c639
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Oct 21 05:22:55 2016 +1100
+
+    Update links.
+    
+    Make links to openssh.com HTTPS now that it's supported, point release
+    notes link to the HTML release notes page, and update a couple of other
+    links and bits of text.
+
+commit fe0d1ca6ace06376625084b004ee533f2c2ea9d6
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Thu Oct 20 03:42:09 2016 +1100
+
+    Remote channels .orig and .rej files.
+    
+    These files were incorrectly added during an OpenBSD sync.
+
+commit 246aa842a4ad368d8ce030495e657ef3a0e1f95c
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Oct 18 17:32:54 2016 +0000
+
+    upstream commit
+    
+    Remove channel_input_port_forward_request(); the only caller
+    was the recently-removed SSH1 server code so it's now dead code.  ok markus@
+    
+    Upstream-ID: 05453983230a1f439562535fec2818f63f297af9
+
+commit 2c6697c443d2c9c908260eed73eb9143223e3ec9
+Author: millert@openbsd.org <millert@openbsd.org>
+Date:   Tue Oct 18 12:41:22 2016 +0000
+
+    upstream commit
+    
+    Install a signal handler for tty-generated signals and
+    wait for the ssh child to suspend before suspending sftp.  This lets ssh
+    restore the terminal mode as needed when it is suspended at the password
+    prompt.  OK dtucker@
+    
+    Upstream-ID: a31c1f42aa3e2985dcc91e46e6a17bd22e372d69
+
+commit fd2a8f1033fa2316fff719fd5176968277560158
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Sat Oct 15 19:56:25 2016 +0000
+
+    upstream commit
+    
+    various formatting fixes, specifically removing Dq;
+    
+    Upstream-ID: 81e85df2b8e474f5f93d66e61d9a4419ce87347c
+
+commit 8f866d8a57b9a2dc5dd04504e27f593b551618e3
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Oct 19 03:26:09 2016 +1100
+
+    Import readpassphrase.c rev 1.26.
+    
+    Author: miller@openbsd.org:
+    Avoid generate SIGTTOU when restoring the terminal mode.  If we get
+    SIGTTOU it means the process is not in the foreground process group
+    which, in most cases, means that the shell has taken control of the tty.
+    Requiring the user the fg the process in this case doesn't make sense
+    and can result in both SIGTSTP and SIGTTOU being sent which can lead to
+    the process being suspended again immediately after being brought into
+    the foreground.
+
+commit f901440cc844062c9bab0183d133f7ccc58ac3a5
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Oct 19 03:23:16 2016 +1100
+
+    Import readpassphrase.c rev 1.25.
+    
+    Wrap <readpassphrase.h> so internal calls go direct and
+    readpassphrase is weak.
+    
+    (DEF_WEAK is a no-op in portable.)
+
+commit 032147b69527e5448a511049b2d43dbcae582624
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Sat Oct 15 05:51:12 2016 +1100
+
+    Move DEF_WEAK into defines.h.
+    
+    As well pull in more recent changes from OpenBSD these will start to
+    arrive so put it where the definition is shared.
+
+commit e0259a82ddd950cfb109ddee86fcebbc09c6bd04
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Sat Oct 15 04:34:46 2016 +1100
+
+    Remove do_pam_set_tty which is dead code.
+    
+    The callers of do_pam_set_tty were removed in 2008, so this is now dead
+    code.  bz#2604, pointed out by jjelen at redhat.com.
+
+commit ca04de83f210959ad2ed870a30ba1732c3ae00e3
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Oct 13 18:53:43 2016 +1100
+
+    unbreak principals-command test
+    
+    Undo inconsistetly updated variable name.
+
+commit 1723ec92eb485ce06b4cbf49712d21975d873909
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Oct 11 21:49:54 2016 +0000
+
+    upstream commit
+    
+    fix the KEX fuzzer - the previous method of obtaining the
+    packet contents was broken. This now uses the new per-packet input hook, so
+    it sees exact post-decrypt packets and doesn't have to pass packet integrity
+    checks. ok markus@
+    
+    Upstream-Regress-ID: 402fb6ffabd97de590e8e57b25788949dce8d2fd
+
+commit 09f997893f109799cddbfce6d7e67f787045cbb2
+Author: natano@openbsd.org <natano@openbsd.org>
+Date:   Thu Oct 6 09:31:38 2016 +0000
+
+    upstream commit
+    
+    Move USER out of the way to unbreak the BUILDUSER
+    mechanism. ok tb
+    
+    Upstream-Regress-ID: 74ab9687417dd071d62316eaadd20ddad1d5af3c
+
+commit 3049a012c482a7016f674db168f23fd524edce27
+Author: bluhm@openbsd.org <bluhm@openbsd.org>
+Date:   Fri Sep 30 11:55:20 2016 +0000
+
+    upstream commit
+    
+    In ssh tests set REGRESS_FAIL_EARLY with ?= so that the
+    environment can change it. OK djm@
+    
+    Upstream-Regress-ID: 77bcb50e47b68c7209c7f0a5a020d73761e5143b
+
+commit 39af7b444db28c1cb01b7ea468a4f574a44f375b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Oct 11 21:47:45 2016 +0000
+
+    upstream commit
+    
+    Add a per-packet input hook that is called with the
+    decrypted packet contents. This will be used for fuzzing; ok markus@
+    
+    Upstream-ID: a3221cee6b1725dd4ae1dd2c13841b4784cb75dc
+
+commit ec165c392ca54317dbe3064a8c200de6531e89ad
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Mon Oct 10 19:28:48 2016 +0000
+
+    upstream commit
+    
+    Unregister the KEXINIT handler after message has been
+    received. Otherwise an unauthenticated peer can repeat the KEXINIT and cause
+    allocation of up to 128MB -- until the connection is closed. Reported by
+    shilei-c at 360.cn
+    
+    Upstream-ID: 43649ae12a27ef94290db16d1a98294588b75c05
+
+commit 29d40319392e6e19deeca9d45468aa1119846e50
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Thu Oct 13 04:07:20 2016 +1100
+
+    Import rev 1.24 from OpenBSD.
+    
+    revision 1.24
+    date: 2013/11/24 23:51:29;  author: deraadt;  state: Exp;  lines: +4 -4;
+    most obvious unsigned char casts for ctype
+    ok jca krw ingo
+
+commit 12069e56221de207ed666c2449dedb431a2a7ca2
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Thu Oct 13 04:04:44 2016 +1100
+
+    Import rev 1.23 from OpenBSD.  Fixes bz#2619.
+    
+    revision 1.23
+    date: 2010/05/14 13:30:34;  author: millert;  state: Exp;  lines: +41 -39;
+    Defer installing signal handlers until echo is disabled so that we
+    get suspended normally when not the foreground process.  Fix potential
+    infinite loop when restoring terminal settings if process is in the
+    background when restore occurs.  OK miod@
+
+commit 7508d83eff89af069760b4cc587305588a64e415
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Thu Oct 13 03:53:51 2016 +1100
+
+    If we don't have TCSASOFT, define it to zero.
+    
+    This makes it a no-op when we use it below, which allows us to re-sync
+    those lines with the upstream and make future updates easier.
+
+commit aae4dbd4c058d3b1fe1eb5c4e6ddf35827271377
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Fri Oct 7 14:41:52 2016 +0000
+
+    upstream commit
+    
+    tidy up the formatting in this file. more specifically,
+    replace .Dq, which looks appalling, with .Cm, where appropriate;
+    
+    Upstream-ID: ff8e90aa0343d9bb56f40a535e148607973cc738
+
+commit a571dbcc7b7b25371174569b13df5159bc4c6c7a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Oct 4 21:34:40 2016 +0000
+
+    upstream commit
+    
+    add a comment about implicitly-expected checks to
+    sshkey_ec_validate_public()
+    
+    Upstream-ID: 74a7f71c28f7c13a50f89fc78e7863b9cd61713f
+
+commit 2f78a2a698f4222f8e05cad57ac6e0c3d1faff00
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Sep 30 20:24:46 2016 +0000
+
+    upstream commit
+    
+    fix some -Wpointer-sign warnings in the new mux proxy; ok
+    markus@
+    
+    Upstream-ID: b1ba7b3769fbc6b7f526792a215b0197f5e55dfd
+
+commit ca71c36645fc26fcd739a8cfdc702cec85607761
+Author: bluhm@openbsd.org <bluhm@openbsd.org>
+Date:   Wed Sep 28 20:09:52 2016 +0000
+
+    upstream commit
+    
+    Add a makefile rule to create the ssh library when
+    regress needs it.  This allows to run the ssh regression tests without doing
+    a "make build" before. Discussed with dtucker@ and djm@; OK djm@
+    
+    Upstream-Regress-ID: ce489bd53afcd471225a125b4b94565d4717c025
+
+commit ce44c970f913d2a047903dba8670554ac42fc479
+Author: bluhm@openbsd.org <bluhm@openbsd.org>
+Date:   Mon Sep 26 21:34:38 2016 +0000
+
+    upstream commit
+    
+    Allow to run ssh regression tests as root.  If the user
+    is already root, the test should not expect that SUDO is set.  If ssh needs
+    another user, use sudo or doas to switch from root if necessary. OK dtucker@
+    
+    Upstream-Regress-ID: b464e55185ac4303529e3e6927db41683aaeace2
+
+commit 8d0578478586e283e751ca51e7b0690631da139a
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Sep 30 09:19:13 2016 +0000
+
+    upstream commit
+    
+    ssh proxy mux mode (-O proxy; idea from Simon Tatham): - mux
+    client speaks the ssh-packet protocol directly over unix-domain socket. - mux
+    server acts as a proxy, translates channel IDs and relays to the server. - no
+    filedescriptor passing necessary. - combined with unix-domain forwarding it's
+    even possible to run mux client   and server on different machines. feedback
+    & ok djm@
+    
+    Upstream-ID: 666a2fb79f58e5c50e246265fb2b9251e505c25b
+
+commit b7689155f3f5c4999846c07a852b1c7a43b09cec
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 28 21:44:52 2016 +0000
+
+    upstream commit
+    
+    put back some pre-auth zlib bits that I shouldn't have
+    removed - they are still used by the client. Spotted by naddy@
+    
+    Upstream-ID: 80919468056031037d56a1f5b261c164a6f90dc2
+
+commit 4577adead6a7d600c8e764619d99477a08192c8f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 28 20:32:42 2016 +0000
+
+    upstream commit
+    
+    restore pre-auth compression support in the client -- the
+    previous commit was intended to remove it from the server only.
+    
+    remove a few server-side pre-auth compression bits that escaped
+    
+    adjust wording of Compression directive in sshd_config(5)
+    
+    pointed out by naddy@ ok markus@
+    
+    Upstream-ID: d23696ed72a228dacd4839dd9f2dec424ba2016b
+
+commit 80d1c963b4dc84ffd11d09617b39c4bffda08956
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Wed Sep 28 17:59:22 2016 +0000
+
+    upstream commit
+    
+    use a separate TOKENS section, as we've done for
+    sshd_config(5); help/ok djm
+    
+    Upstream-ID: 640e32b5e4838e4363738cdec955084b3579481d
+
+commit 1cfd5c06efb121e58e8b6671548fda77ef4b4455
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Sep 29 03:19:23 2016 +1000
+
+    Remove portability support for mmap
+    
+    We no longer need to wrap/replace mmap for portability now that
+    pre-auth compression has been removed from OpenSSH.
+
+commit 0082fba4efdd492f765ed4c53f0d0fbd3bdbdf7f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 28 16:33:06 2016 +0000
+
+    upstream commit
+    
+    Remove support for pre-authentication compression. Doing
+    compression early in the protocol probably seemed reasonable in the 1990s,
+    but today it's clearly a bad idea in terms of both cryptography (cf. multiple
+    compression oracle attacks in TLS) and attack surface.
+    
+    Moreover, to support it across privilege-separation zlib needed
+    the assistance of a complex shared-memory manager that made the
+    required attack surface considerably larger.
+    
+    Prompted by Guido Vranken pointing out a compiler-elided security
+    check in the shared memory manager found by Stack
+    (http://css.csail.mit.edu/stack/); ok deraadt@ markus@
+    
+    NB. pre-auth authentication has been disabled by default in sshd
+    for >10 years.
+    
+    Upstream-ID: 32af9771788d45a0779693b41d06ec199d849caf
+
+commit 27c3a9c2aede2184856b5de1e6eca414bb751c38
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Sep 26 21:16:11 2016 +0000
+
+    upstream commit
+    
+    Avoid a theoretical signed integer overflow should
+    BN_num_bytes() ever violate its manpage and return a negative value. Improve
+    order of tests to avoid confusing increasingly pedantic compilers.
+    
+    Reported by Guido Vranken from stack (css.csail.mit.edu/stack)
+    unstable optimisation analyser output.  ok deraadt@
+    
+    Upstream-ID: f8508c830c86d8f36c113985e52bf8eedae23505
+
+commit 8663e51c80c6aa3d750c6d3bcff6ee05091922be
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Sep 28 07:40:33 2016 +1000
+
+    fix mdoc2man.awk formatting for top-level lists
+    
+    Reported by Glenn Golden
+    Diagnosis and fix from Ingo Schwarze
+
+commit b97739dc21570209ed9d4e7beee0c669ed23b097
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Sep 22 21:15:41 2016 +0000
+
+    upstream commit
+    
+    missing bit from previous commit
+    
+    Upstream-ID: 438d5ed6338b28b46e822eb13eee448aca31df37
+
+commit de6a175a99d22444e10d19ad3fffef39bc3ee3bb
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Thu Sep 22 19:19:01 2016 +0000
+
+    upstream commit
+    
+    organise the token stuff into a separate section; ok
+    markus for an earlier version of the diff ok/tweaks djm
+    
+    Upstream-ID: 81a6daa506a4a5af985fce7cf9e59699156527c8
+
+commit 16277fc45ffc95e4ffc3d45971ff8320b974de2b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Sep 22 17:55:13 2016 +0000
+
+    upstream commit
+    
+    mention curve25519-sha256 KEX
+    
+    Upstream-ID: 33ae1f433ce4795ffa6203761fbdf86e0d7ffbaf
+
+commit 0493766d5676c7ca358824ea8d3c90f6047953df
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Sep 22 17:52:53 2016 +0000
+
+    upstream commit
+    
+    support plain curve25519-sha256 KEX algorithm now that it
+    is approaching standardisation (same algorithm is currently supported as
+    curve25519-sha256@libssh.org)
+    
+    Upstream-ID: 5e2b6db2e72667048cf426da43c0ee3fc777baa2
+
+commit f31c654b30a6f02ce0b8ea8ab81791b675489628
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Sep 22 02:29:57 2016 +0000
+
+    upstream commit
+    
+    If ssh receives a PACKET_DISCONNECT during userauth it
+    will cause ssh_dispatch_run(DISPATCH_BLOCK, ...) to return without the
+    session being authenticated.  Check for this and exit if necessary.  ok djm@
+    
+    Upstream-ID: b3afe126c0839d2eae6cddd41ff2ba317eda0903
+
+commit 1622649b7a829fc8dc313042a43a974f0f3e8a99
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 21 19:53:12 2016 +0000
+
+    upstream commit
+    
+    correctly return errors from kex_send_ext_info(). Fix from
+    Sami Farin via https://github.com/openssh/openssh-portable/pull/50
+    
+    Upstream-ID: c85999af28aaecbf92cfa2283381df81e839b42c
+
+commit f83a0cfe16c7a73627b46a9a94e40087d60f32fb
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 21 17:44:20 2016 +0000
+
+    upstream commit
+    
+    cast uint64_t for printf
+    
+    Upstream-ID: 76d23e89419ccbd2320f92792a6d878211666ac1
+
+commit 5f63ab474f58834feca4f35c498be03b7dd38a16
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 21 17:03:54 2016 +0000
+
+    upstream commit
+    
+    disable tests for affirmative negated match after backout of
+    match change
+    
+    Upstream-Regress-ID: acebb8e5042f03d66d86a50405c46c4de0badcfd
+
+commit a5ad3a9db5a48f350f257a67b62fafd719ecb7e0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 21 16:55:42 2016 +0000
+
+    upstream commit
+    
+    Revert two recent changes to negated address matching. The
+    new behaviour offers unintuitive surprises. We'll find a better way to deal
+    with single negated matches.
+    
+    match.c 1.31:
+    > fix matching for pattern lists that contain a single negated match,
+    > e.g. "Host !example"
+    >
+    > report and patch from Robin Becker. bz#1918 ok dtucker@
+    
+    addrmatch.c 1.11:
+    > fix negated address matching where the address list consists of a
+    > single negated match, e.g. "Match addr !192.20.0.1"
+    >
+    > Report and patch from Jakub Jelen. bz#2397 ok dtucker@
+    
+    Upstream-ID: ec96c770f0f5b9a54e5e72fda25387545e9c80c6
+
+commit 119b7a2ca0ef2bf3f81897ae10301b8ca8cba844
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 21 01:35:12 2016 +0000
+
+    upstream commit
+    
+    test all the AuthorizedPrincipalsCommand % expansions
+    
+    Upstream-Regress-ID: 0a79a84dfaa59f958e46b474c3db780b454d30e3
+
+commit bfa9d969ab6235d4938ce069d4db7e5825c56a19
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 21 01:34:45 2016 +0000
+
+    upstream commit
+    
+    add a way for principals command to get see key ID and serial
+    too
+    
+    Upstream-ID: 0d30978bdcf7e8eaeee4eea1b030eb2eb1823fcb
+
+commit 920585b826af1c639e4ed78b2eba01fd2337b127
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Sep 16 06:09:31 2016 +0000
+
+    upstream commit
+    
+    add a note on kexfuzz' limitations
+    
+    Upstream-Regress-ID: 03804d4a0dbc5163e1a285a4c8cc0a76a4e864ec
+
+commit 0445ff184080b196e12321998b4ce80b0f33f8d1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Sep 16 01:01:41 2016 +0000
+
+    upstream commit
+    
+    fix for newer modp DH groups
+    (diffie-hellman-group14-sha256 etc)
+    
+    Upstream-Regress-ID: fe942c669959462b507516ae1634fde0725f1c68
+
+commit 28652bca29046f62c7045e933e6b931de1d16737
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Mon Sep 19 19:02:19 2016 +0000
+
+    upstream commit
+    
+    move inbound NEWKEYS handling to kex layer; otherwise
+    early NEWKEYS causes NULL deref; found by Robert Swiecki/honggfuzz; fixed
+    with & ok djm@
+    
+    Upstream-ID: 9a68b882892e9f51dc7bfa9f5a423858af358b2f
+
+commit 492710894acfcc2f173d14d1d45bd2e688df605d
+Author: natano@openbsd.org <natano@openbsd.org>
+Date:   Mon Sep 19 07:52:42 2016 +0000
+
+    upstream commit
+    
+    Replace two more arc4random() loops with
+    arc4random_buf().
+    
+    tweaks and ok dtucker
+    ok deraadt
+    
+    Upstream-ID: 738d3229130ccc7eac975c190276ca6fcf0208e4
+
+commit 1036356324fecc13099ac6e986b549f6219327d7
+Author: tedu@openbsd.org <tedu@openbsd.org>
+Date:   Sat Sep 17 18:00:27 2016 +0000
+
+    upstream commit
+    
+    replace two arc4random loops with arc4random_buf ok
+    deraadt natano
+    
+    Upstream-ID: e18ede972d1737df54b49f011fa4f3917a403f48
+
+commit 00df97ff68a49a756d4b977cd02283690f5dfa34
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 14 20:11:26 2016 +0000
+
+    upstream commit
+    
+    take fingerprint of correct key for
+    AuthorizedPrincipalsCommand
+    
+    Upstream-ID: 553581a549cd6a3e73ce9f57559a325cc2cb1f38
+
+commit e7907c1cb938b96dd33d27c2fea72c4e08c6b2f6
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Sep 14 05:42:25 2016 +0000
+
+    upstream commit
+    
+    add %-escapes to AuthorizedPrincipalsCommand to match those
+    supported for AuthorizedKeysCommand (key, key type, fingerprint, etc) and a
+    few more to provide access to the certificate's CA key; 'looks ok' dtucker@
+    
+    Upstream-ID: 6b00fd446dbebe67f4e4e146d2e492d650ae04eb
+
+commit 2b939c272a81c4d0c47badeedbcb2ba7c128ccda
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Sep 14 00:45:31 2016 +0000
+
+    upstream commit
+    
+    Improve test coverage of ssh-keygen -T a bit.
+    
+    Upstream-Regress-ID: 8851668c721bcc2b400600cfc5a87644cc024e72
+
+commit 44d82fc83be6c5ccd70881c2dac1a73e5050398b
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Sep 12 02:25:46 2016 +0000
+
+    upstream commit
+    
+    Add testcase for ssh-keygen -j, -J and -K options for
+    moduli screening. Does not currently test generation as that is extremely
+    slow.
+    
+    Upstream-Regress-ID: 9de6ce801377ed3ce0a63a1413f1cd5fd3c2d062
+
+commit 44e5f756d286bc3a1a5272ea484ee276ba3ac5c2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Aug 23 08:17:04 2016 +0000
+
+    upstream commit
+    
+    add tests for addr_match_list()
+    
+    Upstream-Regress-ID: fae2d1fef84687ece584738a924c7bf969616c8e
+
+commit 445e218878035b59c704c18406e8aeaff4c8aa25
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Sep 12 23:39:34 2016 +0000
+
+    upstream commit
+    
+    handle certs in rsa_hash_alg_from_ident(), saving an
+    unnecessary special case elsewhere.
+    
+    Upstream-ID: 901cb081c59d6d2698b57901c427f3f6dc7397d4
+
+commit 130f5df4fa37cace8c079dccb690e5cafbf00751
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Sep 12 23:31:27 2016 +0000
+
+    upstream commit
+    
+    list all supported signature algorithms in the
+    server-sig-algs Reported by mb AT smartftp.com in bz#2547 and (independantly)
+    Ron Frederick; ok markus@
+    
+    Upstream-ID: ddf702d721f54646b11ef2cee6d916666cb685cd
+
+commit 8f750ccfc07acb8aa98be5a5dd935033a6468cfd
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Sep 12 14:43:58 2016 +1000
+
+    Remove no-op brackets to resync with upstream.
+
+commit 7050896e7395866278c19c2ff080c26152619d1d
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Sep 12 13:57:28 2016 +1000
+
+    Resync ssh-keygen -W error message with upstream.
+
+commit 43cceff82cc20413cce58ba3375e19684e62cec4
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Sep 12 13:55:37 2016 +1000
+
+    Move ssh-keygen -W handling code to match upstream
+
+commit af48d541360b1d7737b35740a4b1ca34e1652cd9
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Sep 12 13:52:17 2016 +1000
+
+    Move ssh-keygen -T handling code to match upstream.
+
+commit d8c3cfbb018825c6c86547165ddaf11924901c49
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Sep 12 13:30:50 2016 +1000
+
+    Move -M handling code to match upstream.
+
+commit 7b63cf6dbbfa841c003de57d1061acbf2ff22364
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Sep 12 03:29:16 2016 +0000
+
+    upstream commit
+    
+    Spaces->tabs.
+    
+    Upstream-ID: f4829dfc3f36318273f6082b379ac562eead70b7
+
+commit 11e5e644536821ceb3bb4dd8487fbf0588522887
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Sep 12 03:25:20 2016 +0000
+
+    upstream commit
+    
+    Style whitespace fix.  Also happens to remove a no-op
+    diff with portable.
+    
+    Upstream-ID: 45d90f9a62ad56340913a433a9453eb30ceb8bf3
+
+commit 9136ec134c97a8aff2917760c03134f52945ff3c
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Mon Sep 12 01:22:38 2016 +0000
+
+    upstream commit
+    
+    Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then
+    use those definitions rather than pulling <sys/param.h> and unknown namespace
+    pollution. ok djm markus dtucker
+    
+    Upstream-ID: 712cafa816c9f012a61628b66b9fbd5687223fb8
+
+commit f219fc8f03caca7ac82a38ed74bbd6432a1195e7
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Wed Sep 7 18:39:24 2016 +0000
+
+    upstream commit
+    
+    sort; from matthew martin
+    
+    Upstream-ID: 73cec7f7ecc82d37a4adffad7745e4684de67ce7
+
+commit 06ce56b05def9460aecc7cdb40e861a346214793
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Tue Sep 6 09:22:56 2016 +0000
+
+    upstream commit
+    
+    ssh_set_newkeys: print correct block counters on
+    rekeying; ok djm@
+    
+    Upstream-ID: 32bb7a9cb9919ff5bab28d50ecef3a2b2045dd1e
+
+commit e5e8d9114ac6837a038f4952994ca95a97fafe8d
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Tue Sep 6 09:14:05 2016 +0000
+
+    upstream commit
+    
+    update ext_info_c every time we receive a kexinit msg;
+    fixes sending of ext_info if privsep is disabled; report Aris Adamantiadis &
+    Mancha; ok djm@
+    
+    Upstream-ID: 2ceaa1076e19dbd3542254b4fb8e42d608f28856
+
+commit da95318dbedbaa1335323dba370975c2f251afd8
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Sep 5 14:02:42 2016 +0000
+
+    upstream commit
+    
+    remove 3des-cbc from the client's default proposal;
+    64-bit block ciphers are not safe in 2016 and we don't want to wait until
+    attacks like sweet32 are extended to SSH.
+    
+    As 3des-cbc was the only mandatory cipher in the SSH RFCs, this may
+    cause problems connecting to older devices using the defaults, but
+    it's highly likely that such devices already need explicit
+    configuration for KEX and hostkeys anyway.
+    
+    ok deraadt, markus, dtucker
+    
+    Upstream-ID: a505dfe65c6733af0f751b64cbc4bb7e0761bc2f
+
+commit b33ad6d997d36edfea65e243cd12ccd01f413549
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Sep 5 13:57:31 2016 +0000
+
+    upstream commit
+    
+    enforce expected request flow for GSSAPI calls; thanks to
+    Jakub Jelen for testing; ok markus@
+    
+    Upstream-ID: d4bc0e70e1be403735d3d9d7e176309b1fd626b9
+
+commit 0bb2980260fb24e5e0b51adac471395781b66261
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Sep 12 11:07:00 2016 +1000
+
+    Restore ssh-keygen's -J and -j option handling.
+    
+    These were incorrectly removed in the 1d9a2e28 sync commit.
+
+commit 775f8a23f2353f5869003c57a213d14b28e0736e
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Aug 31 10:48:07 2016 +1000
+
+    tighten PAM monitor calls
+    
+    only allow kbd-interactive ones when that authentication method is
+    enabled. Prompted by Solar Designer
+
+commit 7fd0ea8a1db4bcfb3d8cd9df149e5d571ebea1f4
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Aug 30 07:50:21 2016 +0000
+
+    upstream commit
+    
+    restrict monitor auth calls to be allowed only when their
+    respective authentication methods are enabled in the configuration.
+    
+    prompted by Solar Designer; ok markus dtucker
+    
+    Upstream-ID: 6eb3f89332b3546d41d6dbf5a8e6ff920142b553
+
+commit b38b95f5bcc52278feb839afda2987933f68ff96
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Aug 29 11:47:07 2016 +1000
+
+    Tighten monitor state-machine flow for PAM calls
+    
+    (attack surface reduction)
+
+commit dc664d1bd0fc91b24406a3e9575b81c285b8342b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Aug 28 22:28:12 2016 +0000
+
+    upstream commit
+    
+    fix uninitialised optlen in getsockopt() call; harmless
+    on Unix/BSD but potentially crashy on Cygwin. Reported by James Slepicka ok
+    deraadt@
+    
+    Upstream-ID: 1987ccee508ba5b18f016c85100d7ac3f70ff965
+
+commit 5bcc1e2769f7d6927d41daf0719a9446ceab8dd7
+Author: guenther@openbsd.org <guenther@openbsd.org>
+Date:   Sat Aug 27 04:05:12 2016 +0000
+
+    upstream commit
+    
+    Pull in <sys/time.h> for struct timeval
+    
+    ok deraadt@
+    
+    Upstream-ID: ae34525485a173bccd61ac8eefeb91c57e3b7df6
+
+commit fa4a4c96b19127dc2fd4e92f20d99c0c7f34b538
+Author: guenther@openbsd.org <guenther@openbsd.org>
+Date:   Sat Aug 27 04:04:56 2016 +0000
+
+    upstream commit
+    
+    Pull in <stdlib.h> for NULL
+    
+    ok deraadt@
+    
+    Upstream-ID: 7baa6a0f1e049bb3682522b4b95a26c866bfc043
+
+commit ae363d74ccc1451185c0c8bd4631e28c67c7fd36
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Aug 25 23:57:54 2016 +0000
+
+    upstream commit
+    
+    add a sIgnore opcode that silently ignores options and
+    use it to suppress noisy deprecation warnings for the Protocol directive.
+    
+    req henning, ok markus
+    
+    Upstream-ID: 9fe040aca3d6ff393f6f7e60045cdd821dc4cbe0
+
+commit a94c60306643ae904add6e8ed219e4be3494255c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Aug 25 23:56:51 2016 +0000
+
+    upstream commit
+    
+    remove superfluous NOTREACHED comment
+    
+    Upstream-ID: a7485c1f1be618e8c9e38fd9be46c13b2d03b90c
+
+commit fc041c47144ce28cf71353124a8a5d183cd6a251
+Author: otto@openbsd.org <otto@openbsd.org>
+Date:   Tue Aug 23 16:21:45 2016 +0000
+
+    upstream commit
+    
+    fix previous, a condition was modified incorrectly; ok
+    markus@ deraadt@
+    
+    Upstream-ID: c443e339768e7ed396dff3bb55f693e7d3641453
+
+commit 23555eb13a9b0550371a16dcf8beaab7a5806a64
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Aug 23 08:17:42 2016 +0000
+
+    upstream commit
+    
+    downgrade an error() to a debug2() to match similar cases
+    in addr_match_list()
+    
+    Upstream-ID: 07c3d53e357214153d9d08f234411e0d1a3d6f5c
+
+commit a39627134f6d90e7009eeb14e9582ecbc7a99192
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Aug 23 06:36:23 2016 +0000
+
+    upstream commit
+    
+    remove Protocol directive from client/server configs that
+    causes spammy deprecation warnings
+    
+    hardcode SSH_PROTOCOLS=2, since that's all we support on the server
+    now (the client still may support both, so it could get confused)
+    
+    Upstream-Regress-ID: c16662c631af51633f9fd06aca552a70535de181
+
+commit 6ee4f1c01ee31e65245881d49d4bccf014956066
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Aug 23 16:33:48 2016 +1000
+
+    hook match and utf8 unittests up to Makefile
+
+commit 114efe2bc0dd2842d997940a833f115e6fc04854
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Aug 19 06:44:13 2016 +0000
+
+    upstream commit
+    
+    add tests for matching functions
+    
+    Upstream-Regress-ID: 0869d4f5c5d627c583c6a929d69c17d5dd65882c
+
+commit 857568d2ac81c14bcfd625b27536c1e28c992b3c
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Aug 23 14:32:37 2016 +1000
+
+    removing UseLogin bits from configure.ac
+
+commit cc182d01cef8ca35a1d25ea9bf4e2ff72e588208
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Aug 23 03:24:10 2016 +0000
+
+    upstream commit
+    
+    fix negated address matching where the address list
+    consists of a single negated match, e.g. "Match addr !192.20.0.1"
+    
+    Report and patch from Jakub Jelen. bz#2397 ok dtucker@
+    
+    Upstream-ID: 01dcac3f3e6ca47518cf293e31c73597a4bb40d8
+
+commit 4067ec8a4c64ccf16250c35ff577b4422767da64
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Aug 23 03:22:49 2016 +0000
+
+    upstream commit
+    
+    fix matching for pattern lists that contain a single
+    negated match, e.g. "Host !example"
+    
+    report and patch from Robin Becker. bz#1918 ok dtucker@
+    
+    Upstream-ID: 05a0cb323ea4bc20e98db099b42c067bfb9ea1ea
+
+commit 83b581862a1dbb06fc859959f829dde2654aef3c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Aug 19 03:18:06 2016 +0000
+
+    upstream commit
+    
+    remove UseLogin option and support for having /bin/login
+    manage login sessions; ok deraadt markus dtucker
+    
+    Upstream-ID: bea7213fbf158efab7e602d9d844fba4837d2712
+
+commit ffe6549c2f7a999cc5264b873a60322e91862581
+Author: naddy@openbsd.org <naddy@openbsd.org>
+Date:   Mon Aug 15 12:32:04 2016 +0000
+
+    upstream commit
+    
+    Catch up with the SSH1 code removal and delete all
+    mention of protocol 1 particularities, key files and formats, command line
+    options, and configuration keywords from the server documentation and
+    examples.  ok jmc@
+    
+    Upstream-ID: 850328854675b4b6a0d4a90f0b4a9dd9ca4e905f
+
+commit c38ea634893a1975dbbec798fb968c9488013f4a
+Author: naddy@openbsd.org <naddy@openbsd.org>
+Date:   Mon Aug 15 12:27:56 2016 +0000
+
+    upstream commit
+    
+    Remove more SSH1 server code: * Drop sshd's -k option. *
+    Retire configuration keywords that only apply to protocol 1, as well as   the
+    "protocol" keyword. * Remove some related vestiges of protocol 1 support.
+    
+    ok markus@
+    
+    Upstream-ID: 9402f82886de917779db12f8ee3f03d4decc244d
+
+commit 33ba55d9e358c07f069e579bfab80eccaaad52cb
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Aug 17 16:26:04 2016 +1000
+
+    Only check for prctl once.
+
+commit 976ba8a8fd66a969bf658280c1e5adf694cc2fc6
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Aug 17 15:33:10 2016 +1000
+
+    Fix typo.
+
+commit 9abf84c25ff4448891edcde60533a6e7b2870de1
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Aug 17 14:25:43 2016 +1000
+
+    Correct LDFLAGS for clang example.
+    
+    --with-ldflags isn't used until after the -ftrapv test, so mention
+    LDFLAGS instead for now.
+
+commit 1e8013a17ff11e3c6bd0012fb1fc8d5f1330eb21
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Aug 17 14:08:42 2016 +1000
+
+    Remove obsolete CVS $Id from source files.
+    
+    Since -portable switched to git the CVS $Id tags are no longer being
+    updated and are becoming increasingly misleading.  Remove them.
+
+commit adab758242121181700e48b4f6c60d6b660411fe
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Aug 17 13:40:58 2016 +1000
+
+    Remove now-obsolete CVS $Id tags from text files.
+    
+    Since -portable switched to git, the CVS $Id tags are no longer being
+    updated and are becoming increasingly misleading.  Remove them.
+
+commit 560c0068541315002ec4c1c00a560bbd30f2d671
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Aug 17 13:38:30 2016 +1000
+
+    Add a section for compiler specifics.
+    
+    Add a section for compiler specifics and document the runtime requirements
+    for clang's integer sanitization.
+
+commit a8fc0f42e1eda2fa3393d1ea5e61322d5e07a9cd
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Aug 17 13:35:43 2016 +1000
+
+    Test multiplying two long long ints.
+    
+    When using clang with -ftrapv or -sanitize=integer the tests would pass
+    but linking would fail with "undefined reference to __mulodi4".
+    Explicitly test for this before enabling -trapv.
+
+commit a1cc637e7e11778eb727559634a6ef1c19c619f6
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Aug 16 14:47:34 2016 +1000
+
+    add a --with-login-program configure argument
+    
+    Saves messing around with LOGIN_PROGRAM env var, which come
+    packaging environments make hard to do during configure phase.
+
+commit 8bd81e1596ab1bab355146cb65e82fb96ade3b23
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Aug 16 13:30:56 2016 +1000
+
+    add --with-pam-service to specify PAM service name
+    
+    Saves messing around with CFLAGS to do it.
+
+commit 74433a19bb6f4cef607680fa4d1d7d81ca3826aa
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Aug 16 13:28:23 2016 +1000
+
+    fix false positives when compiled with msan
+    
+    Our explicit_bzero successfully confused clang -fsanitize-memory
+    in to thinking that memset is never called to initialise memory.
+    Ensure that it is called in a way that the compiler recognises.
+
+commit 6cb6dcffe1a2204ba9006de20f73255c268fcb6b
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Sat Aug 13 17:47:40 2016 +0000
+
+    upstream commit
+    
+    remove ssh1 server code; ok djm@
+    
+    Upstream-ID: c24c0c32c49b91740d5a94ae914fb1898ea5f534
+
+commit 42d47adc5ad1187f22c726cbc52e71d6b1767ca2
+Author: jca@openbsd.org <jca@openbsd.org>
+Date:   Fri Aug 12 19:19:04 2016 +0000
+
+    upstream commit
+    
+    Use 2001:db8::/32, the official IPv6 subnet for
+    configuration examples.
+    
+    This makes the IPv6 example consistent with IPv4, and removes a dubious
+    mention of a 6bone subnet.
+    
+    ok sthen@ millert@
+    
+    Upstream-ID: b027f3d0e0073419a132fd1bf002e8089b233634
+
+commit b61f53c0c3b43c28e013d3b3696d64d1c0204821
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Aug 11 01:42:11 2016 +0000
+
+    upstream commit
+    
+    Update moduli file.
+    
+    Upstream-ID: 6da9a37f74aef9f9cc639004345ad893cad582d8
+
+commit f217d9bd42d306f69f56335231036b44502d8191
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Thu Aug 11 11:42:48 2016 +1000
+
+    Import updated moduli.
+
+commit 67dca60fbb4923b7a11c1645b90a5ca57c03d8be
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Aug 8 22:40:57 2016 +0000
+
+    upstream commit
+    
+    Improve error message for overlong ControlPath.  ok markus@
+    djm@
+    
+    Upstream-ID: aed374e2e88dd3eb41390003e5303d0089861eb5
+
+commit 4706c1d8c15cd5565b59512853c2da9bd4ca26c9
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Aug 3 05:41:57 2016 +0000
+
+    upstream commit
+    
+    small refactor of cipher.c: make ciphercontext opaque to
+    callers feedback and ok markus@
+    
+    Upstream-ID: 094849f8be68c3bdad2c0f3dee551ecf7be87f6f
+
+commit e600348a7afd6325cc5cd783cb424065cbc20434
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Aug 3 04:23:55 2016 +0000
+
+    upstream commit
+    
+    Fix bug introduced in rev 1.467 which causes
+    "buffer_get_bignum_ret: incomplete message" errors when built with WITH_SSH1
+    and run such that no Protocol 1 ephemeral host key is generated (eg "Protocol
+    2", no SSH1 host key supplied).  Reported by rainer.laatsch at t-online.de,
+    ok deraadt@
+    
+    Upstream-ID: aa6b132da5c325523aed7989cc5a320497c919dc
+
+commit d7e7348e72f9b203189e3fffb75605afecba4fda
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jul 27 23:18:12 2016 +0000
+
+    upstream commit
+    
+    better bounds check on iovcnt (we only ever use fixed,
+    positive values)
+    
+    Upstream-ID: 9baa6eb5cd6e30c9dc7398e5fe853721a3a5bdee
+
+commit 5faa52d295f764562ed6dd75c4a4ce9134ae71e3
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Aug 2 15:22:40 2016 +1000
+
+    Use tabs consistently inside "case $host".
+
+commit 20e5e8ba9c5d868d897896190542213a60fffbd2
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Aug 2 12:16:34 2016 +1000
+
+    Explicitly test for broken strnvis.
+    
+    NetBSD added an strnvis and unfortunately made it incompatible with the
+    existing one in OpenBSD and Linux's libbsd (the former having existed
+    for over ten years). Despite this incompatibility being reported during
+    development (see http://gnats.netbsd.org/44977) they still shipped it.
+    Even more unfortunately FreeBSD and later MacOS picked up this incompatible
+    implementation.  Try to detect this mess, and assume the only safe option
+    if we're cross compiling.
+    
+    OpenBSD 2.9 (2001): strnvis(char *dst, const char *src, size_t dlen, int flag);
+    NetBSD 6.0 (2012):  strnvis(char *dst, size_t dlen, const char *src, int flag);
+    
+    ok djm@
+
+commit b0b48beab1b74100b61ecbadb9140c9ab4c2ea8c
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Aug 2 11:06:23 2016 +1000
+
+    update recommended autoconf version
+
+commit 23902e31dfd18c6d7bb41ccd73de3b5358a377da
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Aug 2 10:48:04 2016 +1000
+
+    update config.guess and config.sub to current
+    
+    upstream commit 562f3512b3911ba0c77a7f68214881d1f241f46e
+
+commit dd1031b78b83083615b68d7163c44f4408635be2
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Aug 2 10:01:52 2016 +1000
+
+    Replace spaces with tabs.
+    
+    Mechanically replace spaces with tabs in compat files not synced with
+    OpenBSD.
+
+commit c20dccb5614c5714f4155dda01bcdebf97cfae7e
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Aug 2 09:44:25 2016 +1000
+
+    Strip trailing whitespace.
+    
+    Mechanically strip trailing whitespace on files not synced with OpenBSD
+    (or in the case of bsd-snprint.c, rsync).
+
+commit 30f9bd1c0963c23bfba8468dfd26aa17609ba42f
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Aug 2 09:06:27 2016 +1000
+
+    Repair $OpenBSD markers.
+
+commit 9715d4ad4b53877ec23dc8681dd7a405de9419a6
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Aug 2 09:02:42 2016 +1000
+
+    Repair $OpenBSD marker.
+
+commit cf3e0be7f5828a5e5f6c296a607d20be2f07d60c
+Author: Tim Rice <tim@multitalents.net>
+Date:   Mon Aug 1 14:31:52 2016 -0700
+
+    modified:   configure.ac opensshd.init.in
+    Skip generating missing RSA1 key on startup unless ssh1 support is enabled.
+    Spotted by Jean-Pierre Radley
+
+commit 99522ba7ec6963a05c04a156bf20e3ba3605987c
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Jul 28 08:54:27 2016 +1000
+
+    define _OPENBSD_SOURCE for reallocarray on NetBSD
+    
+    Report by and debugged with Hisashi T Fujinaka, dtucker nailed
+    the problem (lack of prototype causing return type confusion).
+
+commit 3e1e076550c27c6bbdddf36d8f42bd79fbaaa187
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Jul 27 08:25:42 2016 +1000
+
+    KNF
+
+commit d99ee9c4e5e217e7d05eeec84e9ce641f4675331
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Jul 27 08:25:23 2016 +1000
+
+    Linux auditing also needs packet.h
+
+commit 393bd381a45884b589baa9aed4394f1d250255ca
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Jul 27 08:18:05 2016 +1000
+
+    fix auditing on Linux
+    
+    get_remote_ipaddr() was replaced with ssh_remote_ipaddr()
+
+commit 80e766fb089de4f3c92b1600eb99e9495e37c992
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sun Jul 24 21:50:13 2016 +1000
+
+    crank version numbers
+
+commit b1a478792d458f2e938a302e64bab2b520edc1b3
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jul 24 11:45:36 2016 +0000
+
+    upstream commit
+    
+    openssh-7.3
+    
+    Upstream-ID: af106a7eb665f642648cf1993e162c899f358718
+
+commit 353766e0881f069aeca30275ab706cd60a1a8fdd
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Sat Jul 23 16:14:42 2016 +1000
+
+    Move Cygwin IPPORT_RESERVED overrride to defines.h
+    
+    Patch from vinschen at redhat.com.
+
+commit 368dd977ae07afb93f4ecea23615128c95ab2b32
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jul 23 02:54:08 2016 +0000
+
+    upstream commit
+    
+    fix pledge violation with ssh -f; reported by Valentin
+    Kozamernik ok dtucker@
+    
+    Upstream-ID: a61db7988db88d9dac3c4dd70e18876a8edf84aa
+
+commit f00211e3c6d24d6ea2b64b4b1209f671f6c1d42e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 22 07:00:46 2016 +0000
+
+    upstream commit
+    
+    improve wording; suggested by jmc@
+    
+    Upstream-ID: 55cb0a24c8e0618b3ceec80998dc82c85db2d2f8
+
+commit 83cbca693c3b0719270e6a0f2efe3f9ee93a65b8
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jul 22 05:46:11 2016 +0000
+
+    upstream commit
+    
+    Lower loglevel for "Authenticated with partial success"
+    message similar to other similar level.  bz#2599, patch from cgallek at
+    gmail.com, ok markus@
+    
+    Upstream-ID: 3faab814e947dc7b2e292edede23e94c608cb4dd
+
+commit 10358abd087ab228b7ce2048efc4f3854a9ab9a6
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jul 22 14:06:36 2016 +1000
+
+    retry waitpid on EINTR failure
+    
+    patch from Jakub Jelen on bz#2581; ok dtucker@
+
+commit da88a70a89c800e74ea8e5661ffa127a3cc79a92
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 22 03:47:36 2016 +0000
+
+    upstream commit
+    
+    constify a few functions' arguments; patch from Jakub
+    Jelen bz#2581
+    
+    Upstream-ID: f2043f51454ea37830ff6ad60c8b32b4220f448d
+
+commit c36d91bd4ebf767f310f7cea88d61d1c15f53ddf
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 22 03:39:13 2016 +0000
+
+    upstream commit
+    
+    move debug("%p", key) to before key is free'd; probable
+    undefined behaviour on strict compilers; reported by Jakub Jelen bz#2581
+    
+    Upstream-ID: 767f323e1f5819508a0e35e388ec241bac2f953a
+
+commit 286f5a77c3bfec1e8892ca268087ac885ac871bf
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 22 03:35:11 2016 +0000
+
+    upstream commit
+    
+    reverse the order in which -J/JumpHost proxies are visited to
+    be more intuitive and document
+    
+    reported by and manpage bits naddy@
+    
+    Upstream-ID: 3a68fd6a841fd6cf8cedf6552a9607ba99df179a
+
+commit fcd135c9df440bcd2d5870405ad3311743d78d97
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Jul 21 01:39:35 2016 +0000
+
+    upstream commit
+    
+    Skip passwords longer than 1k in length so clients can't
+    easily DoS sshd by sending very long passwords, causing it to spend CPU
+    hashing them. feedback djm@, ok markus@.
+    
+    Brought to our attention by tomas.kuthan at oracle.com, shilei-c at
+    360.cn and coredump at autistici.org
+    
+    Upstream-ID: d0af7d4a2190b63ba1d38eec502bc4be0be9e333
+
+commit 324583e8fb3935690be58790425793df619c6d4d
+Author: naddy@openbsd.org <naddy@openbsd.org>
+Date:   Wed Jul 20 10:45:27 2016 +0000
+
+    upstream commit
+    
+    Do not clobber the global jump_host variables when
+    parsing an inactive configuration.  ok djm@
+    
+    Upstream-ID: 5362210944d91417d5976346d41ac0b244350d31
+
+commit 32d921c323b989d28405e78d0a8923d12913d737
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Tue Jul 19 12:59:16 2016 +0000
+
+    upstream commit
+    
+    tweak previous;
+    
+    Upstream-ID: f3c1a5b3f05dff366f60c028728a2b43f15ff534
+
+commit d7eabc86fa049a12ba2c3fb198bd1d51b37f7025
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue Jul 19 11:38:53 2016 +0000
+
+    upstream commit
+    
+    Allow wildcard for PermitOpen hosts as well as ports.
+    bz#2582, patch from openssh at mzpqnxow.com and jjelen at redhat.com.  ok
+    markus@
+    
+    Upstream-ID: af0294e9b9394c4e16e991424ca0a47a7cc605f2
+
+commit b98a2a8348e907b3d71caafd80f0be8fdd075943
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Mon Jul 18 11:35:33 2016 +0000
+
+    upstream commit
+    
+    Reduce timing attack against obsolete CBC modes by always
+    computing the MAC over a fixed size of data. Reported by Jean Paul
+    Degabriele, Kenny Paterson, Torben Hansen and Martin Albrecht. ok djm@
+    
+    Upstream-ID: f20a13279b00ba0afbacbcc1f04e62e9d41c2912
+
+commit dbf788b4d9d9490a5fff08a7b09888272bb10fcc
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Thu Jul 21 14:17:31 2016 +1000
+
+    Search users for one with a valid salt.
+    
+    If the root account is locked (eg password "!!" or "*LK*") keep looking
+    until we find a user with a valid salt to use for crypting passwords of
+    invalid users.  ok djm@
+
+commit e8b58f48fbb1b524fb4f0d4865fa0005d6a4b782
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Jul 18 17:22:49 2016 +1000
+
+    Explicitly specify source files for regress tools.
+    
+    Since adding $(REGRESSLIBS), $? is wrong because it includes only the
+    changed source files.  $< seems like it'd be right however it doesn't
+    seem to work on some non-GNU makes, so do what works everywhere.
+
+commit eac1bbd06872c273f16ac0f9976b0aef026b701b
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Jul 18 17:12:22 2016 +1000
+
+    Conditionally include err.h.
+
+commit 0a454147568746c503f669e1ba861f76a2e7a585
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Jul 18 16:26:26 2016 +1000
+
+    Remove local implementation of err, errx.
+    
+    We now have a shared implementation in libopenbsd-compat.
+
+commit eb999a4590846ba4d56ddc90bd07c23abfbab7b1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jul 18 06:08:01 2016 +0000
+
+    upstream commit
+    
+    Add some unsigned overflow checks for extra_pad. None of
+    these are reachable with the amount of padding that we use internally.
+    bz#2566, pointed out by Torben Hansen. ok markus@
+    
+    Upstream-ID: 4d4be8450ab2fc1b852d5884339f8e8c31c3fd76
+
+commit c71ba790c304545464bb494de974cdf0f4b5cf1e
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Jul 18 15:43:25 2016 +1000
+
+    Add dependency on libs for unit tests.
+    
+    Makes "./configure && make tests" work again.  ok djm@
+
+commit 8199d0311aea3e6fd0284c9025e7a83f4ece79e8
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Jul 18 13:47:39 2016 +1000
+
+    Correct location for kexfuzz in clean target.
+
+commit 01558b7b07af43da774d3a11a5c51fa9c310849d
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Jul 18 09:33:25 2016 +1000
+
+    Handle PAM_MAXTRIES from modules.
+    
+    bz#2249: handle the case where PAM returns PAM_MAXTRIES by ceasing to offer
+    password and keyboard-interative authentication methods.  Should prevent
+    "sshd ignoring max retries" warnings in the log.  ok djm@
+    
+    It probably won't trigger with keyboard-interactive in the default
+    configuration because the retry counter is stored in module-private
+    storage which goes away with the sshd PAM process (see bz#688).  On the
+    other hand, those cases probably won't log a warning either.
+
+commit 65c6c6b567ab5ab12945a5ad8e0ab3a8c26119cc
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jul 17 04:20:16 2016 +0000
+
+    upstream commit
+    
+    support UTF-8 characters in ssh(1) banners using
+    schwarze@'s safe fmprintf printer; bz#2058
+    
+    feedback schwarze@ ok dtucker@
+    
+    Upstream-ID: a72ce4e3644c957643c9524eea2959e41b91eea7
+
+commit e4eb7d910976fbfc7ce3e90c95c11b07b483d0d7
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Sat Jul 16 06:57:55 2016 +0000
+
+    upstream commit
+    
+    - add proxyjump to the options list - formatting fixes -
+    update usage()
+    
+    ok djm
+    
+    Upstream-ID: 43d318e14ce677a2eec8f21ef5ba2f9f68a59457
+
+commit af1f084857621f14bd9391aba8033d35886c2455
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jul 15 05:01:58 2016 +0000
+
+    upstream commit
+    
+    Reduce the syslog level of some relatively common protocol
+    events from LOG_CRIT by replacing fatal() calls with logdie().  Part of
+    bz#2585, ok djm@
+    
+    Upstream-ID: 9005805227c94edf6ac02a160f0e199638d288e5
+
+commit bd5f2b78b69cf38d6049a0de445a79c8595e4a1f
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jul 15 19:14:48 2016 +1000
+
+    missing openssl/dh.h
+
+commit 4a984fd342effe5f0aad874a0d538c4322d973c0
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jul 15 18:47:07 2016 +1000
+
+    cast to avoid type warning in error message
+
+commit 5abfb15ced985c340359ae7fb65a625ed3692b3e
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Jul 15 14:48:30 2016 +1000
+
+    Move VA_COPY macro into compat header.
+    
+    Some AIX compilers unconditionally undefine va_copy but don't set it back
+    to an internal function, causing link errors.  In some compat code we
+    already use VA_COPY instead so move the two existing instances into the
+    shared header and use for sshbuf-getput-basic.c too.  Should fix building
+    with at lease some versions of AIX's compiler.  bz#2589, ok djm@
+
+commit 832b7443b7a8e181c95898bc5d73497b7190decd
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jul 15 14:45:34 2016 +1000
+
+    disable ciphers not supported by OpenSSL
+    
+    bz#2466 ok dtucker@
+
+commit 5fbe93fc6fbb2fe211e035703dec759d095e3dd8
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jul 15 13:54:31 2016 +1000
+
+    add a --disable-pkcs11 knob
+
+commit 679ce88ec2a8e2fe6515261c489e8c1449bb9da9
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jul 15 13:44:38 2016 +1000
+
+    fix newline escaping for unsupported_algorithms
+    
+    The hmac-ripemd160 was incorrect and could lead to broken
+    Makefiles on systems that lacked support for it, but I made
+    all the others consistent too.
+
+commit ed877ef653847d056bb433975d731b7a1132a979
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 15 00:24:30 2016 +0000
+
+    upstream commit
+    
+    Add a ProxyJump ssh_config(5) option and corresponding -J
+    ssh(1) command-line flag to allow simplified indirection through a SSH
+    bastion or "jump host".
+    
+    These options construct a proxy command that connects to the
+    specified jump host(s) (more than one may be specified) and uses
+    port-forwarding to establish a connection to the next destination.
+    
+    This codifies the safest way of indirecting connections through SSH
+    servers and makes it easy to use.
+    
+    ok markus@
+    
+    Upstream-ID: fa899cb8b26d889da8f142eb9774c1ea36b04397
+
+commit 5c02dd126206a26785379e80f2d3848e4470b711
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Jul 15 12:56:39 2016 +1000
+
+    Map umac_ctx struct name too.
+    
+    Prevents size mismatch linker warnings on Solaris 11.
+
+commit 283b97ff33ea2c641161950849931bd578de6946
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Jul 15 13:49:44 2016 +1000
+
+    Mitigate timing of disallowed users PAM logins.
+    
+    When sshd decides to not allow a login (eg PermitRootLogin=no) and
+    it's using PAM, it sends a fake password to PAM so that the timing for
+    the failure is not noticeably different whether or not the password
+    is correct.  This behaviour can be detected by sending a very long
+    password string which is slower to hash than the fake password.
+    
+    Mitigate by constructing an invalid password that is the same length
+    as the one from the client and thus takes the same time to hash.
+    Diff from djm@
+
+commit 9286875a73b2de7736b5e50692739d314cd8d9dc
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Jul 15 13:32:45 2016 +1000
+
+    Determine appropriate salt for invalid users.
+    
+    When sshd is processing a non-PAM login for a non-existent user it uses
+    the string from the fakepw structure as the salt for crypt(3)ing the
+    password supplied by the client.  That string has a Blowfish prefix, so on
+    systems that don't understand that crypt will fail fast due to an invalid
+    salt, and even on those that do it may have significantly different timing
+    from the hash methods used for real accounts (eg sha512).  This allows
+    user enumeration by, eg, sending large password strings.  This was noted
+    by EddieEzra.Harari at verint.com (CVE-2016-6210).
+    
+    To mitigate, use the same hash algorithm that root uses for hashing
+    passwords for users that do not exist on the system.  ok djm@
+
+commit a162dd5e58ca5b224d7500abe35e1ef32b5de071
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Thu Jul 14 21:19:59 2016 +1000
+
+    OpenSSL 1.1.x not currently supported.
+
+commit 7df91b01fc558a33941c5c5f31abbcdc53a729fb
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Thu Jul 14 12:25:24 2016 +1000
+
+    Check for VIS_ALL.
+    
+    If we don't have it, set BROKEN_STRNVIS to activate the compat replacement.
+
+commit ee67716f61f1042d5e67f91c23707cca5dcdd7d0
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Jul 14 01:24:21 2016 +0000
+
+    upstream commit
+    
+    Correct equal in test.
+    
+    Upstream-Regress-ID: 4e32f7a5c57a619c4e8766cb193be2a1327ec37a
+
+commit 372807c2065c8572fdc6478b25cc5ac363743073
+Author: tb@openbsd.org <tb@openbsd.org>
+Date:   Mon Jul 11 21:38:13 2016 +0000
+
+    upstream commit
+    
+    Add missing "recvfd" pledge promise: Raf Czlonka reported
+    ssh coredumps when Control* keywords were set in ssh_config. This patch also
+    fixes similar problems with scp and sftp.
+    
+    ok deraadt, looks good to millert
+    
+    Upstream-ID: ca2099eade1ef3e87a79614fefa26a0297ad8a3b
+
+commit e0453f3df64bf485c61c7eb6bd12893eee9fe2cd
+Author: tedu@openbsd.org <tedu@openbsd.org>
+Date:   Mon Jul 11 03:19:44 2016 +0000
+
+    upstream commit
+    
+    obsolete note about fascistloggin is obsolete. ok djm
+    dtucker
+    
+    Upstream-ID: dae60df23b2bb0e89f42661ddd96a7b0d1b7215a
+
+commit a2333584170a565adf4f209586772ef8053b10b8
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Thu Jul 14 10:59:09 2016 +1000
+
+    Add compat code for missing wcwidth.
+    
+    If we don't have wcwidth force fallback implementations of nl_langinfo
+    and mbtowc.  Based on advice from Ingo Schwarze.
+
+commit 8aaec7050614494014c47510b7e94daf6e644c62
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Jul 14 09:48:48 2016 +1000
+
+    fix missing include for systems with err.h
+
+commit 6310ef27a2567cda66d6cf0c1ad290ee1167f243
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Jul 13 14:42:35 2016 +1000
+
+    Move err.h replacements into compat lib.
+    
+    Move implementations of err.h replacement functions into their own file
+    in the libopenbsd-compat so we can use them in kexfuzz.c too.  ok djm@
+
+commit f3f2cc8386868f51440c45210098f65f9787449a
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Jul 11 17:23:38 2016 +1000
+
+    Check for wchar.h and langinfo.h
+    
+    Wrap includes in the appropriate #ifdefs.
+
+commit b9c50614eba9d90939b2b119b6e1b7e03b462278
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jul 8 13:59:13 2016 +1000
+
+    whitelist more architectures for seccomp-bpf
+    
+    bz#2590 - testing and patch from Jakub Jelen
+
+commit 18813a32b6fd964037e0f5e1893cb4468ac6a758
+Author: guenther@openbsd.org <guenther@openbsd.org>
+Date:   Mon Jul 4 18:01:44 2016 +0000
+
+    upstream commit
+    
+    DEBUGLIBS has been broken since the gcc4 switch, so delete
+    it.  CFLAGS contains -g by default anyway
+    
+    problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com)
+    ok millert@ kettenis@ deraadt@
+    
+    Upstream-Regress-ID: 4a0bb72f95c63f2ae9daa8a040ac23914bddb542
+
+commit 6d31193d0baa3da339c196ac49625b7ba1c2ecc7
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 8 03:44:42 2016 +0000
+
+    upstream commit
+    
+    Improve crypto ordering for Encrypt-then-MAC (EtM) mode
+    MAC algorithms.
+    
+    Previously we were computing the MAC, decrypting the packet and then
+    checking the MAC. This gave rise to the possibility of creating a
+    side-channel oracle in the decryption step, though no such oracle has
+    been identified.
+    
+    This adds a mac_check() function that computes and checks the MAC in
+    one pass, and uses it to advance MAC checking for EtM algorithms to
+    before payload decryption.
+    
+    Reported by Jean Paul Degabriele, Kenny Paterson, Torben Hansen and
+    Martin Albrecht. feedback and ok markus@
+    
+    Upstream-ID: 1999bb67cab47dda5b10b80d8155fe83d4a1867b
+
+commit 71f5598f06941f645a451948c4a5125c83828e1c
+Author: guenther@openbsd.org <guenther@openbsd.org>
+Date:   Mon Jul 4 18:01:44 2016 +0000
+
+    upstream commit
+    
+    DEBUGLIBS has been broken since the gcc4 switch, so
+    delete it.  CFLAGS contains -g by default anyway
+    
+    problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com)
+    ok millert@ kettenis@ deraadt@
+    
+    Upstream-ID: 96c5054e3e1f170c6276902d5bc65bb3b87a2603
+
+commit e683fc6f1c8c7295648dbda679df8307786ec1ce
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Jun 30 05:17:05 2016 +0000
+
+    upstream commit
+    
+    Explicitly check for 100% completion to avoid potential
+    floating point rounding error, which could cause progressmeter to report 99%
+    on completion. While there invert the test so the 100% case is clearer.  with
+    & ok djm@
+    
+    Upstream-ID: a166870c5878e422f3c71ff802e2ccd7032f715d
+
+commit 772e6cec0ed740fc7db618dc30b4134f5a358b43
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Wed Jun 29 17:14:28 2016 +0000
+
+    upstream commit
+    
+    sort the -o list;
+    
+    Upstream-ID: 1a97465ede8790b4d47cb618269978e07f41f8ac
+
+commit 46ecd19e554ccca15a7309cd1b6b44bc8e6b84af
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Jun 23 05:17:51 2016 +0000
+
+    upstream commit
+    
+    fix AuthenticationMethods during configuration re-parse;
+    reported by Juan Francisco Cantero Hurtado
+    
+    Upstream-ID: 8ffa1dac25c7577eca8238e825317ab20848f9b4
+
+commit 3147e7595d0f2f842a666c844ac53e6c7a253d7e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Jun 19 07:48:02 2016 +0000
+
+    upstream commit
+    
+    revert 1.34; causes problems loading public keys
+    
+    reported by semarie@
+    
+    Upstream-ID: b393794f8935c8b15d98a407fe7721c62d2ed179
+
+commit ad23a75509f4320d43f628c50f0817e3ad12bfa7
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Fri Jun 17 06:33:30 2016 +0000
+
+    upstream commit
+    
+    grammar fix;
+    
+    Upstream-ID: 5d5b21c80f1e81db367333ce0bb3e5874fb3e463
+
+commit 5e28b1a2a3757548b40018cc2493540a17c82e27
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jun 17 05:06:23 2016 +0000
+
+    upstream commit
+    
+    translate OpenSSL error codes to something more
+    meaninful; bz#2522 reported by Jakub Jelen, ok dtucker@
+    
+    Upstream-ID: 4cb0795a366381724314e6515d57790c5930ffe5
+
+commit b64faeb5eda7eff8210c754d00464f9fe9d23de5
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jun 17 05:03:40 2016 +0000
+
+    upstream commit
+    
+    ban AuthenticationMethods="" and accept
+    AuthenticationMethods=any for the default behaviour of not requiring multiple
+    authentication
+    
+    bz#2398 from Jakub Jelen; ok dtucker@
+    
+    Upstream-ID: fabd7f44d59e4518d241d0d01e226435cc23cf27
+
+commit 9816fc5daee5ca924dd5c4781825afbaab728877
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Jun 16 11:00:17 2016 +0000
+
+    upstream commit
+    
+    Include stdarg.h for va_copy as per man page.
+    
+    Upstream-ID: 105d6b2f1af2fbd9d91c893c436ab121434470bd
+
+commit b6cf84b51bc0f5889db48bf29a0c771954ade283
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Thu Jun 16 06:10:45 2016 +0000
+
+    upstream commit
+    
+    keys stored in openssh format can have comments too; diff
+    from yonas yanfa, tweaked a bit;
+    
+    ok djm
+    
+    Upstream-ID: 03d48536da6e51510d73ade6fcd44ace731ceb27
+
+commit aa37768f17d01974b6bfa481e5e83841b6c76f86
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Jun 20 15:55:34 2016 +1000
+
+    get_remote_name_or_ip inside LOGIN_NEEDS_UTMPX
+    
+    Apply the same get_remote_name_or_ip -> session_get_remote_name_or_ip
+    change as commit 95767262 to the code inside #ifdef LOGIN_NEEDS_UTMPX.
+    Fixes build on AIX.
+
+commit 009891afc8df37bc2101e15d1e0b6433cfb90549
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Jun 17 14:34:09 2016 +1000
+
+    Remove duplicate code from PAM.  ok djm@
+
+commit e690fe85750e93fca1fb7c7c8587d4130a4f7aba
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Jun 15 00:40:40 2016 +0000
+
+    upstream commit
+    
+    Remove "POSSIBLE BREAK-IN ATTEMPT!" from log message
+    about forward and reverse DNS not matching.  We haven't supported IP-based
+    auth methods for a very long time so it's now misleading.  part of bz#2585,
+    ok markus@
+    
+    Upstream-ID: 5565ef0ee0599b27f0bd1d3bb1f8a323d8274e29
+
+commit 57b4ee04cad0d3e0fec1194753b0c4d31e39a1cd
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Jun 15 11:22:38 2016 +1000
+
+    Move platform_disable_tracing into its own file.
+    
+    Prevents link errors resolving the extern "options" when platform.o
+    gets linked into ssh-agent when building --with-pam.
+
+commit 78dc8e3724e30ee3e1983ce013e80277dc6ca070
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Jun 14 13:55:12 2016 +1000
+
+    Track skipped upstream commit IDs.
+    
+    There are a small number of "upstream" commits that do not correspond to
+    a file in -portable.  This file tracks those so that we can reconcile
+    OpenBSD and Portable to ensure that no commits are accidentally missed.
+    
+    If you add something to .skipped-commit-ids please also add an upstream
+    ID line in the following format when you commit it.
+    
+        Upstream-ID: 321065a95a7ccebdd5fd08482a1e19afbf524e35
+        Upstream-ID: d4f699a421504df35254cf1c6f1a7c304fb907ca
+        Upstream-ID: aafe246655b53b52bc32c8a24002bc262f4230f7
+        Upstream-ID: 8fa9cd1dee3c3339ae329cf20fb591db6d605120
+        Upstream-ID: f31327a48dd4103333cc53315ec53fe65ed8a17a
+        Upstream-ID: edbfde98c40007b7752a4ac106095e060c25c1ef
+        Upstream-ID: 052fd565e3ff2d8cec3bc957d1788f50c827f8e2
+        Upstream-ID: 7cf73737f357492776223da1c09179fa6ba74660
+        Upstream-ID: 180d84674be1344e45a63990d60349988187c1ae
+        Upstream-ID: f6ae971186ba68d066cd102e57d5b0b2c211a5ee
+
+commit 9f919d1a3219d476d6a662d18df058e1c4f36a6f
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Jun 14 13:51:01 2016 +1000
+
+    Remove now-defunct .cvsignore files. ok djm
+
+commit 68777faf271efb2713960605c748f6c8a4b26d55
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Jun 8 02:13:01 2016 +0000
+
+    upstream commit
+    
+    Back out rev 1.28 "Check min and max sizes sent by the
+    client" change. It caused "key_verify failed for server_host_key" in clients
+    that send a DH-GEX min value less that DH_GRP_MIN, eg old OpenSSH and PuTTY.
+    ok djm@
+    
+    Upstream-ID: 452979d3ca5c1e9dff063287ea0a5314dd091f65
+
+commit a86ec4d0737ac5879223e7cd9d68c448df46e169
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Jun 14 10:48:27 2016 +1000
+
+    Use Solaris setpflags(__PROC_PROTECT, ...).
+    
+    Where possible, use Solaris setpflags to disable process tracing on
+    ssh-agent and sftp-server.  bz#2584, based on a patch from huieying.lee
+    at oracle.com, ok djm.
+
+commit 0f916d39b039fdc0b5baf9b5ab0754c0f11ec573
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Jun 14 10:43:53 2016 +1000
+
+    Shorten prctl code a tiny bit.
+
+commit 0fb7f5985351fbbcd2613d8485482c538e5123be
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Thu Jun 9 16:23:07 2016 +1000
+
+    Move prctl PR_SET_DUMPABLE into platform.c.
+    
+    This should make it easier to add additional platform support such as
+    Solaris (bz#2584).
+
+commit e6508898c3cd838324ecfe1abd0eb8cf802e7106
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jun 3 04:10:41 2016 +0000
+
+    upstream commit
+    
+    Add a test for ssh(1)'s config file parsing.
+    
+    Upstream-Regress-ID: 558b7f4dc45cc3761cc3d3e889b9f3c5bc91e601
+
+commit ab0a536066dfa32def0bd7272c096ebb5eb25b11
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jun 3 03:47:59 2016 +0000
+
+    upstream commit
+    
+    Add 'sshd' to the test ID as I'm about to add a similar
+     set for ssh.
+    
+    Upstream-Regress-ID: aea7a9c3bac638530165c801ce836875b228ae7a
+
+commit a5577c1ed3ecdfe4b7b1107c526cae886fc91afb
+Author: schwarze@openbsd.org <schwarze@openbsd.org>
+Date:   Mon May 30 12:14:08 2016 +0000
+
+    upstream commit
+    
+    stricter malloc.conf(5) options for utf8 tests
+    
+    Upstream-Regress-ID: 111efe20a0fb692fa1a987f6e823310f9b25abf6
+
+commit 75f0844b4f29d62ec3a5e166d2ee94b02df819fc
+Author: schwarze@openbsd.org <schwarze@openbsd.org>
+Date:   Mon May 30 12:05:56 2016 +0000
+
+    upstream commit
+    
+    Fix two rare edge cases: 1. If vasprintf() returns < 0,
+     do not access a NULL pointer in snmprintf(), and do not free() the pointer
+     returned from vasprintf() because on some systems other than OpenBSD, it
+     might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and ""
+     rather than -1 and NULL.
+    
+    Besides, free(dst) is pointless after failure (not a bug).
+    
+    One half OK martijn@, the other half OK deraadt@;
+    committing quickly before people get hurt.
+    
+    Upstream-Regress-ID: b164f20923812c9bac69856dbc1385eb1522cba4
+
+commit 016881eb33a7948028848c90f4c7ac42e3af0e87
+Author: schwarze@openbsd.org <schwarze@openbsd.org>
+Date:   Thu May 26 19:14:25 2016 +0000
+
+    upstream commit
+    
+    test the new utf8 module
+    
+    Upstream-Regress-ID: c923d05a20e84e4ef152cbec947fdc4ce6eabbe3
+
+commit d4219028bdef448e089376f3afe81ef6079da264
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue May 3 15:30:46 2016 +0000
+
+    upstream commit
+    
+    Set umask to prevent "Bad owner or permissions" errors.
+    
+    Upstream-Regress-ID: 8fdf2fc4eb595ccd80c443f474d639f851145417
+
+commit 07d5608bb237e9b3fe86a2aeaa429392230faebf
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue May 3 14:41:04 2016 +0000
+
+    upstream commit
+    
+    support doas
+    
+    Upstream-Regress-ID: 8d5572b27ea810394eeda432d8b4e9e1064a7c38
+
+commit 01cabf10adc7676cba5f40536a34d3b246edb73f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue May 3 13:48:33 2016 +0000
+
+    upstream commit
+    
+    unit tests for sshbuf_dup_string()
+    
+    Upstream-Regress-ID: 7521ff150dc7f20511d1c2c48fd3318e5850a96d
+
+commit 6915f1698e3d1dd4e22eac20f435e1dfc1d46372
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Fri Jun 3 06:44:12 2016 +0000
+
+    upstream commit
+    
+    tweak previous;
+    
+    Upstream-ID: 92979f1a0b63e041a0e5b08c9ed0ba9b683a3698
+
+commit 0cb2f4c2494b115d0f346ed2d8b603ab3ba643f4
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jun 3 04:09:38 2016 +0000
+
+    upstream commit
+    
+    Allow ExitOnForwardFailure and ClearAllForwardings to be
+     overridden when using ssh -W (but still default to yes in that case).
+     bz#2577, ok djm@.
+    
+    Upstream-ID: 4b20c419e93ca11a861c81c284090cfabc8c54d4
+
+commit 8543ff3f5020fe659839b15f05b8c522bde6cee5
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jun 3 03:14:41 2016 +0000
+
+    upstream commit
+    
+    Move the host and port used by ssh -W into the Options
+     struct. This will make future changes a bit easier.  ok djm@
+    
+    Upstream-ID: 151bce5ecab2fbedf0d836250a27968d30389382
+
+commit 6b87311d3acdc460f926b2c40f4c4f3fd345f368
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Jun 1 04:19:49 2016 +0000
+
+    upstream commit
+    
+    Check min and max sizes sent by the client against what
+     we support before passing them to the monitor.  ok djm@
+    
+    Upstream-ID: 750627e8117084215412bff00a25b1586ab17ece
+
+commit 564cd2a8926ccb1dca43a535073540935b5e0373
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue May 31 23:46:14 2016 +0000
+
+    upstream commit
+    
+    Ensure that the client's proposed DH-GEX max value is at
+     least as big as the minimum the server will accept.  ok djm@
+    
+    Upstream-ID: b4b84fa04aab2de7e79a6fee4a6e1c189c0fe775
+
+commit df820722e40309c9b3f360ea4ed47a584ed74333
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Jun 6 11:36:13 2016 +1000
+
+    Add compat bits to utf8.c.
+
+commit 05c6574652571becfe9d924226c967a3f4b3f879
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Jun 6 11:33:43 2016 +1000
+
+    Fix utf->utf8 typo.
+
+commit 6c1717190b4d5ddd729cd9e24e8ed71ed4f087ce
+Author: schwarze@openbsd.org <schwarze@openbsd.org>
+Date:   Mon May 30 18:34:41 2016 +0000
+
+    upstream commit
+    
+    Backout rev. 1.43 for now.
+    
+    The function update_progress_meter() calls refresh_progress_meter()
+    which calls snmprintf() which calls malloc(); but update_progress_meter()
+    acts as the SIGALRM signal handler.
+    
+    "malloc(): error: recursive call" reported by sobrado@.
+    
+    Upstream-ID: aaae57989431e5239c101f8310f74ccc83aeb93e
+
+commit cd9e1eabeb4137182200035ab6fa4522f8d24044
+Author: schwarze@openbsd.org <schwarze@openbsd.org>
+Date:   Mon May 30 12:57:21 2016 +0000
+
+    upstream commit
+    
+    Even when only writing an unescaped character, the dst
+     buffer may need to grow, or it would be overrun; issue found by tb@ with
+     malloc.conf(5) 'C'.
+    
+    While here, reserve an additional byte for the terminating NUL
+    up front such that we don't have to realloc() later just for that.
+    
+    OK tb@
+    
+    Upstream-ID: 30ebcc0c097c4571b16f0a78b44969f170db0cff
+
+commit ac284a355f8065eaef2a16f446f3c44cdd17371d
+Author: schwarze@openbsd.org <schwarze@openbsd.org>
+Date:   Mon May 30 12:05:56 2016 +0000
+
+    upstream commit
+    
+    Fix two rare edge cases: 1. If vasprintf() returns < 0,
+     do not access a NULL pointer in snmprintf(), and do not free() the pointer
+     returned from vasprintf() because on some systems other than OpenBSD, it
+     might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and ""
+     rather than -1 and NULL.
+    
+    Besides, free(dst) is pointless after failure (not a bug).
+    
+    One half OK martijn@, the other half OK deraadt@;
+    committing quickly before people get hurt.
+    
+    Upstream-ID: b7bcd2e82fc168a8eff94e41f5db336ed986fed0
+
+commit 0e059cdf5fd86297546c63fa8607c24059118832
+Author: schwarze@openbsd.org <schwarze@openbsd.org>
+Date:   Wed May 25 23:48:45 2016 +0000
+
+    upstream commit
+    
+    To prevent screwing up terminal settings when printing to
+     the terminal, for ASCII and UTF-8, escape bytes not forming characters and
+     bytes forming non-printable characters with vis(3) VIS_OCTAL. For other
+     character sets, abort printing of the current string in these cases.  In
+     particular, * let scp(1) respect the local user's LC_CTYPE locale(1); *
+     sanitize data received from the remote host; * sanitize filenames, usernames,
+     and similar data even locally; * take character display widths into account
+     for the progressmeter.
+    
+    This is believed to be sufficient to keep the local terminal safe
+    on OpenBSD, but bad things can still happen on other systems with
+    state-dependent locales because many places in the code print
+    unencoded ASCII characters into the output stream.
+    
+    Using feedback from djm@ and martijn@,
+    various aspects discussed with many others.
+    
+    deraadt@ says it should go in now, i probably already hesitated too long
+    
+    Upstream-ID: e66afbc94ee396ddcaffd433b9a3b80f387647e0
+
+commit 8c02e3639acefe1e447e293dbe23a0917abd3734
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue May 24 04:43:45 2016 +0000
+
+    upstream commit
+    
+    KNF compression proposal and simplify the client side a
+     little.  ok djm@
+    
+    Upstream-ID: aa814b694efe9e5af8a26e4c80a05526ae6d6605
+
+commit 7ec4946fb686813eb5f8c57397e465f5485159f4
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue May 24 02:31:57 2016 +0000
+
+    upstream commit
+    
+    Back out 'plug memleak'.
+    
+    Upstream-ID: 4faacdde136c24a961e24538de373660f869dbc0
+
+commit 82f24c3ddc52053aeb7beb3332fa94c92014b0c5
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 23 23:30:50 2016 +0000
+
+    upstream commit
+    
+    prefer agent-hosted keys to keys from PKCS#11; ok markus
+    
+    Upstream-ID: 7417f7653d58d6306d9f8c08d0263d050e2fd8f4
+
+commit a0cb7778fbc9b43458f7072eb68dd858766384d1
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon May 23 00:17:27 2016 +0000
+
+    upstream commit
+    
+    Plug mem leak in filter_proposal.  ok djm@
+    
+    Upstream-ID: bf968da7cfcea2a41902832e7d548356a4e2af34
+
+commit ae9c0d4d5c581b3040d1f16b5c5f4b1cd1616743
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Jun 3 16:03:44 2016 +1000
+
+    Update vis.h and vis.c from OpenBSD.
+    
+    This will be needed for the upcoming utf8 changes.
+
+commit e1d93705f8f48f519433d6ca9fc3d0abe92a1b77
+Author: Tim Rice <tim@multitalents.net>
+Date:   Tue May 31 11:13:22 2016 -0700
+
+    modified:   configure.ac
+    whitspace clean up. No code changes.
+
+commit 604a037d84e41e31f0aec9075df0b8740c130200
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue May 31 16:45:28 2016 +1000
+
+    whitespace at EOL
+
+commit 18424200160ff5c923113e0a37ebe21ab7bcd17c
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon May 30 19:35:28 2016 +1000
+
+    Add missing ssh-host-config --name option
+    
+    Patch from vinschen@redhat.com.
+
+commit 39c0cecaa188a37a2e134795caa68e03f3ced592
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri May 20 10:01:58 2016 +1000
+
+    Fix comment about sshpam_const and AIX.
+    
+    From mschwager via github.
+
+commit f64062b1f74ad5ee20a8a49aab2732efd0f7ce30
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri May 20 09:56:53 2016 +1000
+
+    Deny lstat syscalls in seccomp sandbox
+    
+    Avoids sandbox violations for some krb/gssapi libraries.
+
+commit 531c135409b8d8810795b1f3692a4ebfd5c9cae0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu May 19 07:45:32 2016 +0000
+
+    upstream commit
+    
+    fix type of ed25519 values
+    
+    Upstream-ID: b32d0cb372bbe918ca2de56906901eae225a59b0
+
+commit 75e21688f523799c9e0cc6601d76a9c5ca79f787
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed May 4 14:32:26 2016 +0000
+
+    upstream commit
+    
+    add IdentityAgent; noticed & ok jmc@
+    
+    Upstream-ID: 4ba9034b00a4cf1beae627f0728da897802df88a
+
+commit 1a75d14daf4b60db903e6103cf50e74e0cd0a76b
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed May 4 14:29:58 2016 +0000
+
+    upstream commit
+    
+    allow setting IdentityAgent to SSH_AUTH_SOCK; ok djm@
+    
+    Upstream-ID: 20c508480d8db3eef18942c0fc39b1fcf25652ac
+
+commit 0516454151ae722fc8256c3c56115c6baf24c5b0
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed May 4 14:22:33 2016 +0000
+
+    upstream commit
+    
+    move SSH_MSG_NONE, so we don't have to include ssh1.h;
+     ok deraadt@
+    
+    Upstream-ID: c2f97502efc761a41b18c17ddf460e138ca7994e
+
+commit 332ff3d770631e7513fea38cf0d3689f673f0e3f
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue May 10 09:51:06 2016 +1000
+
+    initialise salen in binresvport_sa
+    
+    avoids failures with UsePrivilegedPort=yes
+    
+    patch from Juan Gallego
+
+commit c5c1d5d2f04ce00d2ddd6647e61b32f28be39804
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed May 4 14:04:40 2016 +0000
+
+    upstream commit
+    
+    missing const in prototypes (ssh1)
+    
+    Upstream-ID: 789c6ad4928b5fa557369b88c3a6a34926082c05
+
+commit 9faae50e2e82ba42eb0cb2726bf6830fe7948f28
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed May 4 14:00:09 2016 +0000
+
+    upstream commit
+    
+    Fix inverted logic for updating StreamLocalBindMask which
+     would cause the server to set an invalid mask. ok djm@
+    
+    Upstream-ID: 8a4404c8307a5ef9e07ee2169fc6d8106b527587
+
+commit b02ad1ce9105bfa7394ac7590c0729dd52e26a81
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed May 4 12:21:53 2016 +0000
+
+    upstream commit
+    
+    IdentityAgent for specifying specific agent sockets; ok
+     djm@
+    
+    Upstream-ID: 3e6a15eb89ea0fd406f108826b7dc7dec4fbfac1
+
+commit 910e59bba09ac309d78ce61e356da35292212935
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed May 4 12:16:39 2016 +0000
+
+    upstream commit
+    
+    fix junk characters after quotes
+    
+    Upstream-ID: cc4d0cd32cb6b55a2ef98975d2f7ae857d0dc578
+
+commit 9283884e647b8be50ccd2997537af0065672107d
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Tue May 3 18:38:12 2016 +0000
+
+    upstream commit
+    
+    correct article;
+    
+    Upstream-ID: 1fbd5b7ab16d2d9834ec79c3cedd4738fa42a168
+
+commit cfefbcea1057c2623e76c579174a4107a0b6e6cd
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue May 3 15:57:39 2016 +0000
+
+    upstream commit
+    
+    fix overriding of StreamLocalBindMask and
+     StreamLocalBindUnlink in Match blocks; found the hard way Rogan Dawes
+    
+    Upstream-ID: 940bc69ec0249ab428d24ccd0722ce35cb932ee2
+
+commit 771c2f51ffc0c9a2877b7892fada0c77bd1f6549
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue May 3 15:25:06 2016 +0000
+
+    upstream commit
+    
+    don't forget to include StreamLocalBindUnlink in the
+     config dump output
+    
+    Upstream-ID: 14a6d970b3b45c8e94272e3c661e9a0b2a0ee7cb
+
+commit cdcd941994dc430f50d0a4e6a712d32b66e6199e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue May 3 14:54:08 2016 +0000
+
+    upstream commit
+    
+    make nethack^wrandomart fingerprint flag more readily
+     searchable pointed out by Matt Johnston
+    
+    Upstream-ID: cb40d0235dc153c478c1aad3bc60b195422a54fb
+
+commit 05855bf2ce7d5cd0a6db18bc0b4214ed5ef7516d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue May 3 13:10:24 2016 +0000
+
+    upstream commit
+    
+    clarify ordering of subkeys; pointed out by ietf-ssh AT
+     stbuehler.de
+    
+    Upstream-ID: 05ebe9f949449a555ebce8e0aad7c8c9acaf8463
+
+commit cca3b4395807bfb7aaeb83d2838f5c062ce30566
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue May 3 12:15:49 2016 +0000
+
+    upstream commit
+    
+    Use a subshell for constructing key types to work around
+     different sed behaviours for -portable.
+    
+    Upstream-Regress-ID: 0f6eb673162df229eda9a134a0f10da16151552d
+
+commit fa58208c6502dcce3e0daac0ca991ee657daf1f5
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue May 3 10:27:59 2016 +0000
+
+    upstream commit
+    
+    correct some typos and remove a long-stale XXX note.
+    
+    add specification for ed25519 certificates
+    
+    mention no host certificate options/extensions are currently defined
+    
+    pointed out by Simon Tatham
+    
+    Upstream-ID: 7b535ab7dba3340b7d8210ede6791fdaefdf839a
+
+commit b466f956c32cbaff4200bfcd5db6739fe4bc7d04
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue May 3 10:24:27 2016 +0000
+
+    upstream commit
+    
+    add ed25519 keys that are supported but missing from this
+     documents; from Peter Moody
+    
+    Upstream-ID: 8caac2d8e8cfd2fca6dc304877346e0a064b014b
+
+commit 7f3d76319a69dab2efe3a520a8fef5b97e923636
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Tue May 3 09:03:49 2016 +0000
+
+    upstream commit
+    
+    Implement IUTF8 as per draft-sgtatham-secsh-iutf8-00.  Patch
+     from Simon Tatham, ok markus@
+    
+    Upstream-ID: 58268ebdf37d9d467f78216c681705a5e10c58e8
+
+commit 31bc01c05d9f51bee3ebe33dc57c4fafb059fb62
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 2 14:10:58 2016 +0000
+
+    upstream commit
+    
+    unbreak config parsing on reexec from previous commit
+    
+    Upstream-ID: bc69932638a291770955bd05ca55a32660a613ab
+
+commit 67f1459efd2e85bf03d032539283fa8107218936
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 2 09:52:00 2016 +0000
+
+    upstream commit
+    
+    unit and regress tests for SHA256/512; ok markus
+    
+    Upstream-Regress-ID: a0cd1a92dc824067076a5fcef83c18df9b0bf2c6
+
+commit 0e8eeec8e75f6d0eaf33317376f773160018a9c7
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 2 10:26:04 2016 +0000
+
+    upstream commit
+    
+    add support for additional fixed DH groups from
+     draft-ietf-curdle-ssh-kex-sha2-03
+    
+    diffie-hellman-group14-sha256 (2K group)
+    diffie-hellman-group16-sha512 (4K group)
+    diffie-hellman-group18-sha512 (8K group)
+    
+    based on patch from Mark D. Baushke and Darren Tucker
+    ok markus@
+    
+    Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f
+
+commit 57464e3934ba53ad8590ee3ccd840f693407fc1e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 2 09:36:42 2016 +0000
+
+    upstream commit
+    
+    support SHA256 and SHA512 RSA signatures in certificates;
+     ok markus@
+    
+    Upstream-ID: b45be2f2ce8cacd794dc5730edaabc90e5eb434a
+
+commit 1a31d02b2411c4718de58ce796dbb7b5e14db93e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon May 2 08:49:03 2016 +0000
+
+    upstream commit
+    
+    fix signed/unsigned errors reported by clang-3.7; add
+     sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with
+     better safety checking; feedback and ok markus@
+    
+    Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
+
+commit d2d6bf864e52af8491a60dd507f85b74361f5da3
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Apr 29 08:07:53 2016 +0000
+
+    upstream commit
+    
+    close ControlPersist background process stderr when not
+     in debug mode or when logging to a file or syslog. bz#1988 ok dtucker
+    
+    Upstream-ID: 4fb726f0fdcb155ad419913cea10dc4afd409d24
+
+commit 9ee692fa1146e887e008a2b9a3d3ea81770c9fc8
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Apr 28 14:30:21 2016 +0000
+
+    upstream commit
+    
+    fix comment
+    
+    Upstream-ID: 313a385bd7b69a82f8e28ecbaf5789c774457b15
+
+commit ee1e0a16ff2ba41a4d203c7670b54644b6c57fa6
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Wed Apr 27 13:53:48 2016 +0000
+
+    upstream commit
+    
+    cidr permitted for {allow,deny}users; from lars nooden ok djm
+    
+    Upstream-ID: 13e7327fe85f6c63f3f7f069e0fdc8c351515d11
+
+commit b6e0140a5aa883c27b98415bd8aa9f65fc04ee22
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Apr 21 06:08:02 2016 +0000
+
+    upstream commit
+    
+    make argument == NULL tests more consistent
+    
+    Upstream-ID: dc4816678704aa5cbda3a702e0fa2033ff04581d
+
+commit 6aaabc2b610e44bae473457ad9556ffb43d90ee3
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Sun Apr 17 14:34:46 2016 +0000
+
+    upstream commit
+    
+    tweak previous;
+    
+    Upstream-ID: 46c1bab91c164078edbccd5f7d06b9058edd814f
+
+commit 0f839e5969efa3bda615991be8a9d9311554c573
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Apr 15 02:57:10 2016 +0000
+
+    upstream commit
+    
+    missing bit of Include regress
+    
+    Upstream-Regress-ID: 1063595f7f40f8489a1b7a27230b9e8acccea34f
+
+commit 12e4ac46aed681da55c2bba3cd11dfcab23591be
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Apr 15 02:55:53 2016 +0000
+
+    upstream commit
+    
+    remove redundant CLEANFILES section
+    
+    Upstream-Regress-ID: 29ef1b267fa56daa60a1463396635e7d53afb587
+
+commit b1d05aa653ae560c44baf8e8a9756e33f98ea75c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Apr 15 00:48:01 2016 +0000
+
+    upstream commit
+    
+    sync CLEANFILES with portable, sort
+    
+    Upstream-Regress-ID: cb782f4f1ab3e079efbc335c6b64942f790766ed
+
+commit 35f22dad263cce5c61d933ae439998cb965b8748
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Apr 15 00:31:10 2016 +0000
+
+    upstream commit
+    
+    regression test for ssh_config Include directive
+    
+    Upstream-Regress-ID: 46a38c8101f635461c506d1aac2d96af80f97f1e
+
+commit 6b8a1a87005818d4700ce8b42faef746e82c1f51
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Apr 14 23:57:17 2016 +0000
+
+    upstream commit
+    
+    unbreak test for recent ssh de-duplicated forwarding
+     change
+    
+    Upstream-Regress-ID: 6b2b115d99acd7cff13986e6739ea214cf2a3da3
+
+commit 076787702418985a2cc6808212dc28ce7afc01f0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Apr 14 23:21:42 2016 +0000
+
+    upstream commit
+    
+    add test knob and warning for StrictModes
+    
+    Upstream-Regress-ID: 8cd10952ce7898655ee58945904f2a0a3bdf7682
+
+commit dc7990be865450574c7940c9880567f5d2555b37
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Apr 15 00:30:19 2016 +0000
+
+    upstream commit
+    
+    Include directive for ssh_config(5); feedback & ok markus@
+    
+    Upstream-ID: ae3b76e2e343322b9f74acde6f1e1c5f027d5fff
+
+commit 85bdcd7c92fe7ff133bbc4e10a65c91810f88755
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Apr 13 10:39:57 2016 +1000
+
+    ignore PAM environment vars when UseLogin=yes
+    
+    If PAM is configured to read user-specified environment variables
+    and UseLogin=yes in sshd_config, then a hostile local user may
+    attack /bin/login via LD_PRELOAD or similar environment variables
+    set via PAM.
+    
+    CVE-2015-8325, found by Shayan Sadigh, via Colin Watson
+
+commit dce19bf6e4a2a3d0b13a81224de63fc316461ab9
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Apr 9 12:39:30 2016 +0000
+
+    upstream commit
+    
+    make private key loading functions consistently handle NULL
+     key pointer arguments; ok markus@
+    
+    Upstream-ID: 92038726ef4a338169c35dacc9c5a07fcc7fa761
+
+commit 5f41f030e2feb5295657285aa8c6602c7810bc4b
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Apr 8 21:14:13 2016 +1000
+
+    Remove NO_IPPORT_RESERVED_CONCEPT
+    
+    Replace by defining IPPORT_RESERVED to zero on Cygwin, which should have
+    the same effect without causing problems syncing patches with OpenBSD.
+    Resync the two affected functions with OpenBSD.  ok djm, sanity checked
+    by Corinna.
+
+commit 34a01b2cf737d946ddb140618e28c3048ab7a229
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Apr 8 08:19:17 2016 +0000
+
+    upstream commit
+    
+    whitespace at EOL
+    
+    Upstream-ID: 5beffd4e001515da12851b974e2323ae4aa313b6
+
+commit 90ee563fa6b54c59896c6c332c5188f866c5e75f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Apr 8 06:35:54 2016 +0000
+
+    upstream commit
+    
+    We accidentally send an empty string and a zero uint32 with
+     every direct-streamlocal@openssh.com channel open, in contravention of our
+     own spec.
+    
+    Fixing this is too hard wrt existing versions that expect these
+    fields to be present and fatal() if they aren't, so document them
+    as "reserved" fields in the PROTOCOL spec as though we always
+    intended this and let us never speak of it again.
+    
+    bz#2529, reported by Ron Frederick
+    
+    Upstream-ID: 34cd326a4d236ca6e39084c4ff796bd97ab833e7
+
+commit 0ccbd5eca0f0dd78e71a4b69c66f03a66908d558
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Apr 6 06:42:17 2016 +0000
+
+    upstream commit
+    
+    don't record duplicate LocalForward and RemoteForward
+     entries; fixes failure with ExitOnForwardFailure+hostname canonicalisation
+     where the same forwards are added on the second pass through the
+     configuration file. bz#2562; ok dtucker@
+    
+    Upstream-ID: 40a51d68b6300f1cc61deecdb7d4847b8b7b0de1
+
+commit 574def0eb493cd6efeffd4ff2e9257abcffee0c8
+Author: krw@openbsd.org <krw@openbsd.org>
+Date:   Sat Apr 2 14:37:42 2016 +0000
+
+    upstream commit
+    
+    Another use for fcntl() and thus of the superfluous 3rd
+     parameter is when sanitising standard fd's before calling daemon().
+    
+    Use a tweaked version of the ssh(1) function in all three places
+    found using fcntl() this way.
+    
+    ok jca@ beck@
+    
+    Upstream-ID: f16811ffa19a1c5f4ef383c5f0fecb843c84e218
+
+commit b3413534aa9d71a941005df2760d1eec2c2b0854
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Apr 4 11:09:21 2016 +1000
+
+    Tidy up openssl header test.
+
+commit 815bcac0b94bb448de5acdd6ba925b8725240b4f
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Apr 4 11:07:59 2016 +1000
+
+    Fix configure-time warnings for openssl test.
+
+commit 95687f5831ae680f7959446d8ae4b52452ee05dd
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Apr 1 02:34:10 2016 +0000
+
+    upstream commit
+    
+    whitespace at EOL
+    
+    Upstream-ID: 40ae2203d07cb14e0a89e1a0d4c6120ee8fd8c3a
+
+commit fdfbf4580de09d84a974211715e14f88a5704b8e
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Mar 31 05:24:06 2016 +0000
+
+    upstream commit
+    
+    Remove fallback from moduli to "primes" file that was
+     deprecated in 2001 and fix log messages referring to primes file.  Based on
+     patch from xnox at ubuntu.com via bz#2559.  "kill it" deraadt@
+    
+    Upstream-ID: 0d4f8c70e2fa7431a83b95f8ca81033147ba8713
+
+commit 0235a5fa67fcac51adb564cba69011a535f86f6b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Mar 17 17:19:43 2016 +0000
+
+    upstream commit
+    
+    UseDNS affects ssh hostname processing in authorized_keys,
+     not known_hosts; bz#2554 reported by jjelen AT redhat.com
+    
+    Upstream-ID: c1c1bb895dde46095fc6d81d8653703928437591
+
+commit 8c4739338f5e379d05b19d6e544540114965f07e
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Mar 15 09:24:43 2016 +1100
+
+    Don't call Solaris setproject() with UsePAM=yes.
+    
+    When Solaris Projects are enabled along with PAM setting the project
+    is PAM's responsiblity.  bz#2425, based on patch from
+    brent.paulson at gmail.com.
+
+commit cff26f373c58457a32cb263e212cfff53fca987b
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Mar 15 04:30:21 2016 +1100
+
+    remove slogin from *.spec
+
+commit c38905ba391434834da86abfc988a2b8b9b62477
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Mar 14 16:20:54 2016 +0000
+
+    upstream commit
+    
+    unbreak authentication using lone certificate keys in
+     ssh-agent: when attempting pubkey auth with a certificate, if no separate
+     private key is found among the keys then try with the certificate key itself.
+    
+    bz#2550 reported by Peter Moody
+    
+    Upstream-ID: f939cd76d68e6a9a3d1711b5a943d6ed1e623966
+
+commit 4b4bfb01cd40b9ddb948e6026ddd287cc303d871
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Mar 10 11:47:57 2016 +0000
+
+    upstream commit
+    
+    sanitise characters destined for xauth reported by
+     github.com/tintinweb feedback and ok deraadt and markus
+    
+    Upstream-ID: 18ad8d0d74cbd2ea3306a16595a306ee356aa261
+
+commit 732b463d37221722b1206f43aa59563766a6a968
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Mar 14 16:04:23 2016 +1100
+
+    Pass supported malloc options to connect-privsep.
+    
+    This allows us to activate only the supported options during the malloc
+    option portion of the connect-privsep test.
+
+commit d29c5b9b3e9f27394ca97a364ed4bb4a55a59744
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Mar 14 09:30:58 2016 +1100
+
+    Remove leftover roaming.h file.
+    
+    Pointed out by des at des.no.
+
+commit 8ff20ec95f4377021ed5e9b2331320f5c5a34cea
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Mar 14 09:24:03 2016 +1100
+
+    Quote variables that may contain whitespace.
+    
+    The variable $L_TMP_ID_FILE needs to be surrounded by quotes in order to
+    survive paths containing whitespace.  bz#2551, from Corinna Vinschen via
+    Philip Hands.
+
+commit 627824480c01f0b24541842c7206ab9009644d02
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Mar 11 14:47:41 2016 +1100
+
+    Include priv.h for priv_set_t.
+    
+    From alex at cooperi.net.
+
+commit e960051f9a264f682c4d2fefbeecffcfc66b0ddf
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Mar 9 13:14:18 2016 +1100
+
+    Wrap stdint.h inside #ifdef HAVE_STDINT_H.
+
+commit 2c48bd344d2c4b5e08dae9aea5ff44fc19a5e363
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Mar 9 12:46:50 2016 +1100
+
+    Add compat to monotime_double().
+    
+    Apply all of the portability changes in monotime() to monotime() double.
+    Fixes build on at least older FreeBSD systems.
+
+commit 7b40ef6c2eef40c339f6ea8920cb8a44838e10c9
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Mar 8 14:12:58 2016 -0800
+
+    make a regress-binaries target
+    
+    Easier to build all the regression/unit test binaries in one pass
+    than going through all of ${REGRESS_BINARIES}
+
+commit c425494d6b6181beb54a1b3763ef9e944fd3c214
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Mar 8 14:03:54 2016 -0800
+
+    unbreak kexfuzz for -Werror without __bounded__
+
+commit 3ed9218c336607846563daea5d5ab4f701f4e042
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Mar 8 14:01:29 2016 -0800
+
+    unbreak PAM after canohost refactor
+
+commit 885fb2a44ff694f01e4f6470f803629e11f62961
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Mar 8 11:58:43 2016 +1100
+
+    auth_get_canonical_hostname in portable code.
+    
+    "refactor canohost.c" replaced get_canonical_hostname, this makes the
+    same change to some portable-specific code.
+
+commit 95767262caa6692eff1e1565be1f5cb297949a89
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Mar 7 19:02:43 2016 +0000
+
+    upstream commit
+    
+    refactor canohost.c: move functions that cache results closer
+     to the places that use them (authn and session code). After this, no state is
+     cached in canohost.c
+    
+    feedback and ok markus@
+    
+    Upstream-ID: 5f2e4df88d4803fc8ec59ec53629105e23ce625e
+
+commit af0bb38ffd1f2c4f9f43b0029be2efe922815255
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Mar 4 15:11:55 2016 +1100
+
+    hook unittests/misc/kexfuzz into build
+
+commit 331b8e07ee5bcbdca12c11cc8f51a7e8de09b248
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Mar 4 02:48:06 2016 +0000
+
+    upstream commit
+    
+    Filter debug messages out of log before picking the last
+     two lines. Should prevent problems if any more debug output is added late in
+     the connection.
+    
+    Upstream-Regress-ID: 345d0a9589c381e7d640a4ead06cfaadf4db1363
+
+commit 0892edaa3ce623381d3a7635544cbc69b31cf9cb
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 4 02:30:36 2016 +0000
+
+    upstream commit
+    
+    add KEX fuzzer harness; ok deraadt@
+    
+    Upstream-Regress-ID: 3df5242d30551b12b828aa9ba4a4cec0846be8d1
+
+commit ae2562c47d41b68dbb00240fd6dd60bed205367a
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Thu Mar 3 00:46:53 2016 +0000
+
+    upstream commit
+    
+    Look back 3 lines for possible error messages.  Changes
+     to the code mean that "Bad packet length" errors are 3 lines back instead of
+     the previous two, which meant we didn't skip some offsets that we intended
+     to.
+    
+    Upstream-Regress-ID: 24f36912740a634d509a3144ebc8eb7c09b9c684
+
+commit 988e429d903acfb298bfddfd75e7994327adfed0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Mar 4 03:35:44 2016 +0000
+
+    upstream commit
+    
+    fix ClientAliveInterval when a time-based RekeyLimit is
+     set; previously keepalive packets were not being sent. bz#2252 report and
+     analysis by Christian Wittenhorst and Garrett Lee feedback and ok dtucker@
+    
+    Upstream-ID: d48f9deadd35fdacdd5106b41bb07630ddd4aa81
+
+commit 8ef04d7a94bcdb8b0085fdd2a79a844b7d40792d
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Mar 2 22:43:52 2016 +0000
+
+    upstream commit
+    
+    Improve accuracy of reported transfer speeds by waiting
+     for the ack from the other end.  Pointed out by mmcc@, ok deraadt@ markus@
+    
+    Upstream-ID: 99f1cf15c9a8f161086b814d414d862795ae153d
+
+commit b8d4eafe29684fe4f5bb587f7eab948e6ed62723
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Mar 2 22:42:40 2016 +0000
+
+    upstream commit
+    
+    Improve precision of progressmeter for sftp and scp by
+     storing sub-second timestamps.  Pointed out by mmcc@, ok deraadt@ markus@
+    
+    Upstream-ID: 38fd83a3d83dbf81c8ff7b5d1302382fe54970ab
+
+commit 18f64b969c70ed00e74b9d8e50359dbe698ce4c0
+Author: jca@openbsd.org <jca@openbsd.org>
+Date:   Mon Feb 29 20:22:36 2016 +0000
+
+    upstream commit
+    
+    Print ssize_t with %zd; ok deraadt@ mmcc@
+    
+    Upstream-ID: 0590313bbb013ff6692298c98f7e0be349d124bd
+
+commit 6e7f68ce38130c794ec1fb8d2a6091fbe982628d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Feb 28 22:27:00 2016 +0000
+
+    upstream commit
+    
+    rearrange DH public value tests to be a little more clear
+    
+    rearrange DH private value generation to explain rationale more
+    clearly and include an extra sanity check.
+    
+    ok deraadt
+    
+    Upstream-ID: 9ad8a07e1a12684e1b329f9bd88941b249d4b2ad
+
+commit 2ed17aa34008bdfc8db674315adc425a0712be11
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Mar 1 15:24:20 2016 +1100
+
+    Import updated moduli file from OpenBSD.
+    
+    Note that 1.5k bit groups have been removed.
+
+commit 72b061d4ba0f909501c595d709ea76e06b01e5c9
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Feb 26 14:40:04 2016 +1100
+
+    Add a note about using xlc on AIX.
+
+commit fd4e4f2416baa2e6565ea49d52aade296bad3e28
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Feb 24 10:44:25 2016 +1100
+
+    Skip PrintLastLog in config dump mode.
+    
+    When DISABLE_LASTLOG is set, do not try to include PrintLastLog in the
+    config dump since it'll be reported as UNKNOWN.
+
+commit 99135c764fa250801da5ec3b8d06cbd0111caae8
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Feb 23 20:17:23 2016 +1100
+
+    update spec/README versions ahead of release
+
+commit b86a334aaaa4d1e643eb1fd71f718573d6d948b5
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Feb 23 20:16:53 2016 +1100
+
+    put back portable patchlevel to p1
+
+commit 555dd35ff176847e3c6bd068ba2e8db4022eb24f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Feb 23 09:14:34 2016 +0000
+
+    upstream commit
+    
+    openssh-7.2
+    
+    Upstream-ID: 9db776b26014147fc907ece8460ef2bcb0f11e78
+
+commit 1acc058d0a7913838c830ed998a1a1fb5b7864bf
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Feb 23 16:12:13 2016 +1100
+
+    Disable tests where fs perms are incorrect
+    
+    Some tests have strict requirements on the filesystem permissions
+    for certain files and directories. This adds a regress/check-perm
+    tool that copies the relevant logic from sshd to exactly test
+    the paths in question. This lets us skip tests when the local
+    filesystem doesn't conform to our expectations rather than
+    continuing and failing the test run.
+    
+    ok dtucker@
+
+commit 39f303b1f36d934d8410b05625f25c7bcb75db4d
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Feb 23 12:56:59 2016 +1100
+
+    fix sandbox on OSX Lion
+    
+    sshd was failing with:
+    
+    ssh_sandbox_child: sandbox_init: dlopen(/usr/lib/libsandbox.1.dylib, 261):cw
+      image not found [preauth]
+    
+    caused by chroot before sandboxing. Avoid by explicitly linking libsandbox
+    to sshd. Spotted by Darren.
+
+commit 0d1451a32c7436e6d3d482351e776bc5e7824ce4
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Feb 23 01:34:14 2016 +0000
+
+    upstream commit
+    
+    fix spurious error message when incorrect passphrase
+     entered for keys; reported by espie@ ok deraadt@
+    
+    Upstream-ID: 58b2e46e63ed6912ed1ee780bd3bd8560f9a5899
+
+commit 09d87d79741beb85768b5e788d7dfdf4bc3543dc
+Author: sobrado@openbsd.org <sobrado@openbsd.org>
+Date:   Sat Feb 20 23:06:23 2016 +0000
+
+    upstream commit
+    
+    set ssh(1) protocol version to 2 only.
+    
+    ok djm@
+    
+    Upstream-ID: e168daf9d27d7e392e3c9923826bd8e87b2b3a10
+
+commit 9262e07826ba5eebf8423f7ac9e47ec488c47869
+Author: sobrado@openbsd.org <sobrado@openbsd.org>
+Date:   Sat Feb 20 23:02:39 2016 +0000
+
+    upstream commit
+    
+    add missing ~/.ssh/id_ecdsa and ~/.ssh/id_ed25519 to
+     IdentityFile.
+    
+    ok djm@
+    
+    Upstream-ID: 6ce99466312e4ae7708017c3665e3edb976f70cf
+
+commit c12f0fdce8f985fca8d71829fd64c5b89dc777f5
+Author: sobrado@openbsd.org <sobrado@openbsd.org>
+Date:   Sat Feb 20 23:01:46 2016 +0000
+
+    upstream commit
+    
+    AddressFamily defaults to any.
+    
+    ok djm@
+    
+    Upstream-ID: 0d94aa06a4b889bf57a7f631c45ba36d24c13e0c
+
+commit 907091acb188b1057d50c2158f74c3ecf1c2302b
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Feb 19 09:05:39 2016 +1100
+
+    Make Solaris privs code build on older systems.
+    
+    Not all systems with Solaris privs have priv_basicset so factor that
+    out and provide backward compatibility code.  Similarly, not all have
+    PRIV_NET_ACCESS so wrap that in #ifdef.  Based on code from
+    alex at cooperi.net and djm@ with help from carson at taltos.org and
+    wieland at purdue.edu.
+
+commit 292a8dee14e5e67dcd1b49ba5c7b9023e8420d59
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Feb 17 22:20:14 2016 +0000
+
+    upstream commit
+    
+    rekey refactor broke SSH1; spotted by Tom G. Christensen
+    
+    Upstream-ID: 43f0d57928cc077c949af0bfa71ef574dcb58243
+
+commit 3a13cb543df9919aec2fc6b75f3dd3802facaeca
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Feb 17 08:57:34 2016 +0000
+
+    upstream commit
+    
+    rsa-sha2-512,rsa-sha2-256 cannot be selected explicitly
+     in *KeyTypes options yet. Remove them from the lists of algorithms for now.
+     committing on behalf of markus@ ok djm@
+    
+    Upstream-ID: c6e8820eb8e610ac21551832c0c89684a9a51bb7
+
+commit a685ae8d1c24fb7c712c55a4f3280ee76f5f1e4b
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Wed Feb 17 07:38:19 2016 +0000
+
+    upstream commit
+    
+    since these pages now clearly tell folks to avoid v1,
+     normalise the docs from a v2 perspective (i.e. stop pointing out which bits
+     are v2 only);
+    
+    ok/tweaks djm ok markus
+    
+    Upstream-ID: eb474f8c36fb6a532dc05c282f7965e38dcfa129
+
+commit c5c3f3279a0e4044b8de71b70d3570d692d0f29d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Feb 17 05:29:04 2016 +0000
+
+    upstream commit
+    
+    make sandboxed privilege separation the default, not just
+     for new installs; "absolutely" deraadt@
+    
+    Upstream-ID: 5221ef3b927d2df044e9aa3f5db74ae91743f69b
+
+commit eb3f7337a651aa01d5dec019025e6cdc124ed081
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Tue Feb 16 07:47:54 2016 +0000
+
+    upstream commit
+    
+    no need to state that protocol 2 is the default twice;
+    
+    Upstream-ID: b1e4c36b0c2e12e338e5b66e2978f2ac953b95eb
+
+commit e7901efa9b24e5b0c7e74f2c5520d47eead4d005
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Feb 16 05:11:04 2016 +0000
+
+    upstream commit
+    
+    Replace list of ciphers and MACs adjacent to -1/-2 flag
+     descriptions in ssh(1) with a strong recommendation not to use protocol 1.
+     Add a similar warning to the Protocol option descriptions in ssh_config(5)
+     and sshd_config(5);
+    
+    prompted by and ok mmcc@
+    
+    Upstream-ID: 961f99e5437d50e636feca023978950a232ead5e
+
+commit 5a0fcb77287342e2fc2ba1cee79b6af108973dc2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Feb 16 03:37:48 2016 +0000
+
+    upstream commit
+    
+    add a "Close session" log entry (at loglevel=verbose) to
+     correspond to the existing "Starting session" one. Also include the session
+     id number to make multiplexed sessions more apparent.
+    
+    feedback and ok dtucker@
+    
+    Upstream-ID: e72d2ac080e02774376325136e532cb24c2e617c
+
+commit 624fd395b559820705171f460dd33d67743d13d6
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Feb 17 02:24:17 2016 +0000
+
+    upstream commit
+    
+    include bad $SSH_CONNECTION in failure output
+    
+    Upstream-Regress-ID: b22d72edfde78c403aaec2b9c9753ef633cc0529
+
+commit 60d860e54b4f199e5e89963b1c086981309753cb
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Feb 17 13:37:09 2016 +1100
+
+    Rollback addition of va_start.
+    
+    va_start was added in 0f754e29dd3760fc0b172c1220f18b753fb0957e, however
+    it has the wrong number of args and it's not usable in non-variadic
+    functions anyway so it breaks things (for example Solaris 2.6 as
+    reported by Tom G. Christensen).i  ok djm@
+
+commit 2fee909c3cee2472a98b26eb82696297b81e0d38
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Wed Feb 17 09:48:15 2016 +1100
+
+    Look for gethostbyname in libresolv and libnsl.
+    
+    Should fix build problem on Solaris 2.6 reported by Tom G. Christensen.
+
+commit 5ac712d81a84396aab441a272ec429af5b738302
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Feb 16 10:45:02 2016 +1100
+
+    make existing ssh_malloc_init only for __OpenBSD__
+
+commit 24c9bded569d9f2449ded73f92fb6d12db7a9eec
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Feb 15 23:32:37 2016 +0000
+
+    upstream commit
+    
+    memleak of algorithm name in mm_answer_sign; reported by
+     Jakub Jelen
+    
+    Upstream-ID: ccd742cd25952240ebd23d7d4d6b605862584d08
+
+commit ffb1e7e896139a42ceb78676f637658f44612411
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Feb 15 09:47:49 2016 +0000
+
+    upstream commit
+    
+    Add a function to enable security-related malloc_options.
+      With and ok deraadt@, something similar has been in the snaps for a while.
+    
+    Upstream-ID: 43a95523b832b7f3b943d2908662191110c380ed
+
+commit ef39e8c0497ff0564990a4f9e8b7338b3ba3507c
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Feb 16 10:34:39 2016 +1100
+
+    sync ssh-copy-id with upstream 783ef08b0a75
+
+commit d2d772f55b19bb0e8d03c2fe1b9bb176d9779efd
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Feb 12 00:20:30 2016 +0000
+
+    upstream commit
+    
+    avoid fatal() for PKCS11 tokens that present empty key IDs
+     bz#1773, ok markus@
+    
+    Upstream-ID: 044a764fee526f2c4a9d530bd10695422d01fc54
+
+commit e4c918a6c721410792b287c9fd21356a1bed5805
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Feb 11 02:56:32 2016 +0000
+
+    upstream commit
+    
+    sync crypto algorithm lists in ssh_config(5) and
+     sshd_config(5) with current reality. bz#2527
+    
+    Upstream-ID: d7fd1b6c1ed848d866236bcb1d7049d2bb9b2ff6
+
+commit e30cabfa4ab456a30b3224f7f545f1bdfc4a2517
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Feb 11 02:21:34 2016 +0000
+
+    upstream commit
+    
+    fix regression in openssh-6.8 sftp client: existing
+     destination directories would incorrectly terminate recursive uploads;
+     bz#2528
+    
+    Upstream-ID: 3306be469f41f26758e3d447987ac6d662623e18
+
+commit 714e367226ded4dc3897078be48b961637350b05
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Feb 9 05:30:04 2016 +0000
+
+    upstream commit
+    
+    turn off more old crypto in the client: hmac-md5, ripemd,
+     truncated HMACs, RC4, blowfish. ok markus@ dtucker@
+    
+    Upstream-ID: 96aa11c2c082be45267a690c12f1d2aae6acd46e
+
+commit 5a622844ff7f78dcb75e223399f9ef0977e8d0a3
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Feb 8 23:40:12 2016 +0000
+
+    upstream commit
+    
+    don't attempt to percent_expand() already-canonicalised
+     addresses, avoiding unnecessary failures when attempting to connect to scoped
+     IPv6 addresses (that naturally contain '%' characters)
+    
+    Upstream-ID: f24569cffa1a7cbde5f08dc739a72f4d78aa5c6a
+
+commit 19bcf2ea2d17413f2d9730dd2a19575ff86b9b6a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Feb 8 10:57:07 2016 +0000
+
+    upstream commit
+    
+    refactor activation of rekeying
+    
+    This makes automatic rekeying internal to the packet code (previously
+    the server and client loops needed to assist). In doing to it makes
+    application of rekey limits more accurate by accounting for packets
+    about to be sent as well as packets queued during rekeying events
+    themselves.
+    
+    Based on a patch from dtucker@ which was in turn based on a patch
+    Aleksander Adamowski in bz#2521; ok markus@
+    
+    Upstream-ID: a441227fd64f9739850ca97b4cf794202860fcd8
+
+commit 603ba41179e4b53951c7b90ee95b6ef3faa3f15d
+Author: naddy@openbsd.org <naddy@openbsd.org>
+Date:   Fri Feb 5 13:28:19 2016 +0000
+
+    upstream commit
+    
+    Only check errno if read() has returned an error.  EOF is
+     not an error. This fixes a problem where the mux master would sporadically
+     fail to notice that the client had exited. ok mikeb@ djm@
+    
+    Upstream-ID: 3c2dadc21fac6ef64665688aac8a75fffd57ae53
+
+commit 56d7dac790693ce420d225119283bc355cff9185
+Author: jsg@openbsd.org <jsg@openbsd.org>
+Date:   Fri Feb 5 04:31:21 2016 +0000
+
+    upstream commit
+    
+    avoid an uninitialised value when NumberOfPasswordPrompts
+     is 0 ok markus@ djm@
+    
+    Upstream-ID: 11b068d83c2865343aeb46acf1e9eec00f829b6b
+
+commit deae7d52d59c5019c528f977360d87fdda15d20b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Feb 5 03:07:06 2016 +0000
+
+    upstream commit
+    
+    mention internal DH-GEX fallback groups; bz#2302
+    
+    Upstream-ID: e7b395fcca3122cd825515f45a2e41c9a157e09e
+
+commit cac3b6665f884d46192c0dc98a64112e8b11a766
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Feb 5 02:37:56 2016 +0000
+
+    upstream commit
+    
+    better description for MaxSessions; bz#2531
+    
+    Upstream-ID: e2c0d74ee185cd1a3e9d4ca1f1b939b745b354da
+
+commit 5ef4b0fdcc7a239577a754829b50022b91ab4712
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Jan 27 17:45:56 2016 +1100
+
+    avoid FreeBSD RCS Id in comment
+    
+    Change old $FreeBSD version string in comment so it doesn't
+    become an RCS ident downstream; requested by des AT des.no
+
+commit 696d12683c90d20a0a9c5f4275fc916b7011fb04
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Feb 4 23:43:48 2016 +0000
+
+    upstream commit
+    
+    printf argument casts to avoid warnings on strict
+     compilers
+    
+    Upstream-ID: 7b9f6712cef01865ad29070262d366cf13587c9c
+
+commit 5658ef2501e785fbbdf5de2dc33b1ff7a4dca73a
+Author: millert@openbsd.org <millert@openbsd.org>
+Date:   Mon Feb 1 21:18:17 2016 +0000
+
+    upstream commit
+    
+    Avoid ugly "DISPLAY "(null)" invalid; disabling X11
+     forwarding" message when DISPLAY is not set.  This could also result in a
+     crash on systems with a printf that doesn't handle NULL.  OK djm@
+    
+    Upstream-ID: 20ee0cfbda678a247264c20ed75362042b90b412
+
+commit 537f88ec7bcf40bd444ac5584c707c5588c55c43
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jan 29 05:18:15 2016 +0000
+
+    upstream commit
+    
+    Add regression test for RekeyLimit parsing of >32bit values
+     (4G and 8G).
+    
+    Upstream-Regress-ID: 548390350c62747b6234f522a99c319eee401328
+
+commit 4c6cb8330460f94e6c7ae28a364236d4188156a3
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jan 29 23:04:46 2016 +0000
+
+    upstream commit
+    
+    Remove leftover roaming dead code.  ok djm markus.
+    
+    Upstream-ID: 13d1f9c8b65a5109756bcfd3b74df949d53615be
+
+commit 28136471809806d6246ef41e4341467a39fe2f91
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jan 29 05:46:01 2016 +0000
+
+    upstream commit
+    
+    include packet type of non-data packets in debug3 output;
+     ok markus dtucker
+    
+    Upstream-ID: 034eaf639acc96459b9c5ce782db9fcd8bd02d41
+
+commit 6fd6e28daccafaa35f02741036abe64534c361a1
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jan 29 03:31:03 2016 +0000
+
+    upstream commit
+    
+    Revert "account for packets buffered but not yet
+     processed" change as it breaks for very small RekeyLimit values due to
+     continuous rekeying.  ok djm@
+    
+    Upstream-ID: 7e03f636cb45ab60db18850236ccf19079182a19
+
+commit 921ff00b0ac429666fb361d2d6cb1c8fff0006cb
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jan 29 02:54:45 2016 +0000
+
+    upstream commit
+    
+    Allow RekeyLimits in excess of 4G up to 2**63 bits
+     (limited by the return type of scan_scaled).  Part of bz#2521, ok djm.
+    
+    Upstream-ID: 13bea82be566b9704821b1ea05bf7804335c7979
+
+commit c0060a65296f01d4634f274eee184c0e93ba0f23
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Jan 29 02:42:46 2016 +0000
+
+    upstream commit
+    
+    Account for packets buffered but not yet processed when
+     computing whether or not it is time to perform rekeying.  bz#2521, based
+     loosely on a patch from olo at fb.com, ok djm@
+    
+    Upstream-ID: 67e268b547f990ed220f3cb70a5624d9bda12b8c
+
+commit 44cf930e670488c85c9efeb373fa5f4b455692ac
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jan 27 06:44:58 2016 +0000
+
+    upstream commit
+    
+    change old $FreeBSD version string in comment so it doesn't
+     become an RCS ident downstream; requested by des AT des.no
+    
+    Upstream-ID: 8ca558c01f184e596b45e4fc8885534b2c864722
+
+commit ebacd377769ac07d1bf3c75169644336056b7060
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jan 27 00:53:12 2016 +0000
+
+    upstream commit
+    
+    make the debug messages a bit more useful here
+    
+    Upstream-ID: 478ccd4e897e0af8486b294aa63aa3f90ab78d64
+
+commit 458abc2934e82034c5c281336d8dc0f910aecad3
+Author: jsg@openbsd.org <jsg@openbsd.org>
+Date:   Sat Jan 23 05:31:35 2016 +0000
+
+    upstream commit
+    
+    Zero a stack buffer with explicit_bzero() instead of
+     memset() when returning from client_loop() for consistency with
+     buffer_free()/sshbuf_free().
+    
+    ok dtucker@ deraadt@ djm@
+    
+    Upstream-ID: bc9975b2095339811c3b954694d7d15ea5c58f66
+
+commit 65a3c0dacbc7dbb75ddb6a70ebe22d8de084d0b0
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Wed Jan 20 09:22:39 2016 +0000
+
+    upstream commit
+    
+    Include sys/time.h for gettimeofday.  From sortie at
+     maxsi.org.
+    
+    Upstream-ID: 6ed0c33b836d9de0a664cd091e86523ecaa2fb3b
+
+commit fc77ccdc2ce6d5d06628b8da5048a6a5f6ffca5a
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Thu Jan 14 22:56:56 2016 +0000
+
+    upstream commit
+    
+    fd leaks; report Qualys Security Advisory team; ok
+     deraadt@
+    
+    Upstream-ID: 4ec0f12b9d8fa202293c9effa115464185aa071d
+
+commit a306863831c57ec5fad918687cc5d289ee8e2635
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Thu Jan 14 16:17:39 2016 +0000
+
+    upstream commit
+    
+    remove roaming support; ok djm@
+    
+    Upstream-ID: 2cab8f4b197bc95776fb1c8dc2859dad0c64dc56
+
+commit 6ef49e83e30688504552ac10875feabd5521565f
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Thu Jan 14 14:34:34 2016 +0000
+
+    upstream commit
+    
+    Disable experimental client-side roaming support.  Server
+     side was disabled/gutted for years already, but this aspect was surprisingly
+     forgotten. Thanks for report from Qualys
+    
+    Upstream-ID: 2328004b58f431a554d4c1bf67f5407eae3389df
+
+commit 8d7b523b96d3be180572d9d338cedaafc0570f60
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Jan 14 11:08:19 2016 +1100
+
+    bump version numbers
+
+commit 8c3d512a1fac8b9c83b4d0c9c3f2376290bd84ca
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Jan 14 11:04:04 2016 +1100
+
+    openssh-7.1p2
+
+commit e6c85f8889c5c9eb04796fdb76d2807636b9eef5
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jan 15 01:30:36 2016 +1100
+
+    forcibly disable roaming support in the client
+
+commit ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jan 13 23:04:47 2016 +0000
+
+    upstream commit
+    
+    eliminate fallback from untrusted X11 forwarding to trusted
+     forwarding when the X server disables the SECURITY extension; Reported by
+     Thomas Hoger; ok deraadt@
+    
+    Upstream-ID: f76195bd2064615a63ef9674a0e4096b0713f938
+
+commit 9a728cc918fad67c8a9a71201088b1e150340ba4
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jan 12 23:42:54 2016 +0000
+
+    upstream commit
+    
+    use explicit_bzero() more liberally in the buffer code; ok
+     deraadt
+    
+    Upstream-ID: 0ece37069fd66bc6e4f55eb1321f93df372b65bf
+
+commit 4626cbaf78767fc8e9c86dd04785386c59ae0839
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Jan 8 14:24:56 2016 +1100
+
+    Support Illumos/Solaris fine-grained privileges
+    
+    Includes a pre-auth privsep sandbox and several pledge()
+    emulations. bz#2511, patch by Alex Wilson.
+    
+    ok dtucker@
+
+commit 422d1b3ee977ff4c724b597fb2e437d38fc8de9d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Dec 31 00:33:52 2015 +0000
+
+    upstream commit
+    
+    fix three bugs in KRL code related to (unused) signature
+     support: verification length was being incorrectly calculated, multiple
+     signatures were being incorrectly processed and a NULL dereference that
+     occurred when signatures were verified. Reported by Carl Jackson
+    
+    Upstream-ID: e705e97ad3ccce84291eaa651708dd1b9692576b
+
+commit 6074c84bf95d00f29cc7d5d3cd3798737851aa1a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Dec 30 23:46:14 2015 +0000
+
+    upstream commit
+    
+    unused prototype
+    
+    Upstream-ID: f3eef4389d53ed6c0d5c77dcdcca3060c745da97
+
+commit 6213f0e180e54122bb1ba928e11c784e2b4e5380
+Author: guenther@openbsd.org <guenther@openbsd.org>
+Date:   Sat Dec 26 20:51:35 2015 +0000
+
+    upstream commit
+    
+    Use pread/pwrite instead separate lseek+read/write for
+     lastlog. Cast to off_t before multiplication to avoid truncation on ILP32
+    
+    ok kettenis@ mmcc@
+    
+    Upstream-ID: fc40092568cd195719ddf1a00aa0742340d616cf
+
+commit d7d2bc95045a43dd56ea696cc1d030ac9d77e81f
+Author: semarie@openbsd.org <semarie@openbsd.org>
+Date:   Sat Dec 26 07:46:03 2015 +0000
+
+    upstream commit
+    
+    adjust pledge promises for ControlMaster: when using
+     "ask" or "autoask", the process will use ssh-askpass for asking confirmation.
+    
+    problem found by halex@
+    
+    ok halex@
+    
+    Upstream-ID: 38a58b30ae3eef85051c74d3c247216ec0735f80
+
+commit 271df8185d9689b3fb0523f58514481b858f6843
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Dec 13 22:42:23 2015 +0000
+
+    upstream commit
+    
+    unbreak connections with peers that set
+     first_kex_follows; fix from Matt Johnston va bz#2515
+    
+    Upstream-ID: decc88ec4fc7515594fdb42b04aa03189a44184b
+
+commit 43849a47c5f8687699eafbcb5604f6b9c395179f
+Author: doug@openbsd.org <doug@openbsd.org>
+Date:   Fri Dec 11 17:41:37 2015 +0000
+
+    upstream commit
+    
+    Add "id" to ssh-agent pledge for subprocess support.
+    
+    Found the hard way by Jan Johansson when using ssh-agent with X.  Also,
+    rearranged proc/exec and retval to match other pledge calls in the tree.
+    
+    ok djm@
+    
+    Upstream-ID: 914255f6850e5e7fa830a2de6c38605333b584db
+
+commit 52d7078421844b2f88329f5be3de370b0a938636
+Author: mmcc@openbsd.org <mmcc@openbsd.org>
+Date:   Fri Dec 11 04:21:11 2015 +0000
+
+    upstream commit
+    
+    Remove NULL-checks before sshbuf_free().
+    
+    ok djm@
+    
+    Upstream-ID: 5ebed00ed5f9f03b119a345085e8774565466917
+
+commit a4b9e0f4e4a6980a0eb8072f76ea611cab5b77e7
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Dec 11 03:24:25 2015 +0000
+
+    upstream commit
+    
+    include remote port number in a few more messages; makes
+     tying log messages together into a session a bit easier; bz#2503 ok dtucker@
+    
+    Upstream-ID: 9300dc354015f7a7368d94a8ff4a4266a69d237e
+
+commit 6091c362e89079397e68744ae30df121b0a72c07
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Dec 11 03:20:09 2015 +0000
+
+    upstream commit
+    
+    don't try to load SSHv1 private key when compiled without
+     SSHv1 support. From Iain Morgan bz#2505
+    
+    Upstream-ID: 8b8e7b02a448cf5e5635979df2d83028f58868a7
+
+commit cce6a36bb95e81fa8bfb46daf22eabcf13afc352
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Dec 11 03:19:09 2015 +0000
+
+    upstream commit
+    
+    use SSH_MAX_PUBKEY_BYTES consistently as buffer size when
+     reading key files. Increase it to match the size of the buffers already being
+     used.
+    
+    Upstream-ID: 1b60586b484b55a947d99a0b32bd25e0ced56fae
+
+commit 89540b6de025b80404a0cb8418c06377f3f98848
+Author: mmcc@openbsd.org <mmcc@openbsd.org>
+Date:   Fri Dec 11 02:31:47 2015 +0000
+
+    upstream commit
+    
+    Remove NULL-checks before sshkey_free().
+    
+    ok djm@
+    
+    Upstream-ID: 3e35afe8a25e021216696b5d6cde7f5d2e5e3f52
+
+commit 79394ed6d74572c2d2643d73937dad33727fc240
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Dec 11 02:29:03 2015 +0000
+
+    upstream commit
+    
+    fflush stdout so that output is seen even when running in
+     debug mode when output may otherwise not be flushed.  Patch from dustin at
+     null-ptr.net.
+    
+    Upstream-ID: b0c6b4cd2cdb01d7e9eefbffdc522e35b5bc4acc
+
+commit ee607cccb6636eb543282ba90e0677b0604d8b7a
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Dec 15 15:23:49 2015 +1100
+
+    Increase robustness of redhat/openssh.spec
+    
+     - remove configure --with-rsh, because this option isn't supported anymore
+     - replace last occurrence of BuildPreReq by BuildRequires
+     - update grep statement to query the krb5 include directory
+    
+    Patch from CarstenGrohmann via github, ok djm.
+
+commit b5fa0cd73555b991a543145603658d7088ec6b60
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Dec 15 15:10:32 2015 +1100
+
+    Allow --without-ssl-engine with --without-openssl
+    
+    Patch from Mike Frysinger via github.
+
+commit c1d7e546f6029024f3257cc25c92f2bddf163125
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Dec 15 14:27:09 2015 +1100
+
+    Include openssl crypto.h for SSLeay.
+    
+    Patch from doughdemon via github.
+
+commit c6f5f01651526e88c00d988ce59d71f481ebac62
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Dec 15 13:59:12 2015 +1100
+
+    Add sys/time.h for gettimeofday.
+    
+    Should allow it it compile with MUSL libc.  Based on patch from
+    doughdemon via github.
+
+commit 39736be06c7498ef57d6970f2d85cf066ae57c82
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Dec 11 02:20:28 2015 +0000
+
+    upstream commit
+    
+    correct error messages; from Tomas Kuthan bz#2507
+    
+    Upstream-ID: 7454a0affeab772398052954c79300aa82077093
+
+commit 94141b7ade24afceeb6762a3f99e09e47a6c42b6
+Author: mmcc@openbsd.org <mmcc@openbsd.org>
+Date:   Fri Dec 11 00:20:04 2015 +0000
+
+    upstream commit
+    
+    Pass (char *)NULL rather than (char *)0 to execl and
+     execlp.
+    
+    ok dtucker@
+    
+    Upstream-ID: 56c955106cbddba86c3dd9bbf786ac0d1b361492
+
+commit d59ce08811bf94111c2f442184cf7d1257ffae24
+Author: mmcc@openbsd.org <mmcc@openbsd.org>
+Date:   Thu Dec 10 17:08:40 2015 +0000
+
+    upstream commit
+    
+    Remove NULL-checks before free().
+    
+    ok dtucker@
+    
+    Upstream-ID: e3d3cb1ce900179906af36517b5eea0fb15e6ef8
+
+commit 8e56dd46cb37879c73bce2d6032cf5e7f82d5a71
+Author: mmcc@openbsd.org <mmcc@openbsd.org>
+Date:   Thu Dec 10 07:01:35 2015 +0000
+
+    upstream commit
+    
+    Fix a couple "the the" typos. ok dtucker@
+    
+    Upstream-ID: ec364c5af32031f013001fd28d1bd3dfacfe9a72
+
+commit 6262a0522ddc2c0f2e9358dcb68d59b46e9c533e
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Mon Dec 7 20:04:09 2015 +0000
+
+    upstream commit
+    
+    stricter encoding type checks for ssh-rsa; ok djm@
+    
+    Upstream-ID: 8cca7c787599a5e8391e184d0b4f36fdc3665650
+
+commit d86a3ba7af160c13496102aed861ae48a4297072
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Dec 9 09:18:45 2015 +1100
+
+    Don't set IPV6_V6ONLY on OpenBSD
+    
+    It isn't necessary and runs afoul of pledge(2) restrictions.
+
+commit da98c11d03d819a15429d8fff9688acd7505439f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Dec 7 02:20:46 2015 +0000
+
+    upstream commit
+    
+    basic unit tests for rsa-sha2-* signature types
+    
+    Upstream-Regress-ID: 7dc4b9db809d578ff104d591b4d86560c3598d3c
+
+commit 3da893fdec9936dd2c23739cdb3c0c9d4c59fca0
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Sat Dec 5 20:53:21 2015 +0000
+
+    upstream commit
+    
+    prefer rsa-sha2-512 over -256 for hostkeys, too; noticed
+     by naddy@
+    
+    Upstream-ID: 685f55f7ec566a8caca587750672723a0faf3ffe
+
+commit 8b56e59714d87181505e4678f0d6d39955caf10e
+Author: tobias@openbsd.org <tobias@openbsd.org>
+Date:   Fri Dec 4 21:51:06 2015 +0000
+
+    upstream commit
+    
+    Properly handle invalid %-format by calling fatal.
+    
+    ok deraadt, djm
+    
+    Upstream-ID: 5692bce7d9f6eaa9c488cb93d3b55e758bef1eac
+
+commit 76c9fbbe35aabc1db977fb78e827644345e9442e
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Dec 4 16:41:28 2015 +0000
+
+    upstream commit
+    
+    implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures
+     (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and
+     draft-ssh-ext-info-04.txt; with & ok djm@
+    
+    Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
+
+commit 6064a8b8295cb5a17b5ebcfade53053377714f40
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Dec 4 00:24:55 2015 +0000
+
+    upstream commit
+    
+    clean up agent_fd handling; properly initialise it to -1
+     and make tests consistent
+    
+    ok markus@
+    
+    Upstream-ID: ac9554323d5065745caf17b5e37cb0f0d4825707
+
+commit b91926a97620f3e51761c271ba57aa5db790f48d
+Author: semarie@openbsd.org <semarie@openbsd.org>
+Date:   Thu Dec 3 17:00:18 2015 +0000
+
+    upstream commit
+    
+    pledges ssh client:   - mux client: which is used when
+     ControlMaster is in use.     will end with "stdio proc tty" (proc is to
+     permit sending SIGWINCH to mux master on window resize)
+    
+      - client loop: several levels of pledging depending of your used options
+    
+    ok deraadt@
+    
+    Upstream-ID: 21676155a700e51f2ce911e33538e92a2cd1d94b
+
+commit bcce47466bbc974636f588b5e4a9a18ae386f64a
+Author: doug@openbsd.org <doug@openbsd.org>
+Date:   Wed Dec 2 08:30:50 2015 +0000
+
+    upstream commit
+    
+    Add "cpath" to the ssh-agent pledge so the cleanup
+     handler can unlink().
+    
+    ok djm@
+    
+    Upstream-ID: 9e632991d48241d56db645602d381253a3d8c29d
+
+commit a90d001543f46716b6590c6dcc681d5f5322f8cf
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Dec 2 08:00:58 2015 +0000
+
+    upstream commit
+    
+    ssh-agent pledge needs proc for askpass; spotted by todd@
+    
+    Upstream-ID: 349aa261b29cc0e7de47ef56167769c432630b2a
+
+commit d952162b3c158a8f23220587bb6c8fcda75da551
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Dec 1 23:29:24 2015 +0000
+
+    upstream commit
+    
+    basic pledge() for ssh-agent, more refinement needed
+    
+    Upstream-ID: 5b5b03c88162fce549e45e1b6dd833f20bbb5e13
+
+commit f0191d7c8e76e30551084b79341886d9bb38e453
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Nov 30 10:53:25 2015 +1100
+
+    Revert "stub for pledge(2) for systems that lack it"
+    
+    This reverts commit 14c887c8393adde2d9fd437d498be30f8c98535c.
+    
+    dtucker beat me to it :/
+
+commit 6283cc72eb0e49a3470d30e07ca99a1ba9e89676
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Nov 30 10:37:03 2015 +1100
+
+    revert 7d4c7513: bring back S/Key prototypes
+    
+    (but leave RCSID changes)
+
+commit 14c887c8393adde2d9fd437d498be30f8c98535c
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Nov 30 09:45:29 2015 +1100
+
+    stub for pledge(2) for systems that lack it
+
+commit 452c0b6af5d14c37553e30059bf74456012493f3
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Nov 29 22:18:37 2015 +0000
+
+    upstream commit
+    
+    pledge, better fatal() messages; feedback deraadt@
+    
+    Upstream-ID: 3e00f6ccfe2b9a7a2d1dbba5409586180801488f
+
+commit 6da413c085dba37127687b2617a415602505729b
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Sat Nov 28 06:50:52 2015 +0000
+
+    upstream commit
+    
+    do not leak temp file if there is no known_hosts file
+     from craig leres, ok djm
+    
+    Upstream-ID: c820497fd5574844c782e79405c55860f170e426
+
+commit 3ddd15e1b63a4d4f06c8ab16fbdd8a5a61764f16
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Nov 30 07:23:53 2015 +1100
+
+    Add a null implementation of pledge.
+    
+    Fixes builds on almost everything.
+
+commit b1d6b3971ef256a08692efc409fc9ada719111cc
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Nov 28 06:41:03 2015 +0000
+
+    upstream commit
+    
+    don't include port number in tcpip-forward replies for
+     requests that don't allocate a port; bz#2509 diagnosed by Ron Frederick ok
+     markus
+    
+    Upstream-ID: 77efad818addb61ec638b5a2362f1554e21a970a
+
+commit 9080bd0b9cf10d0f13b1f642f20cb84285cb8d65
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Fri Nov 27 00:49:31 2015 +0000
+
+    upstream commit
+    
+    pledge "stdio rpath wpath cpath fattr tty proc exec"
+     except for the -p option (which sadly has insane semantics...) ok semarie
+     dtucker
+    
+    Upstream-ID: 8854bbd58279abe00f6c33f8094bdc02c8c65059
+
+commit 4d90625b229cf6b3551d81550a9861897509a65f
+Author: halex@openbsd.org <halex@openbsd.org>
+Date:   Fri Nov 20 23:04:01 2015 +0000
+
+    upstream commit
+    
+    allow comment change for all supported formats
+    
+    ok djm@
+    
+    Upstream-ID: 5fc477cf2f119b2d44aa9c683af16cb00bb3744b
+
+commit 8ca915fc761519dd1f7766a550ec597a81db5646
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 20 01:45:29 2015 +0000
+
+    upstream commit
+    
+    add cast to make -Werror clean
+    
+    Upstream-ID: 288db4f8f810bd475be01320c198250a04ff064d
+
+commit ac9473580dcd401f8281305af98635cdaae9bf96
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Nov 20 12:35:41 2015 +1100
+
+    fix multiple authentication using S/Key w/ privsep
+    
+    bz#2502, patch from Kevin Korb and feandil_
+
+commit 88b6fcdeb87a2fb76767854d9eb15006662dca57
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Nov 19 08:23:27 2015 +0000
+
+    upstream commit
+    
+    ban ConnectionAttempts=0, it makes no sense and would cause
+     ssh_connect_direct() to print an uninitialised stack variable; bz#2500
+     reported by dvw AT phas.ubc.ca
+    
+    Upstream-ID: 32b5134c608270583a90b93a07b3feb3cbd5f7d5
+
+commit 964ab3ee7a8f96bdbc963d5b5a91933d6045ebe7
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Nov 19 01:12:32 2015 +0000
+
+    upstream commit
+    
+    trailing whitespace
+    
+    Upstream-ID: 31fe0ad7c4d08e87f1d69c79372f5e3c5cd79051
+
+commit f96516d052dbe38561f6b92b0e4365d8e24bb686
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Nov 19 01:09:38 2015 +0000
+
+    upstream commit
+    
+    print host certificate contents at debug level
+    
+    Upstream-ID: 39354cdd8a2b32b308fd03f98645f877f540f00d
+
+commit 499cf36fecd6040e30e2912dd25655bc574739a7
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Nov 19 01:08:55 2015 +0000
+
+    upstream commit
+    
+    move the certificate validity formatting code to
+     sshkey.[ch]
+    
+    Upstream-ID: f05f7c78fab20d02ff1d5ceeda533ef52e8fe523
+
+commit bcb7bc77bbb1535d1008c7714085556f3065d99d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Nov 18 08:37:28 2015 +0000
+
+    upstream commit
+    
+    fix "ssh-keygen -l" of private key, broken in support for
+     multiple plain keys on stdin
+    
+    Upstream-ID: 6b3132d2c62d03d0bad6f2bcd7e2d8b7dab5cd9d
+
+commit 259adb6179e23195c8f6913635ea71040d1ccd63
+Author: millert@openbsd.org <millert@openbsd.org>
+Date:   Mon Nov 16 23:47:52 2015 +0000
+
+    upstream commit
+    
+    Replace remaining calls to index(3) with strchr(3).  OK
+     jca@ krw@
+    
+    Upstream-ID: 33837d767a0cf1db1489b96055f9e330bc0bab6d
+
+commit c56a255162c2166884539c0a1f7511575325b477
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Nov 16 22:53:07 2015 +0000
+
+    upstream commit
+    
+    Allow fingerprinting from standard input "ssh-keygen -lf
+     -"
+    
+    Support fingerprinting multiple plain keys in a file and authorized_keys
+    files too (bz#1319)
+    
+    ok markus@
+    
+    Upstream-ID: 903f8b4502929d6ccf53509e4e07eae084574b77
+
+commit 5b4010d9b923cf1b46c9c7b1887c013c2967e204
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Nov 16 22:51:05 2015 +0000
+
+    upstream commit
+    
+    always call privsep_preauth_child() regardless of whether
+     sshd was started by root; it does important priming before sandboxing and
+     failing to call it could result in sandbox violations later; ok markus@
+    
+    Upstream-ID: c8a6d0d56c42f3faab38460dc917ca0d1705d383
+
+commit 3a9f84b58b0534bbb485f1eeab75665e2d03371f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Nov 16 22:50:01 2015 +0000
+
+    upstream commit
+    
+    improve sshkey_read() semantics; only update *cpp when a
+     key is successfully read; ok markus@
+    
+    Upstream-ID: f371e78e8f4fab366cf69a42bdecedaed5d1b089
+
+commit db6f8dc5dd5655b59368efd074994d4568bc3556
+Author: logan@openbsd.org <logan@openbsd.org>
+Date:   Mon Nov 16 06:13:04 2015 +0000
+
+    upstream commit
+    
+    1) Use xcalloc() instead of xmalloc() to check for
+     potential overflow.    (Feedback from both mmcc@ and djm@) 2) move set_size
+     just before the for loop. (suggested by djm@)
+    
+    OK djm@
+    
+    Upstream-ID: 013534c308187284756c3141f11d2c0f33c47213
+
+commit 383f10fb84a0fee3c01f9d97594f3e22aa3cd5e0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Nov 16 00:30:02 2015 +0000
+
+    upstream commit
+    
+    Add a new authorized_keys option "restrict" that
+     includes all current and future key restrictions (no-*-forwarding, etc). Also
+     add permissive versions of the existing restrictions, e.g. "no-pty" -> "pty".
+     This simplifies the task of setting up restricted keys and ensures they are
+     maximally-restricted, regardless of any permissions we might implement in the
+     future.
+    
+    Example:
+    
+    restrict,pty,command="nethack" ssh-ed25519 AAAAC3NzaC1lZDI1...
+    
+    Idea from Jann Horn; ok markus@
+    
+    Upstream-ID: 04ceb9d448e46e67e13887a7ae5ea45b4f1719d0
+
+commit e41a071f7bda6af1fb3f081bed0151235fa61f15
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Sun Nov 15 23:58:04 2015 +0000
+
+    upstream commit
+    
+    correct section number for ssh-agent;
+    
+    Upstream-ID: 44be72fd8bcc167635c49b357b1beea8d5674bd6
+
+commit 1a11670286acddcc19f5eff0966c380831fc4638
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Sun Nov 15 23:54:15 2015 +0000
+
+    upstream commit
+    
+    do not confuse mandoc by presenting "Dd";
+    
+    Upstream-ID: 1470fce171c47b60bbc7ecd0fc717a442c2cfe65
+
+commit f361df474c49a097bfcf16d1b7b5c36fcd844b4b
+Author: jcs@openbsd.org <jcs@openbsd.org>
+Date:   Sun Nov 15 22:26:49 2015 +0000
+
+    upstream commit
+    
+    Add an AddKeysToAgent client option which can be set to
+     'yes', 'no', 'ask', or 'confirm', and defaults to 'no'.  When enabled, a
+     private key that is used during authentication will be added to ssh-agent if
+     it is running (with confirmation enabled if set to 'confirm').
+    
+    Initial version from Joachim Schipper many years ago.
+    
+    ok markus@
+    
+    Upstream-ID: a680db2248e8064ec55f8be72d539458c987d5f4
+
+commit d87063d9baf5479b6e813d47dfb694a97df6f6f5
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 13 04:39:35 2015 +0000
+
+    upstream commit
+    
+    send SSH2_MSG_UNIMPLEMENTED replies to unexpected
+     messages during KEX; bz#2949, ok dtucker@
+    
+    Upstream-ID: 2b3abdff344d53c8d505f45c83a7b12e84935786
+
+commit 9fd04681a1e9b0af21e08ff82eb674cf0a499bfc
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 13 04:38:06 2015 +0000
+
+    upstream commit
+    
+    Support "none" as an argument for sshd_config
+     ForceCommand and ChrootDirectory. Useful inside Match blocks to override a
+     global default. bz#2486 ok dtucker@
+    
+    Upstream-ID: 7ef478d6592bc7db5c7376fc33b4443e63dccfa5
+
+commit 94bc0b72c29e511cbbc5772190d43282e5acfdfe
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 13 04:34:15 2015 +0000
+
+    upstream commit
+    
+    support multiple certificates (one per line) and
+     reading from standard input (using "-f -") for "ssh-keygen -L"; ok dtucker@
+    
+    Upstream-ID: ecbadeeef3926e5be6281689b7250a32a80e88db
+
+commit b6b9108f5b561c83612cb97ece4134eb59fde071
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Nov 13 02:57:46 2015 +0000
+
+    upstream commit
+    
+    list a couple more options usable in Match blocks;
+     bz#2489
+    
+    Upstream-ID: e4d03f39d254db4c0cc54101921bb89fbda19879
+
+commit a7994b3f5a5a5a33b52b0a6065d08e888f0a99fb
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Nov 11 04:56:39 2015 +0000
+
+    upstream commit
+    
+    improve PEEK/POKE macros: better casts, don't multiply
+     evaluate arguments; ok deraadt@
+    
+    Upstream-ID: 9a1889e19647615ededbbabab89064843ba92d3e
+
+commit 7d4c7513a7f209cb303a608ac6e46b3f1dfc11ec
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Nov 11 01:48:01 2015 +0000
+
+    upstream commit
+    
+    remove prototypes for long-gone s/key support; ok
+     dtucker@
+    
+    Upstream-ID: db5bed3c57118af986490ab23d399df807359a79
+
+commit 07889c75926c040b8e095949c724e66af26441cb
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Nov 14 18:44:49 2015 +1100
+
+    read back from libcrypto RAND when privdropping
+    
+    makes certain libcrypto implementations cache a /dev/urandom fd
+    in preparation of sandboxing. Based on patch by Greg Hartman.
+
+commit 1560596f44c01bb0cef977816410950ed17b8ecd
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Tue Nov 10 11:14:47 2015 +1100
+
+    Fix compiler warnings in the openssl header check.
+    
+    Noted by Austin English.
+
+commit e72a8575ffe1d8adff42c9abe9ca36938acc036b
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Sun Nov 8 23:24:03 2015 +0000
+
+    upstream commit
+    
+    -c before -H, in SYNOPSIS and usage();
+    
+    Upstream-ID: 25e8c58a69e1f37fcd54ac2cd1699370acb5e404
+
+commit 3a424cdd21db08c7b0ded902f97b8f02af5aa485
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Nov 8 22:30:20 2015 +0000
+
+    upstream commit
+    
+    Add "ssh-keyscan -c ..." flag to allow fetching
+     certificates instead of plain keys; ok markus@
+    
+    Upstream-ID: 0947e2177dba92339eced9e49d3c5bf7dda69f82
+
+commit 69fead5d7cdaa73bdece9fcba80f8e8e70b90346
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Sun Nov 8 22:08:38 2015 +0000
+
+    upstream commit
+    
+    remove slogin links; ok deraadt markus djm
+    
+    Upstream-ID: 39ba08548acde4c54f2d4520c202c2a863a3c730
+
+commit 2fecfd486bdba9f51b3a789277bb0733ca36e1c0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Nov 8 21:59:11 2015 +0000
+
+    upstream commit
+    
+    fix OOB read in packet code caused by missing return
+     statement found by Ben Hawkes; ok markus@ deraadt@
+    
+    Upstream-ID: a3e3a85434ebfa0690d4879091959591f30efc62
+
+commit 5e288923a303ca672b686908320bc5368ebec6e6
+Author: mmcc@openbsd.org <mmcc@openbsd.org>
+Date:   Fri Nov 6 00:31:41 2015 +0000
+
+    upstream commit
+    
+    1. rlogin and rsh are long gone 2. protocol version isn't
+     of core relevance here, and v1 is going away
+    
+    ok markus@, deraadt@
+    
+    Upstream-ID: 8b46bc94cf1ca7c8c1a75b1c958b2bb38d7579c8
+
+commit 8b29008bbe97f33381d9b4b93fcfa304168d0286
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Thu Nov 5 09:48:05 2015 +0000
+
+    upstream commit
+    
+    "commandline" -> "command line", since there are so few
+     examples of the former in the pages, so many of the latter, and in some of
+     these pages we had multiple spellings;
+    
+    prompted by tj
+    
+    Upstream-ID: 78459d59bff74223f8139d9001ccd56fc4310659
+
+commit 996b24cebf20077fbe5db07b3a2c20c2d9db736e
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Thu Oct 29 20:57:34 2015 +1100
+
+    (re)wrap SYS_sendsyslog in ifdef.
+    
+    Replace ifdef that went missing in commit
+    c61b42f2678f21f05653ac2d3d241b48ab5d59ac.  Fixes build on older
+    OpenBSDs.
+
+commit b67e2e76fcf1ae7c802eb27ca927e16c91a513ff
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Oct 29 08:05:17 2015 +0000
+
+    upstream commit
+    
+    regress test for "PubkeyAcceptedKeyTypes +..." inside a
+     Match block
+    
+    Upstream-Regress-ID: 246c37ed64a2e5704d4c158ccdca1ff700e10647
+
+commit abd9dbc3c0d8c8c7561347cfa22166156e78c077
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Oct 26 02:50:58 2015 +0000
+
+    upstream commit
+    
+    Fix typo certopt->certopts in shell variable.  This would
+     cause the test to hang at a host key prompt if you have an A or CNAME for
+     "proxy" in your local domain.
+    
+    Upstream-Regress-ID: 6ea03bcd39443a83c89e2c5606392ceb9585836a
+
+commit ed08510d38aef930a061ae30d10f2a9cf233bafa
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Oct 29 08:05:01 2015 +0000
+
+    upstream commit
+    
+    Fix "PubkeyAcceptedKeyTypes +..." inside a Match block;
+     ok dtucker@
+    
+    Upstream-ID: 853662c4036730b966aab77684390c47b9738c69
+
+commit a4aef3ed29071719b2af82fdf1ac3c2514f82bc5
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Oct 27 08:54:52 2015 +0000
+
+    upstream commit
+    
+    fix execv arguments in a way less likely to cause grief
+     for -portable; ok dtucker@
+    
+    Upstream-ID: 5902bf0ea0371f39f1300698dc3b8e4105fc0fc5
+
+commit 63d188175accea83305e89fafa011136ff3d96ad
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Oct 27 01:44:45 2015 +0000
+
+    upstream commit
+    
+    log certificate serial in verbose() messages to match the
+     main auth success/fail message; ok dtucker@
+    
+    Upstream-ID: dfc48b417c320b97c36ff351d303c142f2186288
+
+commit 2aaba0cfd560ecfe92aa50c00750e6143842cf1f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Oct 27 00:49:53 2015 +0000
+
+    upstream commit
+    
+    avoid de-const warning & shrink; ok dtucker@
+    
+    Upstream-ID: 69a85ef94832378952a22c172009cbf52aaa11db
+
+commit 03239c18312b9bab7d1c3b03062c61e8bbc1ca6e
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Oct 25 23:42:00 2015 +0000
+
+    upstream commit
+    
+    Expand tildes in filenames passed to -i before checking
+     whether or not the identity file exists.  This means that if the shell
+     doesn't do the expansion (eg because the option and filename were given as a
+     single argument) then we'll still add the key.  bz#2481, ok markus@
+    
+    Upstream-ID: db1757178a14ac519e9a3e1a2dbd21113cb3bfc6
+
+commit 97e184e508dd33c37860c732c0eca3fc57698b40
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Sun Oct 25 23:14:03 2015 +0000
+
+    upstream commit
+    
+    Do not prepend "exec" to the shell command run by "Match
+     exec" in a config file.  It's an unnecessary optimization from repurposed
+     ProxyCommand code and prevents some things working with some shells.
+     bz#2471, pointed out by res at qoxp.net.  ok markus@
+    
+    Upstream-ID: a1ead25ae336bfa15fb58d8c6b5589f85b4c33a3
+
+commit 8db134e7f457bcb069ec72bc4ee722e2af557c69
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Thu Oct 29 10:48:23 2015 +1100
+
+    Prevent name collisions with system glob (bz#2463)
+    
+    Move glob.h from includes.h to the only caller (sftp) and override the
+    names for the symbols.  This prevents name collisions with the system glob
+    in the case where something other than ssh uses it (eg kerberos).  With
+    jjelen at redhat.com, ok djm@
+
+commit 86c10dbbef6a5800d2431a66cf7f41a954bb62b5
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Fri Oct 23 02:22:01 2015 +0000
+
+    upstream commit
+    
+    Update expected group sizes to match recent code changes.
+    
+    Upstream-Regress-ID: 0004f0ea93428969fe75bcfff0d521c553977794
+
+commit 9ada37d36003a77902e90a3214981e417457cf13
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Oct 24 22:56:19 2015 +0000
+
+    upstream commit
+    
+    fix keyscan output for multiple hosts/addrs on one line
+     when host hashing or a non standard port is in use; bz#2479 ok dtucker@
+    
+    Upstream-ID: 5321dabfaeceba343da3c8a8b5754c6f4a0a307b
+
+commit 44fc7cd7dcef6c52c6b7e9ff830dfa32879bd319
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Oct 24 22:52:22 2015 +0000
+
+    upstream commit
+    
+    skip "Could not chdir to home directory" message when
+     chrooted
+    
+    patch from Christian Hesse in bz#2485 ok dtucker@
+    
+    Upstream-ID: 86783c1953da426dff5b03b03ce46e699d9e5431
+
+commit a820a8618ec44735dabc688fab96fba38ad66bb2
+Author: sthen@openbsd.org <sthen@openbsd.org>
+Date:   Sat Oct 24 08:34:09 2015 +0000
+
+    upstream commit
+    
+    Handle the split of tun(4) "link0" into tap(4) in ssh
+     tun-forwarding. Adapted from portable (using separate devices for this is the
+     normal case in most OS). ok djm@
+    
+    Upstream-ID: 90facf4c59ce73d6741db1bc926e578ef465cd39
+
+commit 66d2e229baa9fe57b868c373b05f7ff3bb20055b
+Author: gsoares@openbsd.org <gsoares@openbsd.org>
+Date:   Wed Oct 21 11:33:03 2015 +0000
+
+    upstream commit
+    
+    fix memory leak in error path ok djm@
+    
+    Upstream-ID: dd2f402b0a0029b755df029fc7f0679e1365ce35
+
+commit 7d6c0362039ceacdc1366b5df29ad5d2693c13e5
+Author: mmcc@openbsd.org <mmcc@openbsd.org>
+Date:   Tue Oct 20 23:24:25 2015 +0000
+
+    upstream commit
+    
+    Compare pointers to NULL rather than 0.
+    
+    ok djm@
+    
+    Upstream-ID: 21616cfea27eda65a06e772cc887530b9a1a27f8
+
+commit f98a09cacff7baad8748c9aa217afd155a4d493f
+Author: mmcc@openbsd.org <mmcc@openbsd.org>
+Date:   Tue Oct 20 03:36:35 2015 +0000
+
+    upstream commit
+    
+    Replace a function-local allocation with stack memory.
+    
+    ok djm@
+    
+    Upstream-ID: c09fbbab637053a2ab9f33ca142b4e20a4c5a17e
+
+commit ac908c1eeacccfa85659594d92428659320fd57e
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Oct 22 09:35:24 2015 +1100
+
+    turn off PrintLastLog when --disable-lastlog
+    
+    bz#2278 from Brent Paulson
+
+commit b56deb847f4a0115a8bf488bf6ee8524658162fd
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Oct 16 22:32:22 2015 +0000
+
+    upstream commit
+    
+    increase the minimum modulus that we will send or accept in
+     diffie-hellman-group-exchange to 2048 bits; ok markus@
+    
+    Upstream-ID: 06dce7a24c17b999a0f5fadfe95de1ed6a1a9b6a
+
+commit 5ee0063f024bf5b3f3ffb275b8cd20055d62b4b9
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Oct 16 18:40:49 2015 +0000
+
+    upstream commit
+    
+    better handle anchored FQDNs (e.g. 'cvs.openbsd.org.') in
+     hostname canonicalisation - treat them as already canonical and remove the
+     trailing '.' before matching ssh_config; ok markus@
+    
+    Upstream-ID: f7619652e074ac3febe8363f19622aa4853b679a
+
+commit e92c499a75477ecfe94dd7b4aed89f20b1fac5a7
+Author: mmcc@openbsd.org <mmcc@openbsd.org>
+Date:   Fri Oct 16 17:07:24 2015 +0000
+
+    upstream commit
+    
+    0 -> NULL when comparing with a char*.
+    
+    ok dtucker@, djm@.
+    
+    Upstream-ID: a928e9c21c0a9020727d99738ff64027c1272300
+
+commit b1d38a3cc6fe349feb8d16a5f520ef12d1de7cb2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Oct 15 23:51:40 2015 +0000
+
+    upstream commit
+    
+    fix some signed/unsigned integer type mismatches in
+     format strings; reported by Nicholas Lemonias
+    
+    Upstream-ID: 78cd55420a0eef68c4095bdfddd1af84afe5f95c
+
+commit 1a2663a15d356bb188196b6414b4c50dc12fd42b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Oct 15 23:08:23 2015 +0000
+
+    upstream commit
+    
+    argument to sshkey_from_private() and sshkey_demote()
+     can't be NULL
+    
+    Upstream-ID: 0111245b1641d387977a9b38da15916820a5fd1f
+
+commit 0f754e29dd3760fc0b172c1220f18b753fb0957e
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Oct 16 10:53:14 2015 +1100
+
+    need va_copy before va_start
+    
+    reported by Nicholas Lemonias
+
+commit eb6c50d82aa1f0d3fc95f5630ea69761e918bfcd
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Oct 15 15:48:28 2015 -0700
+
+    fix compilation on systems without SYMLOOP_MAX
+
+commit fafe1d84a210fb3dae7744f268059cc583db8c12
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Oct 14 09:22:15 2015 -0700
+
+    s/SANDBOX_TAME/SANDBOX_PLEDGE/g
+
+commit 8f22911027ff6c17d7226d232ccd20727f389310
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Oct 14 08:28:19 2015 +1100
+
+    upstream commit
+    
+    revision 1.20
+    date: 2015/10/13 20:55:37;  author: millert;  state: Exp;  lines: +2 -2;  commitid: X39sl5ay1czgFIgp;
+    In rev 1.15 the sizeof argument was fixed in a strlcat() call but
+    the truncation check immediately following it was not updated to
+    match.  Not an issue in practice since the buffers are the same
+    size.  OK deraadt@
+
+commit 23fa695bb735f54f04d46123662609edb6c76767
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Oct 14 08:27:51 2015 +1100
+
+    upstream commit
+    
+    revision 1.19
+    date: 2015/01/16 16:48:51;  author: deraadt;  state: Exp;  lines: +3 -3;  commitid: 0DYulI8hhujBHMcR;
+    Move to the <limits.h> universe.
+    review by millert, binary checking process with doug, concept with guenther
+
+commit c71be375a69af00c2d0a0c24d8752bec12d8fd1b
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Oct 14 08:27:08 2015 +1100
+
+    upstream commit
+    
+    revision 1.18
+    date: 2014/10/19 03:56:28;  author: doug;  state: Exp;  lines: +9 -9;  commitid: U6QxmtbXrGoc02S5;
+    Revert last commit due to changed semantics found by make release.
+
+commit c39ad23b06e9aecc3ff788e92f787a08472905b1
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Oct 14 08:26:24 2015 +1100
+
+    upstream commit
+    
+    revision 1.17
+    date: 2014/10/18 20:43:52;  author: doug;  state: Exp;  lines: +10 -10;  commitid: I74hI1tVZtsspKEt;
+    Better POSIX compliance in realpath(3).
+    
+    millert@ made changes to realpath.c based on FreeBSD's version.  I merged
+    Todd's changes into dl_realpath.c.
+    
+    ok millert@, guenther@
+
+commit e929a43f957dbd1254aca2aaf85c8c00cbfc25f4
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Oct 14 08:25:55 2015 +1100
+
+    upstream commit
+    
+    revision 1.16
+    date: 2013/04/05 12:59:54;  author: kurt;  state: Exp;  lines: +3 -1;
+    - Add comments regarding copies of these files also in libexec/ld.so
+    okay guenther@
+
+commit 5225db68e58a1048cb17f0e36e0d33bc4a8fc410
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Oct 14 08:25:32 2015 +1100
+
+    upstream commit
+    
+    revision 1.15
+    date: 2012/09/13 15:39:05;  author: deraadt;  state: Exp;  lines: +2 -2;
+    specify the bounds of the dst to strlcat (both values were static and
+    equal, but it is more correct)
+    from Michal Mazurek
+
+commit 7365fe5b4859de2305e40ea132da3823830fa710
+Author: Damien Miller <djm@mindrot.org>
+Date:   Wed Oct 14 08:25:09 2015 +1100
+
+    upstream commit
+    
+    revision 1.14
+    date: 2011/07/24 21:03:00;  author: miod;  state: Exp;  lines: +35 -13;
+    Recent Single Unix will malloc memory if the second argument of realpath()
+    is NULL, and third-party software is starting to rely upon this.
+    Adapted from FreeBSD via Jona Joachim (jaj ; hcl-club , .lu), with minor
+    tweaks from nicm@ and yours truly.
+
+commit e679c09cd1951f963793aa3d9748d1c3fdcf808f
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Oct 13 16:15:21 2015 +0000
+
+    upstream commit
+    
+    apply PubkeyAcceptedKeyTypes filtering earlier, so all
+     skipped keys are noted before pubkey authentication starts. ok dtucker@
+    
+    Upstream-ID: ba4f52f54268a421a2a5f98bb375403f4cb044b8
+
+commit 179c353f564ec7ada64b87730b25fb41107babd7
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Oct 13 00:21:27 2015 +0000
+
+    upstream commit
+    
+    free the correct IV length, don't assume it's always the
+     cipher blocksize; ok dtucker@
+    
+    Upstream-ID: c260d9e5ec73628d9ff4b067fbb060eff5a7d298
+
+commit 2539dce2a049a8f6bb0d44cac51f07ad48e691d3
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Fri Oct 9 01:37:08 2015 +0000
+
+    upstream commit
+    
+    Change all tame callers to namechange to pledge(2).
+    
+    Upstream-ID: 17e654fc27ceaf523c60f4ffd9ec7ae4e7efc7f2
+
+commit 9846a2f4067383bb76b4e31a9d2303e0a9c13a73
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Oct 8 04:30:48 2015 +1100
+
+    hook tame(2) sandbox up to build
+    
+    OpenBSD only for now
+
+commit 0c46bbe68b70bdf0d6d20588e5847e71f3739fe6
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Oct 7 15:59:12 2015 +0000
+
+    upstream commit
+    
+    include PubkeyAcceptedKeyTypes in ssh -G config dump
+    
+    Upstream-ID: 6c097ce6ffebf6fe393fb7988b5d152a5d6b36bb
+
+commit bdcb73fb7641b1cf73c0065d1a0dd57b1e8b778e
+Author: sobrado@openbsd.org <sobrado@openbsd.org>
+Date:   Wed Oct 7 14:45:30 2015 +0000
+
+    upstream commit
+    
+    UsePrivilegeSeparation defaults to sandbox now.
+    
+    ok djm@
+    
+    Upstream-ID: bff136c38bcae89df82e044d2f42de21e1ad914f
+
+commit 2905d6f99c837bb699b6ebc61711b19acd030709
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Oct 7 00:54:06 2015 +0000
+
+    upstream commit
+    
+    don't try to change tun device flags if they are already
+     what we need; makes it possible to use tun/tap networking as non- root user
+     if device permissions and interface flags are pre-established; based on patch
+     by Ossi Herrala
+    
+    Upstream-ID: 89099ac4634cd477b066865acf54cb230780fd21
+
+commit 0dc74512bdb105b048883f07de538b37e5e024d4
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Oct 5 18:33:05 2015 -0700
+
+    unbreak merge botch
+
+commit fdd020e86439afa7f537e2429d29d4b744c94331
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Oct 6 01:20:59 2015 +0000
+
+    upstream commit
+    
+    adapt to recent sshkey_parse_private_fileblob() API
+     change
+    
+    Upstream-Regress-ID: 5c0d818da511e33e0abf6a92a31bd7163b7ad988
+
+commit 21ae8ee3b630b0925f973db647a1b9aa5fcdd4c5
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Sep 24 07:15:39 2015 +0000
+
+    upstream commit
+    
+    fix command-line option to match what was actually
+     committed
+    
+    Upstream-Regress-ID: 3e8c24a2044e8afd37e7ce17b69002ca817ac699
+
+commit e14ac43b75e68f1ffbd3e1a5e44143c8ae578dcd
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Sep 24 06:16:53 2015 +0000
+
+    upstream commit
+    
+    regress test for CertificateFile; patch from Meghana Bhat
+     via bz#2436
+    
+    Upstream-Regress-ID: e7a6e980cbe0f8081ba2e83de40d06c17be8bd25
+
+commit 905b054ed24e0d5b4ef226ebf2c8bfc02ae6d4ad
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Oct 5 17:11:21 2015 +0000
+
+    upstream commit
+    
+    some more bzero->explicit_bzero, from Michael McConville
+    
+    Upstream-ID: 17f19545685c33327db2efdc357c1c9225ff00d0
+
+commit b007159a0acdbcf65814b3ee05dbe2cf4ea46011
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Fri Oct 2 15:52:55 2015 +0000
+
+    upstream commit
+    
+    fix email
+    
+    Upstream-ID: 72150f2d54b94de14ebef1ea054ef974281bf834
+
+commit b19e1b4ab11884c4f62aee9f8ab53127a4732658
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Fri Oct 2 01:39:52 2015 +0000
+
+    upstream commit
+    
+    a sandbox using tame ok djm
+    
+    Upstream-ID: 4ca24e47895e72f5daaa02f3e3d3e5ca2d820fa3
+
+commit c61b42f2678f21f05653ac2d3d241b48ab5d59ac
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Fri Oct 2 01:39:26 2015 +0000
+
+    upstream commit
+    
+    re-order system calls in order of risk, ok i'll be
+     honest, ordered this way they look like tame... ok djm
+    
+    Upstream-ID: 42a1e6d251fd8be13c8262bee026059ae6328813
+
+commit c5f7c0843cb6e6074a93c8ac34e49ce33a6f5546
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Fri Sep 25 18:19:54 2015 +0000
+
+    upstream commit
+    
+    some certificatefile tweaks; ok djm
+    
+    Upstream-ID: 0e5a7852c28c05fc193419cc7e50e64c1c535af0
+
+commit 4e44a79a07d4b88b6a4e5e8c1bed5f58c841b1b8
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Sep 24 06:15:11 2015 +0000
+
+    upstream commit
+    
+    add ssh_config CertificateFile option to explicitly list
+     a certificate; patch from Meghana Bhat on bz#2436; ok markus@
+    
+    Upstream-ID: 58648ec53c510b41c1f46d8fe293aadc87229ab8
+
+commit e3cbb06ade83c72b640a53728d362bbefa0008e2
+Author: sobrado@openbsd.org <sobrado@openbsd.org>
+Date:   Tue Sep 22 08:33:23 2015 +0000
+
+    upstream commit
+    
+    fix two typos.
+    
+    Upstream-ID: 424402c0d8863a11b51749bacd7f8d932083b709