Accepting request 812018 from network

OBS-URL: https://build.opensuse.org/request/show/812018 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=140
2020-06-11 08:00:58 +00:00 · 2020-06-11 08:00:58 +00:00 · 9bebc77e3d
commit 9bebc77e3d
parent 70bd737cc3 dbcbd30908
19 changed files with 533 additions and 822 deletions
--- a/openssh-7.7p1-cavstest-ctr.patch
+++ b/openssh-7.7p1-cavstest-ctr.patch
@ -3,29 +3,29 @@
 CAVS test for OpenSSH's own CTR encryption mode implementation
 diff --git a/Makefile.in b/Makefile.in
-index 7488595..d426006 100644
+index d5c37b5..5d4fcd2 100644
 --- a/Makefile.in
 +++ b/Makefile.in
-@@ -24,6 +24,7 @@ ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass
+@@ -25,6 +25,7 @@ SFTP_SERVER=$(libexecdir)/sftp-server
 SFTP_SERVER=$(libexecdir)/sftp-server
 SSH_KEYSIGN=$(libexecdir)/ssh-keysign
 SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
 SSH_SK_HELPER=$(libexecdir)/ssh-sk-helper
 +CAVSTEST_CTR=$(libexecdir)/cavstest-ctr
 PRIVSEP_PATH=@PRIVSEP_PATH@
 SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
 STRIP_OPT=@STRIP_OPT@
-@@ -62,6 +63,8 @@ MKDIR_P=@MKDIR_P@
+@@ -70,6 +71,8 @@ MKDIR_P=@MKDIR_P@
- TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT)
+ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT)
 +TARGETS += cavstest-ctr$(EXEEXT)
 +
 XMSS_OBJS=\
 	ssh-xmss.o \
 	sshkey-xmss.o \
-@@ -210,6 +213,10 @@ sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o s
+@@ -244,6 +247,10 @@ sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a $(SFTPSERVER_OBJS)
- sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o
+ sftp$(EXEEXT): $(LIBCOMPAT) libssh.a $(SFTP_OBJS)
- 	$(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
+ 	$(LD) -o $@ $(SFTP_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
 +# FIPS tests
 +cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-ctr.o
@ -34,8 +34,8 @@ index 7488595..d426006 100644
 # test driver for the loginrec code - not built by default
 logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
 	$(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS)
-@@ -354,6 +361,7 @@ install-files:
+@@ -398,6 +405,7 @@ install-files:
- 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT)
+ 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-sk-helper$(EXEEXT) $(DESTDIR)$(SSH_SK_HELPER)$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
 +	$(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT)
@ -263,7 +263,7 @@ index 0000000..f81cb72
 +	return 0;
 +}
 diff --git a/cipher.c b/cipher.c
-index acca752..b67a4ff 100644
+index 2f5430b..599b54a 100644
 --- a/cipher.c
 +++ b/cipher.c
@@ -58,15 +58,6 @@
@ -274,7 +274,7 @@ index acca752..b67a4ff 100644
 -	int	plaintext;
 -	int	encrypt;
 -	EVP_CIPHER_CTX *evp;
-	struct chachapoly_ctx cp_ctx; /* XXX union with evp? */
+-	struct chachapoly_ctx *cp_ctx;
 -	struct aesctr_ctx ac_ctx; /* XXX union with evp? */
 -	const struct sshcipher *cipher;
 -};
@ -283,7 +283,7 @@ index acca752..b67a4ff 100644
 	char	*name;
 	u_int	block_size;
 diff --git a/cipher.h b/cipher.h
-index 5843aab..d7d8c89 100644
+index 1a591cd..10ccb28 100644
 --- a/cipher.h
 +++ b/cipher.h
@@ -48,7 +48,15 @@
@ -295,7 +295,7 @@ index 5843aab..d7d8c89 100644
 +	int	plaintext;
 +	int	encrypt;
 +	EVP_CIPHER_CTX *evp;
-+	struct chachapoly_ctx cp_ctx; /* XXX union with evp? */
+	struct chachapoly_ctx *cp_ctx; /* XXX union with evp? */
 +	struct aesctr_ctx ac_ctx; /* XXX union with evp? */
 +	const struct sshcipher *cipher;
 +};
--- a/openssh-7.7p1-cavstest-kdf.patch
+++ b/openssh-7.7p1-cavstest-kdf.patch
@ -3,27 +3,27 @@
 CAVS test for KDF implementation in OpenSSH
 diff --git a/Makefile.in b/Makefile.in
-index d426006..85818f4 100644
+index 5d4fcd2..9eab827 100644
 --- a/Makefile.in
 +++ b/Makefile.in
-@@ -25,6 +25,7 @@ SFTP_SERVER=$(libexecdir)/sftp-server
+@@ -26,6 +26,7 @@ SSH_KEYSIGN=$(libexecdir)/ssh-keysign
 SSH_KEYSIGN=$(libexecdir)/ssh-keysign
 SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
 SSH_SK_HELPER=$(libexecdir)/ssh-sk-helper
 CAVSTEST_CTR=$(libexecdir)/cavstest-ctr
 +CAVSTEST_KDF=$(libexecdir)/cavstest-kdf
 PRIVSEP_PATH=@PRIVSEP_PATH@
 SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
 STRIP_OPT=@STRIP_OPT@
-@@ -63,7 +64,7 @@ MKDIR_P=@MKDIR_P@
+@@ -71,7 +72,7 @@ MKDIR_P=@MKDIR_P@
- TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT)
+ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-sk-helper$(EXEEXT)
 -TARGETS += cavstest-ctr$(EXEEXT)
 +TARGETS += cavstest-ctr$(EXEEXT) cavstest-kdf$(EXEEXT)
 XMSS_OBJS=\
 	ssh-xmss.o \
-@@ -217,6 +218,9 @@ sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glo
+@@ -251,6 +252,9 @@ sftp$(EXEEXT): $(LIBCOMPAT) libssh.a $(SFTP_OBJS)
 cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-ctr.o
 	$(LD) -o $@ cavstest-ctr.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
@ -33,7 +33,7 @@ index d426006..85818f4 100644
 # test driver for the loginrec code - not built by default
 logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
 	$(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS)
-@@ -362,6 +366,7 @@ install-files:
+@@ -406,6 +410,7 @@ install-files:
 	$(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT)
--- a/openssh-7.7p1-fips.patch
+++ b/openssh-7.7p1-fips.patch
@ -4,17 +4,17 @@ FIPS 140-2 compliance. Perform selftests on start and use only FIPS approved
 algorithms.
 diff --git a/Makefile.in b/Makefile.in
-index 1d2b2d9..7488595 100644
+index 62cd072..d5c37b5 100644
 --- a/Makefile.in
 +++ b/Makefile.in
-@@ -103,6 +103,8 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
+@@ -114,6 +114,8 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
 	platform-pledge.o platform-tracing.o platform-misc.o
 SKOBJS=	ssh-sk-client.o
 +LIBSSH_OBJS += fips.o
 +
 SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
- 	sshconnect.o sshconnect2.o mux.o
+ 	sshconnect.o sshconnect2.o mux.o $(SKOBJS)
 diff --git a/cipher-ctr.c b/cipher-ctr.c
 index 32771f2..b66f92f 100644
@ -39,7 +39,7 @@ index 32771f2..b66f92f 100644
 	return (&aes_ctr);
 }
 diff --git a/cipher.c b/cipher.c
-index 25f98ba..acca752 100644
+index 8195199..2f5430b 100644
 --- a/cipher.c
 +++ b/cipher.c
@@ -51,6 +51,9 @@
@ -123,7 +123,7 @@ index 25f98ba..acca752 100644
 		if ((c->flags & CFLAG_INTERNAL) != 0)
 			continue;
 		if (auth_only && c->auth_len == 0)
-@@ -196,7 +243,7 @@ const struct sshcipher *
+@@ -207,7 +254,7 @@ const struct sshcipher *
 cipher_by_name(const char *name)
 {
 	const struct sshcipher *c;
@ -401,10 +401,10 @@ index 0000000..a115a61
 +#endif
 +
 diff --git a/hmac.c b/hmac.c
-index 3268887..b905a1e 100644
+index 7b58801..5a92074 100644
 --- a/hmac.c
 +++ b/hmac.c
-@@ -146,7 +146,7 @@ hmac_test(void *key, size_t klen, void *m, size_t mlen, u_char *e, size_t elen)
+@@ -145,7 +145,7 @@ hmac_test(void *key, size_t klen, void *m, size_t mlen, u_char *e, size_t elen)
 	size_t			 i;
 	u_char			 digest[16];
@ -414,10 +414,10 @@ index 3268887..b905a1e 100644
 	if (ssh_hmac_init(ctx, key, klen) < 0 ||
 	    ssh_hmac_update(ctx, m, mlen) < 0 ||
 diff --git a/kex.c b/kex.c
-index 49d7015..1f82c2e 100644
+index b09fbac..a5e4be7 100644
 --- a/kex.c
 +++ b/kex.c
-@@ -60,6 +60,8 @@
+@@ -63,6 +63,8 @@
 #include "sshbuf.h"
 #include "digest.h"
@ -426,7 +426,7 @@ index 49d7015..1f82c2e 100644
 /* prototype */
 static int kex_choose_conf(struct ssh *);
 static int kex_input_newkeys(int, u_int32_t, struct ssh *);
-@@ -83,7 +85,7 @@ struct kexalg {
+@@ -86,7 +88,7 @@ struct kexalg {
 	int ec_nid;
 	int hash_alg;
 };
@ -435,7 +435,7 @@ index 49d7015..1f82c2e 100644
 #ifdef WITH_OPENSSL
 	{ KEX_DH1, KEX_DH_GRP1_SHA1, 0, SSH_DIGEST_SHA1 },
 	{ KEX_DH14_SHA1, KEX_DH_GRP14_SHA1, 0, SSH_DIGEST_SHA1 },
-@@ -114,6 +116,47 @@ static const struct kexalg kexalgs[] = {
+@@ -117,6 +119,47 @@ static const struct kexalg kexalgs[] = {
 	{ NULL, 0, -1, -1},
 };
@ -483,7 +483,7 @@ index 49d7015..1f82c2e 100644
 char *
 kex_alg_list(char sep)
 {
-@@ -121,7 +164,7 @@ kex_alg_list(char sep)
+@@ -124,7 +167,7 @@ kex_alg_list(char sep)
 	size_t nlen, rlen = 0;
 	const struct kexalg *k;
@ -492,7 +492,7 @@ index 49d7015..1f82c2e 100644
 		if (ret != NULL)
 			ret[rlen++] = sep;
 		nlen = strlen(k->name);
-@@ -141,7 +184,7 @@ kex_alg_by_name(const char *name)
+@@ -144,7 +187,7 @@ kex_alg_by_name(const char *name)
 {
 	const struct kexalg *k;
@ -501,7 +501,7 @@ index 49d7015..1f82c2e 100644
 		if (strcmp(k->name, name) == 0)
 			return k;
 	}
-@@ -161,7 +204,10 @@ kex_names_valid(const char *names)
+@@ -164,7 +207,10 @@ kex_names_valid(const char *names)
 	for ((p = strsep(&cp, ",")); p && *p != '\0';
 	    (p = strsep(&cp, ","))) {
 		if (kex_alg_by_name(p) == NULL) {
@ -595,21 +595,8 @@ index f3dda66..90d71c8 100644
 		if (strcmp(name, m->name) != 0)
 			continue;
 		if (mac != NULL)
 diff --git a/myproposal.h b/myproposal.h
 index 34bd10c..e6be484 100644
 --- a/myproposal.h
 +++ b/myproposal.h
@@ -144,6 +144,8 @@
 #else /* WITH_OPENSSL */
 +#error "OpenSSL support is needed for FIPS mode to compile"
 +
 #define KEX_SERVER_KEX		\
 	"curve25519-sha256," \
 	"curve25519-sha256@libssh.org"
 diff --git a/readconf.c b/readconf.c
-index f78b4d6..228f481 100644
+index 26e80c5..595f053 100644
 --- a/readconf.c
 +++ b/readconf.c
@@ -68,6 +68,8 @@
@ -621,7 +608,7 @@ index f78b4d6..228f481 100644
 /* Format of the configuration file:
    # Configuration data is parsed as follows:
-@@ -1837,6 +1839,23 @@ option_clear_or_none(const char *o)
+@@ -1908,6 +1910,23 @@ option_clear_or_none(const char *o)
 	return o == NULL || strcasecmp(o, "none") == 0;
 }
@ -645,40 +632,50 @@ index f78b4d6..228f481 100644
 /*
  * Initializes options to special values that indicate that they have not yet
  * been set.  Read_config_file will only set options with this value. Options
-@@ -2116,6 +2135,8 @@ fill_default_options(Options * options)
+@@ -2196,6 +2215,9 @@ fill_default_options(Options * options)
 		options->canonicalize_hostname = SSH_CANONICALISE_NO;
 	if (options->fingerprint_hash == -1)
 		options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
 +	options->fingerprint_hash =
 +		fips_correct_dgst(options->fingerprint_hash);
- 	if (options->update_hostkeys == -1)
+
- 		options->update_hostkeys = 0;
+ #ifdef ENABLE_SK_INTERNAL
- 
+ 	if (options->sk_provider == NULL)
-@@ -2143,6 +2164,7 @@ fill_default_options(Options * options)
+ 		options->sk_provider = xstrdup("internal");
@@ -2229,6 +2251,7 @@ fill_default_options(Options * options)
 	ASSEMBLE(pubkey_key_types, def_key, all_key);
 	ASSEMBLE(ca_sign_algorithms, def_sig, all_sig);
 #undef ASSEMBLE
 +
 	free(all_cipher);
 	free(all_mac);
 	free(all_kex);
- 	free(all_key);
+@@ -2240,6 +2263,8 @@ fill_default_options(Options * options)
- 	free(all_sig);
+ 	kex_default_pk_alg_filtered = def_key; /* save for later use */
-+	filter_fips_algorithms(options);
+ 	free(def_sig);
 +	filter_fips_algorithms(options);
 +
 #define CLEAR_ON_NONE(v) \
 	do { \
 		if (option_clear_or_none(v)) { \
 diff --git a/readconf.h b/readconf.h
-index 8e36bf3..67111e9 100644
+index e143a10..ef18d5c 100644
 --- a/readconf.h
 +++ b/readconf.h
-@@ -197,6 +197,7 @@ typedef struct {
+@@ -199,6 +199,7 @@ typedef struct {
 #define SSH_STRICT_HOSTKEY_YES	2
 #define SSH_STRICT_HOSTKEY_ASK	3
 +void	 filter_fips_algorithms(Options *o);
- void     initialize_options(Options *);
+ const char *kex_default_pk_alg(void);
- void     fill_default_options(Options *);
+ char	*ssh_connection_hash(const char *thishost, const char *host,
- void	 fill_default_options_for_canonicalization(Options *);
+     const char *portstr, const char *user);
 diff --git a/servconf.c b/servconf.c
-index f58fecb..a8833a9 100644
+index 6be7274..9a51bfb 100644
 --- a/servconf.c
 +++ b/servconf.c
-@@ -64,6 +64,7 @@
+@@ -69,6 +69,7 @@
 #include "auth.h"
 #include "myproposal.h"
 #include "digest.h"
@ -686,7 +683,7 @@ index f58fecb..a8833a9 100644
 static void add_listen_addr(ServerOptions *, const char *,
     const char *, int);
-@@ -190,6 +191,23 @@ option_clear_or_none(const char *o)
+@@ -200,6 +201,23 @@ option_clear_or_none(const char *o)
 	return o == NULL || strcasecmp(o, "none") == 0;
 }
@ -710,16 +707,16 @@ index f58fecb..a8833a9 100644
 static void
 assemble_algorithms(ServerOptions *o)
 {
-@@ -219,6 +237,8 @@ assemble_algorithms(ServerOptions *o)
+@@ -241,6 +259,8 @@ assemble_algorithms(ServerOptions *o)
- 	free(all_kex);
+ 	free(def_kex);
- 	free(all_key);
+ 	free(def_key);
- 	free(all_sig);
+ 	free(def_sig);
 +
 +	filter_fips_algorithms_s(o);
 }
 static void
-@@ -424,6 +444,8 @@ fill_default_server_options(ServerOptions *options)
+@@ -453,6 +473,8 @@ fill_default_server_options(ServerOptions *options)
 		options->fwd_opts.streamlocal_bind_unlink = 0;
 	if (options->fingerprint_hash == -1)
 		options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
@ -729,19 +726,19 @@ index f58fecb..a8833a9 100644
 		options->disable_forwarding = 0;
 	if (options->expose_userauth_info == -1)
 diff --git a/ssh-keygen.c b/ssh-keygen.c
-index 8c829ca..da63fb0 100644
+index 944faca..c1ecc54 100644
 --- a/ssh-keygen.c
 +++ b/ssh-keygen.c
-@@ -64,6 +64,8 @@
+@@ -66,6 +66,8 @@
- #include "authfd.h"
+ #include "ssh-sk.h"
- #include "sshsig.h"
+ #include "sk-api.h" /* XXX for SSH_SK_USER_PRESENCE_REQD; remove */
 +#include "fips.h"
 +
 #ifdef WITH_OPENSSL
 # define DEFAULT_KEY_TYPE_NAME "rsa"
 #else
-@@ -1002,11 +1004,13 @@ do_fingerprint(struct passwd *pw)
+@@ -1032,11 +1034,13 @@ do_fingerprint(struct passwd *pw)
 static void
 do_gen_all_hostkeys(struct passwd *pw)
 {
@ -757,7 +754,7 @@ index 8c829ca..da63fb0 100644
 #ifdef WITH_OPENSSL
 		{ "rsa", "RSA" ,_PATH_HOST_RSA_KEY_FILE },
 		{ "dsa", "DSA", _PATH_HOST_DSA_KEY_FILE },
-@@ -1021,6 +1025,17 @@ do_gen_all_hostkeys(struct passwd *pw)
+@@ -1051,6 +1055,17 @@ do_gen_all_hostkeys(struct passwd *pw)
 		{ NULL, NULL, NULL }
 	};
@ -775,9 +772,9 @@ index 8c829ca..da63fb0 100644
 	u_int32_t bits = 0;
 	int first = 0;
 	struct stat st;
-@@ -1029,6 +1044,12 @@ do_gen_all_hostkeys(struct passwd *pw)
+@@ -1058,6 +1073,12 @@ do_gen_all_hostkeys(struct passwd *pw)
 	char comment[1024], *prv_tmp, *pub_tmp, *prv_file, *pub_file;
 	int i, type, fd, r;
 	FILE *f;
 +	if (fips_mode()) {
 +		key_types = key_types_fips140_2;
@ -788,7 +785,7 @@ index 8c829ca..da63fb0 100644
 	for (i = 0; key_types[i].key_type; i++) {
 		public = private = NULL;
 		prv_tmp = pub_tmp = prv_file = pub_file = NULL;
-@@ -3215,6 +3236,15 @@ main(int argc, char **argv)
+@@ -3532,6 +3553,15 @@ main(int argc, char **argv)
 		key_type_name = DEFAULT_KEY_TYPE_NAME;
 	type = sshkey_type_from_name(key_type_name);
@ -805,10 +802,10 @@ index 8c829ca..da63fb0 100644
 	if (!quiet)
 diff --git a/ssh_config.5 b/ssh_config.5
-index 02a8789..f0cb291 100644
+index c45fb8d..55d4b5e 100644
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -664,6 +664,8 @@ Valid options are:
+@@ -669,6 +669,8 @@ Valid options are:
 and
 .Cm sha256
 (the default).
@ -818,12 +815,12 @@ index 02a8789..f0cb291 100644
 Specifies whether the connection to the authentication agent (if any)
 will be forwarded to the remote machine.
 diff --git a/sshd.c b/sshd.c
-index 6b55ef7..c8086cd 100644
+index a24241c..e18078f 100644
 --- a/sshd.c
 +++ b/sshd.c
-@@ -127,6 +127,8 @@
+@@ -128,6 +128,8 @@
 #include "version.h"
 #include "ssherr.h"
 #include "sk-api.h"
 +#include "fips.h"
 +
@ -831,10 +828,10 @@ index 6b55ef7..c8086cd 100644
 #define REEXEC_DEVCRYPTO_RESERVED_FD	(STDERR_FILENO + 1)
 #define REEXEC_STARTUP_PIPE_FD		(STDERR_FILENO + 2)
 diff --git a/sshd_config.5 b/sshd_config.5
-index 0707b47..8818ea5 100644
+index 52552d2..35affe5 100644
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -605,6 +605,8 @@ and
+@@ -594,6 +594,8 @@ and
 .Cm sha256 .
 The default is
 .Cm sha256 .
--- a/openssh-7.7p1-fips_checks.patch
+++ b/openssh-7.7p1-fips_checks.patch
@ -7,7 +7,7 @@
 # FIPS mode). SHA-2 seems to be a reasonable choice.
 #
 # The logic of the checks is as follows: decide whether FIPS mode is mandated
-# (either by checking /proc/sys/crypto/fips_enabled or envoroinment variable
+# (either by checking /proc/sys/crypto/fips_enabled or environment variable
 # SSH_FORCE_FIPS. In FIPS mode, checksums are required to match (inability to
 # retrieve pre-calculated hash is a fatal error). In non-FIPS mode the checks
 # still must be performed, unless the hashes are not installed. Thus if the hash
@ -410,7 +410,7 @@ index a115a61..3404684 100644
 #endif
 -
 diff --git a/sftp-server.c b/sftp-server.c
-index b133cbc..c3086b6 100644
+index 359204f..d6395fd 100644
 --- a/sftp-server.c
 +++ b/sftp-server.c
@@ -53,6 +53,8 @@
@ -422,7 +422,7 @@ index b133cbc..c3086b6 100644
 /* Our verbosity */
 static LogLevel log_level = SYSLOG_LEVEL_ERROR;
-@@ -1595,6 +1597,9 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw)
+@@ -1576,6 +1578,9 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw)
 	extern char *optarg;
 	extern char *__progname;
@ -433,7 +433,7 @@ index b133cbc..c3086b6 100644
 	log_init(__progname, log_level, log_facility, log_stderr);
 diff --git a/ssh.c b/ssh.c
-index ee51823..882d1da 100644
+index 98b6ce7..dce28fd 100644
 --- a/ssh.c
 +++ b/ssh.c
@@ -113,6 +113,8 @@
@ -445,9 +445,9 @@ index ee51823..882d1da 100644
 extern char *__progname;
 /* Saves a copy of argv for setproctitle emulation */
-@@ -596,6 +598,10 @@ main(int ac, char **av)
+@@ -630,6 +632,10 @@ main(int ac, char **av)
- 	struct ssh_digest_ctx *md;
+ 	struct addrinfo *addrs = NULL;
- 	u_char conn_hash[SSH_DIGEST_MAX_LENGTH];
+ 	size_t n, len;
 +	/* initialize fips - can go before ssh_malloc_init(), since that is a
 +	 * OpenBSD-only thing (as of OpenSSH 7.6p1) */
@ -457,10 +457,10 @@ index ee51823..882d1da 100644
 	sanitise_stdfd();
 diff --git a/sshd.c b/sshd.c
-index c8086cd..bb20eec 100644
+index b2146a6..6092f0f 100644
 --- a/sshd.c
 +++ b/sshd.c
-@@ -1443,6 +1443,10 @@ main(int ac, char **av)
+@@ -1505,6 +1505,10 @@ main(int ac, char **av)
 	Authctxt *authctxt;
 	struct connection_info *connection_info = NULL;
--- a/openssh-7.7p1-hostname_changes_when_forwarding_X.patch
+++ b/openssh-7.7p1-hostname_changes_when_forwarding_X.patch
@ -3,14 +3,12 @@
 # -- uset do be called '-xauthlocalhostname'
 handle hostname changes when forwarding X
 bnc#98627
 diff --git a/session.c b/session.c
-index 94d7438..d81060c 100644
+index 18cdfa8..85a9ee2 100644
 --- a/session.c
 +++ b/session.c
-@@ -981,7 +981,7 @@ copy_environment(char **source, char ***env, u_int *envsize)
+@@ -985,7 +985,7 @@ copy_environment(char **source, char ***env, u_int *envsize)
- }
+ #endif
 static char **
 -do_setup_env(struct ssh *ssh, Session *s, const char *shell)
@ -18,7 +16,7 @@ index 94d7438..d81060c 100644
 {
 	char buf[256];
 	size_t n;
-@@ -1191,6 +1191,8 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
+@@ -1195,6 +1195,8 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
 		for (i = 0; env[i]; i++)
 			fprintf(stderr, "  %.200s\n", env[i]);
 	}
@ -27,7 +25,7 @@ index 94d7438..d81060c 100644
 	return env;
 }
-@@ -1199,7 +1201,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
+@@ -1203,7 +1205,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
  * first in this order).
  */
 static void
@ -36,7 +34,7 @@ index 94d7438..d81060c 100644
 {
 	FILE *f = NULL;
 	char cmd[1024];
-@@ -1254,12 +1256,20 @@ do_rc_files(struct ssh *ssh, Session *s, const char *shell)
+@@ -1258,12 +1260,20 @@ do_rc_files(struct ssh *ssh, Session *s, const char *shell)
 		    options.xauth_location);
 		f = popen(cmd, "w");
 		if (f) {
@ -57,7 +55,7 @@ index 94d7438..d81060c 100644
 		} else {
 			fprintf(stderr, "Could not run %s\n",
 			    cmd);
-@@ -1515,6 +1525,7 @@ do_child(struct ssh *ssh, Session *s, const char *command)
+@@ -1519,6 +1529,7 @@ do_child(struct ssh *ssh, Session *s, const char *command)
 	char **env, *argv[ARGV_MAX], remote_id[512];
 	const char *shell, *shell0;
 	struct passwd *pw = s->pw;
@ -65,7 +63,7 @@ index 94d7438..d81060c 100644
 	int r = 0;
 	sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id));
-@@ -1571,7 +1582,7 @@ do_child(struct ssh *ssh, Session *s, const char *command)
+@@ -1575,7 +1586,7 @@ do_child(struct ssh *ssh, Session *s, const char *command)
 	 * Make sure $SHELL points to the shell from the password file,
 	 * even if shell is overridden from login.conf
 	 */
@ -74,7 +72,7 @@ index 94d7438..d81060c 100644
 #ifdef HAVE_LOGIN_CAP
 	shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell);
-@@ -1635,7 +1646,7 @@ do_child(struct ssh *ssh, Session *s, const char *command)
+@@ -1639,7 +1650,7 @@ do_child(struct ssh *ssh, Session *s, const char *command)
 	closefrom(STDERR_FILENO + 1);
@ -82,4 +80,4 @@ index 94d7438..d81060c 100644
 +	do_rc_files(ssh, s, shell, env, &env_size);
 	/* restore SIGPIPE for child */
- 	signal(SIGPIPE, SIG_DFL);
+ 	ssh_signal(SIGPIPE, SIG_DFL);
--- a/openssh-7.7p1-ldap.patch
+++ b/openssh-7.7p1-ldap.patch
@ -125,19 +125,19 @@ index 0000000..831d399
 +  - Finlay dobbie.
 +  - Stefan Fisher.
 diff --git a/Makefile.in b/Makefile.in
-index 750aada..1baf5c6 100644
+index 6010d1c..f54348b 100644
 --- a/Makefile.in
 +++ b/Makefile.in
-@@ -24,6 +24,8 @@ ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass
+@@ -25,6 +25,8 @@ SFTP_SERVER=$(libexecdir)/sftp-server
 SFTP_SERVER=$(libexecdir)/sftp-server
 SSH_KEYSIGN=$(libexecdir)/ssh-keysign
 SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
 SSH_SK_HELPER=$(libexecdir)/ssh-sk-helper
 +SSH_LDAP_HELPER=$(libexecdir)/ssh-ldap-helper
 +SSH_LDAP_WRAPPER=$(libexecdir)/ssh-ldap-wrapper
 CAVSTEST_CTR=$(libexecdir)/cavstest-ctr
 CAVSTEST_KDF=$(libexecdir)/cavstest-kdf
 PRIVSEP_PATH=@PRIVSEP_PATH@
-@@ -66,6 +68,9 @@ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keys
+@@ -74,6 +76,9 @@ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keys
 TARGETS += cavstest-ctr$(EXEEXT) cavstest-kdf$(EXEEXT)
@ -147,28 +147,28 @@ index 750aada..1baf5c6 100644
 XMSS_OBJS=\
 	ssh-xmss.o \
 	sshkey-xmss.o \
-@@ -127,8 +132,8 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \
+@@ -158,8 +163,8 @@ SFTPSERVER_OBJS=sftp-common.o sftp-server.o sftp-server-main.o
 	sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \
 	sandbox-solaris.o uidswap.o
-MANPAGES	= moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out
+ SFTP_OBJS=	sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o
-MANPAGES_IN	= moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 sshd_config.5 ssh_config.5
+ 
-+MANPAGES       = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out ssh-ldap-helper.8.out ssh-ldap.conf.5.out
+-MANPAGES	= moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out ssh-sk-helper.8.out sshd_config.5.out ssh_config.5.out
-+MANPAGES_IN    = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 sshd_config.5 ssh_config.5 ssh-ldap-helper.8 ssh-ldap.conf.5
+-MANPAGES_IN	= moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 ssh-sk-helper.8 sshd_config.5 ssh_config.5
 +MANPAGES	= moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out ssh-sk-helper.8.out sshd_config.5.out ssh_config.5.out ssh-ldap-helper.8.out ssh-ldap.conf.5.out
 +MANPAGES_IN	= moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 ssh-sk-helper.8 sshd_config.5 ssh_config.5 ssh-ldap-helper.8 ssh-ldap.conf.5
 MANTYPE		= @MANTYPE@
 CONFIGFILES=sshd_config.out ssh_config.out moduli.out
-@@ -208,6 +213,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11
+@@ -242,6 +247,9 @@ ssh-sk-helper$(EXEEXT): $(LIBCOMPAT) libssh.a $(SKHELPER_OBJS)
- ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o
+ ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHKEYSCAN_OBJS)
- 	$(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
+ 	$(LD) -o $@ $(SSHKEYSCAN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
 +ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o
 +	$(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
 +
- sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-realpath.o sftp-server-main.o
+ sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a $(SFTPSERVER_OBJS)
- 	$(LD) -o $@ sftp-server.o sftp-common.o sftp-realpath.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
+ 	$(LD) -o $@ $(SFTPSERVER_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
-@@ -363,6 +371,10 @@ install-files:
+@@ -406,6 +414,10 @@ install-files:
 	$(INSTALL) -m 0755 $(STRIP_OPT) sshd$(EXEEXT) $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
 	$(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT)
@ -176,10 +176,10 @@ index 750aada..1baf5c6 100644
 +		$(INSTALL) -m 0755 $(STRIP_OPT) ssh-ldap-helper $(DESTDIR)$(SSH_LDAP_HELPER) ; \
 +		$(INSTALL) -m 0755 ssh-ldap-wrapper $(DESTDIR)$(SSH_LDAP_WRAPPER) ; \
 +	fi
 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-sk-helper$(EXEEXT) $(DESTDIR)$(SSH_SK_HELPER)$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
- 	$(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT)
+@@ -425,6 +437,10 @@ install-files:
@@ -381,6 +393,10 @@ install-files:
 	$(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
 	$(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
 	$(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8
@ -187,10 +187,10 @@ index 750aada..1baf5c6 100644
 +		$(INSTALL) -m 644 ssh-ldap-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-ldap-helper.8 ; \
 +		$(INSTALL) -m 644 ssh-ldap.conf.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh-ldap.conf.5 ; \
 +	fi
 	$(INSTALL) -m 644 ssh-sk-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-sk-helper.8
 install-sysconf:
- 	$(MKDIR_P) $(DESTDIR)$(sysconfdir)
+@@ -449,6 +465,13 @@ install-sysconf:
@@ -404,6 +420,13 @@ install-sysconf:
 	else \
 		echo "$(DESTDIR)$(sysconfdir)/moduli already exists, install will not overwrite"; \
 	fi
@ -204,28 +204,28 @@ index 750aada..1baf5c6 100644
 host-key: ssh-keygen$(EXEEXT)
 	@if [ -z "$(DESTDIR)" ] ; then \
-@@ -441,6 +464,8 @@ uninstall:
+@@ -487,6 +510,8 @@ uninstall:
 	-rm -r $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
 	-rm -f $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT)
 	-rm -f $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT)
 	-rm -f $(DESTDIR)$(SSH_SK_HELPER)$(EXEEXT)
 +	-rm -f $(DESTDIR)$(SSH_LDAP_HELPER)$(EXEEXT)
 +	-rm -f $(DESTDIR)$(SSH_LDAP_WRAPPER)$(EXEEXT)
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
-@@ -452,6 +477,7 @@ uninstall:
+@@ -499,6 +524,7 @@ uninstall:
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-sk-helper.8
 +	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-ldap-helper.8
 regress-prep:
 	$(MKDIR_P) `pwd`/regress/unittests/test_helper
 diff --git a/configure.ac b/configure.ac
-index 20a1884..ff9c11a 100644
+index 4ddf539..1fd0b17 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -1651,6 +1651,106 @@ AC_ARG_WITH([audit],
+@@ -1688,6 +1688,106 @@ AC_ARG_WITH([audit],
 	esac ]
 )
--- a/openssh-7.7p1-no_fork-no_pid_file.patch
+++ b/openssh-7.7p1-no_fork-no_pid_file.patch
@ -2,15 +2,11 @@
 # Parent  bad0c8b3b8d72abb6960ed85b57ee42352371738
 Do not write a PID file when not daemonizing (e.g. when running from systemd)
-diff --git a/openssh-7.7p1/sshd.c b/openssh-7.7p1/sshd.c
+diff --git a/sshd.c b/sshd.c
--- openssh-7.7p1/sshd.c
+index f3ccc3a..eadc1b3 100644
-+++ openssh-7.7p1/sshd.c
+--- a/sshd.c
-@@ -1996,17 +1996,17 @@ main(int ac, char **av)
+++ b/sshd.c
- 		signal(SIGCHLD, main_sigchld_handler);
+@@ -2076,7 +2076,7 @@ main(int ac, char **av)
 		signal(SIGTERM, sigterm_handler);
 		signal(SIGQUIT, sigterm_handler);
 		/*
 		 * Write out the pid file after the sigterm handler
 		 * is setup and the listen sockets are bound
 		 */
@ -19,8 +15,3 @@ diff --git a/openssh-7.7p1/sshd.c b/openssh-7.7p1/sshd.c
 			FILE *f = fopen(options.pid_file, "w");
 			if (f == NULL) {
 				error("Couldn't create pid file \"%s\": %s",
 				    options.pid_file, strerror(errno));
 			} else {
 				fprintf(f, "%ld\n", (long) getpid());
 				fclose(f);
--- a/openssh-7.7p1-seed-prng.patch
+++ b/openssh-7.7p1-seed-prng.patch
@ -1,379 +0,0 @@
 # HG changeset patch
 # Parent  e655fcb8e89d19ce9e954d6fc330e5e3e093a848
 # extended support for (re-)seeding the OpenSSL PRNG from /dev/random
 # bnc#703221, FATE#312172
 diff --git a/Makefile.in b/Makefile.in
 index 85818f4..750aada 100644
 --- a/Makefile.in
 +++ b/Makefile.in
@@ -182,13 +182,13 @@ libssh.a: $(LIBSSH_OBJS)
 	$(RANLIB) $@
 ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS)
 -	$(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHLIBS) $(LIBS) $(GSSLIBS)
 +	$(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(SSHLIBS) $(LIBS) $(GSSLIBS)
 sshd$(EXEEXT): libssh.a	$(LIBCOMPAT) $(SSHDOBJS)
 -	$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS)
 +	$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS)
 scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
 -	$(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
 +	$(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
 ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o
 	$(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
@@ -197,10 +197,10 @@ ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o ssh-pkcs11-client.o
 	$(LD) -o $@ ssh-agent.o ssh-pkcs11-client.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
 ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o sshsig.o
 -	$(LD) -o $@ ssh-keygen.o sshsig.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
 +	$(LD) -o $@ ssh-keygen.o sshsig.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
 ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o readconf.o uidswap.o compat.o
 -	$(LD) -o $@ ssh-keysign.o readconf.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
 +	$(LD) -o $@ ssh-keysign.o readconf.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
 ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o
 	$(LD) -o $@ ssh-pkcs11-helper.o ssh-pkcs11.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
@@ -209,10 +209,10 @@ ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o
 	$(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
 sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-realpath.o sftp-server-main.o
 -	$(LD) -o $@ sftp-server.o sftp-common.o sftp-realpath.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
 +	$(LD) -o $@ sftp-server.o sftp-common.o sftp-realpath.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
 sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o
 -	$(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
 +	$(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
 # FIPS tests
 cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-ctr.o
 diff --git a/entropy.c b/entropy.c
 index 5de6801..f8b9f42 100644
 --- a/entropy.c
 +++ b/entropy.c
@@ -239,6 +239,8 @@ seed_rng(void)
 	}
 #endif /* OPENSSL_PRNG_ONLY */
 +	linux_seed();
 +
 	if (RAND_status() != 1)
 		fatal("PRNG is not seeded");
 diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in
 index 1162dc5..80fd688 100644
 --- a/openbsd-compat/Makefile.in
 +++ b/openbsd-compat/Makefile.in
@@ -91,6 +91,7 @@ COMPAT=	arc4random.o \
 PORTS=	port-aix.o \
 	port-irix.o \
 	port-linux.o \
 +	port-linux-prng.o \
 	port-solaris.o \
 	port-net.o \
 	port-uw.o
 diff --git a/openbsd-compat/port-linux-prng.c b/openbsd-compat/port-linux-prng.c
 new file mode 100644
 index 0000000..dfc4bdb
 --- /dev/null
 +++ b/openbsd-compat/port-linux-prng.c
@@ -0,0 +1,81 @@
 +/*
 + * Copyright (c) 2011 Jan F. Chadima <jchadima@redhat.com>
 + *           (c) 2011 Petr Cerny <pcerny@suse.cz>
 + *
 + * Permission to use, copy, modify, and distribute this software for any
 + * purpose with or without fee is hereby granted, provided that the above
 + * copyright notice and this permission notice appear in all copies.
 + *
 + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 + */
 +
 +/*
 + * Linux-specific portability code - prng support
 + */
 +
 +#include "includes.h"
 +#include "defines.h"
 +
 +#include <errno.h>
 +#include <stdarg.h>
 +#include <string.h>
 +#include <stdio.h>
 +#include <openssl/rand.h>
 +
 +#include "log.h"
 +#include "port-linux.h"
 +#include "fips.h"
 +
 +#define RNG_BYTES_DEFAULT	6L
 +#define RNG_ENV_VAR		"SSH_USE_STRONG_RNG"
 +
 +long rand_bytes = 0;
 +char *rand_file = NULL;
 +
 +static void
 +linux_seed_init(void)
 +{
 +	long elen = 0;
 +	char *env = getenv(RNG_ENV_VAR);
 +
 +	if (env) {
 +		errno = 0;
 +		elen = strtol(env, NULL, 10);
 +		if (errno) {
 +			elen = RNG_BYTES_DEFAULT;
 +			debug("bogus value in the %s environment variable, "
 +				"using %li bytes from /dev/random\n",
 +				RNG_ENV_VAR, RNG_BYTES_DEFAULT);
 +		}
 +	}
 +
 +	if (elen || fips_mode())
 +		rand_file = "/dev/random";
 +	else
 +		rand_file = "/dev/urandom";
 +
 +	rand_bytes = MAX(elen, RNG_BYTES_DEFAULT);
 +}
 +
 +void
 +linux_seed(void)
 +{
 +	long len;
 +	if (!rand_file)
 +		linux_seed_init();
 +
 +	errno = 0;
 +	len = RAND_load_file(rand_file, rand_bytes);
 +	if (len != rand_bytes) {
 +		if (errno)
 +			fatal ("cannot read from %s, %s", rand_file, strerror(errno));
 +		else
 +			fatal ("EOF reading %s", rand_file);
 +	}
 +}
 diff --git a/openbsd-compat/port-linux.h b/openbsd-compat/port-linux.h
 index 3c22a85..2dc1fd0 100644
 --- a/openbsd-compat/port-linux.h
 +++ b/openbsd-compat/port-linux.h
@@ -17,6 +17,10 @@
 #ifndef _PORT_LINUX_H
 #define _PORT_LINUX_H
 +extern long rand_bytes;
 +extern char *rand_file;
 +void linux_seed(void);
 +
 #ifdef WITH_SELINUX
 int ssh_selinux_enabled(void);
 void ssh_selinux_setup_pty(char *, const char *);
 diff --git a/ssh-add.1 b/ssh-add.1
 index d4e1c60..6f76900 100644
 --- a/ssh-add.1
 +++ b/ssh-add.1
@@ -189,6 +189,20 @@ to make this work.)
 Identifies the path of a
 .Ux Ns -domain
 socket used to communicate with the agent.
 +.It Ev SSH_USE_STRONG_RNG
 +The reseeding of the OpenSSL random generator is usually done from
 +.Cm /dev/urandom .
 +If the 
 +.Cm SSH_USE_STRONG_RNG
 +environment variable is set to value other than
 +.Cm 0
 +the OpenSSL random generator is reseeded from
 +.Cm /dev/random .
 +The number of bytes read is defined by the SSH_USE_STRONG_RNG value. 
 +Minimum is 6 bytes.
 +This setting is not recommended on the computers without the hardware
 +random generator because insufficient entropy causes the connection to 
 +be blocked until enough entropy is available.
 .El
 .Sh FILES
 .Bl -tag -width Ds
 diff --git a/ssh-agent.1 b/ssh-agent.1
 index 83b2b41..9e187f2 100644
 --- a/ssh-agent.1
 +++ b/ssh-agent.1
@@ -214,6 +214,23 @@ sockets used to contain the connection to the authentication agent.
 These sockets should only be readable by the owner.
 The sockets should get automatically removed when the agent exits.
 .El
 +.Sh ENVIRONMENT
 +.Bl -tag -width Ds -compact
 +.Pp
 +.It Pa SSH_USE_STRONG_RNG
 +The reseeding of the OpenSSL random generator is usually done from
 +.Cm /dev/urandom .
 +If the 
 +.Cm SSH_USE_STRONG_RNG
 +environment variable is set to value other than
 +.Cm 0
 +the OpenSSL random generator is reseeded from
 +.Cm /dev/random .
 +The number of bytes read is defined by the SSH_USE_STRONG_RNG value. 
 +Minimum is 6 bytes.
 +This setting is not recommended on the computers without the hardware
 +random generator because insufficient entropy causes the connection to 
 +be blocked until enough entropy is available.
 .Sh SEE ALSO
 .Xr ssh 1 ,
 .Xr ssh-add 1 ,
 diff --git a/ssh-keygen.1 b/ssh-keygen.1
 index 957d2f0..70c4a28 100644
 --- a/ssh-keygen.1
 +++ b/ssh-keygen.1
@@ -1054,6 +1054,23 @@ Contains Diffie-Hellman groups used for DH-GEX.
 The file format is described in
 .Xr moduli 5 .
 .El
 +.Sh ENVIRONMENT
 +.Bl -tag -width Ds -compact
 +.Pp
 +.It Pa SSH_USE_STRONG_RNG
 +The reseeding of the OpenSSL random generator is usually done from
 +.Cm /dev/urandom .
 +If the 
 +.Cm SSH_USE_STRONG_RNG
 +environment variable is set to value other than
 +.Cm 0
 +the OpenSSL random generator is reseeded from
 +.Cm /dev/random .
 +The number of bytes read is defined by the SSH_USE_STRONG_RNG value. 
 +Minimum is 6 bytes.
 +This setting is not recommended on the computers without the hardware
 +random generator because insufficient entropy causes the connection to 
 +be blocked until enough entropy is available.
 .Sh SEE ALSO
 .Xr ssh 1 ,
 .Xr ssh-add 1 ,
 diff --git a/ssh-keysign.8 b/ssh-keysign.8
 index 19b0dbc..639b56e 100644
 --- a/ssh-keysign.8
 +++ b/ssh-keysign.8
@@ -80,6 +80,23 @@ must be set-uid root if host-based authentication is used.
 If these files exist they are assumed to contain public certificate
 information corresponding with the private keys above.
 .El
 +.Sh ENVIRONMENT
 +.Bl -tag -width Ds -compact
 +.Pp
 +.It Pa SSH_USE_STRONG_RNG
 +The reseeding of the OpenSSL random generator is usually done from
 +.Cm /dev/urandom .
 +If the 
 +.Cm SSH_USE_STRONG_RNG
 +environment variable is set to value other than
 +.Cm 0
 +the OpenSSL random generator is reseeded from
 +.Cm /dev/random .
 +The number of bytes read is defined by the SSH_USE_STRONG_RNG value. 
 +Minimum is 6 bytes.
 +This setting is not recommended on the computers without the hardware
 +random generator because insufficient entropy causes the connection to 
 +be blocked until enough entropy is available.
 .Sh SEE ALSO
 .Xr ssh 1 ,
 .Xr ssh-keygen 1 ,
 diff --git a/ssh.1 b/ssh.1
 index 424d6c3..899a339 100644
 --- a/ssh.1
 +++ b/ssh.1
@@ -1433,6 +1433,20 @@ For more information, see the
 .Cm PermitUserEnvironment
 option in
 .Xr sshd_config 5 .
 +.It Ev SSH_USE_STRONG_RNG
 +The reseeding of the OpenSSL random generator is usually done from
 +.Cm /dev/urandom .
 +If the 
 +.Cm SSH_USE_STRONG_RNG
 +environment variable is set to value other than
 +.Cm 0
 +the OpenSSL random generator is reseeded from
 +.Cm /dev/random .
 +The number of bytes read is defined by the SSH_USE_STRONG_RNG value. 
 +Minimum is 6 bytes.
 +This setting is not recommended on the computers without the hardware
 +random generator because insufficient entropy causes the connection to 
 +be blocked until enough entropy is available.
 .Sh FILES
 .Bl -tag -width Ds -compact
 .It Pa ~/.rhosts
 diff --git a/sshd.8 b/sshd.8
 index fb133c1..2f1d3ab 100644
 --- a/sshd.8
 +++ b/sshd.8
@@ -966,6 +966,23 @@ concurrently for different ports, this contains the process ID of the one
 started last).
 The content of this file is not sensitive; it can be world-readable.
 .El
 +.Sh ENVIRONMENT
 +.Bl -tag -width Ds -compact
 +.Pp
 +.It Pa SSH_USE_STRONG_RNG
 +The reseeding of the OpenSSL random generator is usually done from
 +.Cm /dev/urandom .
 +If the 
 +.Cm SSH_USE_STRONG_RNG
 +environment variable is set to value other than
 +.Cm 0
 +the OpenSSL random generator is reseeded from
 +.Cm /dev/random .
 +The number of bytes read is defined by the SSH_USE_STRONG_RNG value. 
 +Minimum is 6 bytes.
 +This setting is not recommended on the computers without the hardware
 +random generator because insufficient entropy causes the connection to 
 +be blocked until enough entropy is available.
 .Sh SEE ALSO
 .Xr scp 1 ,
 .Xr sftp 1 ,
 diff --git a/sshd.c b/sshd.c
 index bb20eec..c562094 100644
 --- a/sshd.c
 +++ b/sshd.c
@@ -55,6 +55,8 @@
 #endif
 #include "openbsd-compat/sys-tree.h"
 #include "openbsd-compat/sys-queue.h"
 +#include "openbsd-compat/port-linux.h"
 +
 #include <sys/wait.h>
 #include <errno.h>
@@ -205,6 +207,13 @@ struct {
 	int		have_ssh2_key;
 } sensitive_data;
 +/*
 + * Every RESEED_AFTERth connection triggers call to linux_seed() to re-seed the
 + * random pool.
 + */
 +#define RESEED_AFTER    100
 +static int re_seeding_counter = RESEED_AFTER;
 +
 /* This is set to true when a signal is received. */
 static volatile sig_atomic_t received_sighup = 0;
 static volatile sig_atomic_t received_sigterm = 0;
@@ -1201,6 +1210,10 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 					startup_flags[j] = 1;
 					break;
 				}
 +			if(!(--re_seeding_counter)) {
 +				re_seeding_counter = RESEED_AFTER;
 +				linux_seed();
 +			}
 			/*
 			 * Got connection.  Fork a child to handle it, unless
--- a/openssh-7.7p1-sftp_print_diagnostic_messages.patch
+++ b/openssh-7.7p1-sftp_print_diagnostic_messages.patch
@ -2,12 +2,11 @@
 # Parent  60bdbe6dd8d6bc011883472363d56e1d97f68835
 Put back sftp client diagnostic messages in batch mode
 bsc#1023275
 diff --git a/sftp.1 b/sftp.1
-index a52c1cf..7333de8 100644
+index a305b37..6e802ec 100644
 --- a/sftp.1
 +++ b/sftp.1
-@@ -278,6 +278,9 @@ Specifies the port to connect to on the remote host.
+@@ -282,6 +282,9 @@ Specifies the port to connect to on the remote host.
 .It Fl p
 Preserves modification times, access times, and modes from the
 original files transferred.
@ -18,7 +17,7 @@ index a52c1cf..7333de8 100644
 Quiet mode: disables the progress meter as well as warning and
 diagnostic messages from
 diff --git a/sftp.c b/sftp.c
-index b66037f..6c94a38 100644
+index 2799e4a..52b2c23 100644
 --- a/sftp.c
 +++ b/sftp.c
@@ -85,6 +85,9 @@ static volatile pid_t sshpid = -1;
@ -31,16 +30,16 @@ index b66037f..6c94a38 100644
 /* This is set to 0 if the progressmeter is not desired. */
 int showprogress = 1;
-@@ -2406,7 +2409,7 @@ main(int argc, char **argv)
+@@ -2409,7 +2412,7 @@ main(int argc, char **argv)
 	infile = stdin;
 	while ((ch = getopt(argc, argv,
-	    "1246afhpqrvCc:D:i:l:o:s:S:b:B:F:J:P:R:")) != -1) {
+-	    "1246afhNpqrvCc:D:i:l:o:s:S:b:B:F:J:P:R:")) != -1) {
-+	    "1246afhpQqrvCc:D:i:l:o:s:S:b:B:F:J:P:R:")) != -1) {
+	    "1246afhNpQqrvCc:D:i:l:o:s:S:b:B:F:J:P:R:")) != -1) {
 		switch (ch) {
 		/* Passed through to ssh(1) */
 		case '4':
-@@ -2423,6 +2426,9 @@ main(int argc, char **argv)
+@@ -2426,6 +2429,9 @@ main(int argc, char **argv)
 			addargs(&args, "-%c", ch);
 			addargs(&args, "%s", optarg);
 			break;
@ -50,7 +49,7 @@ index b66037f..6c94a38 100644
 		case 'q':
 			ll = SYSLOG_LEVEL_ERROR;
 			quiet = 1;
-@@ -2506,6 +2512,8 @@ main(int argc, char **argv)
+@@ -2510,6 +2516,8 @@ main(int argc, char **argv)
 			usage();
 		}
 	}
--- a/openssh-8.0p1-gssapi-keyex.patch
+++ b/openssh-8.0p1-gssapi-keyex.patch
@ -1,29 +1,29 @@
 diff --git a/Makefile.in b/Makefile.in
-index 1baf5c6..02bafbc 100644
+index 9eab827..9d3f569 100644
 --- a/Makefile.in
 +++ b/Makefile.in
-@@ -109,6 +109,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
+@@ -113,6 +113,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
 	kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \
 	kexgexc.o kexgexs.o \
 	sntrup4591761.o kexsntrup4591761x25519.o kexgen.o \
 +	kexgssc.o \
- 	platform-pledge.o platform-tracing.o platform-misc.o
+ 	sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \
 	sshbuf-io.o
- 
+@@ -131,7 +132,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \
@@ -125,7 +126,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \
 	auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \
 	auth2-none.o auth2-passwd.o auth2-pubkey.o \
 	monitor.o monitor_wrap.o auth-krb5.o \
 -	auth2-gss.o gss-serv.o gss-serv-krb5.o \
 +	auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \
 	loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
- 	sftp-server.o sftp-common.o sftp-realpath.o \
+ 	sftp-server.o sftp-common.o \
 	sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \
 diff --git a/auth.c b/auth.c
-index 5c58dd1..ab43955 100644
+index 0a2dd3a..779a1af 100644
 --- a/auth.c
 +++ b/auth.c
-@@ -399,7 +399,8 @@ auth_root_allowed(struct ssh *ssh, const char *method)
+@@ -400,7 +400,8 @@ auth_root_allowed(struct ssh *ssh, const char *method)
 	case PERMIT_NO_PASSWD:
 		if (strcmp(method, "publickey") == 0 ||
 		    strcmp(method, "hostbased") == 0 ||
@ -33,7 +33,7 @@ index 5c58dd1..ab43955 100644
 			return 1;
 		break;
 	case PERMIT_FORCED_ONLY:
-@@ -723,99 +724,6 @@ fakepw(void)
+@@ -724,99 +725,6 @@ fakepw(void)
 	return (&fake);
 }
@ -62,7 +62,7 @@ index 5c58dd1..ab43955 100644
 -	if (getpeername(ssh_packet_get_connection_in(ssh),
 -	    (struct sockaddr *)&from, &fromlen) == -1) {
 -		debug("getpeername failed: %.100s", strerror(errno));
-		return strdup(ntop);
+-		return xstrdup(ntop);
 -	}
 -
 -	ipv64_normalise_mapped(&from, &fromlen);
@ -74,7 +74,7 @@ index 5c58dd1..ab43955 100644
 -	if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
 -	    NULL, 0, NI_NAMEREQD) != 0) {
 -		/* Host name not found.  Use ip address. */
-		return strdup(ntop);
+-		return xstrdup(ntop);
 -	}
 -
 -	/*
@ -89,7 +89,7 @@ index 5c58dd1..ab43955 100644
 -		logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
 -		    name, ntop);
 -		freeaddrinfo(ai);
-		return strdup(ntop);
+-		return xstrdup(ntop);
 -	}
 -
 -	/* Names are stored in lowercase. */
@ -110,7 +110,7 @@ index 5c58dd1..ab43955 100644
 -	if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
 -		logit("reverse mapping checking getaddrinfo for %.700s "
 -		    "[%s] failed.", name, ntop);
-		return strdup(ntop);
+-		return xstrdup(ntop);
 -	}
 -	/* Look for the address from the list of addresses. */
 -	for (ai = aitop; ai; ai = ai->ai_next) {
@ -125,9 +125,9 @@ index 5c58dd1..ab43955 100644
 -		/* Address not found for the host name. */
 -		logit("Address %.100s maps to %.600s, but this does not "
 -		    "map back to the address.", ntop, name);
-		return strdup(ntop);
+-		return xstrdup(ntop);
 -	}
-	return strdup(name);
+-	return xstrdup(name);
 -}
 -
 /*
@ -229,7 +229,7 @@ index 9351e04..d6446c0 100644
 	"gssapi-with-mic",
 	userauth_gssapi,
 diff --git a/auth2.c b/auth2.c
-index 0e77622..1c21726 100644
+index 91aaf34..a4a5e00 100644
 --- a/auth2.c
 +++ b/auth2.c
@@ -73,6 +73,7 @@ extern Authmethod method_passwd;
@ -249,7 +249,7 @@ index 0e77622..1c21726 100644
 #endif
 	&method_passwd,
 diff --git a/canohost.c b/canohost.c
-index abea9c6..9a00fc2 100644
+index abea9c6..8e81b51 100644
 --- a/canohost.c
 +++ b/canohost.c
@@ -35,6 +35,99 @@
@ -281,7 +281,7 @@ index abea9c6..9a00fc2 100644
 +	if (getpeername(ssh_packet_get_connection_in(ssh),
 +	    (struct sockaddr *)&from, &fromlen) == -1) {
 +		debug("getpeername failed: %.100s", strerror(errno));
-+		return strdup(ntop);
+		return xstrdup(ntop);
 +	}
 +
 +	ipv64_normalise_mapped(&from, &fromlen);
@ -293,7 +293,7 @@ index abea9c6..9a00fc2 100644
 +	if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
 +	    NULL, 0, NI_NAMEREQD) != 0) {
 +		/* Host name not found.  Use ip address. */
-+		return strdup(ntop);
+		return xstrdup(ntop);
 +	}
 +
 +	/*
@ -308,7 +308,7 @@ index abea9c6..9a00fc2 100644
 +		logit("Nasty PTR record \"%s\" is set up for %s, ignoring",
 +		    name, ntop);
 +		freeaddrinfo(ai);
-+		return strdup(ntop);
+		return xstrdup(ntop);
 +	}
 +
 +	/* Names are stored in lowercase. */
@ -329,7 +329,7 @@ index abea9c6..9a00fc2 100644
 +	if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
 +		logit("reverse mapping checking getaddrinfo for %.700s "
 +		    "[%s] failed.", name, ntop);
-+		return strdup(ntop);
+		return xstrdup(ntop);
 +	}
 +	/* Look for the address from the list of addresses. */
 +	for (ai = aitop; ai; ai = ai->ai_next) {
@ -344,9 +344,9 @@ index abea9c6..9a00fc2 100644
 +		/* Address not found for the host name. */
 +		logit("Address %.100s maps to %.600s, but this does not "
 +		    "map back to the address.", ntop, name);
-+		return strdup(ntop);
+		return xstrdup(ntop);
 +	}
-+	return strdup(name);
+	return xstrdup(name);
 +}
 +
 void
@ -367,7 +367,7 @@ index 26d6285..0cadc9f 100644
 int		 get_peer_port(int);
 char		*get_local_ipaddr(int);
 diff --git a/clientloop.c b/clientloop.c
-index b5a1f70..9def2a1 100644
+index da396c7..42ace77 100644
 --- a/clientloop.c
 +++ b/clientloop.c
@@ -112,6 +112,10 @@
@ -381,7 +381,7 @@ index b5a1f70..9def2a1 100644
 /* import options */
 extern Options options;
-@@ -1373,9 +1377,18 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
+@@ -1361,9 +1365,18 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
 			break;
 		/* Do channel operations unless rekeying in progress. */
@ -402,10 +402,10 @@ index b5a1f70..9def2a1 100644
 		client_process_net_input(ssh, readset);
 diff --git a/configure.ac b/configure.ac
-index ff9c11a..c0db779 100644
+index 82aafe3..8a0e791 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -666,6 +666,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
+@@ -676,6 +676,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
 	    [Use tunnel device compatibility to OpenBSD])
 	AC_DEFINE([SSH_TUN_PREPEND_AF], [1],
 	    [Prepend the address family to IP tunnel traffic])
@ -959,11 +959,11 @@ index a151bc1..8d2b677 100644
 #endif /* KRB5 */
 diff --git a/gss-serv.c b/gss-serv.c
-index ab3a15f..6ce56e9 100644
+index b5d4bb2..d8010dd 100644
 --- a/gss-serv.c
 +++ b/gss-serv.c
@@ -1,7 +1,7 @@
- /* $OpenBSD: gss-serv.c,v 1.31 2018/07/09 21:37:55 markus Exp $ */
+ /* $OpenBSD: gss-serv.c,v 1.32 2020/03/13 03:17:07 djm Exp $ */
 /*
 - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@ -1259,10 +1259,10 @@ index ab3a15f..6ce56e9 100644
 /* Privileged */
 diff --git a/kex.c b/kex.c
-index 1f82c2e..92d8ee0 100644
+index 53f7ff8..fbb8e4f 100644
 --- a/kex.c
 +++ b/kex.c
-@@ -55,11 +55,16 @@
+@@ -57,11 +57,16 @@
 #include "misc.h"
 #include "dispatch.h"
 #include "monitor.h"
@ -1279,7 +1279,7 @@ index 1f82c2e..92d8ee0 100644
 #include "fips.h"
 /* prototype */
-@@ -115,6 +120,19 @@ static const struct kexalg kexalgs_all[] = {
+@@ -117,6 +122,19 @@ static const struct kexalg kexalgs_all[] = {
 #endif /* HAVE_EVP_SHA256 || !WITH_OPENSSL */
 	{ NULL, 0, -1, -1},
 };
@ -1299,7 +1299,7 @@ index 1f82c2e..92d8ee0 100644
 static const struct kexalg kexalgs_fips140_2[] = {
 #ifdef WITH_OPENSSL
-@@ -142,12 +160,12 @@ static const struct kexalg kexalgs_fips140_2[] = {
+@@ -144,12 +162,12 @@ static const struct kexalg kexalgs_fips140_2[] = {
 /* Returns array of macs available depending on selected FIPS mode */
 static const struct kexalg *
@ -1314,7 +1314,7 @@ index 1f82c2e..92d8ee0 100644
 		case 1:
 			return kexalgs_fips140_2;
 		default:
-@@ -158,13 +176,13 @@ fips_select_kexalgs(void)
+@@ -160,13 +178,13 @@ fips_select_kexalgs(void)
 }
 char *
@ -1330,7 +1330,7 @@ index 1f82c2e..92d8ee0 100644
 		if (ret != NULL)
 			ret[rlen++] = sep;
 		nlen = strlen(k->name);
-@@ -179,15 +197,31 @@ kex_alg_list(char sep)
+@@ -181,15 +199,31 @@ kex_alg_list(char sep)
 	return ret;
 }
@ -1363,7 +1363,7 @@ index 1f82c2e..92d8ee0 100644
 	return NULL;
 }
-@@ -359,6 +393,29 @@ kex_assemble_names(char **listp, const char *def, const char *all)
+@@ -361,6 +395,29 @@ kex_assemble_names(char **listp, const char *def, const char *all)
 	return r;
 }
@ -1393,7 +1393,7 @@ index 1f82c2e..92d8ee0 100644
 /* put algorithm proposal into buffer */
 int
 kex_prop2buf(struct sshbuf *b, char *proposal[PROPOSAL_MAX])
-@@ -742,6 +799,9 @@ kex_free(struct kex *kex)
+@@ -743,6 +800,9 @@ kex_free(struct kex *kex)
 	sshbuf_free(kex->server_version);
 	sshbuf_free(kex->client_pub);
 	free(kex->session_id);
@ -1502,7 +1502,7 @@ index 67133e3..edaa467 100644
 		break;
 	case KEX_DH_GRP18_SHA512:
 diff --git a/kexgen.c b/kexgen.c
-index bb996b5..d353ed8 100644
+index 69348b9..c0e8c2f 100644
 --- a/kexgen.c
 +++ b/kexgen.c
@@ -44,7 +44,7 @@
@ -2596,10 +2596,10 @@ index 0000000..60bc02d
 +}
 +#endif /* defined(GSSAPI) && defined(WITH_OPENSSL) */
 diff --git a/monitor.c b/monitor.c
-index 00af44f..20812fa 100644
+index b6e855d..cf775e5 100644
 --- a/monitor.c
 +++ b/monitor.c
-@@ -147,6 +147,8 @@ int mm_answer_gss_setup_ctx(struct ssh *, int, struct sshbuf *);
+@@ -148,6 +148,8 @@ int mm_answer_gss_setup_ctx(struct ssh *, int, struct sshbuf *);
 int mm_answer_gss_accept_ctx(struct ssh *, int, struct sshbuf *);
 int mm_answer_gss_userok(struct ssh *, int, struct sshbuf *);
 int mm_answer_gss_checkmic(struct ssh *, int, struct sshbuf *);
@ -2608,7 +2608,7 @@ index 00af44f..20812fa 100644
 #endif
 #ifdef SSH_AUDIT_EVENTS
-@@ -219,11 +221,18 @@ struct mon_table mon_dispatch_proto20[] = {
+@@ -220,11 +222,18 @@ struct mon_table mon_dispatch_proto20[] = {
     {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx},
     {MONITOR_REQ_GSSUSEROK, MON_ONCE|MON_AUTHDECIDE, mm_answer_gss_userok},
     {MONITOR_REQ_GSSCHECKMIC, MON_ONCE, mm_answer_gss_checkmic},
@ -2627,7 +2627,7 @@ index 00af44f..20812fa 100644
 #ifdef WITH_OPENSSL
     {MONITOR_REQ_MODULI, 0, mm_answer_moduli},
 #endif
-@@ -292,6 +301,10 @@ monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor)
+@@ -293,6 +302,10 @@ monitor_child_preauth(struct ssh *ssh, struct monitor *pmonitor)
 	/* Permit requests for moduli and signatures */
 	monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
 	monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
@ -2638,7 +2638,7 @@ index 00af44f..20812fa 100644
 	/* The first few requests do not require asynchronous access */
 	while (!authenticated) {
-@@ -405,6 +418,10 @@ monitor_child_postauth(struct ssh *ssh, struct monitor *pmonitor)
+@@ -406,6 +419,10 @@ monitor_child_postauth(struct ssh *ssh, struct monitor *pmonitor)
 	monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1);
 	monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1);
 	monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1);
@ -2649,7 +2649,7 @@ index 00af44f..20812fa 100644
 	if (auth_opts->permit_pty_flag) {
 		monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1);
-@@ -1687,6 +1704,17 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor)
+@@ -1712,6 +1729,17 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor)
 # ifdef OPENSSL_HAS_ECC
 		kex->kex[KEX_ECDH_SHA2] = kex_gen_server;
 # endif
@ -2667,7 +2667,7 @@ index 00af44f..20812fa 100644
 #endif /* WITH_OPENSSL */
 		kex->kex[KEX_C25519_SHA256] = kex_gen_server;
 		kex->kex[KEX_KEM_SNTRUP4591761X25519_SHA512] = kex_gen_server;
-@@ -1780,8 +1808,8 @@ mm_answer_gss_setup_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
+@@ -1805,8 +1833,8 @@ mm_answer_gss_setup_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
 	u_char *p;
 	int r;
@ -2678,7 +2678,7 @@ index 00af44f..20812fa 100644
 	if ((r = sshbuf_get_string(m, &p, &len)) != 0)
 		fatal("%s: buffer error: %s", __func__, ssh_err(r));
-@@ -1813,8 +1841,8 @@ mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
+@@ -1838,8 +1866,8 @@ mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
 	OM_uint32 flags = 0; /* GSI needs this */
 	int r;
@ -2689,7 +2689,7 @@ index 00af44f..20812fa 100644
 	if ((r = ssh_gssapi_get_buffer_desc(m, &in)) != 0)
 		fatal("%s: buffer error: %s", __func__, ssh_err(r));
-@@ -1834,6 +1862,7 @@ mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
+@@ -1859,6 +1887,7 @@ mm_answer_gss_accept_ctx(struct ssh *ssh, int sock, struct sshbuf *m)
 		monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0);
 		monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);
 		monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1);
@ -2697,7 +2697,7 @@ index 00af44f..20812fa 100644
 	}
 	return (0);
 }
-@@ -1845,8 +1874,8 @@ mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m)
+@@ -1870,8 +1899,8 @@ mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m)
 	OM_uint32 ret;
 	int r;
@ -2708,7 +2708,7 @@ index 00af44f..20812fa 100644
 	if ((r = ssh_gssapi_get_buffer_desc(m, &gssbuf)) != 0 ||
 	    (r = ssh_gssapi_get_buffer_desc(m, &mic)) != 0)
-@@ -1872,13 +1901,17 @@ mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m)
+@@ -1897,13 +1926,17 @@ mm_answer_gss_checkmic(struct ssh *ssh, int sock, struct sshbuf *m)
 int
 mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m)
 {
@ -2730,7 +2730,7 @@ index 00af44f..20812fa 100644
 	sshbuf_reset(m);
 	if ((r = sshbuf_put_u32(m, authenticated)) != 0)
-@@ -1887,7 +1920,11 @@ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m)
+@@ -1912,7 +1945,11 @@ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m)
 	debug3("%s: sending result %d", __func__, authenticated);
 	mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m);
@ -2743,7 +2743,7 @@ index 00af44f..20812fa 100644
 	if ((displayname = ssh_gssapi_displayname()) != NULL)
 		auth2_record_info(authctxt, "%s", displayname);
-@@ -1895,5 +1932,85 @@ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m)
+@@ -1920,5 +1957,85 @@ mm_answer_gss_userok(struct ssh *ssh, int sock, struct sshbuf *m)
 	/* Monitor loop will terminate if authenticated */
 	return (authenticated);
 }
@ -2843,10 +2843,10 @@ index 683e5e0..2b1a2d5 100644
 struct ssh;
 diff --git a/monitor_wrap.c b/monitor_wrap.c
-index 4169b76..fdca39a 100644
+index 001a8fa..6edb509 100644
 --- a/monitor_wrap.c
 +++ b/monitor_wrap.c
-@@ -978,13 +978,15 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
+@@ -993,13 +993,15 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
 }
 int
@ -2863,7 +2863,7 @@ index 4169b76..fdca39a 100644
 	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUSEROK, m);
 	mm_request_receive_expect(pmonitor->m_recvfd,
-@@ -997,4 +999,57 @@ mm_ssh_gssapi_userok(char *user)
+@@ -1012,4 +1014,57 @@ mm_ssh_gssapi_userok(char *user)
 	debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not ");
 	return (authenticated);
 }
@ -2922,10 +2922,10 @@ index 4169b76..fdca39a 100644
 +
 #endif /* GSSAPI */
 diff --git a/monitor_wrap.h b/monitor_wrap.h
-index 191277f..92dda57 100644
+index 23ab096..485590c 100644
 --- a/monitor_wrap.h
 +++ b/monitor_wrap.h
-@@ -63,8 +63,10 @@ int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t,
+@@ -64,8 +64,10 @@ int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t,
 OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
 OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *,
    gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *);
@ -2938,7 +2938,7 @@ index 191277f..92dda57 100644
 #ifdef USE_PAM
 diff --git a/readconf.c b/readconf.c
-index 228f481..24f2cb1 100644
+index 408a80c..d37658a 100644
 --- a/readconf.c
 +++ b/readconf.c
@@ -67,6 +67,7 @@
@ -2949,7 +2949,7 @@ index 228f481..24f2cb1 100644
 #include "fips.h"
-@@ -164,6 +165,8 @@ typedef enum {
+@@ -162,6 +163,8 @@ typedef enum {
 	oClearAllForwardings, oNoHostAuthenticationForLocalhost,
 	oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
 	oAddressFamily, oGssAuthentication, oGssDelegateCreds,
@ -2958,7 +2958,7 @@ index 228f481..24f2cb1 100644
 	oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
 	oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist,
 	oHashKnownHosts,
-@@ -204,10 +207,22 @@ static struct {
+@@ -206,10 +209,22 @@ static struct {
 	/* Sometimes-unsupported options */
 #if defined(GSSAPI)
 	{ "gssapiauthentication", oGssAuthentication },
@ -2981,7 +2981,7 @@ index 228f481..24f2cb1 100644
 #endif
 #ifdef ENABLE_PKCS11
 	{ "pkcs11provider", oPKCS11Provider },
-@@ -990,10 +1005,42 @@ parse_time:
+@@ -1055,10 +1070,42 @@ parse_time:
 		intptr = &options->gss_authentication;
 		goto parse_flag;
@ -3024,7 +3024,7 @@ index 228f481..24f2cb1 100644
 	case oBatchMode:
 		intptr = &options->batch_mode;
 		goto parse_flag;
-@@ -1882,7 +1929,13 @@ initialize_options(Options * options)
+@@ -1954,7 +2001,13 @@ initialize_options(Options * options)
 	options->pubkey_authentication = -1;
 	options->challenge_response_authentication = -1;
 	options->gss_authentication = -1;
@ -3038,7 +3038,7 @@ index 228f481..24f2cb1 100644
 	options->password_authentication = -1;
 	options->kbd_interactive_authentication = -1;
 	options->kbd_interactive_devices = NULL;
-@@ -2028,8 +2081,18 @@ fill_default_options(Options * options)
+@@ -2102,8 +2155,18 @@ fill_default_options(Options * options)
 		options->challenge_response_authentication = 1;
 	if (options->gss_authentication == -1)
 		options->gss_authentication = 0;
@ -3057,7 +3057,7 @@ index 228f481..24f2cb1 100644
 	if (options->password_authentication == -1)
 		options->password_authentication = 1;
 	if (options->kbd_interactive_authentication == -1)
-@@ -2647,7 +2710,14 @@ dump_client_config(Options *o, const char *host)
+@@ -2751,7 +2814,14 @@ dump_client_config(Options *o, const char *host)
 	dump_cfg_fmtint(oGatewayPorts, o->fwd_opts.gateway_ports);
 #ifdef GSSAPI
 	dump_cfg_fmtint(oGssAuthentication, o->gss_authentication);
@ -3073,10 +3073,10 @@ index 228f481..24f2cb1 100644
 	dump_cfg_fmtint(oHashKnownHosts, o->hash_known_hosts);
 	dump_cfg_fmtint(oHostbasedAuthentication, o->hostbased_authentication);
 diff --git a/readconf.h b/readconf.h
-index 67111e9..2617764 100644
+index ef18d5c..c0d797e 100644
 --- a/readconf.h
 +++ b/readconf.h
-@@ -40,7 +40,13 @@ typedef struct {
+@@ -41,7 +41,13 @@ typedef struct {
 	int     challenge_response_authentication;
 					/* Try S/Key or TIS, authentication. */
 	int     gss_authentication;	/* Try GSS authentication */
@ -3091,10 +3091,10 @@ index 67111e9..2617764 100644
 						 * authentication. */
 	int     kbd_interactive_authentication; /* Try keyboard-interactive auth. */
 diff --git a/servconf.c b/servconf.c
-index a8833a9..13cf154 100644
+index 8a9db25..18b70b6 100644
 --- a/servconf.c
 +++ b/servconf.c
-@@ -64,6 +64,7 @@
+@@ -69,6 +69,7 @@
 #include "auth.h"
 #include "myproposal.h"
 #include "digest.h"
@ -3102,7 +3102,7 @@ index a8833a9..13cf154 100644
 #include "fips.h"
 static void add_listen_addr(ServerOptions *, const char *,
-@@ -126,8 +127,11 @@ initialize_server_options(ServerOptions *options)
+@@ -135,8 +136,11 @@ initialize_server_options(ServerOptions *options)
 	options->kerberos_ticket_cleanup = -1;
 	options->kerberos_get_afs_token = -1;
 	options->gss_authentication=-1;
@ -3114,7 +3114,7 @@ index a8833a9..13cf154 100644
 	options->password_authentication = -1;
 	options->kbd_interactive_authentication = -1;
 	options->challenge_response_authentication = -1;
-@@ -374,10 +378,18 @@ fill_default_server_options(ServerOptions *options)
+@@ -398,10 +402,18 @@ fill_default_server_options(ServerOptions *options)
 		options->kerberos_get_afs_token = 0;
 	if (options->gss_authentication == -1)
 		options->gss_authentication = 0;
@ -3133,7 +3133,7 @@ index a8833a9..13cf154 100644
 	if (options->password_authentication == -1)
 		options->password_authentication = 1;
 	if (options->kbd_interactive_authentication == -1)
-@@ -523,6 +535,7 @@ typedef enum {
+@@ -556,6 +568,7 @@ typedef enum {
 	sHostKeyAlgorithms,
 	sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile,
 	sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor,
@ -3141,7 +3141,7 @@ index a8833a9..13cf154 100644
 	sAcceptEnv, sSetEnv, sPermitTunnel,
 	sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory,
 	sUsePrivilegeSeparation, sAllowAgentForwarding,
-@@ -599,12 +612,22 @@ static struct {
+@@ -634,12 +647,22 @@ static struct {
 #ifdef GSSAPI
 	{ "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },
 	{ "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },
@ -3164,7 +3164,7 @@ index a8833a9..13cf154 100644
 	{ "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
 	{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
 	{ "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL },
-@@ -1518,6 +1541,10 @@ process_server_config_line(ServerOptions *options, char *line,
+@@ -1585,6 +1608,10 @@ process_server_config_line_depth(ServerOptions *options, char *line,
 		intptr = &options->gss_authentication;
 		goto parse_flag;
@ -3175,7 +3175,7 @@ index a8833a9..13cf154 100644
 	case sGssCleanupCreds:
 		intptr = &options->gss_cleanup_creds;
 		goto parse_flag;
-@@ -1526,6 +1553,22 @@ process_server_config_line(ServerOptions *options, char *line,
+@@ -1593,6 +1620,22 @@ process_server_config_line_depth(ServerOptions *options, char *line,
 		intptr = &options->gss_strict_acceptor;
 		goto parse_flag;
@ -3198,7 +3198,7 @@ index a8833a9..13cf154 100644
 	case sPasswordAuthentication:
 		intptr = &options->password_authentication;
 		goto parse_flag;
-@@ -2615,6 +2658,10 @@ dump_config(ServerOptions *o)
+@@ -2821,6 +2864,10 @@ dump_config(ServerOptions *o)
 #ifdef GSSAPI
 	dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
 	dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds);
@ -3210,10 +3210,10 @@ index a8833a9..13cf154 100644
 	dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication);
 	dump_cfg_fmtint(sKbdInteractiveAuthentication,
 diff --git a/servconf.h b/servconf.h
-index 4670a5a..56373e5 100644
+index d24d459..45665df 100644
 --- a/servconf.h
 +++ b/servconf.h
-@@ -126,8 +126,11 @@ typedef struct {
+@@ -137,8 +137,11 @@ typedef struct {
 	int     kerberos_get_afs_token;		/* If true, try to get AFS token if
 						 * authenticated with Kerberos. */
 	int     gss_authentication;	/* If true, permit GSSAPI authentication */
@ -3226,10 +3226,10 @@ index 4670a5a..56373e5 100644
 						 * authentication. */
 	int     kbd_interactive_authentication;	/* If true, permit */
 diff --git a/session.c b/session.c
-index d81060c..89f9539 100644
+index 501bbdf..530aa26 100644
 --- a/session.c
 +++ b/session.c
-@@ -2713,13 +2713,19 @@ do_cleanup(struct ssh *ssh, Authctxt *authctxt)
+@@ -2717,13 +2717,19 @@ do_cleanup(struct ssh *ssh, Authctxt *authctxt)
 #ifdef KRB5
 	if (options.kerberos_ticket_cleanup &&
@ -3372,10 +3372,10 @@ index 36180d0..70dd366 100644
 #endif /* _SSH_GSS_H */
 diff --git a/ssh.1 b/ssh.1
-index 899a339..70d3017 100644
+index dce5f40..7a3ba31 100644
 --- a/ssh.1
 +++ b/ssh.1
-@@ -497,7 +497,13 @@ For full details of the options listed below, and their possible values, see
+@@ -506,7 +506,13 @@ For full details of the options listed below, and their possible values, see
 .It GatewayPorts
 .It GlobalKnownHostsFile
 .It GSSAPIAuthentication
@ -3389,7 +3389,7 @@ index 899a339..70d3017 100644
 .It HashKnownHosts
 .It Host
 .It HostbasedAuthentication
-@@ -573,6 +579,8 @@ flag),
+@@ -582,6 +588,8 @@ flag),
 (supported message integrity codes),
 .Ar kex
 (key exchange algorithms),
@ -3399,25 +3399,25 @@ index 899a339..70d3017 100644
 (key types),
 .Ar key-cert
 diff --git a/ssh.c b/ssh.c
-index 882d1da..5f3ca8d 100644
+index dce28fd..c99e0e4 100644
 --- a/ssh.c
 +++ b/ssh.c
-@@ -742,6 +742,8 @@ main(int ac, char **av)
+@@ -779,6 +779,8 @@ main(int ac, char **av)
- 				cp = mac_alg_list('\n');
+ 			else if (strcmp(optarg, "kex") == 0 ||
- 			else if (strcmp(optarg, "kex") == 0)
+ 			    strcasecmp(optarg, "KexAlgorithms") == 0)
 				cp = kex_alg_list('\n');
 +			else if (strcmp(optarg, "kex-gss") == 0)
 +				cp = kex_gss_alg_list('\n');
 			else if (strcmp(optarg, "key") == 0)
 				cp = sshkey_alg_list(0, 0, 0, '\n');
 			else if (strcmp(optarg, "key-cert") == 0)
-@@ -754,7 +756,7 @@ main(int ac, char **av)
+@@ -803,7 +805,7 @@ main(int ac, char **av)
- 				cp = xstrdup("2");
+ 						cp[n] = '\n';
- 			else if (strcmp(optarg, "help") == 0) {
+ 			} else if (strcmp(optarg, "help") == 0) {
 				cp = xstrdup(
-				    "cipher\ncipher-auth\nkex\nkey\n"
+-				    "cipher\ncipher-auth\ncompression\nkex\n"
-+				    "cipher\ncipher-auth\nkex\nkex-gss\nkey\n"
+				    "cipher\ncipher-auth\ncompression\nkex\nkex-gss\n"
- 				    "key-cert\nkey-plain\nmac\n"
+ 				    "key\nkey-cert\nkey-plain\nkey-sig\nmac\n"
 				    "protocol-version\nsig");
 			}
 diff --git a/ssh_config b/ssh_config
@ -3434,10 +3434,10 @@ index 3a00f4d..a798a43 100644
 #   CheckHostIP yes
 #   AddressFamily any
 diff --git a/ssh_config.5 b/ssh_config.5
-index f0cb291..3bf0502 100644
+index f6c3bdc..30c22e5 100644
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -760,10 +760,67 @@ The default is
+@@ -768,10 +768,67 @@ The default is
 Specifies whether user authentication based on GSSAPI is allowed.
 The default is
 .Cm no .
@ -3506,10 +3506,10 @@ index f0cb291..3bf0502 100644
 Indicates that
 .Xr ssh 1
 diff --git a/sshconnect2.c b/sshconnect2.c
-index 87fa70a..9e8c3e5 100644
+index 1a6545e..b970198 100644
 --- a/sshconnect2.c
 +++ b/sshconnect2.c
-@@ -78,8 +78,6 @@
+@@ -80,8 +80,6 @@
 #endif
 /* import */
@ -3518,9 +3518,9 @@ index 87fa70a..9e8c3e5 100644
 extern Options options;
 /*
-@@ -161,6 +159,11 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
+@@ -163,6 +161,11 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
 	char *s, *all_key;
- 	int r;
+ 	int r, use_known_hosts_order = 0;
 +#if defined(GSSAPI) && defined(WITH_OPENSSL)
 +	char *orig = NULL, *gss = NULL;
@ -3530,8 +3530,8 @@ index 87fa70a..9e8c3e5 100644
 	xxx_host = host;
 	xxx_hostaddr = hostaddr;
-@@ -193,6 +196,35 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
+@@ -206,6 +209,35 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
- 		    order_hostkeyalgs(host, hostaddr, port));
+ 		    compat_pkalg_proposal(options.hostkeyalgorithms);
 	}
 +#if defined(GSSAPI) && defined(WITH_OPENSSL)
@ -3566,7 +3566,7 @@ index 87fa70a..9e8c3e5 100644
 	if (options.rekey_limit || options.rekey_interval)
 		ssh_packet_set_rekey_limits(ssh, options.rekey_limit,
 		    options.rekey_interval);
-@@ -211,16 +243,46 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
+@@ -224,16 +256,46 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
 # ifdef OPENSSL_HAS_ECC
 	ssh->kex->kex[KEX_ECDH_SHA2] = kex_gen_client;
 # endif
@ -3614,7 +3614,7 @@ index 87fa70a..9e8c3e5 100644
 	if ((r = kex_prop2buf(ssh->kex->my, myproposal)) != 0)
 		fatal("kex_prop2buf: %s", ssh_err(r));
-@@ -317,6 +379,7 @@ static int input_gssapi_response(int type, u_int32_t, struct ssh *);
+@@ -330,6 +392,7 @@ static int input_gssapi_response(int type, u_int32_t, struct ssh *);
 static int input_gssapi_token(int type, u_int32_t, struct ssh *);
 static int input_gssapi_error(int, u_int32_t, struct ssh *);
 static int input_gssapi_errtok(int, u_int32_t, struct ssh *);
@ -3622,7 +3622,7 @@ index 87fa70a..9e8c3e5 100644
 #endif
 void	userauth(struct ssh *, char *);
-@@ -333,6 +396,11 @@ static char *authmethods_get(void);
+@@ -346,6 +409,11 @@ static char *authmethods_get(void);
 Authmethod authmethods[] = {
 #ifdef GSSAPI
@ -3634,7 +3634,7 @@ index 87fa70a..9e8c3e5 100644
 	{"gssapi-with-mic",
 		userauth_gssapi,
 		userauth_gssapi_cleanup,
-@@ -697,12 +765,23 @@ userauth_gssapi(struct ssh *ssh)
+@@ -716,12 +784,23 @@ userauth_gssapi(struct ssh *ssh)
 	OM_uint32 min;
 	int r, ok = 0;
 	gss_OID mech = NULL;
@ -3659,7 +3659,7 @@ index 87fa70a..9e8c3e5 100644
 	/* Check to see whether the mechanism is usable before we offer it */
 	while (authctxt->mech_tried < authctxt->gss_supported_mechs->count &&
-@@ -711,13 +790,15 @@ userauth_gssapi(struct ssh *ssh)
+@@ -730,13 +809,15 @@ userauth_gssapi(struct ssh *ssh)
 		    elements[authctxt->mech_tried];
 		/* My DER encoding requires length<128 */
 		if (mech->length < 128 && ssh_gssapi_check_mechanism(&gssctxt,
@ -3676,7 +3676,7 @@ index 87fa70a..9e8c3e5 100644
 	if (!ok || mech == NULL)
 		return 0;
-@@ -957,6 +1038,55 @@ input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh)
+@@ -976,6 +1057,55 @@ input_gssapi_error(int type, u_int32_t plen, struct ssh *ssh)
 	free(lang);
 	return r;
 }
@ -3733,10 +3733,10 @@ index 87fa70a..9e8c3e5 100644
 static int
 diff --git a/sshd.c b/sshd.c
-index c562094..0d5c4c4 100644
+index 1a09e7b..7d23232 100644
 --- a/sshd.c
 +++ b/sshd.c
-@@ -815,8 +815,8 @@ notify_hostkeys(struct ssh *ssh)
+@@ -826,8 +826,8 @@ notify_hostkeys(struct ssh *ssh)
 	}
 	debug3("%s: sent %u hostkeys", __func__, nkeys);
 	if (nkeys == 0)
@ -3747,7 +3747,7 @@ index c562094..0d5c4c4 100644
 		sshpkt_fatal(ssh, r, "%s: send", __func__);
 	sshbuf_free(buf);
 }
-@@ -1800,7 +1800,8 @@ main(int ac, char **av)
+@@ -1865,7 +1865,8 @@ main(int ac, char **av)
 		free(fp);
 	}
 	accumulate_host_timing_secret(cfg, NULL);
@ -3757,7 +3757,7 @@ index c562094..0d5c4c4 100644
 		logit("sshd: no hostkeys available -- exiting.");
 		exit(1);
 	}
-@@ -2297,6 +2298,48 @@ do_ssh2_kex(struct ssh *ssh)
+@@ -2361,6 +2362,48 @@ do_ssh2_kex(struct ssh *ssh)
 	myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(
 	    list_hostkey_types());
@ -3806,7 +3806,7 @@ index c562094..0d5c4c4 100644
 	/* start key exchange */
 	if ((r = kex_setup(ssh, myproposal)) != 0)
 		fatal("kex_setup: %s", ssh_err(r));
-@@ -2312,7 +2355,18 @@ do_ssh2_kex(struct ssh *ssh)
+@@ -2376,7 +2419,18 @@ do_ssh2_kex(struct ssh *ssh)
 # ifdef OPENSSL_HAS_ECC
 	kex->kex[KEX_ECDH_SHA2] = kex_gen_server;
 # endif
@ -3840,10 +3840,10 @@ index 9ae8b05..8c1d1e5 100644
 # Set this to 'yes' to enable PAM authentication, account processing,
 # and session processing. If this is enabled, PAM authentication will
 diff --git a/sshd_config.5 b/sshd_config.5
-index 8818ea5..50a4917 100644
+index 9c64f41..36696cc 100644
 --- a/sshd_config.5
 +++ b/sshd_config.5
-@@ -657,6 +657,11 @@ Specifies whether to automatically destroy the user's credentials cache
+@@ -646,6 +646,11 @@ Specifies whether to automatically destroy the user's credentials cache
 on logout.
 The default is
 .Cm yes .
@ -3855,7 +3855,7 @@ index 8818ea5..50a4917 100644
 .It Cm GSSAPIStrictAcceptorCheck
 Determines whether to be strict about the identity of the GSSAPI acceptor
 a client authenticates against.
-@@ -671,6 +676,31 @@ machine's default store.
+@@ -660,6 +665,31 @@ machine's default store.
 This facility is provided to assist with operation on multi homed machines.
 The default is
 .Cm yes .
@ -3888,18 +3888,18 @@ index 8818ea5..50a4917 100644
 Specifies the key types that will be accepted for hostbased authentication
 as a list of comma-separated patterns.
 diff --git a/sshkey.c b/sshkey.c
-index ef90563..4d2048b 100644
+index 1571e3d..1ac32a0 100644
 --- a/sshkey.c
 +++ b/sshkey.c
-@@ -145,6 +145,7 @@ static const struct keytype keytypes[] = {
+@@ -154,6 +154,7 @@ static const struct keytype keytypes[] = {
- #  endif /* OPENSSL_HAS_NISTP521 */
+ 	    KEY_ECDSA_SK_CERT, NID_X9_62_prime256v1, 1, 0 },
 # endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 +	{ "null", "null", NULL, KEY_NULL, 0, 0, 0 },
 	{ NULL, NULL, NULL, -1, -1, 0, 0 }
 };
-@@ -233,7 +234,7 @@ sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep)
+@@ -255,7 +256,7 @@ sshkey_alg_list(int certs_only, int plain_only, int include_sigonly, char sep)
 	const struct keytype *kt;
 	for (kt = keytypes; kt->type != -1; kt++) {
@ -3909,13 +3909,13 @@ index ef90563..4d2048b 100644
 		if (!include_sigonly && kt->sigonly)
 			continue;
 diff --git a/sshkey.h b/sshkey.h
-index 1119a7b..1bf30d0 100644
+index 9c1d4f6..f586e89 100644
 --- a/sshkey.h
 +++ b/sshkey.h
-@@ -65,6 +65,7 @@ enum sshkey_types {
+@@ -69,6 +69,7 @@ enum sshkey_types {
- 	KEY_ED25519_CERT,
+ 	KEY_ECDSA_SK_CERT,
- 	KEY_XMSS,
+ 	KEY_ED25519_SK,
- 	KEY_XMSS_CERT,
+ 	KEY_ED25519_SK_CERT,
 +	KEY_NULL,
 	KEY_UNSPEC
 };
--- a/openssh-8.1p1-audit.patch
+++ b/openssh-8.1p1-audit.patch
@ -1,17 +1,16 @@
 diff --git a/Makefile.in b/Makefile.in
-index 02bafbc..4ee4ab2 100644
+index 9d3f569..5a0e0b6 100644
 --- a/Makefile.in
 +++ b/Makefile.in
-@@ -110,7 +110,8 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
+@@ -115,7 +115,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
 	kexgexc.o kexgexs.o \
 	sntrup4591761.o kexsntrup4591761x25519.o kexgen.o \
 	kexgssc.o \
-	platform-pledge.o platform-tracing.o platform-misc.o
+ 	sftp-realpath.o platform-pledge.o platform-tracing.o platform-misc.o \
-+	platform-pledge.o platform-tracing.o platform-misc.o \
+-	sshbuf-io.o
-+	auditstub.o
+	sshbuf-io.o auditstub.o
 SKOBJS=	ssh-sk-client.o
 LIBSSH_OBJS += fips.o
 diff --git a/audit-bsm.c b/audit-bsm.c
 index 0ba16c7..d5e9cda 100644
 --- a/audit-bsm.c
@ -744,10 +743,10 @@ index 0000000..639a798
 +{
 +}
 diff --git a/auth.c b/auth.c
-index ab43955..5a4d11a 100644
+index 779a1af..f6f3c86 100644
 --- a/auth.c
 +++ b/auth.c
-@@ -366,7 +366,7 @@ auth_log(struct ssh *ssh, int authenticated, int partial,
+@@ -367,7 +367,7 @@ auth_log(struct ssh *ssh, int authenticated, int partial,
 # endif
 #endif
 #ifdef SSH_AUDIT_EVENTS
@ -756,7 +755,7 @@ index ab43955..5a4d11a 100644
 		audit_event(ssh, audit_classify_auth(method));
 #endif
 }
-@@ -592,9 +592,6 @@ getpwnamallow(struct ssh *ssh, const char *user)
+@@ -593,9 +593,6 @@ getpwnamallow(struct ssh *ssh, const char *user)
 		record_failed_login(ssh, user,
 		    auth_get_canonical_hostname(ssh, options.use_dns), "ssh");
 #endif
@ -767,7 +766,7 @@ index ab43955..5a4d11a 100644
 	}
 	if (!allowed_user(ssh, pw))
 diff --git a/auth.h b/auth.h
-index becc672..84532d0 100644
+index becc672..c8a99fb 100644
 --- a/auth.h
 +++ b/auth.h
@@ -189,6 +189,8 @@ struct passwd * getpwnamallow(struct ssh *, const char *user);
@ -775,7 +774,7 @@ index becc672..84532d0 100644
 char	*expand_authorized_keys(const char *, struct passwd *pw);
 char	*authorized_principals_file(struct passwd *);
 +int	 user_key_verify(struct ssh *, const struct sshkey *, const u_char *, size_t,
-+    const u_char *, size_t, const char *, u_int);
+    const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **);
 FILE	*auth_openkeyfile(const char *, struct passwd *, int);
 FILE	*auth_openprincipals(const char *, struct passwd *, int);
@ -784,12 +783,12 @@ index becc672..84532d0 100644
 int	 sshd_hostkey_sign(struct ssh *, struct sshkey *, struct sshkey *,
     u_char **, size_t *, const u_char *, size_t, const char *);
 +int	 hostbased_key_verify(struct ssh *, const struct sshkey *, const u_char *, size_t,
-+    const u_char *, size_t, const char *, u_int);
+    const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **);
 /* Key / cert options linkage to auth layer */
 const struct sshauthopt *auth_options(struct ssh *);
 diff --git a/auth2-hostbased.c b/auth2-hostbased.c
-index d460470..de26444 100644
+index 5e9b7c6..c0a09a3 100644
 --- a/auth2-hostbased.c
 +++ b/auth2-hostbased.c
@@ -150,7 +150,7 @@ userauth_hostbased(struct ssh *ssh)
@ -798,7 +797,7 @@ index d460470..de26444 100644
 	    chost, key)) &&
 -	    PRIVSEP(sshkey_verify(key, sig, slen,
 +	    PRIVSEP(hostbased_key_verify(ssh, key, sig, slen,
- 	    sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat)) == 0)
+ 	    sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat, NULL)) == 0)
 		authenticated = 1;
@@ -167,6 +167,19 @@ done:
@ -807,11 +806,11 @@ index d460470..de26444 100644
 +int
 +hostbased_key_verify(struct ssh *ssh, const struct sshkey *key, const u_char *sig,
-+    size_t slen, const u_char *data, size_t datalen, const char *pkalg, u_int compat)
+    size_t slen, const u_char *data, size_t datalen, const char *pkalg, u_int compat, struct sshkey_sig_details **sigdet)
 +{
 +	int rv;
 +
-+	rv = sshkey_verify(key, sig, slen, data, datalen, pkalg, compat);
+	rv = sshkey_verify(key, sig, slen, data, datalen, pkalg, compat, sigdet);
 +#ifdef SSH_AUDIT_EVENTS
 +	audit_key(ssh, 0, &rv, key);
 +#endif
@ -822,10 +821,10 @@ index d460470..de26444 100644
 int
 hostbased_key_allowed(struct ssh *ssh, struct passwd *pw,
 diff --git a/auth2-pubkey.c b/auth2-pubkey.c
-index df12c2c..6062b8b 100644
+index 815ea0f..f8a4325 100644
 --- a/auth2-pubkey.c
 +++ b/auth2-pubkey.c
-@@ -210,7 +210,7 @@ userauth_pubkey(struct ssh *ssh)
+@@ -212,7 +212,7 @@ userauth_pubkey(struct ssh *ssh)
 		/* test for correct signature */
 		authenticated = 0;
 		if (PRIVSEP(user_key_allowed(ssh, pw, key, 1, &authopts)) &&
@ -833,18 +832,18 @@ index df12c2c..6062b8b 100644
 +		    PRIVSEP(user_key_verify(ssh, key, sig, slen,
 		    sshbuf_ptr(b), sshbuf_len(b),
 		    (ssh->compat & SSH_BUG_SIGTYPE) == 0 ? pkalg : NULL,
- 		    ssh->compat)) == 0) {
+ 		    ssh->compat, &sig_details)) == 0) {
-@@ -269,6 +269,19 @@ done:
+@@ -294,6 +294,19 @@ done:
 	return authenticated;
 }
 +int
 +user_key_verify(struct ssh *ssh, const struct sshkey *key, const u_char *sig,
-+    size_t slen, const u_char *data, size_t datalen, const char *pkalg, u_int compat)
+    size_t slen, const u_char *data, size_t datalen, const char *pkalg, u_int compat, struct sshkey_sig_details **sigdet)
 +{
 +	int rv;
 +
-+	rv = sshkey_verify(key, sig, slen, data, datalen, pkalg, compat);
+	rv = sshkey_verify(key, sig, slen, data, datalen, pkalg, compat, sigdet);
 +#ifdef SSH_AUDIT_EVENTS
 +	audit_key(ssh, 1, &rv, key);
 +#endif
@ -855,7 +854,7 @@ index df12c2c..6062b8b 100644
 match_principals_option(const char *principal_list, struct sshkey_cert *cert)
 {
 diff --git a/auth2.c b/auth2.c
-index 1c21726..e54509a 100644
+index a4a5e00..b12d2ac 100644
 --- a/auth2.c
 +++ b/auth2.c
@@ -293,9 +293,6 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
@ -869,7 +868,7 @@ index 1c21726..e54509a 100644
 #ifdef USE_PAM
 		if (options.use_pam)
 diff --git a/cipher.c b/cipher.c
-index b67a4ff..e0d23a5 100644
+index 599b54a..7f25a18 100644
 --- a/cipher.c
 +++ b/cipher.c
@@ -58,25 +58,6 @@
@ -898,17 +897,17 @@ index b67a4ff..e0d23a5 100644
 static const struct sshcipher ciphers_all[] = {
 #ifdef WITH_OPENSSL
 #ifndef OPENSSL_NO_DES
-@@ -451,7 +432,7 @@ cipher_get_length(struct sshcipher_ctx *cc, u_int *plenp, u_int seqnr,
+@@ -462,7 +443,7 @@ cipher_get_length(struct sshcipher_ctx *cc, u_int *plenp, u_int seqnr,
 void
 cipher_free(struct sshcipher_ctx *cc)
 {
 -	if (cc == NULL)
 +	if (cc == NULL || cc->cipher == NULL)
 		return;
- 	if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
+ 	if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) {
- 		explicit_bzero(&cc->cp_ctx, sizeof(cc->cp_ctx));
+ 		chachapoly_free(cc->cp_ctx);
 diff --git a/cipher.h b/cipher.h
-index d7d8c89..2341068 100644
+index 626f2f5..b3383a5 100644
 --- a/cipher.h
 +++ b/cipher.h
@@ -47,7 +47,25 @@
@ -939,10 +938,10 @@ index d7d8c89..2341068 100644
 	int	plaintext;
 	int	encrypt;
 diff --git a/kex.c b/kex.c
-index 92d8ee0..96e44a5 100644
+index fbb8e4f..39cad99 100644
 --- a/kex.c
 +++ b/kex.c
-@@ -60,6 +60,7 @@
+@@ -62,6 +62,7 @@
 #include "ssherr.h"
 #include "sshbuf.h"
 #include "digest.h"
@ -950,7 +949,7 @@ index 92d8ee0..96e44a5 100644
 #ifdef GSSAPI
 #include "ssh-gss.h"
-@@ -856,12 +857,16 @@ kex_start_rekex(struct ssh *ssh)
+@@ -857,12 +858,16 @@ kex_start_rekex(struct ssh *ssh)
 }
 static int
@ -969,7 +968,7 @@ index 92d8ee0..96e44a5 100644
 	if ((enc->cipher = cipher_by_name(name)) == NULL) {
 		error("%s: unsupported cipher %s", __func__, name);
 		free(name);
-@@ -882,8 +887,12 @@ choose_mac(struct ssh *ssh, struct sshmac *mac, char *client, char *server)
+@@ -883,8 +888,12 @@ choose_mac(struct ssh *ssh, struct sshmac *mac, char *client, char *server)
 {
 	char *name = match_list(client, server, NULL);
@ -983,7 +982,7 @@ index 92d8ee0..96e44a5 100644
 	if (mac_setup(mac, name) < 0) {
 		error("%s: unsupported MAC %s", __func__, name);
 		free(name);
-@@ -896,12 +905,16 @@ choose_mac(struct ssh *ssh, struct sshmac *mac, char *client, char *server)
+@@ -897,12 +906,16 @@ choose_mac(struct ssh *ssh, struct sshmac *mac, char *client, char *server)
 }
 static int
@ -999,10 +998,10 @@ index 92d8ee0..96e44a5 100644
 +#endif
 		return SSH_ERR_NO_COMPRESS_ALG_MATCH;
 +	}
 #ifdef WITH_ZLIB
 	if (strcmp(name, "zlib@openssh.com") == 0) {
 		comp->type = COMP_DELAYED;
- 	} else if (strcmp(name, "zlib") == 0) {
+@@ -1043,7 +1056,7 @@ kex_choose_conf(struct ssh *ssh)
@@ -1039,7 +1052,7 @@ kex_choose_conf(struct ssh *ssh)
 		nenc  = ctos ? PROPOSAL_ENC_ALGS_CTOS  : PROPOSAL_ENC_ALGS_STOC;
 		nmac  = ctos ? PROPOSAL_MAC_ALGS_CTOS  : PROPOSAL_MAC_ALGS_STOC;
 		ncomp = ctos ? PROPOSAL_COMP_ALGS_CTOS : PROPOSAL_COMP_ALGS_STOC;
@ -1011,7 +1010,7 @@ index 92d8ee0..96e44a5 100644
 		    sprop[nenc])) != 0) {
 			kex->failed_choice = peer[nenc];
 			peer[nenc] = NULL;
-@@ -1054,7 +1067,7 @@ kex_choose_conf(struct ssh *ssh)
+@@ -1058,7 +1071,7 @@ kex_choose_conf(struct ssh *ssh)
 			peer[nmac] = NULL;
 			goto out;
 		}
@ -1020,7 +1019,7 @@ index 92d8ee0..96e44a5 100644
 		    sprop[ncomp])) != 0) {
 			kex->failed_choice = peer[ncomp];
 			peer[ncomp] = NULL;
-@@ -1077,6 +1090,10 @@ kex_choose_conf(struct ssh *ssh)
+@@ -1081,6 +1094,10 @@ kex_choose_conf(struct ssh *ssh)
 		dh_need = MAXIMUM(dh_need, newkeys->enc.block_size);
 		dh_need = MAXIMUM(dh_need, newkeys->enc.iv_len);
 		dh_need = MAXIMUM(dh_need, newkeys->mac.key_len);
@ -1031,7 +1030,7 @@ index 92d8ee0..96e44a5 100644
 	}
 	/* XXX need runden? */
 	kex->we_need = need;
-@@ -1241,6 +1258,36 @@ dump_digest(const char *msg, const u_char *digest, int len)
+@@ -1245,6 +1262,36 @@ dump_digest(const char *msg, const u_char *digest, int len)
 }
 #endif
@ -1118,7 +1117,7 @@ index 0b119d7..5fb593b 100644
 #endif /* SSHMAC_H */
 diff --git a/monitor.c b/monitor.c
-index 20812fa..2e421cf 100644
+index cf775e5..fcd8283 100644
 --- a/monitor.c
 +++ b/monitor.c
@@ -93,6 +93,7 @@
@ -1128,8 +1127,8 @@ index 20812fa..2e421cf 100644
 +#include "audit.h"
 #include "match.h"
 #include "ssherr.h"
- 
+ #include "sk-api.h"
-@@ -107,6 +108,8 @@ extern u_char session_id[];
+@@ -108,6 +109,8 @@ extern u_char session_id[];
 extern struct sshbuf *loginmsg;
 extern struct sshauthopt *auth_opts; /* XXX move to permanent ssh->authctxt? */
@ -1138,7 +1137,7 @@ index 20812fa..2e421cf 100644
 /* State exported from the child */
 static struct sshbuf *child_state;
-@@ -154,6 +157,11 @@ int mm_answer_gss_updatecreds(struct ssh*, int, struct sshbuf *);
+@@ -155,6 +158,11 @@ int mm_answer_gss_updatecreds(struct ssh*, int, struct sshbuf *);
 #ifdef SSH_AUDIT_EVENTS
 int mm_answer_audit_event(struct ssh *, int, struct sshbuf *);
 int mm_answer_audit_command(struct ssh *, int, struct sshbuf *);
@ -1150,7 +1149,7 @@ index 20812fa..2e421cf 100644
 #endif
 static Authctxt *authctxt;
-@@ -209,6 +217,10 @@ struct mon_table mon_dispatch_proto20[] = {
+@@ -210,6 +218,10 @@ struct mon_table mon_dispatch_proto20[] = {
 #endif
 #ifdef SSH_AUDIT_EVENTS
     {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},
@ -1161,7 +1160,7 @@ index 20812fa..2e421cf 100644
 #endif
 #ifdef BSD_AUTH
     {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery},
-@@ -243,6 +255,11 @@ struct mon_table mon_dispatch_postauth20[] = {
+@@ -244,6 +256,11 @@ struct mon_table mon_dispatch_postauth20[] = {
 #ifdef SSH_AUDIT_EVENTS
     {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event},
     {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT, mm_answer_audit_command},
@ -1173,19 +1172,19 @@ index 20812fa..2e421cf 100644
 #endif
     {0, 0, NULL}
 };
-@@ -1408,8 +1425,10 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m)
+@@ -1406,8 +1423,10 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m)
 	char *sigalg;
 	size_t signaturelen, datalen, bloblen;
- 	int r, ret, valid_data = 0, encoded_ret;
+ 	int r, ret, req_presence = 0, valid_data = 0, encoded_ret;
 	struct sshkey_sig_details *sig_details = NULL;
 +	int type = 0;
-	if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 ||
+-	if ((r = sshbuf_get_string_direct(m, &blob, &bloblen)) != 0 ||
 +	if ((r = sshbuf_get_u32(m, &type)) != 0 ||
-+	    (r = sshbuf_get_string(m, &blob, &bloblen)) != 0 ||
+	    (r = sshbuf_get_string_direct(m, &blob, &bloblen)) != 0 ||
- 	    (r = sshbuf_get_string(m, &signature, &signaturelen)) != 0 ||
+ 	    (r = sshbuf_get_string_direct(m, &signature, &signaturelen)) != 0 ||
- 	    (r = sshbuf_get_string(m, &data, &datalen)) != 0 ||
+ 	    (r = sshbuf_get_string_direct(m, &data, &datalen)) != 0 ||
 	    (r = sshbuf_get_cstring(m, &sigalg, NULL)) != 0)
-@@ -1418,6 +1437,8 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m)
+@@ -1416,6 +1435,8 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m)
 	if (hostbased_cuser == NULL || hostbased_chost == NULL ||
 	  !monitor_allowed_key(blob, bloblen))
 		fatal("%s: bad key, not previously allowed", __func__);
@ -1194,19 +1193,19 @@ index 20812fa..2e421cf 100644
 	/* Empty signature algorithm means NULL. */
 	if (*sigalg == '\0') {
-@@ -1433,21 +1454,24 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m)
+@@ -1431,14 +1452,19 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m)
 	case MM_USERKEY:
 		valid_data = monitor_valid_userblob(data, datalen);
 		auth_method = "publickey";
 +		ret = user_key_verify(ssh, key, signature, signaturelen, data,
-+		    datalen, sigalg, ssh->compat);
+		    datalen, sigalg, ssh->compat, &sig_details);
 		break;
 	case MM_HOSTKEY:
 		valid_data = monitor_valid_hostbasedblob(data, datalen,
 		    hostbased_cuser, hostbased_chost);
 +		ret = hostbased_key_verify(ssh, key, signature, signaturelen, data,
 +		    datalen, sigalg, ssh->compat);
 		auth_method = "hostbased";
 +		ret = hostbased_key_verify(ssh, key, signature, signaturelen, data,
 +		    datalen, sigalg, ssh->compat, &sig_details);
 		break;
 	default:
 		valid_data = 0;
@ -1214,14 +1213,16 @@ index 20812fa..2e421cf 100644
 		break;
 	}
 	if (!valid_data)
- 		fatal("%s: bad signature data blob", __func__);
+@@ -1448,8 +1474,6 @@ mm_answer_keyverify(struct ssh *ssh, int sock, struct sshbuf *m)
 	    SSH_FP_DEFAULT)) == NULL)
 		fatal("%s: sshkey_fingerprint failed", __func__);
 -	ret = sshkey_verify(key, signature, signaturelen, data, datalen,
-	    sigalg, ssh->compat);
+-	    sigalg, ssh->compat, &sig_details);
- 	debug3("%s: %s %p signature %s", __func__, auth_method, key,
+ 	debug3("%s: %s %p signature %s%s%s", __func__, auth_method, key,
- 	    (ret == 0) ? "verified" : "unverified");
+ 	    (ret == 0) ? "verified" : "unverified",
- 	auth2_record_key(authctxt, ret == 0, key);
+ 	    (ret != 0) ? ": " : "", (ret != 0) ? ssh_err(ret) : "");
-@@ -1499,13 +1523,19 @@ mm_record_login(struct ssh *ssh, Session *s, struct passwd *pw)
+@@ -1524,13 +1548,19 @@ mm_record_login(struct ssh *ssh, Session *s, struct passwd *pw)
 }
 static void
@ -1242,7 +1243,7 @@ index 20812fa..2e421cf 100644
 	session_unused(s->self);
 }
-@@ -1572,7 +1602,7 @@ mm_answer_pty(struct ssh *ssh, int sock, struct sshbuf *m)
+@@ -1597,7 +1627,7 @@ mm_answer_pty(struct ssh *ssh, int sock, struct sshbuf *m)
  error:
 	if (s != NULL)
@ -1251,7 +1252,7 @@ index 20812fa..2e421cf 100644
 	if ((r = sshbuf_put_u32(m, 0)) != 0)
 		fatal("%s: buffer error: %s", __func__, ssh_err(r));
 	mm_request_send(sock, MONITOR_ANS_PTY, m);
-@@ -1591,7 +1621,7 @@ mm_answer_pty_cleanup(struct ssh *ssh, int sock, struct sshbuf *m)
+@@ -1616,7 +1646,7 @@ mm_answer_pty_cleanup(struct ssh *ssh, int sock, struct sshbuf *m)
 	if ((r = sshbuf_get_cstring(m, &tty, NULL)) != 0)
 		fatal("%s: buffer error: %s", __func__, ssh_err(r));
 	if ((s = session_by_tty(tty)) != NULL)
@ -1260,7 +1261,7 @@ index 20812fa..2e421cf 100644
 	sshbuf_reset(m);
 	free(tty);
 	return (0);
-@@ -1613,6 +1643,8 @@ mm_answer_term(struct ssh *ssh, int sock, struct sshbuf *req)
+@@ -1638,6 +1668,8 @@ mm_answer_term(struct ssh *ssh, int sock, struct sshbuf *req)
 		sshpam_cleanup();
 #endif
@ -1269,7 +1270,7 @@ index 20812fa..2e421cf 100644
 	while (waitpid(pmonitor->m_pid, &status, 0) == -1)
 		if (errno != EINTR)
 			exit(1);
-@@ -1659,12 +1691,47 @@ mm_answer_audit_command(struct ssh *ssh, int socket, struct sshbuf *m)
+@@ -1684,12 +1716,47 @@ mm_answer_audit_command(struct ssh *ssh, int socket, struct sshbuf *m)
 {
 	char *cmd;
 	int r;
@ -1318,7 +1319,7 @@ index 20812fa..2e421cf 100644
 	free(cmd);
 	return (0);
 }
-@@ -1730,6 +1797,7 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor)
+@@ -1755,6 +1822,7 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor)
 void
 mm_get_keystate(struct ssh *ssh, struct monitor *pmonitor)
 {
@ -1326,7 +1327,7 @@ index 20812fa..2e421cf 100644
 	debug3("%s: Waiting for new keys", __func__);
 	if ((child_state = sshbuf_new()) == NULL)
-@@ -1737,6 +1805,19 @@ mm_get_keystate(struct ssh *ssh, struct monitor *pmonitor)
+@@ -1762,6 +1830,19 @@ mm_get_keystate(struct ssh *ssh, struct monitor *pmonitor)
 	mm_request_receive_expect(pmonitor->m_sendfd, MONITOR_REQ_KEYEXPORT,
 	    child_state);
 	debug3("%s: GOT new keys", __func__);
@ -1346,7 +1347,7 @@ index 20812fa..2e421cf 100644
 }
-@@ -2014,3 +2095,102 @@ mm_answer_gss_updatecreds(struct ssh *ssh, int socket, struct sshbuf *m) {
+@@ -2039,3 +2120,102 @@ mm_answer_gss_updatecreds(struct ssh *ssh, int socket, struct sshbuf *m) {
 #endif /* GSSAPI */
@ -1469,7 +1470,7 @@ index 2b1a2d5..7817990 100644
 	MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151,
 	MONITOR_REQ_GSSUPCREDS = 152, MONITOR_ANS_GSSUPCREDS = 153,
 diff --git a/monitor_wrap.c b/monitor_wrap.c
-index fdca39a..b427dd6 100644
+index 6edb509..cb5e5f3 100644
 --- a/monitor_wrap.c
 +++ b/monitor_wrap.c
@@ -492,7 +492,7 @@ mm_key_allowed(enum mm_keytype type, const char *user, const char *host,
@ -1478,11 +1479,11 @@ index fdca39a..b427dd6 100644
 int
 -mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen,
 +mm_sshkey_verify(enum mm_keytype type, const struct sshkey *key, const u_char *sig, size_t siglen,
-     const u_char *data, size_t datalen, const char *sigalg, u_int compat)
+     const u_char *data, size_t datalen, const char *sigalg, u_int compat,
     struct sshkey_sig_details **sig_detailsp)
 {
- 	struct sshbuf *m;
+@@ -508,7 +508,8 @@ mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen,
-@@ -504,7 +504,8 @@ mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen,
+ 		*sig_detailsp = NULL;
 	if ((m = sshbuf_new()) == NULL)
 		fatal("%s: sshbuf_new failed", __func__);
 -	if ((r = sshkey_puts(key, m)) != 0 ||
@ -1491,28 +1492,28 @@ index fdca39a..b427dd6 100644
 	    (r = sshbuf_put_string(m, sig, siglen)) != 0 ||
 	    (r = sshbuf_put_string(m, data, datalen)) != 0 ||
 	    (r = sshbuf_put_cstring(m, sigalg == NULL ? "" : sigalg)) != 0)
-@@ -526,6 +527,20 @@ mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen,
+@@ -541,6 +542,20 @@ mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen,
 	return 0;
 }
 +int
 +mm_hostbased_key_verify(struct ssh *ssh, const struct sshkey *key, const u_char *sig, size_t siglen,
-+    const u_char *data, size_t datalen, const char *pkalg, u_int compat)
+    const u_char *data, size_t datalen, const char *pkalg, u_int compat, struct sshkey_sig_details **sigdet)
 +{
-+	return mm_sshkey_verify(MM_HOSTKEY, key, sig, siglen, data, datalen, pkalg, compat);
+	return mm_sshkey_verify(MM_HOSTKEY, key, sig, siglen, data, datalen, pkalg, compat, sigdet);
 +}
 +
 +int
 +mm_user_key_verify(struct ssh *ssh, const struct sshkey *key, const u_char *sig, size_t siglen,
-+    const u_char *data, size_t datalen, const char *pkalg, u_int compat)
+    const u_char *data, size_t datalen, const char *pkalg, u_int compat, struct sshkey_sig_details **sigdet)
 +{
-+	return mm_sshkey_verify(MM_USERKEY, key, sig, siglen, data, datalen, pkalg, compat);
+	return mm_sshkey_verify(MM_USERKEY, key, sig, siglen, data, datalen, pkalg, compat, sigdet);
 +}
 +
 void
 mm_send_keystate(struct ssh *ssh, struct monitor *monitor)
 {
-@@ -879,11 +894,12 @@ mm_audit_event(struct ssh *ssh, ssh_audit_event_t event)
+@@ -894,11 +909,12 @@ mm_audit_event(struct ssh *ssh, ssh_audit_event_t event)
 	sshbuf_free(m);
 }
@ -1527,7 +1528,7 @@ index fdca39a..b427dd6 100644
 	debug3("%s entering command %s", __func__, command);
-@@ -893,6 +909,30 @@ mm_audit_run_command(const char *command)
+@@ -908,6 +924,30 @@ mm_audit_run_command(const char *command)
 		fatal("%s: buffer error: %s", __func__, ssh_err(r));
 	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUDIT_COMMAND, m);
@ -1558,7 +1559,7 @@ index fdca39a..b427dd6 100644
 	sshbuf_free(m);
 }
 #endif /* SSH_AUDIT_EVENTS */
-@@ -1053,3 +1093,83 @@ mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *store)
+@@ -1068,3 +1108,83 @@ mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *store)
 }
 #endif /* GSSAPI */
@ -1643,21 +1644,21 @@ index fdca39a..b427dd6 100644
 +}
 +#endif /* SSH_AUDIT_EVENTS */
 diff --git a/monitor_wrap.h b/monitor_wrap.h
-index 92dda57..d413dac 100644
+index 485590c..73c095e 100644
 --- a/monitor_wrap.h
 +++ b/monitor_wrap.h
-@@ -56,7 +56,9 @@ int mm_user_key_allowed(struct ssh *, struct passwd *, struct sshkey *, int,
+@@ -57,7 +57,9 @@ int mm_user_key_allowed(struct ssh *, struct passwd *, struct sshkey *, int,
     struct sshauthopt **);
 int mm_hostbased_key_allowed(struct ssh *, struct passwd *, const char *,
     const char *, struct sshkey *);
 -int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t,
 +int mm_hostbased_key_verify(struct ssh *, const struct sshkey *, const u_char *, size_t,
-+    const u_char *, size_t, const char *, u_int);
+    const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **);
-+int mm_user_key_verify(struct ssh*, const struct sshkey *, const u_char *, size_t,
+int mm_user_key_verify(struct ssh *, const struct sshkey *, const u_char *, size_t,
-     const u_char *, size_t, const char *, u_int);
+     const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **);
 #ifdef GSSAPI
-@@ -81,7 +83,12 @@ void mm_sshpam_free_ctx(void *);
+@@ -82,7 +84,12 @@ void mm_sshpam_free_ctx(void *);
 #ifdef SSH_AUDIT_EVENTS
 #include "audit.h"
 void mm_audit_event(struct ssh *, ssh_audit_event_t);
@ -1672,18 +1673,18 @@ index 92dda57..d413dac 100644
 struct Session;
 diff --git a/packet.c b/packet.c
-index 817da43..aec02e4 100644
+index e7abb34..3e9c95e 100644
 --- a/packet.c
 +++ b/packet.c
-@@ -77,6 +77,7 @@
+@@ -81,6 +81,7 @@
- #include <zlib.h>
+ #endif
 #include "xmalloc.h"
 +#include "audit.h"
 #include "compat.h"
 #include "ssh2.h"
 #include "cipher.h"
-@@ -509,6 +510,13 @@ ssh_packet_get_connection_out(struct ssh *ssh)
+@@ -515,6 +516,13 @@ ssh_packet_get_connection_out(struct ssh *ssh)
 	return ssh->state->connection_out;
 }
@ -1697,7 +1698,7 @@ index 817da43..aec02e4 100644
 /*
  * Returns the IP-address of the remote host as a string.  The returned
  * string must not be freed.
-@@ -586,22 +594,19 @@ ssh_packet_close_internal(struct ssh *ssh, int do_close)
+@@ -592,22 +600,19 @@ ssh_packet_close_internal(struct ssh *ssh, int do_close)
 {
 	struct session_state *state = ssh->state;
 	u_int mode;
@ -1725,8 +1726,8 @@ index 817da43..aec02e4 100644
 	for (mode = 0; mode < MODE_MAX; mode++) {
 		kex_free_newkeys(state->newkeys[mode]);	/* current keys */
 		state->newkeys[mode] = NULL;
-@@ -635,8 +640,18 @@ ssh_packet_close_internal(struct ssh *ssh, int do_close)
+@@ -643,8 +648,18 @@ ssh_packet_close_internal(struct ssh *ssh, int do_close)
- 	}
+ #endif	/* WITH_ZLIB */
 	cipher_free(state->send_context);
 	cipher_free(state->receive_context);
 +	if (had_keys && state->server_side) {
@ -1744,7 +1745,7 @@ index 817da43..aec02e4 100644
 		free(ssh->local_ipaddr);
 		ssh->local_ipaddr = NULL;
 		free(ssh->remote_ipaddr);
-@@ -863,6 +878,7 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
+@@ -899,6 +914,7 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
 		   (unsigned long long)state->p_send.bytes,
 		   (unsigned long long)state->p_send.blocks);
 		kex_free_newkeys(state->newkeys[mode]);
@ -1752,7 +1753,7 @@ index 817da43..aec02e4 100644
 		state->newkeys[mode] = NULL;
 	}
 	/* note that both bytes and the seqnr are not reset */
-@@ -2166,6 +2182,71 @@ ssh_packet_get_output(struct ssh *ssh)
+@@ -2205,6 +2221,71 @@ ssh_packet_get_output(struct ssh *ssh)
 	return (void *)ssh->state->output;
 }
@ -1825,17 +1826,17 @@ index 817da43..aec02e4 100644
 static int
 ssh_packet_set_postauth(struct ssh *ssh)
 diff --git a/packet.h b/packet.h
-index 8ccfd2e..cfd9ebe 100644
+index c2544bd..239b391 100644
 --- a/packet.h
 +++ b/packet.h
-@@ -217,4 +217,5 @@ const u_char	*sshpkt_ptr(struct ssh *, size_t *lenp);
+@@ -218,4 +218,5 @@ const u_char	*sshpkt_ptr(struct ssh *, size_t *lenp);
 # undef EC_POINT
 #endif
 +void	 packet_destroy_all(struct ssh *, int, int);
 #endif				/* PACKET_H */
 diff --git a/session.c b/session.c
-index 89f9539..07411f3 100644
+index 530aa26..9e7a8f8 100644
 --- a/session.c
 +++ b/session.c
@@ -136,7 +136,7 @@ extern char *__progname;
@ -1884,7 +1885,7 @@ index 89f9539..07411f3 100644
 #endif
 	if (s->ttyfd != -1)
 		ret = do_exec_pty(ssh, s, command);
-@@ -1531,8 +1543,11 @@ do_child(struct ssh *ssh, Session *s, const char *command)
+@@ -1535,8 +1547,11 @@ do_child(struct ssh *ssh, Session *s, const char *command)
 	sshpkt_fmt_connection_id(ssh, remote_id, sizeof(remote_id));
 	/* remove hostkey from the child's memory */
@ -1897,7 +1898,7 @@ index 89f9539..07411f3 100644
 	/* Force a password change */
 	if (s->authctxt->force_pwchange) {
-@@ -1741,6 +1756,9 @@ session_unused(int id)
+@@ -1745,6 +1760,9 @@ session_unused(int id)
 	sessions[id].ttyfd = -1;
 	sessions[id].ptymaster = -1;
 	sessions[id].x11_chanids = NULL;
@ -1907,7 +1908,7 @@ index 89f9539..07411f3 100644
 	sessions[id].next_unused = sessions_first_unused;
 	sessions_first_unused = id;
 }
-@@ -1822,6 +1840,19 @@ session_open(Authctxt *authctxt, int chanid)
+@@ -1826,6 +1844,19 @@ session_open(Authctxt *authctxt, int chanid)
 	return 1;
 }
@ -1927,7 +1928,7 @@ index 89f9539..07411f3 100644
 Session *
 session_by_tty(char *tty)
 {
-@@ -2433,6 +2464,32 @@ session_exit_message(struct ssh *ssh, Session *s, int status)
+@@ -2437,6 +2468,32 @@ session_exit_message(struct ssh *ssh, Session *s, int status)
 		chan_write_failed(ssh, c);
 }
@ -1960,7 +1961,7 @@ index 89f9539..07411f3 100644
 void
 session_close(struct ssh *ssh, Session *s)
 {
-@@ -2474,6 +2531,10 @@ session_close(struct ssh *ssh, Session *s)
+@@ -2478,6 +2535,10 @@ session_close(struct ssh *ssh, Session *s)
 	if (s->ttyfd != -1)
 		session_pty_cleanup(s);
@ -1971,7 +1972,7 @@ index 89f9539..07411f3 100644
 	free(s->term);
 	free(s->display);
 	free(s->x11_chanids);
-@@ -2549,14 +2610,14 @@ session_close_by_channel(struct ssh *ssh, int id, void *arg)
+@@ -2553,14 +2614,14 @@ session_close_by_channel(struct ssh *ssh, int id, void *arg)
 }
 void
@ -1988,7 +1989,7 @@ index 89f9539..07411f3 100644
 			else
 				session_close(ssh, s);
 		}
-@@ -2682,6 +2743,15 @@ do_authenticated2(struct ssh *ssh, Authctxt *authctxt)
+@@ -2686,6 +2747,15 @@ do_authenticated2(struct ssh *ssh, Authctxt *authctxt)
 	server_loop2(ssh, authctxt);
 }
@ -2004,7 +2005,7 @@ index 89f9539..07411f3 100644
 void
 do_cleanup(struct ssh *ssh, Authctxt *authctxt)
 {
-@@ -2745,7 +2815,7 @@ do_cleanup(struct ssh *ssh, Authctxt *authctxt)
+@@ -2749,7 +2819,7 @@ do_cleanup(struct ssh *ssh, Authctxt *authctxt)
 	 * or if running in monitor.
 	 */
 	if (!use_privsep || mm_is_monitor())
@ -2045,10 +2046,10 @@ index ce59dab..bcd4b1d 100644
 void	 session_close(struct ssh *, Session *);
 void	 do_setusercontext(struct passwd *);
 diff --git a/sshd.c b/sshd.c
-index 0d5c4c4..dca7b1e 100644
+index 7d23232..9c83ce0 100644
 --- a/sshd.c
 +++ b/sshd.c
-@@ -124,6 +124,7 @@
+@@ -122,6 +122,7 @@
 #include "ssh-gss.h"
 #endif
 #include "monitor_wrap.h"
@ -2056,7 +2057,7 @@ index 0d5c4c4..dca7b1e 100644
 #include "ssh-sandbox.h"
 #include "auth-options.h"
 #include "version.h"
-@@ -272,8 +273,8 @@ struct sshbuf *loginmsg;
+@@ -267,8 +268,8 @@ struct sshbuf *loginmsg;
 struct passwd *privsep_pw = NULL;
 /* Prototypes for various functions defined later in this file. */
@ -2066,8 +2067,8 @@ index 0d5c4c4..dca7b1e 100644
 +void demote_sensitive_data(struct ssh *);
 static void do_ssh2_kex(struct ssh *);
- /*
+ static char *listener_proctitle;
-@@ -289,6 +290,15 @@ close_listen_socks(void)
+@@ -286,6 +287,15 @@ close_listen_socks(void)
 	num_listen_socks = -1;
 }
@ -2083,7 +2084,7 @@ index 0d5c4c4..dca7b1e 100644
 static void
 close_startup_pipes(void)
 {
-@@ -395,18 +405,45 @@ grace_alarm_handler(int sig)
+@@ -390,18 +400,45 @@ grace_alarm_handler(int sig)
 	    ssh_remote_port(the_active_state));
 }
@ -2132,7 +2133,7 @@ index 0d5c4c4..dca7b1e 100644
 			sshkey_free(sensitive_data.host_certificates[i]);
 			sensitive_data.host_certificates[i] = NULL;
 		}
-@@ -415,14 +452,26 @@ destroy_sensitive_data(void)
+@@ -410,14 +447,26 @@ destroy_sensitive_data(void)
 /* Demote private to public keys for network child */
 void
@ -2160,7 +2161,7 @@ index 0d5c4c4..dca7b1e 100644
 			if ((r = sshkey_from_private(
 			    sensitive_data.host_keys[i], &tmp)) != 0)
 				fatal("could not demote host %s key: %s",
-@@ -430,6 +479,12 @@ demote_sensitive_data(void)
+@@ -425,6 +474,12 @@ demote_sensitive_data(void)
 				    ssh_err(r));
 			sshkey_free(sensitive_data.host_keys[i]);
 			sensitive_data.host_keys[i] = tmp;
@ -2173,7 +2174,7 @@ index 0d5c4c4..dca7b1e 100644
 		}
 		/* Certs do not need demotion */
 	}
-@@ -457,7 +512,7 @@ reseed_prngs(void)
+@@ -452,7 +507,7 @@ reseed_prngs(void)
 }
 static void
@ -2182,7 +2183,7 @@ index 0d5c4c4..dca7b1e 100644
 {
 	gid_t gidset[1];
-@@ -472,7 +527,7 @@ privsep_preauth_child(void)
+@@ -467,7 +522,7 @@ privsep_preauth_child(void)
 	reseed_prngs();
 	/* Demote the private keys to public keys. */
@ -2191,7 +2192,7 @@ index 0d5c4c4..dca7b1e 100644
 	/* Demote the child */
 	if (privsep_chroot) {
-@@ -507,7 +562,7 @@ privsep_preauth(struct ssh *ssh)
+@@ -502,7 +557,7 @@ privsep_preauth(struct ssh *ssh)
 	if (use_privsep == PRIVSEP_ON)
 		box = ssh_sandbox_init(pmonitor);
@ -2200,7 +2201,7 @@ index 0d5c4c4..dca7b1e 100644
 	if (pid == -1) {
 		fatal("fork of unprivileged child failed");
 	} else if (pid != 0) {
-@@ -553,7 +608,7 @@ privsep_preauth(struct ssh *ssh)
+@@ -548,7 +603,7 @@ privsep_preauth(struct ssh *ssh)
 		/* Arrange for logging to be sent to the monitor */
 		set_log_handler(mm_log_handler, pmonitor);
@ -2209,7 +2210,7 @@ index 0d5c4c4..dca7b1e 100644
 		setproctitle("%s", "[net]");
 		if (box != NULL)
 			ssh_sandbox_child(box);
-@@ -597,7 +652,7 @@ privsep_postauth(struct ssh *ssh, Authctxt *authctxt)
+@@ -592,7 +647,7 @@ privsep_postauth(struct ssh *ssh, Authctxt *authctxt)
 	pmonitor->m_sendfd = -1;
 	/* Demote the private keys to public keys. */
@ -2218,7 +2219,7 @@ index 0d5c4c4..dca7b1e 100644
 	reseed_prngs();
-@@ -1060,7 +1115,7 @@ server_listen(void)
+@@ -1101,7 +1156,7 @@ server_listen(void)
  * from this function are in a forked subprocess.
  */
 static void
@ -2227,7 +2228,7 @@ index 0d5c4c4..dca7b1e 100644
 {
 	fd_set *fdset;
 	int i, j, ret, maxfd;
-@@ -1115,6 +1170,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
+@@ -1162,6 +1217,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 		if (received_sigterm) {
 			logit("Received signal %d; terminating.",
 			    (int) received_sigterm);
@ -2235,7 +2236,7 @@ index 0d5c4c4..dca7b1e 100644
 			close_listen_socks();
 			if (options.pid_file != NULL)
 				unlink(options.pid_file);
-@@ -1973,7 +2029,7 @@ main(int ac, char **av)
+@@ -2039,7 +2095,7 @@ main(int ac, char **av)
 #endif
 		/* Accept a connection and return in a forked child */
@ -2244,7 +2245,7 @@ index 0d5c4c4..dca7b1e 100644
 		    &newsock, config_s);
 	}
-@@ -2212,6 +2268,9 @@ main(int ac, char **av)
+@@ -2274,6 +2330,9 @@ main(int ac, char **av)
 	do_authenticated(ssh, authctxt);
 	/* The connection has been terminated. */
@ -2254,7 +2255,7 @@ index 0d5c4c4..dca7b1e 100644
 	ssh_packet_get_bytes(ssh, &ibytes, &obytes);
 	verbose("Transferred: sent %llu, received %llu bytes",
 	    (unsigned long long)obytes, (unsigned long long)ibytes);
-@@ -2393,6 +2452,15 @@ do_ssh2_kex(struct ssh *ssh)
+@@ -2457,6 +2516,15 @@ do_ssh2_kex(struct ssh *ssh)
 void
 cleanup_exit(int i)
 {
@ -2270,7 +2271,7 @@ index 0d5c4c4..dca7b1e 100644
 	if (the_active_state != NULL && the_authctxt != NULL) {
 		do_cleanup(the_active_state, the_authctxt);
 		if (use_privsep && privsep_is_preauth &&
-@@ -2404,9 +2472,16 @@ cleanup_exit(int i)
+@@ -2468,9 +2536,16 @@ cleanup_exit(int i)
 				    pmonitor->m_pid, strerror(errno));
 		}
 	}
@ -2289,10 +2290,10 @@ index 0d5c4c4..dca7b1e 100644
 #endif
 	_exit(i);
 diff --git a/sshkey.c b/sshkey.c
-index 4d2048b..142dc09 100644
+index 1ac32a0..f579108 100644
 --- a/sshkey.c
 +++ b/sshkey.c
-@@ -340,6 +340,38 @@ sshkey_type_is_valid_ca(int type)
+@@ -368,6 +368,38 @@ sshkey_type_is_valid_ca(int type)
 	}
 }
@ -2332,14 +2333,14 @@ index 4d2048b..142dc09 100644
 sshkey_is_cert(const struct sshkey *k)
 {
 diff --git a/sshkey.h b/sshkey.h
-index 1bf30d0..065ef0b 100644
+index f586e89..a08bc65 100644
 --- a/sshkey.h
 +++ b/sshkey.h
-@@ -164,6 +164,7 @@ int		 sshkey_shield_private(struct sshkey *);
+@@ -187,6 +187,7 @@ int		 sshkey_shield_private(struct sshkey *);
 int		 sshkey_unshield_private(struct sshkey *);
 int	 sshkey_type_from_name(const char *);
 +int	 sshkey_is_private(const struct sshkey *);
 int	 sshkey_is_cert(const struct sshkey *);
 int	 sshkey_is_sk(const struct sshkey *);
 int	 sshkey_type_is_cert(int);
 int	 sshkey_type_plain(int);
--- a/openssh-8.1p1-seccomp-clock_nanosleep.patch
+++ b/openssh-8.1p1-seccomp-clock_nanosleep.patch
@ -1,10 +1,10 @@
-Index: openssh-8.1p1/sandbox-seccomp-filter.c
+diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
-===================================================================
+index c1e689e..74f69bc 100644
--- openssh-8.1p1.orig/sandbox-seccomp-filter.c
+--- a/sandbox-seccomp-filter.c
-+++ openssh-8.1p1/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
-@@ -248,6 +248,9 @@ static const struct sock_filter preauth_
+@@ -264,6 +264,9 @@ static const struct sock_filter preauth_insns[] = {
- #ifdef __NR_nanosleep
+ #ifdef __NR_clock_gettime64
- 	SC_ALLOW(__NR_nanosleep),
+ 	SC_ALLOW(__NR_clock_gettime64),
 #endif
 +#ifdef __NR_clock_nanosleep
 +    SC_ALLOW(__NR_clock_nanosleep),
--- a/openssh-8.1p1.tar.gz
+++ b/openssh-8.1p1.tar.gz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:02f5dbef3835d0753556f973cd57b4c19b6b1f6cd24c03445e23ac77ca1b93ff
 size 1625894
--- a/openssh-8.1p1.tar.gz.asc
+++ b/openssh-8.1p1.tar.gz.asc
@ -1,14 +0,0 @@
 -----BEGIN PGP SIGNATURE-----
 iQHDBAABCgAdFiEEWcIRjtIG2SfmZ+vj0+X1a22SDTAFAl2dLEgACgkQ0+X1a22S
 DTAcUgx7BcRCaH7fb0AeQGvIrxXlyeN3uL6HOyo8MKkryN+y9zpvpcU6T8FBjtoh
 zgjonewzodGj+C1ma0O9TgIfnUxdOVL+eQsPYgOWLJt2MzSnY/Ru+20J5ZGwGc+5
 pJcuV+xlAuwae/EL+Pk86CdQ0D6zaf9NBHGTNmrswwhT9B3UWSCbEmmc8jm0DChm
 F5+dW1nK0n6YSQ9dVUH17/ujvego5WQkOiaSxjaK29/xS39BD6jrbwfFpL3/iKru
 mWVzcNJaX5WL3ZUnyZRcIHzVpBdr2n0pLCnmqIT8LGPwI3razEbZKIDXf+q0ZA88
 wRfCL9aEVWjhG+v56c/NiM/wD3h3A4uh8fZeeeyP3hmgEv8Wp8g7fFxf5MaEJlGL
 Oy6LeH0+x/uPySxaEvy4kuo/hapX2ClM16EMCUXHPwGIYRWdbTL7rzMTaoG3thyz
 VO04LulI9Xmvadn6k3JR5mFPpIsV+LNwt3g+c+4rBWspOdTHnFqo+OO7Uk8Ee3E0
 /MeuPBtqQq9o7RkoY8wtVOqT8q9/6g==
 =mpF6
 -----END PGP SIGNATURE-----
--- a/openssh-8.3p1.tar.gz
+++ b/openssh-8.3p1.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:f2befbe0472fe7eb75d23340eb17531cb6b3aac24075e2066b41f814e12387b2
 size 1706358
--- a/openssh-8.3p1.tar.gz.asc
+++ b/openssh-8.3p1.tar.gz.asc
@ -0,0 +1,14 @@
 -----BEGIN PGP SIGNATURE-----
 iQHDBAABCgAdFiEEWcIRjtIG2SfmZ+vj0+X1a22SDTAFAl7N2TQACgkQ0+X1a22S
 DTCXbAx/eycNNXxdVK3JtDQBUuSyup/eXeiuAdfTb77dKhdInk6ivaaKtVZ+3rlu
 eEUwAY2Bf/majUUigI5OI/niODMqbYWBBDKRudQlDSGfH8XnRge6dRjIWXU6XvZP
 MJpxVZWRorjnuCArWemlJ5QFxSds938Ae+7MFkveQ59UpRDeslYiI6twCXjRiZEL
 e8lBfsfZqcOLO8KLVRvDx6sqD8EXlak8fhdjmjKdbvA4oWHLcwUcuaNT/o5I2ZWn
 m2sOQcuhwt3+jm+f9SQKLURHcmGC6Hu5YXBq4+Ut7P9Qc9lAf76SDDnsrRQ8pv+Z
 tLsXBO+bNe3tSkRbG/AQQRZtGEzlhM8KPyQ6oA0JqlN4Wb5XMWYFyYyJTwJ/95ZI
 dluMmpwQTRVQGUNU7kVNe04TwRl+8APqvcnE3/i7MDm6EG5BHGcAneRmZfvt209F
 z8yGtKQKCvZm5Rn9V0/Gm3+pq5O2sie90CPW9ebyPsajzQlrYBQPoJ1aQ+Ue4QE6
 gee5eO3TZOJJ3peTqjihGUtpKH+21w==
 =lhX0
 -----END PGP SIGNATURE-----
--- a/openssh-askpass-gnome.spec
+++ b/openssh-askpass-gnome.spec
@ -1,7 +1,7 @@
 #
 # spec file for package openssh-askpass-gnome
 #
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -18,7 +18,7 @@
 %define _name openssh
 Name:           openssh-askpass-gnome
-Version:        8.1p1
+Version:        8.3p1
 Release:        0
 Summary:        A GNOME-Based Passphrase Dialog for OpenSSH
 License:        BSD-2-Clause
--- a/openssh.changes
+++ b/openssh.changes
@ -1,3 +1,106 @@
 -------------------------------------------------------------------
 Fri Jun  5 00:36:08 UTC 2020 - Hans Petter Jansson <hpj@suse.com>
 - Version update to 8.3p1:
  = Potentially-incompatible changes
  * sftp(1): reject an argument of "-1" in the same way as ssh(1) and
    scp(1) do instead of accepting and silently ignoring it.
  = New features
  * sshd(8): make IgnoreRhosts a tri-state option: "yes" to ignore
    rhosts/shosts, "no" allow rhosts/shosts or (new) "shosts-only"
    to allow .shosts files but not .rhosts.
  * sshd(8): allow the IgnoreRhosts directive to appear anywhere in a
    sshd_config, not just before any Match blocks.
  * ssh(1): add %TOKEN percent expansion for the LocalFoward and
    RemoteForward keywords when used for Unix domain socket forwarding.
  * all: allow loading public keys from the unencrypted envelope of a
    private key file if no corresponding public key file is present.
  * ssh(1), sshd(8): prefer to use chacha20 from libcrypto where
    possible instead of the (slower) portable C implementation included
    in OpenSSH.
  * ssh-keygen(1): add ability to dump the contents of a binary key
    revocation list via "ssh-keygen -lQf /path".
 - Additional changes from 8.2p1 release:
  = Potentially-incompatible changes
  * ssh(1), sshd(8), ssh-keygen(1): this release removes the "ssh-rsa"
    (RSA/SHA1) algorithm from those accepted for certificate signatures
    (i.e. the client and server CASignatureAlgorithms option) and will
    use the rsa-sha2-512 signature algorithm by default when the
    ssh-keygen(1) CA signs new certificates.
  * ssh(1), sshd(8): this release removes diffie-hellman-group14-sha1
    from the default key exchange proposal for both the client and
    server.
  * ssh-keygen(1): the command-line options related to the generation
    and screening of safe prime numbers used by the
    diffie-hellman-group-exchange-* key exchange algorithms have
    changed. Most options have been folded under the -O flag.
  * sshd(8): the sshd listener process title visible to ps(1) has
    changed to include information about the number of connections that
    are currently attempting authentication and the limits configured
    by MaxStartups.
  * ssh-sk-helper(8): this is a new binary. It is used by the FIDO/U2F
    support to provide address-space isolation for token middleware
    libraries (including the internal one). It needs to be installed
    in the expected path, typically under /usr/libexec or similar.
  = New features
  * This release adds support for FIDO/U2F hardware authenticators to
    OpenSSH. U2F/FIDO are open standards for inexpensive two-factor
    authentication hardware that are widely used for website
    authentication.  In OpenSSH FIDO devices are supported by new public
    key types "ecdsa-sk" and "ed25519-sk", along with corresponding
    certificate types.
  * sshd(8): add an Include sshd_config keyword that allows including
    additional configuration files via glob(3) patterns.
  * ssh(1)/sshd(8): make the LE (low effort) DSCP code point available
    via the IPQoS directive.
  * ssh(1): when AddKeysToAgent=yes is set and the key contains no
    comment, add the key to the agent with the key's path as the
    comment.
  * ssh-keygen(1), ssh-agent(1): expose PKCS#11 key labels and X.509
    subjects as key comments, rather than simply listing the PKCS#11
    provider library path.
  * ssh-keygen(1): allow PEM export of DSA and ECDSA keys.
  * ssh(1), sshd(8): make zlib compile-time optional, available via the
    Makefile.inc ZLIB flag on OpenBSD or via the --with-zlib configure
    option for OpenSSH portable.
  * sshd(8): when clients get denied by MaxStartups, send a
    notification prior to the SSH2 protocol banner according to
    RFC4253 section 4.2.
  * ssh(1), ssh-agent(1): when invoking the $SSH_ASKPASS prompt
    program, pass a hint to the program to describe the type of
    desired prompt.  The possible values are "confirm" (indicating
    that a yes/no confirmation dialog with no text entry should be
    shown), "none" (to indicate an informational message only), or
    blank for the original ssh-askpass behaviour of requesting a
    password/phrase.
  * ssh(1): allow forwarding a different agent socket to the path
    specified by $SSH_AUTH_SOCK, by extending the existing ForwardAgent
    option to accepting an explicit path or the name of an environment
    variable in addition to yes/no.
  * ssh-keygen(1): add a new signature operations "find-principals" to
    look up the principal associated with a signature from an allowed-
    signers file.
  * sshd(8): expose the number of currently-authenticating connections
    along with the MaxStartups limit in the process title visible to
    "ps".
 - Rebased patches:
  * openssh-7.7p1-cavstest-ctr.patch
  * openssh-7.7p1-cavstest-kdf.patch
  * openssh-7.7p1-fips.patch
  * openssh-7.7p1-fips_checks.patch
  * openssh-7.7p1-ldap.patch
  * openssh-7.7p1-no_fork-no_pid_file.patch
  * openssh-7.7p1-sftp_print_diagnostic_messages.patch
  * openssh-8.0p1-gssapi-keyex.patch
  * openssh-8.1p1-audit.patch
  * openssh-8.1p1-seccomp-clock_nanosleep.patch
 - Removed openssh-7.7p1-seed-prng.patch (bsc#1165158).
 -------------------------------------------------------------------
 Sun May 31 11:25:07 UTC 2020 - Andreas Stieger <andreas.stieger@gmx.de>
--- a/openssh.spec
+++ b/openssh.spec
@ -1,7 +1,7 @@
 #
 # spec file for package openssh
 #
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -35,7 +35,7 @@
  %define _fillupdir %{_localstatedir}/adm/fillup-templates
 %endif
 Name:           openssh
-Version:        8.1p1
+Version:        8.3p1
 Release:        0
 Summary:        Secure Shell Client and Server (Remote Login Program)
 License:        BSD-2-Clause AND MIT
@ -77,7 +77,6 @@ Patch18:        openssh-7.7p1-cavstest-ctr.patch
 Patch19:        openssh-7.7p1-cavstest-kdf.patch
 # Local FIPS patchset
 Patch20:        openssh-7.7p1-fips_checks.patch
 Patch21:        openssh-7.7p1-seed-prng.patch
 # https://bugzilla.mindrot.org/show_bug.cgi?id=2641
 Patch22:        openssh-7.7p1-systemd-notify.patch
 Patch23:        openssh-8.0p1-gssapi-keyex.patch
@ -112,6 +111,7 @@ BuildRequires:  openssl-devel
 BuildRequires:  pam-devel
 BuildRequires:  pkgconfig
 BuildRequires:  zlib-devel
 BuildRequires:  pkgconfig(libfido2)
 BuildRequires:  pkgconfig(libsystemd)
 Requires(post): %fillup_prereq
 Requires(pre):  shadow
@ -211,6 +211,7 @@ export LDFLAGS CFLAGS CXXFLAGS CPPFLAGS
    --with-ldap \
    --with-xauth=%{_bindir}/xauth \
    --with-libedit \
    --with-security-key-builtin \
    --target=%{_target_cpu}-suse-linux
 %make_build