Accepting request 500282 from network

- require OpenSSL < 1.1 where that one is a default (forwarded request 500281 from pcerny) OBS-URL: https://build.opensuse.org/request/show/500282 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=110
2017-06-03 23:48:33 +00:00 · 2017-06-03 23:48:33 +00:00 · e2b87ac074
commit e2b87ac074
parent 1c742905ef a1a66bf54b
37 changed files with 3389 additions and 90 deletions
--- a/README.SUSE
+++ b/README.SUSE
@ -22,5 +22,8 @@ There are following changes in default settings of ssh client and server:
  - the size of DSA keys is limited by the standard to 1024 bits which cannot
  be considered safe any more.
 * Accepting all RFC4419 specified DH group parameters. See KexDHMin in
  ssh_config and sshd_config manual pages.
 For more information on differences in SUSE OpenSSH package see README.FIPS
--- a/README.kerberos
+++ b/README.kerberos
@ -1,4 +1,3 @@
 This version of the Kerbros/GSSAPI support avoids DNS lookups
 for Kerberos-related names. These DNS lookups were problematic
 for dialup users because they would lead to excessive delays
--- a/openssh-7.2p2-IPv6_X_forwarding.patch
+++ b/openssh-7.2p2-IPv6_X_forwarding.patch
@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  8c4cb20b9633595de68131224b2d434e8dc41e17
+# Parent  9130c9e19c8a076a7f6f214070283cd3e0326894
 Correctly parse DISPLAY variable for cases where it contains an IPv6 address
 (which should - but not always is - in (square) brackets).
--- a/openssh-7.2p2-X_forward_with_disabled_ipv6.patch
+++ b/openssh-7.2p2-X_forward_with_disabled_ipv6.patch
@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  28e8840bbf49c6e603bf2b55a08ed9050a60f9fb
+# Parent  2afee80335d5ef7efcf64f3a797e9b10ce0de4ae
 Do not throw away already open sockets for X11 forwarding if another socket
 family is not available for bind()
--- a/openssh-7.2p2-audit.patch
+++ b/openssh-7.2p2-audit.patch
@ -1,22 +1,20 @@
 # HG changeset patch
-# Parent  af5c4026e36e7aa181c164d2eca72b7e2a8a897a
+# Parent  83f18171bc2394ccd39fb176fe110b529da83a78
 Extended auditing through the Linux Auditing subsystem
 diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
 --- a/openssh-7.2p2/Makefile.in
 +++ b/openssh-7.2p2/Makefile.in
-@@ -88,17 +88,18 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
+@@ -94,16 +94,17 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
 	ssh-pkcs11.o smult_curve25519_ref.o \
 	poly1305.o chacha.o cipher-chachapoly.o \
 	ssh-ed25519.o digest-openssl.o digest-libc.o hmac.o \
 	sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o \
 	kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \
 	kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o kexgssc.o \
 	kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o kexgsss.o \
- 	platform-pledge.o \
+ 	platform-pledge.o
-	fips.o
+ 
-+	fips.o \
+ LIBSSH_OBJS += fips.o
-+	auditstub.o
+LIBSSH_OBJS += auditstub.o
 SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
 	sshconnect.o sshconnect1.o sshconnect2.o mux.o
@ -2433,8 +2431,8 @@ diff --git a/openssh-7.2p2/packet.h b/openssh-7.2p2/packet.h
 diff --git a/openssh-7.2p2/sandbox-seccomp-filter.c b/openssh-7.2p2/sandbox-seccomp-filter.c
 --- a/openssh-7.2p2/sandbox-seccomp-filter.c
 +++ b/openssh-7.2p2/sandbox-seccomp-filter.c
-@@ -157,16 +157,22 @@ static const struct sock_filter preauth_
+@@ -163,16 +163,22 @@ static const struct sock_filter preauth_
- 	SC_ALLOW(getuid32),
+ 	SC_ALLOW(geteuid32),
 #endif
 #ifdef __NR_getrandom
 	SC_ALLOW(getrandom),
--- a/openssh-7.2p2-audit_fixes.patch
+++ b/openssh-7.2p2-audit_fixes.patch
@ -0,0 +1,28 @@
 # HG changeset patch
 # Parent  51a3a8eab1493a799c5a9df95e8e757f872886d0
 Various auditing fixes to be merged into the RH-originated patch.
 diff --git a/openssh-7.2p2/packet.c b/openssh-7.2p2/packet.c
 --- a/openssh-7.2p2/packet.c
 +++ b/openssh-7.2p2/packet.c
@@ -375,16 +375,20 @@ ssh_packet_start_discard(struct ssh *ssh
 int
 ssh_packet_connection_is_on_socket(struct ssh *ssh)
 {
 	struct session_state *state = ssh->state;
 	struct sockaddr_storage from, to;
 	socklen_t fromlen, tolen;
 +    /* auditing might get here without valid connection structure when
 +     * destroying sensitive data on exit and thus aborting disgracefully */
 +	if (!ssh)
 +		return 0;
 	/* filedescriptors in and out are the same, so it's a socket */
 	if (state->connection_in == state->connection_out)
 		return 1;
 	fromlen = sizeof(from);
 	memset(&from, 0, sizeof(from));
 	if (getpeername(state->connection_in, (struct sockaddr *)&from,
 	    &fromlen) < 0)
 		return 0;
--- a/openssh-7.2p2-audit_seed_prng.patch
+++ b/openssh-7.2p2-audit_seed_prng.patch
@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  3aad88a155050008275527c0624ae6fa05d0cdad
+# Parent  e6ff441d171012183f7bd37cb7399473e8376acd
 Audit PRNG re-seeding
 diff --git a/openssh-7.2p2/audit-bsm.c b/openssh-7.2p2/audit-bsm.c
--- a/openssh-7.2p2-cavstest-ctr.patch
+++ b/openssh-7.2p2-cavstest-ctr.patch
@ -0,0 +1,300 @@
 # HG changeset patch
 # Parent  cb502e7e796ac9289a571167a97ad9ec91562efb
 CAVS test for OpenSSH's own CTR encryption mode implementation
 diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
 --- a/openssh-7.2p2/Makefile.in
 +++ b/openssh-7.2p2/Makefile.in
@@ -21,16 +21,17 @@ top_srcdir=@top_srcdir@
 DESTDIR=
 VPATH=@srcdir@
 SSH_PROGRAM=@bindir@/ssh
 ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass
 SFTP_SERVER=$(libexecdir)/sftp-server
 SSH_KEYSIGN=$(libexecdir)/ssh-keysign
 SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
 +CAVSTEST_CTR=$(libexecdir)/cavstest-ctr
 PRIVSEP_PATH=@PRIVSEP_PATH@
 SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
 STRIP_OPT=@STRIP_OPT@
 TEST_SHELL=@TEST_SHELL@
 PATHS= -DSSHDIR=\"$(sysconfdir)\" \
 	-D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
 	-D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \
@@ -59,16 +60,18 @@ SED=@SED@
 ENT=@ENT@
 XAUTH_PATH=@XAUTH_PATH@
 LDFLAGS=-L. -Lopenbsd-compat/ @LDFLAGS@
 EXEEXT=@EXEEXT@
 MANFMT=@MANFMT@
 TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT)
 +TARGETS += cavstest-ctr$(EXEEXT)
 +
 LIBOPENSSH_OBJS=\
 	ssh_api.o \
 	ssherr.o \
 	sshbuf.o \
 	sshkey.o \
 	sshbuf-getput-basic.o \
 	sshbuf-misc.o \
 	sshbuf-getput-crypto.o \
@@ -190,16 +193,20 @@ ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libss
 	$(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
 sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o
 	$(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
 sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o
 	$(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
 +# FIPS tests
 +cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-ctr.o
 +	$(LD) -o $@ cavstest-ctr.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
 +
 # test driver for the loginrec code - not built by default
 logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
 	$(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS)
 $(MANPAGES): $(MANPAGES_IN)
 	if test "$(MANTYPE)" = "cat"; then \
 		manpage=$(srcdir)/`echo $@ | sed 's/\.[1-9]\.out$$/\.0/'`; \
 	else \
@@ -310,16 +317,17 @@ install-files:
 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-agent$(EXEEXT) $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) sshd$(EXEEXT) $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
 	$(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
 +	$(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT)
 	$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
 	$(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
 	$(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
 	$(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1
 	$(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
 	$(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
 	$(INSTALL) -m 644 moduli.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/moduli.5
 	$(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
 diff --git a/openssh-7.2p2/cavstest-ctr.c b/openssh-7.2p2/cavstest-ctr.c
 new file mode 100644
 --- /dev/null
 +++ b/openssh-7.2p2/cavstest-ctr.c
@@ -0,0 +1,212 @@
 +/*
 + *
 + * invocation (all of the following are equal):
 + * ./ctr-cavstest --algo aes128-ctr --key 987212980144b6a632e864031f52dacc --mode encrypt --data a6deca405eef2e8e4609abf3c3ccf4a6
 + * ./ctr-cavstest --algo aes128-ctr --key 987212980144b6a632e864031f52dacc --mode encrypt --data a6deca405eef2e8e4609abf3c3ccf4a6 --iv 00000000000000000000000000000000
 + * echo -n a6deca405eef2e8e4609abf3c3ccf4a6 | ./ctr-cavstest --algo aes128-ctr --key 987212980144b6a632e864031f52dacc --mode encrypt
 + */
 +
 +#include "includes.h"
 +
 +#include <sys/types.h>
 +#include <sys/param.h>
 +#include <stdarg.h>
 +#include <stdio.h>
 +#include <stdlib.h>
 +#include <string.h>
 +#include <ctype.h>
 +
 +#include "xmalloc.h"
 +#include "log.h"
 +#include "cipher.h"
 +
 +/* compatibility with old or broken OpenSSL versions */
 +#include "openbsd-compat/openssl-compat.h"
 +
 +void
 +usage(void)
 +{
 +	fprintf(stderr, "Usage: ctr-cavstest --algo <ssh-crypto-algorithm>\n"
 +	    "                    --key <hexadecimal-key> --mode <encrypt|decrypt>\n"
 +	    "                    [--iv <hexadecimal-iv>] --data <hexadecimal-data>\n\n"
 +	    "Hexadecimal output is printed to stdout.\n"
 +	    "Hexadecimal input data can be alternatively read from stdin.\n");
 +	exit(1);
 +}
 +
 +void *
 +fromhex(char *hex, size_t * len)
 +{
 +	unsigned char *bin;
 +	char *p;
 +	size_t n = 0;
 +	int shift = 4;
 +	unsigned char out = 0;
 +	unsigned char *optr;
 +
 +	bin = xmalloc(strlen(hex) / 2);
 +	optr = bin;
 +
 +	for (p = hex; *p != '\0'; ++p) {
 +		unsigned char c;
 +
 +		c = *p;
 +		if (isspace(c))
 +			continue;
 +
 +		if (c >= '0' && c <= '9') {
 +			c = c - '0';
 +		} else if (c >= 'A' && c <= 'F') {
 +			c = c - 'A' + 10;
 +		} else if (c >= 'a' && c <= 'f') {
 +			c = c - 'a' + 10;
 +		} else {
 +			/* truncate on nonhex cipher */
 +			break;
 +		}
 +
 +		out |= c << shift;
 +		shift = (shift + 4) % 8;
 +
 +		if (shift) {
 +			*(optr++) = out;
 +			out = 0;
 +			++n;
 +		}
 +	}
 +
 +	*len = n;
 +	return bin;
 +}
 +
 +#define READ_CHUNK 4096
 +#define MAX_READ_SIZE 1024*1024*100
 +char *
 +read_stdin(void)
 +{
 +	char *buf;
 +	size_t n, total = 0;
 +
 +	buf = xmalloc(READ_CHUNK);
 +
 +	do {
 +		n = fread(buf + total, 1, READ_CHUNK, stdin);
 +		if (n < READ_CHUNK)	/* terminate on short read */
 +			break;
 +
 +		total += n;
 +		buf = xreallocarray(buf, total + READ_CHUNK, 1);
 +	} while (total < MAX_READ_SIZE);
 +	return buf;
 +}
 +
 +int
 +main(int argc, char *argv[])
 +{
 +
 +	struct sshcipher *c;
 +	struct sshcipher_ctx cc;
 +	char *algo = "aes128-ctr";
 +	char *hexkey = NULL;
 +	char *hexiv = "00000000000000000000000000000000";
 +	char *hexdata = NULL;
 +	char *p;
 +	int i;
 +	int encrypt = 1;
 +	void *key;
 +	size_t keylen;
 +	void *iv;
 +	size_t ivlen;
 +	void *data;
 +	size_t datalen;
 +	void *outdata;
 +
 +	for (i = 1; i < argc; ++i) {
 +		if (strcmp(argv[i], "--algo") == 0) {
 +			algo = argv[++i];
 +		} else if (strcmp(argv[i], "--key") == 0) {
 +			hexkey = argv[++i];
 +		} else if (strcmp(argv[i], "--mode") == 0) {
 +			++i;
 +			if (argv[i] == NULL) {
 +				usage();
 +			}
 +			if (strncmp(argv[i], "enc", 3) == 0) {
 +				encrypt = 1;
 +			} else if (strncmp(argv[i], "dec", 3) == 0) {
 +				encrypt = 0;
 +			} else {
 +				usage();
 +			}
 +		} else if (strcmp(argv[i], "--iv") == 0) {
 +			hexiv = argv[++i];
 +		} else if (strcmp(argv[i], "--data") == 0) {
 +			hexdata = argv[++i];
 +		}
 +	}
 +
 +	if (hexkey == NULL || algo == NULL) {
 +		usage();
 +	}
 +
 +	SSLeay_add_all_algorithms();
 +
 +	c = cipher_by_name(algo);
 +	if (c == NULL) {
 +		fprintf(stderr, "Error: unknown algorithm\n");
 +		return 2;
 +	}
 +
 +	if (hexdata == NULL) {
 +		hexdata = read_stdin();
 +	} else {
 +		hexdata = xstrdup(hexdata);
 +	}
 +
 +	key = fromhex(hexkey, &keylen);
 +
 +	if (keylen != 16 && keylen != 24 && keylen == 32) {
 +		fprintf(stderr, "Error: unsupported key length\n");
 +		return 2;
 +	}
 +
 +	iv = fromhex(hexiv, &ivlen);
 +
 +	if (ivlen != 16) {
 +		fprintf(stderr, "Error: unsupported iv length\n");
 +		return 2;
 +	}
 +
 +	data = fromhex(hexdata, &datalen);
 +
 +	if (data == NULL || datalen == 0) {
 +		fprintf(stderr, "Error: no data to encrypt/decrypt\n");
 +		return 2;
 +	}
 +
 +	cipher_init(&cc, c, key, keylen, iv, ivlen, encrypt);
 +
 +	free(key);
 +	free(iv);
 +
 +	outdata = malloc(datalen);
 +	if (outdata == NULL) {
 +		fprintf(stderr, "Error: memory allocation failure\n");
 +		return 2;
 +	}
 +
 +	cipher_crypt(&cc, 0, outdata, data, datalen, 0, 0);
 +
 +	free(data);
 +
 +	cipher_cleanup(&cc);
 +
 +	for (p = outdata; datalen > 0; ++p, --datalen) {
 +		printf("%02X", (unsigned char) *p);
 +	}
 +
 +	free(outdata);
 +
 +	printf("\n");
 +	return 0;
 +}
--- a/openssh-7.2p2-cavstest-kdf.patch
+++ b/openssh-7.2p2-cavstest-kdf.patch
@ -0,0 +1,469 @@
 # HG changeset patch
 # Parent  f9ffcfb88e5a9d611a61aee3571050dea67e363e
 CAVS test for KDF implementation in OpenSSH
 diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
 --- a/openssh-7.2p2/Makefile.in
 +++ b/openssh-7.2p2/Makefile.in
@@ -22,16 +22,17 @@ top_srcdir=@top_srcdir@
 DESTDIR=
 VPATH=@srcdir@
 SSH_PROGRAM=@bindir@/ssh
 ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass
 SFTP_SERVER=$(libexecdir)/sftp-server
 SSH_KEYSIGN=$(libexecdir)/ssh-keysign
 SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
 CAVSTEST_CTR=$(libexecdir)/cavstest-ctr
 +CAVSTEST_KDF=$(libexecdir)/cavstest-kdf
 PRIVSEP_PATH=@PRIVSEP_PATH@
 SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
 STRIP_OPT=@STRIP_OPT@
 TEST_SHELL=@TEST_SHELL@
 PATHS= -DSSHDIR=\"$(sysconfdir)\" \
 	-D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
 	-D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \
@@ -60,17 +61,17 @@ SED=@SED@
 ENT=@ENT@
 XAUTH_PATH=@XAUTH_PATH@
 LDFLAGS=-L. -Lopenbsd-compat/ @LDFLAGS@
 EXEEXT=@EXEEXT@
 MANFMT=@MANFMT@
 TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT)
 -TARGETS += cavstest-ctr$(EXEEXT)
 +TARGETS += cavstest-ctr$(EXEEXT) cavstest-kdf$(EXEEXT)
 LIBOPENSSH_OBJS=\
 	ssh_api.o \
 	ssherr.o \
 	sshbuf.o \
 	sshkey.o \
 	sshbuf-getput-basic.o \
 	sshbuf-misc.o \
@@ -197,16 +198,19 @@ sftp-server$(EXEEXT): $(LIBCOMPAT) libss
 sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o
 	$(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
 # FIPS tests
 cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-ctr.o
 	$(LD) -o $@ cavstest-ctr.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
 +cavstest-kdf$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-kdf.o
 +	$(LD) -o $@ cavstest-kdf.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
 +
 # test driver for the loginrec code - not built by default
 logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
 	$(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS)
 $(MANPAGES): $(MANPAGES_IN)
 	if test "$(MANTYPE)" = "cat"; then \
 		manpage=$(srcdir)/`echo $@ | sed 's/\.[1-9]\.out$$/\.0/'`; \
 	else \
@@ -318,16 +322,17 @@ install-files:
 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) sshd$(EXEEXT) $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
 	$(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT)
 +	$(INSTALL) -m 0755 $(STRIP_OPT) cavstest-kdf$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-kdf$(EXEEXT)
 	$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
 	$(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
 	$(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
 	$(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1
 	$(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
 	$(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
 	$(INSTALL) -m 644 moduli.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/moduli.5
 	$(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
 diff --git a/openssh-7.2p2/cavstest-kdf.c b/openssh-7.2p2/cavstest-kdf.c
 new file mode 100644
 --- /dev/null
 +++ b/openssh-7.2p2/cavstest-kdf.c
@@ -0,0 +1,382 @@
 +/*
 + * Copyright (C) 2015, Stephan Mueller <smueller@chronox.de>
 + *
 + * Redistribution and use in source and binary forms, with or without
 + * modification, are permitted provided that the following conditions
 + * are met:
 + * 1. Redistributions of source code must retain the above copyright
 + *    notice, and the entire permission notice in its entirety,
 + *    including the disclaimer of warranties.
 + * 2. Redistributions in binary form must reproduce the above copyright
 + *    notice, this list of conditions and the following disclaimer in the
 + *    documentation and/or other materials provided with the distribution.
 + * 3. The name of the author may not be used to endorse or promote
 + *    products derived from this software without specific prior
 + *    written permission.
 + *
 + * ALTERNATIVELY, this product may be distributed under the terms of
 + * the GNU General Public License, in which case the provisions of the GPL2
 + * are required INSTEAD OF the above restrictions.  (This clause is
 + * necessary due to a potential bad interaction between the GPL and
 + * the restrictions contained in a BSD-style copyright.)
 + *
 + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
 + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, ALL OF
 + * WHICH ARE HEREBY DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE
 + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
 + * OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
 + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
 + * USE OF THIS SOFTWARE, EVEN IF NOT ADVISED OF THE POSSIBILITY OF SUCH
 + * DAMAGE.
 + */
 +
 +#include "includes.h"
 +
 +#include <stdio.h>
 +#include <stdlib.h>
 +#include <errno.h>
 +#include <sys/types.h>
 +#include <string.h>
 +
 +#include <openssl/bn.h>
 +
 +#include "xmalloc.h"
 +#include "buffer.h"
 +#include "key.h"
 +#include "cipher.h"
 +#include "kex.h"
 +#include "packet.h"
 +
 +static int bin_char(unsigned char hex)
 +{
 +	if (48 <= hex && 57 >= hex)
 +		return (hex - 48);
 +	if (65 <= hex && 70 >= hex)
 +		return (hex - 55);
 +	if (97 <= hex && 102 >= hex)
 +		return (hex - 87);
 +	return 0;
 +}
 +
 +/*
 + * Convert hex representation into binary string
 + * @hex input buffer with hex representation
 + * @hexlen length of hex
 + * @bin output buffer with binary data
 + * @binlen length of already allocated bin buffer (should be at least
 + *	   half of hexlen -- if not, only a fraction of hexlen is converted)
 + */
 +static void hex2bin(const char *hex, size_t hexlen,
 +		    unsigned char *bin, size_t binlen)
 +{
 +	size_t i = 0;
 +	size_t chars = (binlen > (hexlen / 2)) ? (hexlen / 2) : binlen;
 +
 +	for (i = 0; i < chars; i++) {
 +		bin[i] = bin_char(hex[(i*2)]) << 4;
 +		bin[i] |= bin_char(hex[((i*2)+1)]);
 +	}
 +}
 +
 +/*
 + * Allocate sufficient space for binary representation of hex
 + * and convert hex into bin
 + *
 + * Caller must free bin
 + * @hex input buffer with hex representation
 + * @hexlen length of hex
 + * @bin return value holding the pointer to the newly allocated buffer
 + * @binlen return value holding the allocated size of bin
 + *
 + * return: 0 on success, !0 otherwise
 + */
 +static int hex2bin_alloc(const char *hex, size_t hexlen,
 +			 unsigned char **bin, size_t *binlen)
 +{
 +	unsigned char *out = NULL;
 +	size_t outlen = 0;
 +
 +	if (!hexlen)
 +		return -EINVAL;
 +
 +	outlen = (hexlen + 1) / 2;
 +
 +	out = calloc(1, outlen);
 +	if (!out)
 +		return -errno;
 +
 +	hex2bin(hex, hexlen, out, outlen);
 +	*bin = out;
 +	*binlen = outlen;
 +	return 0;
 +}
 +
 +static char hex_char_map_l[] = { '0', '1', '2', '3', '4', '5', '6', '7',
 +				 '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
 +static char hex_char_map_u[] = { '0', '1', '2', '3', '4', '5', '6', '7',
 +				 '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };
 +static char hex_char(unsigned int bin, int u)
 +{
 +	if (bin < sizeof(hex_char_map_l))
 +		return (u) ? hex_char_map_u[bin] : hex_char_map_l[bin];
 +	return 'X';
 +}
 +
 +/*
 + * Convert binary string into hex representation
 + * @bin input buffer with binary data
 + * @binlen length of bin
 + * @hex output buffer to store hex data
 + * @hexlen length of already allocated hex buffer (should be at least
 + *	   twice binlen -- if not, only a fraction of binlen is converted)
 + * @u case of hex characters (0=>lower case, 1=>upper case)
 + */
 +static void bin2hex(const unsigned char *bin, size_t binlen,
 +		    char *hex, size_t hexlen, int u)
 +{
 +	size_t i = 0;
 +	size_t chars = (binlen > (hexlen / 2)) ? (hexlen / 2) : binlen;
 +
 +	for (i = 0; i < chars; i++) {
 +		hex[(i*2)] = hex_char((bin[i] >> 4), u);
 +		hex[((i*2)+1)] = hex_char((bin[i] & 0x0f), u);
 +	}
 +}
 +
 +struct kdf_cavs {
 +	unsigned char *K;
 +	size_t Klen;
 +	unsigned char *H;
 +	size_t Hlen;
 +	unsigned char *session_id;
 +	size_t session_id_len;
 +
 +	unsigned int iv_len;
 +	unsigned int ek_len;
 +	unsigned int ik_len;
 +};
 +
 +static int sshkdf_cavs(struct kdf_cavs *test)
 +{
 +	int ret = 0;
 +	struct kex kex;
 +    struct ssh ssh;
 +	BIGNUM *Kbn = NULL;
 +	int mode = 0;
 +	struct newkeys *keys_client;
 +	struct newkeys *keys_server;
 +
 +#define HEXOUTLEN 500
 +	char hex[HEXOUTLEN];
 +
 +	memset(&ssh, 0, sizeof(struct ssh));
 +	memset(&kex, 0, sizeof(struct kex));
 +    ssh.kex = &kex;
 +
 +	Kbn = BN_new();
 +	BN_bin2bn(test->K, test->Klen, Kbn);
 +	if (!Kbn) {
 +		printf("cannot convert K into BIGNUM\n");
 +		ret = 1;
 +		goto out;
 +	}
 +
 +	kex.session_id = test->session_id;
 +	kex.session_id_len = test->session_id_len;
 +
 +	/* setup kex */
 +
 +	/* select the right hash based on struct ssh_digest digests */
 +	switch (test->ik_len) {
 +		case 20:
 +			kex.hash_alg = 2;
 +			break;
 +		case 32:
 +			kex.hash_alg = 3;
 +			break;
 +		case 48:
 +			kex.hash_alg = 4;
 +			break;
 +		case 64:
 +			kex.hash_alg = 5;
 +			break;
 +		default:
 +			printf("Wrong hash type %u\n", test->ik_len);
 +			ret = 1;
 +			goto out;
 +	}
 +
 +	/* implement choose_enc */
 +	for (mode = 0; mode < 2; mode++) {
 +		kex.newkeys[mode] = calloc(1, sizeof(struct newkeys));
 +		if (!kex.newkeys[mode]) {
 +			printf("allocation of newkeys failed\n");
 +			ret = 1;
 +			goto out;
 +		}
 +		kex.newkeys[mode]->enc.iv_len = test->iv_len;
 +		kex.newkeys[mode]->enc.key_len = test->ek_len;
 +		kex.newkeys[mode]->enc.block_size = (test->iv_len == 64) ? 8 : 16;
 +		kex.newkeys[mode]->mac.key_len = test->ik_len;
 +	}
 +
 +	/* implement kex_choose_conf */
 +	kex.we_need = kex.newkeys[0]->enc.key_len;
 +	if (kex.we_need < kex.newkeys[0]->enc.block_size)
 +		kex.we_need = kex.newkeys[0]->enc.block_size;
 +	if (kex.we_need < kex.newkeys[0]->enc.iv_len)
 +		kex.we_need = kex.newkeys[0]->enc.iv_len;
 +	if (kex.we_need < kex.newkeys[0]->mac.key_len)
 +		kex.we_need = kex.newkeys[0]->mac.key_len;
 +
 +	/* MODE_OUT (1) -> server to client
 +	 * MODE_IN (0) -> client to server */
 +	kex.server = 1;
 +
 +	/* do it */
 +	kex_derive_keys_bn(&ssh, test->H, test->Hlen, Kbn);
 +
 +	keys_client = ssh.kex->newkeys[0];
 +	keys_server = ssh.kex->newkeys[1];
 +
 +	/* get data */
 +	memset(hex, 0, HEXOUTLEN);
 +	bin2hex(keys_client->enc.iv, (size_t)keys_client->enc.iv_len,
 +		hex, HEXOUTLEN, 0);
 +	printf("Initial IV (client to server) = %s\n", hex);
 +
 +	memset(hex, 0, HEXOUTLEN);
 +	bin2hex(keys_server->enc.iv, (size_t)keys_server->enc.iv_len,
 +		hex, HEXOUTLEN, 0);
 +	printf("Initial IV (server to client) = %s\n", hex);
 +
 +	memset(hex, 0, HEXOUTLEN);
 +	bin2hex(keys_client->enc.key, (size_t)keys_client->enc.key_len,
 +		hex, HEXOUTLEN, 0);
 +	printf("Encryption key (client to server) = %s\n", hex);
 +	
 +	memset(hex, 0, HEXOUTLEN);
 +	bin2hex(keys_server->enc.key, (size_t)keys_server->enc.key_len,
 +		hex, HEXOUTLEN, 0);
 +	printf("Encryption key (server to client) = %s\n", hex);
 +
 +	memset(hex, 0, HEXOUTLEN);
 +	bin2hex(keys_client->mac.key, (size_t)keys_client->mac.key_len,
 +		hex, HEXOUTLEN, 0);
 +	printf("Integrity key (client to server) = %s\n", hex);
 +	
 +	memset(hex, 0, HEXOUTLEN);
 +	bin2hex(keys_server->mac.key, (size_t)keys_server->mac.key_len,
 +		hex, HEXOUTLEN, 0);
 +	printf("Integrity key (server to client) = %s\n", hex);
 +
 +	free(keys_client);
 +	free(keys_server);
 +
 +out:
 +	if (Kbn)
 +		BN_free(Kbn);
 +	if (kex.newkeys[0])
 +		free(kex.newkeys[0]);
 +	if (kex.newkeys[1])
 +		free(kex.newkeys[1]);
 +	return ret;
 +}
 +
 +static void usage(void)
 +{
 +	fprintf(stderr, "\nOpenSSH KDF CAVS Test\n\n");
 +	fprintf(stderr, "Usage:\n");
 +	fprintf(stderr, "\t-K\tShared secret string\n");
 +	fprintf(stderr, "\t-H\tHash string\n");
 +	fprintf(stderr, "\t-s\tSession ID string\n");
 +	fprintf(stderr, "\t-i\tIV length to be generated\n");
 +	fprintf(stderr, "\t-e\tEncryption key length to be generated\n");
 +	fprintf(stderr, "\t-m\tMAC key length to be generated\n");
 +}
 +
 +/*
 + * Test command example:
 + * ./ssh-cavs -K 0055d50f2d163cc07cd8a93cc7c3430c30ce786b572c01ad29fec7597000cf8618d664e2ec3dcbc8bb7a1a7eb7ef67f61cdaf291625da879186ac0a5cb27af571b59612d6a6e0627344d846271959fda61c78354aa498773d59762f8ca2d0215ec590d8633de921f920d41e47b3de6ab9a3d0869e1c826d0e4adebf8e3fb646a15dea20a410b44e969f4b791ed6a67f13f1b74234004d5fa5e87eff7abc32d49bbdf44d7b0107e8f10609233b7e2b7eff74a4daf25641de7553975dac6ac1e5117df6f6dbaa1c263d23a6c3e5a3d7d49ae8a828c1e333ac3f85fbbf57b5c1a45be45e43a7be1a4707eac779b8285522d1f531fe23f890fd38a004339932b93eda4 -H d3ab91a850febb417a25d892ec48ed5952c7a5de -s d3ab91a850febb417a25d892ec48ed5952c7a5de -i 8 -e 24 -m 20
 + *
 + * Expected result for example:
 + * Initial IV (client to server) = 4bb320d1679dfd3a
 + * Encryption key (client to server) = 13048cc600b9d3cf9095aa6cf8e2ff9cf1c54ca0520c89ed
 + * Integrity key (client to server) = ecef63a092b0dcc585bdc757e01b2740af57d640
 + * Initial IV (server to client) = 43dea6fdf263a308
 + * Encryption key (server to client) = 1e483c5134e901aa11fc4e0a524e7ec7b75556148a222bb0
 + * Integrity key (server to client) = 7424b05f3c44a72b4ebd281fb71f9cbe7b64d479
 + */
 +int main(int argc, char *argv[])
 +{
 +	struct kdf_cavs test;
 +	int ret = 1;
 +	int opt = 0;
 +
 +	memset(&test, 0, sizeof(struct kdf_cavs));
 +	while((opt = getopt(argc, argv, "K:H:s:i:e:m:")) != -1)
 +	{
 +		size_t len = 0;
 +		switch(opt)
 +		{
 +			/*
 +			 * CAVS K is MPINT
 +			 * we want a hex (i.e. the caller must ensure the
 +			 * following transformations already happened):
 +			 * 	1. cut off first four bytes
 +			 * 	2. if most significant bit of value is
 +			 *	   1, prepend 0 byte
 +			 */
 +			case 'K':
 +				len = strlen(optarg);
 +				ret = hex2bin_alloc(optarg, len,
 +						    &test.K, &test.Klen);
 +				if (ret)
 +					goto out;
 +				break;
 +			case 'H':
 +				len = strlen(optarg);
 +				ret = hex2bin_alloc(optarg, len,
 +						    &test.H, &test.Hlen);
 +				if (ret)
 +					goto out;
 +				break;
 +			case 's':
 +				len = strlen(optarg);
 +				ret = hex2bin_alloc(optarg, len,
 +						    &test.session_id,
 +						    &test.session_id_len);
 +				if (ret)
 +					goto out;
 +				break;
 +			case 'i':
 +				test.iv_len = strtoul(optarg, NULL, 10);
 +				break;
 +			case 'e':
 +				test.ek_len = strtoul(optarg, NULL, 10);
 +				break;
 +			case 'm':
 +				test.ik_len = strtoul(optarg, NULL, 10);
 +				break;
 +			default:
 +				usage();
 +				goto out;
 +		}
 +	}
 +
 +	ret = sshkdf_cavs(&test);
 +
 +out:
 +	if (test.session_id)
 +		free(test.session_id);
 +	if (test.K)
 +		free(test.K);
 +	if (test.H)
 +		free(test.H);
 +	return ret;
 +
 +}
--- a/openssh-7.2p2-disable_openssl_abi_check.patch
+++ b/openssh-7.2p2-disable_openssl_abi_check.patch
@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  16c4937db837ab7cdbe0422b81de0e7a9a8479cd
+# Parent  4821397c95e57962905e6d47554bef9e4ea57483
 disable run-time check for OpenSSL ABI by version number as that is not a
 reliable indicator of ABI changes and doesn't make much sense in a
 distribution package
@ -7,7 +7,7 @@ distribution package
 diff --git a/openssh-7.2p2/configure.ac b/openssh-7.2p2/configure.ac
 --- a/openssh-7.2p2/configure.ac
 +++ b/openssh-7.2p2/configure.ac
-@@ -4639,16 +4639,29 @@ AC_ARG_WITH([bsd-auth],
+@@ -4663,16 +4663,29 @@ AC_ARG_WITH([bsd-auth],
 		if test "x$withval" != "xno" ; then
 			AC_DEFINE([BSD_AUTH], [1],
 				[Define if you have BSD auth support])
--- a/openssh-7.2p2-disable_preauth_compression.patch
+++ b/openssh-7.2p2-disable_preauth_compression.patch
--- a/openssh-7.2p2-fips.patch
+++ b/openssh-7.2p2-fips.patch
@ -1,24 +1,22 @@
 # HG changeset patch
-# Parent  3e1393b771d6430ae09ae30741a3b9b382e3e041
+# Parent  5f2b8faa3b60de28124d9d4a44ffa2635d67f601
 FIPS 140-2 compliance. Perform selftests on start and use only FIPS approved
 algorithms.
 diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
 --- a/openssh-7.2p2/Makefile.in
 +++ b/openssh-7.2p2/Makefile.in
-@@ -87,17 +87,18 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
+@@ -89,16 +89,18 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
 	msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \
 	ssh-pkcs11.o smult_curve25519_ref.o \
 	poly1305.o chacha.o cipher-chachapoly.o \
 	ssh-ed25519.o digest-openssl.o digest-libc.o hmac.o \
 	sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o \
 	kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \
 	kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o \
 	kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \
-	platform-pledge.o
+ 	platform-pledge.o
 +	platform-pledge.o \
 +	fips.o
 +LIBSSH_OBJS += fips.o
 +
 SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
 	sshconnect.o sshconnect1.o sshconnect2.o mux.o
@ -26,6 +24,7 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
 	audit.o audit-bsm.o audit-linux.o platform.o \
 	sshpty.o sshlogin.o servconf.o serverloop.o \
 	auth.o auth1.o auth2.o auth-options.o session.o \
 	auth-chall.o auth2-chall.o groupaccess.o \
 diff --git a/openssh-7.2p2/auth-rsa.c b/openssh-7.2p2/auth-rsa.c
 --- a/openssh-7.2p2/auth-rsa.c
 +++ b/openssh-7.2p2/auth-rsa.c
--- a/openssh-7.2p2-gssapi_key_exchange.patch
+++ b/openssh-7.2p2-gssapi_key_exchange.patch
@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  84a6252b7ac18855cf188e5911bdf8a757d4460a
+# Parent  df12d82287e3434a52c21a994b901302bd0c8064
 GSSAPI Key Exchange implementation
 diff --git a/openssh-7.2p2/ChangeLog.gssapi b/openssh-7.2p2/ChangeLog.gssapi
@ -123,7 +123,7 @@ new file mode 100644
 diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
 --- a/openssh-7.2p2/Makefile.in
 +++ b/openssh-7.2p2/Makefile.in
-@@ -85,18 +85,18 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
+@@ -89,18 +89,18 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
 	atomicio.o key.o dispatch.o mac.o uidswap.o uuencode.o misc.o \
 	monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \
 	msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \
@ -136,14 +136,14 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
 -	kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \
 +	kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o kexgssc.o \
 +	kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o kexgsss.o \
- 	platform-pledge.o \
+ 	platform-pledge.o
- 	fips.o
+ 
 LIBSSH_OBJS += fips.o
 SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
 	sshconnect.o sshconnect1.o sshconnect2.o mux.o
 SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
 	audit.o audit-bsm.o audit-linux.o platform.o \
 diff --git a/openssh-7.2p2/auth-krb5.c b/openssh-7.2p2/auth-krb5.c
 --- a/openssh-7.2p2/auth-krb5.c
 +++ b/openssh-7.2p2/auth-krb5.c
@ -1279,8 +1279,7 @@ diff --git a/openssh-7.2p2/gss-serv.c b/openssh-7.2p2/gss-serv.c
 +	return (PAM_CONV_ERR);
 +}
 +#endif
- 
+
 -	return (ctx->major);
 +void
 +ssh_gssapi_rekey_creds() {
 +	int ok;
@ -1302,7 +1301,8 @@ diff --git a/openssh-7.2p2/gss-serv.c b/openssh-7.2p2/gss-serv.c
 +		return;
 +
 +	debug("Rekeyed credentials stored successfully");
-+
+ 
 -	return (ctx->major);
 +	/* Actually managing to play with the ssh pam stack from here will
 +	 * be next to impossible. In any case, we may want different options
 +	 * for rekeying. So, use our own :)
--- a/openssh-7.2p2-host_ident.patch
+++ b/openssh-7.2p2-host_ident.patch
@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  605a6220fcc2c96e9196681fe480fab16b505ee1
+# Parent  e2f9b3303b4a4ed5d0e5f01009dd1ebea166890d
 Suggest command line for removal of offending keys from known_hosts file
 diff --git a/openssh-7.2p2/sshconnect.c b/openssh-7.2p2/sshconnect.c
@ -14,11 +14,11 @@ diff --git a/openssh-7.2p2/sshconnect.c b/openssh-7.2p2/sshconnect.c
 		    user_hostfiles[0]);
 		error("Offending %s key in %s:%lu", key_type(host_found->key),
 		    host_found->file, host_found->line);
-+		error("You can use following command to remove all keys for this IP:");
+		error("You can use following command to remove the offending key:");
 +		if (host_found->file)
-+			error("ssh-keygen -R %s -f %s", hostname, host_found->file);
+			error("ssh-keygen -R %s -f %s", host, host_found->file);
 +		else
-+			error("ssh-keygen -R %s", hostname);
+			error("ssh-keygen -R %s", host);
 		/*
 		 * If strict host key checking is in use, the user will have
--- a/openssh-7.2p2-ignore_PAM_with_UseLogin.patch
+++ b/openssh-7.2p2-ignore_PAM_with_UseLogin.patch
@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  cb9be7363a9f32133f0d105d515149dd77cc8cd3
+# Parent  0f00e960e1069c6a6eec975cc184171343701077
 Do not import PAM environment variables when using login, since it may have
 security implications.
--- a/openssh-7.2p2-keep_slogin.patch
+++ b/openssh-7.2p2-keep_slogin.patch
@ -0,0 +1,66 @@
 # HG changeset patch
 # Parent  7c29b31d3502bbf5b80e01f8d1db8b2733a3c7f4
 Add slogin back to the distribution, since it might be used downstreams
 Revert of cupstream commit 69fead5d7cdaa73bdece9fcba80f8e8e70b90346
 diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
 --- a/openssh-7.2p2/Makefile.in
 +++ b/openssh-7.2p2/Makefile.in
@@ -354,16 +354,20 @@ install-files:
 	$(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
 	$(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
 	$(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
 	$(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8
 	if test ! -z "$(INSTALL_SSH_LDAP_HELPER)" ; then \
 		$(INSTALL) -m 644 ssh-ldap-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-ldap-helper.8 ; \
 		$(INSTALL) -m 644 ssh-ldap.conf.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh-ldap.conf.5 ; \
 	fi
 +	-rm -f $(DESTDIR)$(bindir)/slogin
 +	ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin
 +	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
 +	ln -s ./ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
 install-sysconf:
 	if [ ! -d $(DESTDIR)$(sysconfdir) ]; then \
 		$(srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir); \
 	fi
 	@if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config ]; then \
 		$(INSTALL) -m 644 ssh_config.out $(DESTDIR)$(sysconfdir)/ssh_config; \
 	else \
@@ -415,16 +419,17 @@ uninstallall:	uninstall
 	-rmdir $(DESTDIR)$(bindir)
 	-rmdir $(DESTDIR)$(sbindir)
 	-rmdir $(DESTDIR)$(mandir)/$(mansubdir)1
 	-rmdir $(DESTDIR)$(mandir)/$(mansubdir)8
 	-rmdir $(DESTDIR)$(mandir)
 	-rmdir $(DESTDIR)$(libexecdir)
 uninstall:
 +	-rm -f $(DESTDIR)$(bindir)/slogin
 	-rm -f $(DESTDIR)$(bindir)/ssh$(EXEEXT)
 	-rm -f $(DESTDIR)$(bindir)/scp$(EXEEXT)
 	-rm -f $(DESTDIR)$(bindir)/ssh-add$(EXEEXT)
 	-rm -f $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT)
 	-rm -f $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT)
 	-rm -f $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT)
 	-rm -f $(DESTDIR)$(bindir)/sftp$(EXEEXT)
 	-rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
@@ -440,16 +445,17 @@ uninstall:
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-ldap-helper.8
 +	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
 regress-prep:
 	[ -d `pwd`/regress ] || mkdir -p `pwd`/regress
 	[ -d `pwd`/regress/unittests ] || mkdir -p `pwd`/regress/unittests
 	[ -d `pwd`/regress/unittests/test_helper ] || \
 		mkdir -p `pwd`/regress/unittests/test_helper
 	[ -d `pwd`/regress/unittests/sshbuf ] || \
 		mkdir -p `pwd`/regress/unittests/sshbuf
--- a/openssh-7.2p2-kex_resource_depletion.patch
+++ b/openssh-7.2p2-kex_resource_depletion.patch
@ -0,0 +1,30 @@
 # HG changeset patch
 # Parent  5d3b620e9c7c42bfb1d8f24eb7e0645a55d967fa
 Prevent memory depletion during key exchange
 CVE-2016-8858
 bsc#1005480
 upstream commit ec165c392ca54317dbe3064a8c200de6531e89ad
 diff --git a/openssh-7.2p2/kex.c b/openssh-7.2p2/kex.c
 --- a/openssh-7.2p2/kex.c
 +++ b/openssh-7.2p2/kex.c
@@ -523,16 +523,17 @@ kex_input_kexinit(int type, u_int32_t se
 	u_int i;
 	size_t dlen;
 	int r;
 	debug("SSH2_MSG_KEXINIT received");
 	if (kex == NULL)
 		return SSH_ERR_INVALID_ARGUMENT;
 +	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
 	ptr = sshpkt_ptr(ssh, &dlen);
 	if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
 		return r;
 	/* discard packet */
 	for (i = 0; i < KEX_COOKIE_LEN; i++)
 		if ((r = sshpkt_get_u8(ssh, NULL)) != 0)
 			return r;
--- a/openssh-7.2p2-ldap.patch
+++ b/openssh-7.2p2-ldap.patch
@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  b8135c449e59282a8926ff44fcb4670baf8f158e
+# Parent  a47716db81c68026e9d37db568c2c313acc53f86
 # Helper app for retrieving keys from a LDAP server
 # by Jan F. Chadima <jchadima@redhat.com>
 #
@ -137,28 +137,26 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
 SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
 +SSH_LDAP_HELPER=$(libexecdir)/ssh-ldap-helper
 +SSH_LDAP_WRAPPER=$(libexecdir)/ssh-ldap-wrapper
 CAVSTEST_CTR=$(libexecdir)/cavstest-ctr
 CAVSTEST_KDF=$(libexecdir)/cavstest-kdf
 PRIVSEP_PATH=@PRIVSEP_PATH@
 SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
 STRIP_OPT=@STRIP_OPT@
 TEST_SHELL=@TEST_SHELL@
 PATHS= -DSSHDIR=\"$(sysconfdir)\" \
- 	-D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
+@@ -63,16 +65,19 @@ XAUTH_PATH=@XAUTH_PATH@
 	-D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \
@@ -57,17 +59,19 @@ INSTALL=@INSTALL@
 PERL=@PERL@
 SED=@SED@
 ENT=@ENT@
 XAUTH_PATH=@XAUTH_PATH@
 LDFLAGS=-L. -Lopenbsd-compat/ @LDFLAGS@
 EXEEXT=@EXEEXT@
 MANFMT=@MANFMT@
-TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT)
+ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT)
 +INSTALL_SSH_LDAP_HELPER=@INSTALL_SSH_LDAP_HELPER@
 +
 +TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-ldap-helper$(EXEEXT)
 TARGETS += cavstest-ctr$(EXEEXT) cavstest-kdf$(EXEEXT)
 +INSTALL_SSH_LDAP_HELPER=@INSTALL_SSH_LDAP_HELPER@
 +TARGETS += ssh-ldap-helper$(EXEEXT)
 +
 LIBOPENSSH_OBJS=\
 	ssh_api.o \
 	ssherr.o \
@ -166,7 +164,8 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
 	sshkey.o \
 	sshbuf-getput-basic.o \
 	sshbuf-misc.o \
-@@ -109,18 +113,18 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw
+ 	sshbuf-getput-crypto.o \
@@ -114,18 +119,18 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw
 	monitor_mm.o monitor.o monitor_wrap.o auth-krb5.o \
 	auth2-gss.o gss-serv.o gss-serv-krb5.o \
 	loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
@ -187,7 +186,7 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
 PATHSUBS	= \
 	-e 's|/etc/ssh/ssh_config|$(sysconfdir)/ssh_config|g' \
 	-e 's|/etc/ssh/ssh_known_hosts|$(sysconfdir)/ssh_known_hosts|g' \
-@@ -184,16 +188,19 @@ ssh-keysign$(EXEEXT): $(LIBCOMPAT) libss
+@@ -189,16 +194,19 @@ ssh-keysign$(EXEEXT): $(LIBCOMPAT) libss
 	$(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
 ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o
@ -205,9 +204,9 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
 sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o
 	$(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
- # test driver for the loginrec code - not built by default
+ # FIPS tests
- logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
+ cavstest-ctr$(EXEEXT): $(LIBCOMPAT) libssh.a cavstest-ctr.o
-@@ -308,32 +315,40 @@ install-files:
+@@ -320,16 +328,20 @@ install-files:
 	$(INSTALL) -m 0755 $(STRIP_OPT) scp$(EXEEXT) $(DESTDIR)$(bindir)/scp$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-add$(EXEEXT) $(DESTDIR)$(bindir)/ssh-add$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-agent$(EXEEXT) $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT)
@ -222,12 +221,13 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
 +	fi
 	$(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) cavstest-ctr$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-ctr$(EXEEXT)
 	$(INSTALL) -m 0755 $(STRIP_OPT) cavstest-kdf$(EXEEXT) $(DESTDIR)$(libexecdir)/cavstest-kdf$(EXEEXT)
 	$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
 	$(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
 	$(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
 	$(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1
- 	$(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
+@@ -338,16 +350,20 @@ install-files:
 	$(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
 	$(INSTALL) -m 644 moduli.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/moduli.5
 	$(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
 	$(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5
@ -248,7 +248,7 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
 	@if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config ]; then \
 		$(INSTALL) -m 644 ssh_config.out $(DESTDIR)$(sysconfdir)/ssh_config; \
 	else \
-@@ -349,16 +364,23 @@ install-sysconf:
+@@ -363,16 +379,23 @@ install-sysconf:
 			echo "moving $(DESTDIR)$(sysconfdir)/primes to $(DESTDIR)$(sysconfdir)/moduli"; \
 			mv "$(DESTDIR)$(sysconfdir)/primes" "$(DESTDIR)$(sysconfdir)/moduli"; \
 		else \
@ -272,7 +272,7 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
 host-key-force: ssh-keygen$(EXEEXT) ssh$(EXEEXT)
 	if ./ssh -Q protocol-version | grep '^1$$' >/dev/null; then \
-@@ -389,27 +411,30 @@ uninstall:
+@@ -403,27 +426,30 @@ uninstall:
 	-rm -f $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT)
 	-rm -f $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT)
 	-rm -f $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT)
@ -306,7 +306,7 @@ diff --git a/openssh-7.2p2/Makefile.in b/openssh-7.2p2/Makefile.in
 diff --git a/openssh-7.2p2/configure.ac b/openssh-7.2p2/configure.ac
 --- a/openssh-7.2p2/configure.ac
 +++ b/openssh-7.2p2/configure.ac
-@@ -1620,16 +1620,116 @@ AC_ARG_WITH([audit],
+@@ -1644,16 +1644,116 @@ AC_ARG_WITH([audit],
 		AC_MSG_RESULT([no])
 		;;
 	  *)
--- a/openssh-7.2p2-limit_password_length.patch
+++ b/openssh-7.2p2-limit_password_length.patch
@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  e351203d2784230a3b56b8e3dd6955403ed10ca4
+# Parent  9888bc3f536eab9f528d9c96e5e8a2501ed168f5
 Limit accepted passwords length to prevent DoS by resource consumption
 (via crypt() eating CPU cycles).
--- a/openssh-7.2p2-login_options.patch
+++ b/openssh-7.2p2-login_options.patch
@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  295ae9c5f5da12d273f3b91e90145b449984a7dc
+# Parent  b86c2190c93aeaf958c22fc7b224dcaf87100288
 # HG changeset patch
 # Parent  b262fd34c8ecd55e93d457b3ca5593abce716856
 # login-pam cannot handle the option terminator "--" as login from util-linux
--- a/openssh-7.2p2-no_fork-no_pid_file.patch
+++ b/openssh-7.2p2-no_fork-no_pid_file.patch
@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  7ce81a30bb196401c63782b646d8a6d511ddec4b
+# Parent  4011d0f5c00b663976c9940dc4ef79642605cf90
 Do not write a PID file when not daemonizing (e.g. when running from systemd)
 diff --git a/openssh-7.2p2/sshd.c b/openssh-7.2p2/sshd.c
--- a/openssh-7.2p2-prevent_private_key_leakage.patch
+++ b/openssh-7.2p2-prevent_private_key_leakage.patch
@ -0,0 +1,188 @@
 # HG changeset patch
 # Parent  e2a8c999f737bca97bbc330ce6683de842ba195e
 Pre-allocare buffer for private keys data to prevent leaking of sensitive data
 via heap.
 CVE-2016-10011
 bsc#1016369
 backported upstream commit 54d022026aae4f53fa74cc636e4a032d9689b64d
 backported upstream commit a9c746088787549bb5b1ae3add7d06a1b6d93d5e
 diff --git a/openssh-7.2p2/authfile.c b/openssh-7.2p2/authfile.c
 --- a/openssh-7.2p2/authfile.c
 +++ b/openssh-7.2p2/authfile.c
@@ -95,23 +95,35 @@ sshkey_save_private(struct sshkey *key, 
 /* Load a key from a fd into a buffer */
 int
 sshkey_load_file(int fd, struct sshbuf *blob)
 {
 	u_char buf[1024];
 	size_t len;
 	struct stat st;
 -	int r;
 +	int r, dontmax = 0;
 	if (fstat(fd, &st) < 0)
 		return SSH_ERR_SYSTEM_ERROR;
 	if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 &&
 	    st.st_size > MAX_KEY_FILE_SIZE)
 		return SSH_ERR_INVALID_FORMAT;
 +	/*
 +	 * Pre-allocate the buffer used for the key contents and clamp its
 +	 * maximum size. This ensures that key contents are never leaked via
 +	 * implicit realloc() in the sshbuf code.
 +	 */
 +	if ((st.st_mode & S_IFREG) == 0 || st.st_size <= 0) {
 +		st.st_size = 64*1024; /* 64k should be enough for anyone :) */
 +		dontmax = 1;
 +	}
 +	if ((r = sshbuf_allocate(blob, st.st_size)) != 0 ||
 +	    (dontmax && (r = sshbuf_set_max_size(blob, st.st_size)) != 0))
 +		return r;
 	for (;;) {
 		if ((len = atomicio(read, fd, buf, sizeof(buf))) == 0) {
 			if (errno == EPIPE)
 				break;
 			r = SSH_ERR_SYSTEM_ERROR;
 			goto out;
 		}
 		if ((r = sshbuf_put(blob, buf, len)) != 0)
 diff --git a/openssh-7.2p2/sshbuf.c b/openssh-7.2p2/sshbuf.c
 --- a/openssh-7.2p2/sshbuf.c
 +++ b/openssh-7.2p2/sshbuf.c
@@ -311,63 +311,73 @@ sshbuf_check_reserve(const struct sshbuf
 	SSHBUF_TELL("check");
 	/* Check that len is reasonable and that max_size + available < len */
 	if (len > buf->max_size || buf->max_size - len < buf->size - buf->off)
 		return SSH_ERR_NO_BUFFER_SPACE;
 	return 0;
 }
 int
 -sshbuf_reserve(struct sshbuf *buf, size_t len, u_char **dpp)
 +sshbuf_allocate(struct sshbuf *buf, size_t len)
 {
 	size_t rlen, need;
 	u_char *dp;
 	int r;
 -	if (dpp != NULL)
 -		*dpp = NULL;
 -
 -	SSHBUF_DBG(("reserve buf = %p len = %zu", buf, len));
 +	SSHBUF_DBG(("allocate buf = %p len = %zu", buf, len));
 	if ((r = sshbuf_check_reserve(buf, len)) != 0)
 		return r;
 	/*
 	 * If the requested allocation appended would push us past max_size
 	 * then pack the buffer, zeroing buf->off.
 	 */
 	sshbuf_maybe_pack(buf, buf->size + len > buf->max_size);
 -	SSHBUF_TELL("reserve");
 -	if (len + buf->size > buf->alloc) {
 -		/*
 -		 * Prefer to alloc in SSHBUF_SIZE_INC units, but
 -		 * allocate less if doing so would overflow max_size.
 -		 */
 -		need = len + buf->size - buf->alloc;
 -		rlen = roundup(buf->alloc + need, SSHBUF_SIZE_INC);
 -		SSHBUF_DBG(("need %zu initial rlen %zu", need, rlen));
 -		if (rlen > buf->max_size)
 -			rlen = buf->alloc + need;
 -		SSHBUF_DBG(("adjusted rlen %zu", rlen));
 -		if ((dp = realloc(buf->d, rlen)) == NULL) {
 -			SSHBUF_DBG(("realloc fail"));
 -			if (dpp != NULL)
 -				*dpp = NULL;
 -			return SSH_ERR_ALLOC_FAIL;
 -		}
 -		buf->alloc = rlen;
 -		buf->cd = buf->d = dp;
 -		if ((r = sshbuf_check_reserve(buf, len)) < 0) {
 -			/* shouldn't fail */
 -			if (dpp != NULL)
 -				*dpp = NULL;
 -			return r;
 -		}
 +	SSHBUF_TELL("allocate");
 +	if (len + buf->size <= buf->alloc)
 +		return 0; /* already have it. */
 +
 +	/*
 +	 * Prefer to alloc in SSHBUF_SIZE_INC units, but
 +	 * allocate less if doing so would overflow max_size.
 +	 */
 +	need = len + buf->size - buf->alloc;
 +	rlen = roundup(buf->alloc + need, SSHBUF_SIZE_INC);
 +	SSHBUF_DBG(("need %zu initial rlen %zu", need, rlen));
 +	if (rlen > buf->max_size)
 +		rlen = buf->alloc + need;
 +	SSHBUF_DBG(("adjusted rlen %zu", rlen));
 +	if ((dp = realloc(buf->d, rlen)) == NULL) {
 +		SSHBUF_DBG(("realloc fail"));
 +		return SSH_ERR_ALLOC_FAIL;
 	}
 +	buf->alloc = rlen;
 +	buf->cd = buf->d = dp;
 +	if ((r = sshbuf_check_reserve(buf, len)) < 0) {
 +		/* shouldn't fail */
 +		return r;
 +	}
 +	SSHBUF_TELL("done");
 +	return 0;
 +}
 +
 +int
 +sshbuf_reserve(struct sshbuf *buf, size_t len, u_char **dpp)
 +{
 +	u_char *dp;
 +	int r;
 +
 +	if (dpp != NULL)
 +		*dpp = NULL;
 +
 +	SSHBUF_DBG(("reserve buf = %p len = %zu", buf, len));
 +	if ((r = sshbuf_allocate(buf, len)) != 0)
 +		return r;
 +
 	dp = buf->d + buf->size;
 	buf->size += len;
 -	SSHBUF_TELL("done");
 	if (dpp != NULL)
 		*dpp = dp;
 	return 0;
 }
 int
 sshbuf_consume(struct sshbuf *buf, size_t len)
 {
 diff --git a/openssh-7.2p2/sshbuf.h b/openssh-7.2p2/sshbuf.h
 --- a/openssh-7.2p2/sshbuf.h
 +++ b/openssh-7.2p2/sshbuf.h
@@ -134,16 +134,24 @@ u_char *sshbuf_mutable_ptr(const struct 
  * Check whether a reservation of size len will succeed in buf
  * Safer to use than direct comparisons again sshbuf_avail as it copes
  * with unsigned overflows correctly.
  * Returns 0 on success, or a negative SSH_ERR_* error code on failure.
  */
 int	sshbuf_check_reserve(const struct sshbuf *buf, size_t len);
 /*
 + * Preallocates len additional bytes in buf.
 + * Useful for cases where the caller knows how many bytes will ultimately be
 + * required to avoid realloc in the buffer code.
 + * Returns 0 on success, or a negative SSH_ERR_* error code on failure.
 + */
 +int	sshbuf_allocate(struct sshbuf *buf, size_t len);
 +
 +/*
  * Reserve len bytes in buf.
  * Returns 0 on success and a pointer to the first reserved byte via the
  * optional dpp parameter or a negative * SSH_ERR_* error code on failure.
  */
 int	sshbuf_reserve(struct sshbuf *buf, size_t len, u_char **dpp);
 /*
  * Consume len bytes from the start of buf
--- a/openssh-7.2p2-prevent_timing_user_enumeration.patch
+++ b/openssh-7.2p2-prevent_timing_user_enumeration.patch
@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  323ac0fc20b1d5e9bf7037e020adfd760dd2d5f2
+# Parent  4a254abf4ef391358257310ad2fe15c9e12dee34
 Prevent user enumeration through password processing timing
 CVE-2016-6210
 bsc#989363
--- a/openssh-7.2p2-restrict_pkcs11-modules.patch
+++ b/openssh-7.2p2-restrict_pkcs11-modules.patch
@ -0,0 +1,297 @@
 # HG changeset patch
 # Parent  22de9aeddbde2b36da9c23475cfa5dcd42e95287
 whitelist paths for loading of PKCS#11 modules in ssh-agent
 CVE-2016-10009
 bsc#1016366
 upstream commit 786d5994da79151180cb14a6cf157ebbba61c0cc
 diff --git a/openssh-7.2p2/ssh-agent.1 b/openssh-7.2p2/ssh-agent.1
 --- a/openssh-7.2p2/ssh-agent.1
 +++ b/openssh-7.2p2/ssh-agent.1
@@ -1,9 +1,9 @@
 -.\" $OpenBSD: ssh-agent.1,v 1.62 2015/11/15 23:54:15 jmc Exp $
 +.\" $OpenBSD: ssh-agent.1,v 1.63 2016/11/30 03:07:37 djm Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 .\"                    All rights reserved
 .\"
 .\" As far as I am concerned, the code I have written for this software
 .\" can be used freely for any purpose.  Any derived versions of this
 .\" software must be clearly marked as such, and if the derived work is
@@ -29,29 +29,30 @@
 .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
 -.Dd $Mdocdate: November 15 2015 $
 +.Dd $Mdocdate: November 30 2016 $
 .Dt SSH-AGENT 1
 .Os
 .Sh NAME
 .Nm ssh-agent
 .Nd authentication agent
 .Sh SYNOPSIS
 .Nm ssh-agent
 .Op Fl c | s
 .Op Fl \&Dd
 .Op Fl a Ar bind_address
 .Op Fl E Ar fingerprint_hash
 .Op Fl t Ar life
 +.Op Fl P Ar pkcs11_whitelist
 .Op Ar command Op Ar arg ...
 .Nm ssh-agent
 .Op Fl c | s
 .Fl k
 .Sh DESCRIPTION
 .Nm
 is a program to hold private keys used for public key authentication
 (RSA, DSA, ECDSA, Ed25519).
@@ -116,16 +117,28 @@ Valid options are:
 and
 .Dq sha256 .
 The default is
 .Dq sha256 .
 .It Fl k
 Kill the current agent (given by the
 .Ev SSH_AGENT_PID
 environment variable).
 +.It Fl P
 +Specify a pattern-list of acceptable paths for PKCS#11 shared libraries
 +that may be added using the
 +.Fl s
 +option to
 +.Xr ssh-add 1 .
 +The default is to allow loading PKCS#11 libraries from
 +.Dq /usr/lib/*,/usr/local/lib/* .
 +PKCS#11 libraries that do not match the whitelist will be refused.
 +See PATTERNS in
 +.Xr ssh_config 5
 +for a description of pattern-list syntax.
 .It Fl s
 Generate Bourne shell commands on
 .Dv stdout .
 This is the default if
 .Ev SHELL
 does not look like it's a csh style of shell.
 .It Fl t Ar life
 Set a default value for the maximum lifetime of identities added to the agent.
 diff --git a/openssh-7.2p2/ssh-agent.c b/openssh-7.2p2/ssh-agent.c
 --- a/openssh-7.2p2/ssh-agent.c
 +++ b/openssh-7.2p2/ssh-agent.c
@@ -78,25 +78,30 @@
 #include "sshbuf.h"
 #include "sshkey.h"
 #include "authfd.h"
 #include "compat.h"
 #include "log.h"
 #include "misc.h"
 #include "digest.h"
 #include "ssherr.h"
 +#include "match.h"
 #ifdef ENABLE_PKCS11
 #include "ssh-pkcs11.h"
 #endif
 #if defined(HAVE_SYS_PRCTL_H)
 #include <sys/prctl.h>	/* For prctl() and PR_SET_DUMPABLE */
 #endif
 +#ifndef DEFAULT_PKCS11_WHITELIST
 +# define DEFAULT_PKCS11_WHITELIST "/usr/lib/*,/usr/local/lib/*"
 +#endif
 +
 typedef enum {
 	AUTH_UNUSED,
 	AUTH_SOCKET,
 	AUTH_CONNECTION
 } sock_type;
 typedef struct {
 	int fd;
@@ -134,16 +139,19 @@ time_t parent_alive_interval = 0;
 /* pid of process for which cleanup_socket is applicable */
 pid_t cleanup_pid = 0;
 /* pathname and directory for AUTH_SOCKET */
 char socket_name[PATH_MAX];
 char socket_dir[PATH_MAX];
 +/* PKCS#11 path whitelist */
 +static char *pkcs11_whitelist;
 +
 /* locking */
 #define LOCK_SIZE	32
 #define LOCK_SALT_SIZE	16
 #define LOCK_ROUNDS	1
 int locked = 0;
 char lock_passwd[LOCK_SIZE];
 char lock_salt[LOCK_SALT_SIZE];
@@ -736,17 +744,17 @@ no_identities(SocketEntry *e, u_int type
 		fatal("%s: buffer error: %s", __func__, ssh_err(r));
 	sshbuf_free(msg);
 }
 #ifdef ENABLE_PKCS11
 static void
 process_add_smartcard_key(SocketEntry *e)
 {
 -	char *provider = NULL, *pin;
 +	char *provider = NULL, *pin, canonical_provider[PATH_MAX];
 	int r, i, version, count = 0, success = 0, confirm = 0;
 	u_int seconds;
 	time_t death = 0;
 	u_char type;
 	struct sshkey **keys = NULL, *k;
 	Identity *id;
 	Idtab *tab;
@@ -768,29 +776,40 @@ process_add_smartcard_key(SocketEntry *e
 			confirm = 1;
 			break;
 		default:
 			error("process_add_smartcard_key: "
 			    "Unknown constraint type %d", type);
 			goto send;
 		}
 	}
 +	if (realpath(provider, canonical_provider) == NULL) {
 +		verbose("failed PKCS#11 add of \"%.100s\": realpath: %s",
 +		    provider, strerror(errno));
 +		goto send;
 +	}
 +	if (match_pattern_list(canonical_provider, pkcs11_whitelist, 0) != 1) {
 +		verbose("refusing PKCS#11 add of \"%.100s\": "
 +		    "provider not whitelisted", canonical_provider);
 +		goto send;
 +	}
 +	debug("%s: add %.100s", __func__, canonical_provider);
 	if (lifetime && !death)
 		death = monotime() + lifetime;
 -	count = pkcs11_add_provider(provider, pin, &keys);
 +	count = pkcs11_add_provider(canonical_provider, pin, &keys);
 	for (i = 0; i < count; i++) {
 		k = keys[i];
 		version = k->type == KEY_RSA1 ? 1 : 2;
 		tab = idtab_lookup(version);
 		if (lookup_identity(k, version) == NULL) {
 			id = xcalloc(1, sizeof(Identity));
 			id->key = k;
 -			id->provider = xstrdup(provider);
 -			id->comment = xstrdup(provider); /* XXX */
 +			id->provider = xstrdup(canonical_provider);
 +			id->comment = xstrdup(canonical_provider); /* XXX */
 			id->death = death;
 			id->confirm = confirm;
 			TAILQ_INSERT_TAIL(&tab->idlist, id, next);
 			tab->nentries++;
 			success = 1;
 		} else {
 			sshkey_free(k);
 		}
@@ -1171,17 +1190,17 @@ check_parent_exists(void)
 	}
 }
 static void
 usage(void)
 {
 	fprintf(stderr,
 	    "usage: ssh-agent [-c | -s] [-Dd] [-a bind_address] [-E fingerprint_hash]\n"
 -	    "                 [-t life] [command [arg ...]]\n"
 +	    "                 [-P pkcs11_whitelist] [-t life] [command [arg ...]]\n"
 	    "       ssh-agent [-c | -s] -k\n");
 	exit(1);
 }
 int
 main(int ac, char **av)
 {
 	int c_flag = 0, d_flag = 0, D_flag = 0, k_flag = 0, s_flag = 0;
@@ -1215,31 +1234,36 @@ main(int ac, char **av)
 #ifdef WITH_OPENSSL
 	OpenSSL_add_all_algorithms();
 #endif
 	__progname = ssh_get_progname(av[0]);
 	seed_rng();
 -	while ((ch = getopt(ac, av, "cDdksE:a:t:")) != -1) {
 +	while ((ch = getopt(ac, av, "cDdksE:a:P:t:")) != -1) {
 		switch (ch) {
 		case 'E':
 			fingerprint_hash = ssh_digest_alg_by_name(optarg);
 			if (fingerprint_hash == -1)
 				fatal("Invalid hash algorithm \"%s\"", optarg);
 			break;
 		case 'c':
 			if (s_flag)
 				usage();
 			c_flag++;
 			break;
 		case 'k':
 			k_flag++;
 			break;
 +		case 'P':
 +			if (pkcs11_whitelist != NULL)
 +				fatal("-P option already specified");
 +			pkcs11_whitelist = xstrdup(optarg);
 +			break;
 		case 's':
 			if (c_flag)
 				usage();
 			s_flag++;
 			break;
 		case 'd':
 			if (d_flag || D_flag)
 				usage();
@@ -1264,16 +1288,19 @@ main(int ac, char **av)
 		}
 	}
 	ac -= optind;
 	av += optind;
 	if (ac > 0 && (c_flag || k_flag || s_flag || d_flag || D_flag))
 		usage();
 +	if (pkcs11_whitelist == NULL)
 +		pkcs11_whitelist = xstrdup(DEFAULT_PKCS11_WHITELIST);
 +
 	if (ac == 0 && !c_flag && !s_flag) {
 		shell = getenv("SHELL");
 		if (shell != NULL && (len = strlen(shell)) > 2 &&
 		    strncmp(shell + len - 3, "csh", 3) == 0)
 			c_flag = 1;
 	}
 	if (k_flag) {
 		const char *errstr = NULL;
@@ -1411,17 +1438,17 @@ skip:
 		parent_alive_interval = 10;
 	idtab_init();
 	signal(SIGPIPE, SIG_IGN);
 	signal(SIGINT, (d_flag | D_flag) ? cleanup_handler : SIG_IGN);
 	signal(SIGHUP, cleanup_handler);
 	signal(SIGTERM, cleanup_handler);
 	nalloc = 0;
 -	if (pledge("stdio cpath unix id proc exec", NULL) == -1)
 +	if (pledge("stdio rpath cpath unix id proc exec", NULL) == -1)
 		fatal("%s: pledge: %s", __progname, strerror(errno));
 	platform_pledge_agent();
 	while (1) {
 		prepare_select(&readsetp, &writesetp, &max_fd, &nalloc, &tvp);
 		result = select(max_fd + 1, readsetp, writesetp, NULL, tvp);
 		saved_errno = errno;
 		if (parent_alive_interval != 0)
--- a/openssh-7.2p2-s390_OpenSSL-ibmpkcs11_syscalls.patch
+++ b/openssh-7.2p2-s390_OpenSSL-ibmpkcs11_syscalls.patch
@ -0,0 +1,82 @@
 # HG changeset patch
 # Parent  bb92b9f037cc3686a669cd84caa44a2716f34058
 Date: Tue, 9 May 2017 14:27:34 -0300
 [PATCH 0/3] Allow syscalls for openssl engines
 From: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
 To: openssh-unix-dev@mindrot.org
 In order to use the OpenSSL-ibmpkcs11 engine it is needed to allow flock
 and ipc calls, because this engine calls OpenCryptoki (a PKCS#11
 implementation) which calls the libraries that will communicate with the
 crypto cards. OpenCryptoki makes use of flock and ipc and, as of now,
 this is only need on s390 architecture.
 The EP11 crypto card also needs to make an ioctl call, which receives an
 specific argument.
 Signed-off-by: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
 related to bsc#1016709
 diff --git a/openssh-7.2p2/sandbox-seccomp-filter.c b/openssh-7.2p2/sandbox-seccomp-filter.c
 --- a/openssh-7.2p2/sandbox-seccomp-filter.c
 +++ b/openssh-7.2p2/sandbox-seccomp-filter.c
@@ -150,16 +150,19 @@ static const struct sock_filter preauth_
 	SC_ALLOW(stat),
 #endif
 #ifdef __NR_exit
 	SC_ALLOW(exit),
 #endif
 #ifdef __NR_exit_group
 	SC_ALLOW(exit_group),
 #endif
 +#if defined(__NR_flock) && defined(__s390__)
 +	SC_ALLOW(flock),
 +#endif
 #ifdef __NR_getpgid
 	SC_ALLOW(getpgid),
 #endif
 #ifdef __NR_getpid
 	SC_ALLOW(getpid),
 #endif
 #ifdef __NR_getuid
 	SC_ALLOW(getuid),
@@ -180,16 +183,19 @@ static const struct sock_filter preauth_
 	SC_ALLOW(gettimeofday),
 #endif
 #ifdef SSH_AUDIT_EVENTS
 	SC_ALLOW(getuid),
 #ifdef __NR_getuid32 /* not defined on x86_64 */
 	SC_ALLOW(getuid32),
 #endif
 #endif
 +#if defined(__NR_ipc) && defined(__s390__)
 +	SC_ALLOW(ipc),
 +#endif
 #ifdef __NR_madvise
 	SC_ALLOW(madvise),
 #endif
 #ifdef __NR_mmap
 	SC_ALLOW(mmap),
 #endif
 #ifdef __NR_mmap2
 	SC_ALLOW(mmap2),
@@ -233,16 +239,18 @@ static const struct sock_filter preauth_
 #ifdef __NR_socketcall
 	SC_ALLOW_ARG(socketcall, 0, SYS_SHUTDOWN),
 #endif
 #ifdef __NR_ioctl
 #ifdef __s390__
 	SC_ALLOW_ARG(ioctl, 1, Z90STAT_STATUS_MASK),
 	SC_ALLOW_ARG(ioctl, 1, ICARSAMODEXPO),
 	SC_ALLOW_ARG(ioctl, 1, ICARSACRT),
 +	/* Allow ioctls for EP11 crypto card on s390 */
 +	SC_ALLOW_ARG(ioctl, 1, ZSENDEP11CPRB),
 #endif
 #endif
 	/* Default deny */
 	BPF_STMT(BPF_RET+BPF_K, SECCOMP_FILTER_FAIL),
 };
 static const struct sock_fprog preauth_program = {
--- a/openssh-7.2p2-s390_hw_crypto_syscalls.patch
+++ b/openssh-7.2p2-s390_hw_crypto_syscalls.patch
@ -0,0 +1,100 @@
 # HG changeset patch
 # Parent  6d8637bec747de081eccba9874f640dcbc4fbb68
 This patch enables specific ioctl calls for ICA crypto card on s390
 platform. Without this patch, users using the IBMCA engine are not able
 to perform ssh login as the filter blocks the communication with the
 crypto card.
 Signed-off-by: Harald Freudenberger <freude@linux.vnet.ibm.com>
 Signed-off-by: Eduardo Barretto <ebarretto@linux.vnet.ibm.com>
 bsc#1016709
 Upstreamed as:
 5f1596e11d55539678c41f68aed358628d33d86f
 58b8cfa2a062b72139d7229ae8de567f55776f24
 diff --git a/openssh-7.2p2/sandbox-seccomp-filter.c b/openssh-7.2p2/sandbox-seccomp-filter.c
 --- a/openssh-7.2p2/sandbox-seccomp-filter.c
 +++ b/openssh-7.2p2/sandbox-seccomp-filter.c
@@ -54,42 +54,53 @@
 #include <errno.h>
 #include <signal.h>
 #include <stdarg.h>
 #include <stddef.h>  /* for offsetof */
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
 +#include <endian.h>
 +
 +#ifdef __s390__
 +#include <asm/zcrypt.h>
 +#endif
 #include "log.h"
 #include "ssh-sandbox.h"
 #include "xmalloc.h"
 /* Linux seccomp_filter sandbox */
 #define SECCOMP_FILTER_FAIL SECCOMP_RET_KILL
 /* Use a signal handler to emit violations when debugging */
 #ifdef SANDBOX_SECCOMP_FILTER_DEBUG
 # undef SECCOMP_FILTER_FAIL
 # define SECCOMP_FILTER_FAIL SECCOMP_RET_TRAP
 #endif /* SANDBOX_SECCOMP_FILTER_DEBUG */
 /* Simple helpers to avoid manual errors (but larger BPF programs). */
 +#if __BYTE_ORDER == __LITTLE_ENDIAN
 +#define LO_ARG(idx) offsetof(struct seccomp_data, args[(idx)])
 +#elif __BYTE_ORDER == __BIG_ENDIAN
 +#define LO_ARG(idx) offsetof(struct seccomp_data, args[(idx)]) + sizeof(uint32_t)
 +#else
 +#error "Unknown endianness"
 +#endif
 #define SC_DENY(_nr, _errno) \
 	BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_ ## _nr, 0, 1), \
 	BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ERRNO|(_errno))
 #define SC_ALLOW(_nr) \
 	BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_ ## _nr, 0, 1), \
 	BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW)
 #define SC_ALLOW_ARG(_nr, _arg_nr, _arg_val) \
 	BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_ ## _nr, 0, 4), \
 -	/* load first syscall argument */ \
 -	BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \
 -	    offsetof(struct seccomp_data, args[(_arg_nr)])), \
 +	/* load the syscall argument to check into accumulator */ \
 +	BPF_STMT(BPF_LD+BPF_W+BPF_ABS, LO_ARG(_arg_nr)), \
 	BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (_arg_val), 0, 1), \
 	BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW), \
 	/* reload syscall number; all rules expect it in accumulator */ \
 	BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \
 		offsetof(struct seccomp_data, nr))
 /* Syscall filtering set for preauth. */
 static const struct sock_filter preauth_insns[] = {
@@ -217,16 +228,23 @@ static const struct sock_filter preauth_
 	SC_ALLOW(time),
 #endif
 #ifdef __NR_write
 	SC_ALLOW(write),
 #endif
 #ifdef __NR_socketcall
 	SC_ALLOW_ARG(socketcall, 0, SYS_SHUTDOWN),
 #endif
 +#ifdef __NR_ioctl
 +#ifdef __s390__
 +	SC_ALLOW_ARG(ioctl, 1, Z90STAT_STATUS_MASK),
 +	SC_ALLOW_ARG(ioctl, 1, ICARSAMODEXPO),
 +	SC_ALLOW_ARG(ioctl, 1, ICARSACRT),
 +#endif
 +#endif
 	/* Default deny */
 	BPF_STMT(BPF_RET+BPF_K, SECCOMP_FILTER_FAIL),
 };
 static const struct sock_fprog preauth_program = {
 	.len = (unsigned short)(sizeof(preauth_insns)/sizeof(preauth_insns[0])),
 	.filter = (struct sock_filter *)preauth_insns,
--- a/openssh-7.2p2-seccomp_geteuid.patch
+++ b/openssh-7.2p2-seccomp_geteuid.patch
@ -0,0 +1,34 @@
 # HG changeset patch
 # Parent  b07f00d5d805c043f5bdc7b8cf6701d924879fa6
 Add the 'geteuid' syscall to allowed list, since it may becalled on the
 mainframes when OpenSSL is using hardware crypto accelerator via libica
 (via ibmica)
 bsc#1004258
 diff --git a/openssh-7.2p2/sandbox-seccomp-filter.c b/openssh-7.2p2/sandbox-seccomp-filter.c
 --- a/openssh-7.2p2/sandbox-seccomp-filter.c
 +++ b/openssh-7.2p2/sandbox-seccomp-filter.c
@@ -148,16 +148,22 @@ static const struct sock_filter preauth_
 	SC_ALLOW(getpid),
 #endif
 #ifdef __NR_getuid
 	SC_ALLOW(getuid),
 #endif
 #ifdef __NR_getuid32
 	SC_ALLOW(getuid32),
 #endif
 +#ifdef __NR_geteuid
 +	SC_ALLOW(geteuid),
 +#endif
 +#ifdef __NR_geteuid32
 +	SC_ALLOW(geteuid32),
 +#endif
 #ifdef __NR_getrandom
 	SC_ALLOW(getrandom),
 #endif
 #ifdef __NR_gettimeofday
 	SC_ALLOW(gettimeofday),
 #endif
 #ifdef __NR_madvise
 	SC_ALLOW(madvise),
--- a/openssh-7.2p2-seccomp_getuid.patch
+++ b/openssh-7.2p2-seccomp_getuid.patch
@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  c66097e5e31cd607bf2206b2da95730cce518b7a
+# Parent  d75417bf0f4d50cabd84299773bab4ac68f68caa
 add 'getuid' syscall to list of allowed ones to prevent the sanboxed thread
 from being killed by the seccomp filter
--- a/openssh-7.2p2-seccomp_stat.patch
+++ b/openssh-7.2p2-seccomp_stat.patch
@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  def949a57b8101691c79ecce6366cc7ae1685b07
+# Parent  2153c4af090728c778931d2fad72d4b260294122
 Allow the stat() syscall for OpenSSL re-seed patch
 (which causes OpenSSL use stat() on some file)
--- a/openssh-7.2p2-secure_unix_sockets_forwarding.patch
+++ b/openssh-7.2p2-secure_unix_sockets_forwarding.patch
@ -0,0 +1,51 @@
 # HG changeset patch
 # Parent  4e1fd41aaa9cafe8f7b07868ac38ed4dbdf594aa
 Do not allow unix socket when running without privilege separation to prevent
 privilege escalation through a socket created with root: ownership.
 CVE-2016-10010
 bsc#1016368
 backported upstream commit b737e4d7433577403a31cff6614f6a1b0b5e22f4
 diff --git a/openssh-7.2p2/serverloop.c b/openssh-7.2p2/serverloop.c
 --- a/openssh-7.2p2/serverloop.c
 +++ b/openssh-7.2p2/serverloop.c
@@ -990,17 +990,17 @@ server_request_direct_streamlocal(void)
 	originator_port = packet_get_int();
 	packet_check_eom();
 	debug("server_request_direct_streamlocal: originator %s port %d, target %s",
 	    originator, originator_port, target);
 	/* XXX fine grained permissions */
 	if ((options.allow_streamlocal_forwarding & FORWARD_LOCAL) != 0 &&
 -	    !no_port_forwarding_flag) {
 +	    !no_port_forwarding_flag && use_privsep) {
 		c = channel_connect_to_path(target,
 		    "direct-streamlocal@openssh.com", "direct-streamlocal");
 	} else {
 		logit("refused streamlocal port forward: "
 		    "originator %s port %d, target %s",
 		    originator, originator_port, target);
 	}
@@ -1274,17 +1274,17 @@ server_input_global_request(int type, u_
 		memset(&fwd, 0, sizeof(fwd));
 		fwd.listen_path = packet_get_string(NULL);
 		debug("server_input_global_request: streamlocal-forward listen path %s",
 		    fwd.listen_path);
 		/* check permissions */
 		if ((options.allow_streamlocal_forwarding & FORWARD_REMOTE) == 0
 -		    || no_port_forwarding_flag) {
 +		    || no_port_forwarding_flag || !use_privsep) {
 			success = 0;
 			packet_send_debug("Server has disabled port forwarding.");
 		} else {
 			/* Start listening on the socket */
 			success = channel_setup_remote_fwd_listener(
 			    &fwd, NULL, &options.fwd_opts);
 		}
 		free(fwd.listen_path);
--- a/openssh-7.2p2-sftp_force_permissions.patch
+++ b/openssh-7.2p2-sftp_force_permissions.patch
@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  efa850d8312ceef224dbec0f2ae1002201afabd9
+# Parent  7b45c4f3fef6836db00c5b198736cce17290c5cd
 additional option for sftp-server to force file mode for new files
 FATE#312774
 http://lists.mindrot.org/pipermail/openssh-unix-dev/2010-November/029044.html
--- a/openssh-7.2p2-sftp_homechroot.patch
+++ b/openssh-7.2p2-sftp_homechroot.patch
@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  9b1033f35a6cb173fbc13416065ed40c4b14e656
+# Parent  fc81df6f2bf393e45e703c89976c3a0fe6e0a273
 run sftp sessions inside a chroot
 diff --git a/openssh-7.2p2/session.c b/openssh-7.2p2/session.c
--- a/openssh-7.2p2-ssh_case_insensitive_host_matching.patch
+++ b/openssh-7.2p2-ssh_case_insensitive_host_matching.patch
@ -0,0 +1,87 @@
 # HG changeset patch
 # Parent  1b99f71db584917a37c5e9140bf63dcb860e8b59
 Match hostnames in a case-insensitive manner.
 bsc#1017099
 diff --git a/openssh-7.2p2/readconf.c b/openssh-7.2p2/readconf.c
 --- a/openssh-7.2p2/readconf.c
 +++ b/openssh-7.2p2/readconf.c
@@ -526,16 +526,17 @@ execute_in_shell(const char *cmd)
  * Parse and execute a Match directive.
  */
 static int
 match_cfg_line(Options *options, char **condition, struct passwd *pw,
     const char *host_arg, const char *original_host, int post_canon,
     const char *filename, int linenum)
 {
 	char *arg, *oattrib, *attrib, *cmd, *cp = *condition, *host, *criteria;
 +	char *hostlc;
 	const char *ruser;
 	int r, port, this_result, result = 1, attributes = 0, negate;
 	char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV];
 	/*
 	 * Configuration is likely to be incomplete at this point so we
 	 * must be prepared to use default values.
 	 */
@@ -546,16 +547,20 @@ match_cfg_line(Options *options, char **
 	} else if (options->hostname != NULL) {
 		/* NB. Please keep in sync with ssh.c:main() */
 		host = percent_expand(options->hostname,
 		    "h", host_arg, (char *)NULL);
 	} else {
 		host = xstrdup(host_arg);
 	}
 +	/* match_hostname() requires the hostname to be lowercase */
 +	hostlc = xstrdup(host);
 +	lowercase(hostlc);
 +
 	debug2("checking match for '%s' host %s originally %s",
 	    cp, host, original_host);
 	while ((oattrib = attrib = strdelim(&cp)) && *attrib != '\0') {
 		criteria = NULL;
 		this_result = 1;
 		if ((negate = attrib[0] == '!'))
 			attrib++;
 		/* criteria "all" and "canonical" have no argument */
@@ -584,18 +589,18 @@ match_cfg_line(Options *options, char **
 		}
 		/* All other criteria require an argument */
 		if ((arg = strdelim(&cp)) == NULL || *arg == '\0') {
 			error("Missing Match criteria for %s", attrib);
 			result = -1;
 			goto out;
 		}
 		if (strcasecmp(attrib, "host") == 0) {
 -			criteria = xstrdup(host);
 -			r = match_hostname(host, arg) == 1;
 +			criteria = xstrdup(hostlc);
 +			r = match_hostname(hostlc, arg) == 1;
 			if (r == (negate ? 1 : 0))
 				this_result = result = 0;
 		} else if (strcasecmp(attrib, "originalhost") == 0) {
 			criteria = xstrdup(original_host);
 			r = match_hostname(original_host, arg) == 1;
 			if (r == (negate ? 1 : 0))
 				this_result = result = 0;
 		} else if (strcasecmp(attrib, "user") == 0) {
@@ -658,16 +663,17 @@ match_cfg_line(Options *options, char **
 		error("One or more attributes required for Match");
 		result = -1;
 		goto out;
 	}
  out:
 	if (result != -1)
 		debug2("match %sfound", result ? "" : "not ");
 	*condition = cp;
 +	free(hostlc);
 	free(host);
 	return result;
 }
 /* Check and prepare a domain name: removes trailing '.' and lowercases */
 static void
 valid_domain(char *name, const char *filename, int linenum)
 {
--- a/openssh-7.2p2-verify_CIDR_address_ranges.patch
+++ b/openssh-7.2p2-verify_CIDR_address_ranges.patch
@ -0,0 +1,175 @@
 # HG changeset patch
 # Parent  1b2dad1b57b086d094fe09327fcf1c490475a7cd
 Check for invalid CIDR adress masks.
 bsc#1005893
 backported upstream commit: 010359b32659f455fddd2bd85fd7cc4d7a3b994a (7.4)
 backported upstream commit: 1a6f9d2e2493d445cd9ee496e6e3c2a2f283f66a
 backported upstream commit: fe06b68f824f8f55670442fb31f2c03526dd326c
 diff --git a/openssh-7.2p2/auth.c b/openssh-7.2p2/auth.c
 --- a/openssh-7.2p2/auth.c
 +++ b/openssh-7.2p2/auth.c
@@ -95,16 +95,17 @@ int auth_debug_init;
  * Otherwise true is returned.
  */
 int
 allowed_user(struct passwd * pw)
 {
 	struct stat st;
 	const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL;
 	u_int i;
 +	int r;
 #ifdef USE_SHADOW
 	struct spwd *spw = NULL;
 #endif
 	/* Shouldn't be called if pw is NULL, but better safe than sorry... */
 	if (!pw || !pw->pw_name)
 		return 0;
@@ -183,31 +184,41 @@ allowed_user(struct passwd * pw)
 	if (options.num_deny_users > 0 || options.num_allow_users > 0 ||
 	    options.num_deny_groups > 0 || options.num_allow_groups > 0) {
 		hostname = get_canonical_hostname(options.use_dns);
 		ipaddr = get_remote_ipaddr();
 	}
 	/* Return false if user is listed in DenyUsers */
 	if (options.num_deny_users > 0) {
 -		for (i = 0; i < options.num_deny_users; i++)
 -			if (match_user(pw->pw_name, hostname, ipaddr,
 -			    options.deny_users[i])) {
 +		for (i = 0; i < options.num_deny_users; i++) {
 +			r = match_user(pw->pw_name, hostname, ipaddr,
 +			    options.deny_users[i]);
 +			if (r < 0) {
 +				fatal("Invalid DenyUsers pattern \"%.100s\"",
 +				    options.deny_users[i]);
 +			} else if (r != 0) {
 				logit("User %.100s from %.100s not allowed "
 				    "because listed in DenyUsers",
 				    pw->pw_name, hostname);
 				return 0;
 			}
 +		}
 	}
 	/* Return false if AllowUsers isn't empty and user isn't listed there */
 	if (options.num_allow_users > 0) {
 -		for (i = 0; i < options.num_allow_users; i++)
 -			if (match_user(pw->pw_name, hostname, ipaddr,
 -			    options.allow_users[i]))
 +		for (i = 0; i < options.num_allow_users; i++) {
 +			r = match_user(pw->pw_name, hostname, ipaddr,
 +			    options.allow_users[i]);
 +			if (r < 0) {
 +				fatal("Invalid AllowUsers pattern \"%.100s\"",
 +				    options.allow_users[i]);
 +			} else if (r == 1)
 				break;
 +		}
 		/* i < options.num_allow_users iff we break for loop */
 		if (i >= options.num_allow_users) {
 			logit("User %.100s from %.100s not allowed because "
 			    "not listed in AllowUsers", pw->pw_name, hostname);
 			return 0;
 		}
 	}
 	if (options.num_deny_groups > 0 || options.num_allow_groups > 0) {
 diff --git a/openssh-7.2p2/match.c b/openssh-7.2p2/match.c
 --- a/openssh-7.2p2/match.c
 +++ b/openssh-7.2p2/match.c
@@ -186,41 +186,50 @@ match_hostname(const char *host, const c
  * successful match.
  */
 int
 match_host_and_ip(const char *host, const char *ipaddr,
     const char *patterns)
 {
 	int mhost, mip;
 -	/* error in ipaddr match */
 	if ((mip = addr_match_list(ipaddr, patterns)) == -2)
 -		return -1;
 -	else if (mip == -1) /* negative ip address match */
 -		return 0;
 +		return -1; /* error in ipaddr match */
 +	else if (host == NULL || ipaddr == NULL || mip == -1)
 +		return 0; /* negative ip address match, or testing pattern */
 	/* negative hostname match */
 	if ((mhost = match_hostname(host, patterns)) == -1)
 		return 0;
 	/* no match at all */
 	if (mhost == 0 && mip == 0)
 		return 0;
 	return 1;
 }
 /*
 - * match user, user@host_or_ip, user@host_or_ip_list against pattern
 + * Match user, user@host_or_ip, user@host_or_ip_list against pattern.
 + * If user, host and ipaddr are all NULL then validate pattern/
 + * Returns -1 on invalid pattern, 0 on no match, 1 on match.
  */
 int
 match_user(const char *user, const char *host, const char *ipaddr,
     const char *pattern)
 {
 	char *p, *pat;
 	int ret;
 +	/* test mode */
 +	if (user == NULL && host == NULL && ipaddr == NULL) {
 +		if ((p = strchr(pattern, '@')) != NULL &&
 +		    match_host_and_ip(NULL, NULL, p + 1) < 0)
 +			return -1;
 +		return 0;
 +	}
 +
 	if ((p = strchr(pattern,'@')) == NULL)
 		return match_pattern(user, pattern);
 	pat = xstrdup(pattern);
 	p = strchr(pat, '@');
 	*p++ = '\0';
 	if ((ret = match_pattern(user, pat)) == 1)
 diff --git a/openssh-7.2p2/servconf.c b/openssh-7.2p2/servconf.c
 --- a/openssh-7.2p2/servconf.c
 +++ b/openssh-7.2p2/servconf.c
@@ -1462,28 +1462,34 @@ process_server_config_line(ServerOptions
 		multistate_ptr = multistate_privsep;
 		goto parse_multistate;
 	case sAllowUsers:
 		while ((arg = strdelim(&cp)) && *arg != '\0') {
 			if (options->num_allow_users >= MAX_ALLOW_USERS)
 				fatal("%s line %d: too many allow users.",
 				    filename, linenum);
 +			if (match_user(NULL, NULL, NULL, arg) == -1)
 +				fatal("%s line %d: invalid AllowUsers pattern: "
 +				    "\"%.100s\"", filename, linenum, arg);
 			if (!*activep)
 				continue;
 			options->allow_users[options->num_allow_users++] =
 			    xstrdup(arg);
 		}
 		break;
 	case sDenyUsers:
 		while ((arg = strdelim(&cp)) && *arg != '\0') {
 			if (options->num_deny_users >= MAX_DENY_USERS)
 				fatal("%s line %d: too many deny users.",
 				    filename, linenum);
 +			if (match_user(NULL, NULL, NULL, arg) == -1)
 +				fatal("%s line %d: invalid DenyUsers pattern: "
 +				    "\"%.100s\"", filename, linenum, arg);
 			if (!*activep)
 				continue;
 			options->deny_users[options->num_deny_users++] =
 			    xstrdup(arg);
 		}
 		break;
 	case sAllowGroups:
--- a/openssh-askpass-gnome.spec
+++ b/openssh-askpass-gnome.spec
@ -1,7 +1,7 @@
 #
 # spec file for package openssh-askpass-gnome
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
--- a/openssh.changes
+++ b/openssh.changes
@ -1,3 +1,48 @@
 -------------------------------------------------------------------
 Mon May 15 20:47:29 UTC 2017 - pcerny@suse.com
 - Fix preauth seccomp separation on mainframes (bsc#1016709)
  [openssh-7.2p2-s390_hw_crypto_syscalls.patch]
  [openssh-7.2p2-s390_OpenSSL-ibmpkcs11_syscalls.patch]
 - enable case-insensitive hostname matching (bsc#1017099)
  [openssh-7.2p2-ssh_case_insensitive_host_matching.patch]
 - add CAVS tests 
  [openssh-7.2p2-cavstest-ctr.patch]
  [openssh-7.2p2-cavstest-kdf.patch]
 - Adding missing pieces for user matching (bsc#1021626)
 - Properly verify CIDR masks in configuration
  (bsc#1005893)
  [openssh-7.2p2-verify_CIDR_address_ranges.patch]
 - Remove pre-auth compression support from the server to prevent
  possible cryptographic attacks.
  (CVE-2016-10012, bsc#1016370)
  [openssh-7.2p2-disable_preauth_compression.patch]
 - limit directories for loading PKCS11 modules
  (CVE-2016-10009, bsc#1016366)
  [openssh-7.2p2-restrict_pkcs11-modules.patch]
 - Prevent possible leaks of host private keys to low-privilege
  process handling authentication
  (CVE-2016-10011, bsc#1016369)
  [openssh-7.2p2-prevent_private_key_leakage.patch]
 - Do not allow unix socket forwarding when running without
  privilege separation
  (CVE-2016-10010, bsc#1016368)
  [openssh-7.2p2-secure_unix_sockets_forwarding.patch]
 - prevent resource depletion during key exchange
  (bsc#1005480, CVE-2016-8858)
  [openssh-7.2p2-kex_resource_depletion.patch]
 - fix suggested command for removing conflicting server keys from
  the known_hosts file (bsc#1006221)
 - enable geteuid{,32} syscalls on mainframes, since it may be
  called from libica/ibmica on machines with hardware crypto
  accelerator (bsc#1004258)
  [openssh-7.2p2-seccomp_geteuid.patch]
 - fix regression of (bsc#823710)
  [openssh-7.2p2-audit_fixes.patch]
 - add slogin (removed upstreams)
  [openssh-7.2p2-keep_slogin.patch]
 - require OpenSSL < 1.1 where that one is a default
 -------------------------------------------------------------------
 Wed Feb 22 19:31:08 UTC 2017 - crrodriguez@opensuse.org
--- a/openssh.spec
+++ b/openssh.spec
@ -1,7 +1,7 @@
 #
 # spec file for package openssh
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -77,9 +77,12 @@ BuildRequires:  libedit-devel
 %if %{has_libselinux}
 BuildRequires:  libselinux-devel
 %endif
-BuildRequires:  openldap2-devel
+%if %{suse_version} < 1330
 BuildRequires:  openssl
 BuildRequires:  openssl-devel
 %else
 BuildRequires:  libopenssl-1_0_0-devel
 %endif
 BuildRequires:  openldap2-devel
 BuildRequires:  pam-devel
 %if %{uses_systemd}
 BuildRequires:  pkgconfig(systemd)
@ -125,25 +128,39 @@ Patch11:        openssh-7.2p2-pts_names_formatting.patch
 Patch12:        openssh-7.2p2-pam_check_locks.patch
 Patch13:        openssh-7.2p2-disable_short_DH_parameters.patch
 Patch14:        openssh-7.2p2-seccomp_getuid.patch
-Patch15:        openssh-7.2p2-seccomp_stat.patch
+Patch15:        openssh-7.2p2-seccomp_geteuid.patch
-Patch16:        openssh-7.2p2-fips.patch
+Patch16:        openssh-7.2p2-seccomp_stat.patch
-Patch17:        openssh-7.2p2-seed-prng.patch
+Patch17:        openssh-7.2p2-additional_seccomp_archs.patch
-Patch18:        openssh-7.2p2-gssapi_key_exchange.patch
+Patch18:        openssh-7.2p2-fips.patch
-Patch19:        openssh-7.2p2-audit.patch
+Patch19:        openssh-7.2p2-cavstest-ctr.patch
-Patch20:        openssh-7.2p2-audit_seed_prng.patch
+Patch20:        openssh-7.2p2-cavstest-kdf.patch
-Patch21:        openssh-7.2p2-login_options.patch
+Patch21:        openssh-7.2p2-seed-prng.patch
-Patch22:        openssh-7.2p2-disable_openssl_abi_check.patch
+Patch22:        openssh-7.2p2-gssapi_key_exchange.patch
-Patch23:        openssh-7.2p2-no_fork-no_pid_file.patch
+Patch23:        openssh-7.2p2-audit.patch
-Patch24:        openssh-7.2p2-host_ident.patch
+Patch24:        openssh-7.2p2-audit_fixes.patch
-Patch25:        openssh-7.2p2-sftp_homechroot.patch
+Patch25:        openssh-7.2p2-audit_seed_prng.patch
-Patch26:        openssh-7.2p2-sftp_force_permissions.patch
+Patch26:        openssh-7.2p2-login_options.patch
-Patch27:        openssh-7.2p2-X_forward_with_disabled_ipv6.patch
+Patch27:        openssh-7.2p2-disable_openssl_abi_check.patch
-Patch28:        openssh-7.2p2-ldap.patch
+Patch28:        openssh-7.2p2-no_fork-no_pid_file.patch
-Patch29:        openssh-7.2p2-additional_seccomp_archs.patch
+Patch29:        openssh-7.2p2-host_ident.patch
-Patch30:        openssh-7.2p2-IPv6_X_forwarding.patch
+Patch30:        openssh-7.2p2-sftp_homechroot.patch
-Patch31:        openssh-7.2p2-ignore_PAM_with_UseLogin.patch
+Patch31:        openssh-7.2p2-sftp_force_permissions.patch
-Patch32:        openssh-7.2p2-prevent_timing_user_enumeration.patch
+Patch32:        openssh-7.2p2-X_forward_with_disabled_ipv6.patch
-Patch33:        openssh-7.2p2-limit_password_length.patch
+Patch33:        openssh-7.2p2-ldap.patch
 Patch34:        openssh-7.2p2-IPv6_X_forwarding.patch
 Patch35:        openssh-7.2p2-ignore_PAM_with_UseLogin.patch
 Patch36:        openssh-7.2p2-prevent_timing_user_enumeration.patch
 Patch37:        openssh-7.2p2-limit_password_length.patch
 Patch38:        openssh-7.2p2-keep_slogin.patch
 Patch39:        openssh-7.2p2-kex_resource_depletion.patch
 Patch40:        openssh-7.2p2-verify_CIDR_address_ranges.patch
 Patch41:        openssh-7.2p2-restrict_pkcs11-modules.patch
 Patch42:        openssh-7.2p2-prevent_private_key_leakage.patch
 Patch43:        openssh-7.2p2-secure_unix_sockets_forwarding.patch
 Patch44:        openssh-7.2p2-ssh_case_insensitive_host_matching.patch
 Patch45:        openssh-7.2p2-disable_preauth_compression.patch
 Patch46:        openssh-7.2p2-s390_hw_crypto_syscalls.patch
 Patch47:        openssh-7.2p2-s390_OpenSSL-ibmpkcs11_syscalls.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 Conflicts:      nonfreessh
 Recommends:     audit
@ -229,13 +246,27 @@ FIPS140 CAVS tests related parts of the OpenSSH package
 %patch31 -p2
 %patch32 -p2
 %patch33 -p2
 %patch34 -p2
 %patch35 -p2
 %patch36 -p2
 %patch37 -p2
 %patch38 -p2
 %patch39 -p2
 %patch40 -p2
 %patch41 -p2
 %patch42 -p2
 %patch43 -p2
 %patch44 -p2
 %patch45 -p2
 %patch46 -p2
 %patch47 -p2
 cp %{SOURCE3} %{SOURCE4} %{SOURCE11} .
 %build
 # set libexec dir in the LDAP patch
 sed -i.libexec 's,@LIBEXECDIR@,%{_libexecdir}/ssh,' \
    $( grep -Rl @LIBEXECDIR@ \
-        $( grep "^+++" %{PATCH28} | sed -r 's@^.+/([^/\t ]+).*$@\1@' )
+        $( grep "^+++" %{PATCH33} | sed -r 's@^.+/([^/\t ]+).*$@\1@' )
    )
 autoreconf -fiv