Rebase to latest OpenSSH 7.7p1 (#1563223)

.gitignore

@@ -27,3 +27,6 @@ pam_ssh_agent_auth-0.9.2.tar.bz2
 /pam_ssh_agent_auth-0.10.3.tar.bz2
 /openssh-7.5p1.tar.gz
 /openssh-7.6p1.tar.gz
+/openssh-7.7p1.tar.gz
+/openssh-7.7p1.tar.gz.asc
+/DJM-GPG-KEY.gpg

openssh-6.2p1-vendor.patch

@@ -69,7 +69,7 @@ diff -up openssh-7.4p1/servconf.c.vendor openssh-7.4p1/servconf.c
 +
  	case sAllowUsers:
  		while ((arg = strdelim(&cp)) && *arg != '\0') {
- 			if (options->num_allow_users >= MAX_ALLOW_USERS)
+ 			if (match_user(NULL, NULL, NULL, arg) == -1)
 @@ -2269,6 +2277,7 @@ dump_config(ServerOptions *o)
  	dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env);
  	dump_cfg_fmtint(sCompression, o->compression);
@@ -93,8 +93,8 @@ diff -up openssh-7.4p1/sshd_config.0.vendor openssh-7.4p1/sshd_config.0
 --- openssh-7.4p1/sshd_config.0.vendor	2016-12-23 13:34:51.695253847 +0100
 +++ openssh-7.4p1/sshd_config.0	2016-12-23 13:36:53.146277511 +0100
 @@ -792,6 +792,11 @@ DESCRIPTION
-              ssh-keygen(1).  For more information on KRLs, see the KEY
-              REVOCATION LISTS section in ssh-keygen(1).
+              rdomain(4).  If the routing domain is set to %D, then the domain
+              in which the incoming connection was received will be applied.
  
 +     ShowPatchLevel
 +	     Specifies whether sshd will display the specific patch level of
@@ -108,9 +108,9 @@ diff -up openssh-7.4p1/sshd_config.5.vendor openssh-7.4p1/sshd_config.5
 --- openssh-7.4p1/sshd_config.5.vendor	2016-12-23 13:34:51.695253847 +0100
 +++ openssh-7.4p1/sshd_config.5	2016-12-23 13:37:17.482282253 +0100
 @@ -1334,6 +1334,13 @@ an OpenSSH Key Revocation List (KRL) as
- .Xr ssh-keygen 1 .
- For more information on KRLs, see the KEY REVOCATION LISTS section in
- .Xr ssh-keygen 1 .
+ If the routing domain is set to
+ .Cm \&%D ,
+ then the domain in which the incoming connection was received will be applied.
 +.It Cm ShowPatchLevel 
 +Specifies whether 
 +.Nm sshd 

openssh-6.6.1p1-ip-port-config-parser.patch

@@ -1,24 +1,75 @@
 diff --git a/misc.c b/misc.c
-index 2f11de4..36402d1 100644
+index 874dcc8a..7b7f7a58 100644
 --- a/misc.c
 +++ b/misc.c
-@@ -396,7 +396,7 @@ hpdelim(char **cp)
- 			return NULL;
- 		else
- 			s++;
--	} else if ((s = strpbrk(s, ":/")) == NULL)
-+	} else if ((s = strpbrk(s, ":")) == NULL)
- 		s = *cp + strlen(*cp); /* skip to end (see first case below) */
+@@ -466,7 +466,7 @@ put_host_port(const char *host, u_short port)
+  * The delimiter char, if present, is stored in delim.
+  * If this is the last field, *cp is set to NULL.
+  */
+-static char *
++char *
+ hpdelim2(char **cp, char *delim)
+ {
+ 	char *s, *old;
+diff --git a/misc.h b/misc.h
+index cdafea73..cf9c8f28 100644
+--- a/misc.h
++++ b/misc.h
+@@ -54,6 +54,7 @@ int	 set_rdomain(int, const char *);
+ int	 a2port(const char *);
+ int	 a2tun(const char *, int *);
+ char	*put_host_port(const char *, u_short);
++char	*hpdelim2(char **, char *);
+ char	*hpdelim(char **);
+ char	*cleanhostname(char *);
+ char	*colon(char *);
+diff --git a/servconf.c b/servconf.c
+index 0f0d0906..1679181e 100644
+--- a/servconf.c
++++ b/servconf.c
+@@ -821,7 +821,7 @@ process_permitopen(struct ssh *ssh, ServerOptions *options)
+ {
+ 	u_int i;
+ 	int port;
+-	char *host, *arg, *oarg;
++	char *host, *arg, *oarg, ch;
  
- 	switch (*s) {
-@@ -405,7 +405,6 @@ hpdelim(char **cp)
- 		break;
- 
- 	case ':':
--	case '/':
- 		*s = '\0';	/* terminate */
- 		*cp = s + 1;
- 		break;
--- 
-2.1.0
-
+ 	channel_clear_adm_permitted_opens(ssh);
+ 	if (options->num_permitted_opens == 0)
+@@ -839,8 +839,8 @@ process_permitopen(struct ssh *ssh, ServerOptions *options)
+ 	/* Otherwise treat it as a list of permitted host:port */
+ 	for (i = 0; i < options->num_permitted_opens; i++) {
+ 		oarg = arg = xstrdup(options->permitted_opens[i]);
+-		host = hpdelim(&arg);
+-		if (host == NULL)
++		host = hpdelim2(&arg, &ch);
++		if (host == NULL || ch == '/')
+ 			fatal("%s: missing host in PermitOpen", __func__);
+ 		host = cleanhostname(host);
+ 		if (arg == NULL || ((port = permitopen_port(arg)) < 0))
+@@ -1244,8 +1244,10 @@ process_server_config_line(ServerOptions *options, char *line,
+ 			port = 0;
+ 			p = arg;
+ 		} else {
+-			p = hpdelim(&arg);
+-			if (p == NULL)
++			char ch;
++			arg2 = NULL;
++			p = hpdelim2(&arg, &ch);
++			if (p == NULL || ch == '/')
+ 				fatal("%s line %d: bad address:port usage",
+ 				    filename, linenum);
+ 			p = cleanhostname(p);
+@@ -1815,9 +1817,10 @@ process_server_config_line(ServerOptions *options, char *line,
+ 			break;
+ 		}
+ 		for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) {
++			char ch;
+ 			arg2 = xstrdup(arg);
+-			p = hpdelim(&arg);
+-			if (p == NULL)
++			p = hpdelim2(&arg, &ch);
++			if (p == NULL || ch == '/')
+ 				fatal("%s line %d: missing host in PermitOpen",
+ 				    filename, linenum);
+ 			p = cleanhostname(p);

openssh-6.6.1p1-log-in-chroot.patch

@@ -41,14 +41,14 @@ diff -up openssh-7.4p1/monitor.c.log-in-chroot openssh-7.4p1/monitor.c
 --- openssh-7.4p1/monitor.c.log-in-chroot	2016-12-23 15:14:33.311168085 +0100
 +++ openssh-7.4p1/monitor.c	2016-12-23 15:16:42.154193100 +0100
 @@ -307,6 +307,8 @@ monitor_child_preauth(Authctxt *_authctx
- 	close(pmonitor->m_log_sendfd);
+ 		close(pmonitor->m_log_sendfd);
  	pmonitor->m_log_sendfd = pmonitor->m_recvfd = -1;
  
 +	pmonitor->m_state = "preauth";
 +
  	authctxt = _authctxt;
  	memset(authctxt, 0, sizeof(*authctxt));
- 
+ 	ssh->authctxt = authctxt;
 @@ -405,6 +407,8 @@ monitor_child_postauth(struct monitor *p
  	close(pmonitor->m_recvfd);
  	pmonitor->m_recvfd = -1;
@@ -165,7 +165,7 @@ diff -up openssh-7.4p1/session.c.log-in-chroot openssh-7.4p1/session.c
  
 -	closefrom(STDERR_FILENO + 1);
 -
- 	do_rc_files(s, shell);
+ 	do_rc_files(ssh, s, shell);
  
  	/* restore SIGPIPE for child */
 @@ -1653,9 +1649,17 @@ do_child(Session *s, const char *command

openssh-6.6.1p1-selinux-contexts.patch

@@ -116,38 +116,3 @@ index 2871fe9..39b9c08 100644
  #endif
  
  	/* Demote the child */
-diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c
-index 12c014e..c5ef2ff 100644
---- a/openbsd-compat/port-linux.c
-+++ b/openbsd-compat/port-linux.c
-@@ -35,7 +35,6 @@
- 
- #ifdef WITH_SELINUX
- #include <selinux/selinux.h>
--#include <selinux/flask.h>
- #include <selinux/get_context_list.h>
- 
- #ifndef SSH_SELINUX_UNCONFINED_TYPE
-@@ -110,6 +109,7 @@ ssh_selinux_setup_pty(char *pwname, const char *tty)
- 	security_context_t new_tty_ctx = NULL;
- 	security_context_t user_ctx = NULL;
- 	security_context_t old_tty_ctx = NULL;
-+	security_class_t class;
- 
- 	if (!ssh_selinux_enabled())
- 		return;
-@@ -129,8 +129,13 @@ ssh_selinux_setup_pty(char *pwname, const char *tty)
- 		goto out;
- 	}
- 
-+	class = string_to_security_class("chr_file");
-+	if (!class) {
-+		error("string_to_security_class failed to translate security class context");
-+		goto out;
-+	}
- 	if (security_compute_relabel(user_ctx, old_tty_ctx,
--	    SECCLASS_CHR_FILE, &new_tty_ctx) != 0) {
-+	    class, &new_tty_ctx) != 0) {
- 		error("%s: security_compute_relabel: %s",
- 		    __func__, strerror(errno));
- 		goto out;

openssh-6.6p1-ctr-cavstest.patch

@@ -10,14 +10,14 @@ diff -up openssh-6.8p1/Makefile.in.ctr-cavs openssh-6.8p1/Makefile.in
  PRIVSEP_PATH=@PRIVSEP_PATH@
  SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
 @@ -66,7 +67,7 @@ EXEEXT=@EXEEXT@
- MANFMT=@MANFMT@
+ MKDIR_P=@MKDIR_P@
  INSTALL_SSH_LDAP_HELPER=@INSTALL_SSH_LDAP_HELPER@
  
 -TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-ldap-helper$(EXEEXT) ssh-keycat$(EXEEXT)
 +TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-ldap-helper$(EXEEXT) ssh-keycat$(EXEEXT) ctr-cavstest$(EXEEXT)
  
- LIBOPENSSH_OBJS=\
- 	ssh_api.o \
+ XMSS_OBJS=\
+ 	ssh-xmss.o \
 @@ -194,6 +195,9 @@ ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) l
  ssh-keycat$(EXEEXT): $(LIBCOMPAT) $(SSHDOBJS) libssh.a ssh-keycat.o
  	$(LD) -o $@ ssh-keycat.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(KEYCATLIBS) $(LIBS)

openssh-6.6p1-entropy.patch

@@ -14,12 +14,13 @@ diff -up openssh-7.4p1/entropy.c.entropy openssh-7.4p1/entropy.c
 diff -up openssh-7.4p1/openbsd-compat/Makefile.in.entropy openssh-7.4p1/openbsd-compat/Makefile.in
 --- openssh-7.4p1/openbsd-compat/Makefile.in.entropy	2016-12-23 18:34:53.715762155 +0100
 +++ openssh-7.4p1/openbsd-compat/Makefile.in	2016-12-23 18:35:15.890769493 +0100
-@@ -20,7 +20,7 @@ OPENBSD=base64.o basename.o bcrypt_pbkdf
- 
- COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-err.o bsd-getpagesize.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-malloc.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xcrypt.o kludge-fd_set.o
- 
--PORTS=port-aix.o port-irix.o port-linux.o port-linux-sshd.o port-solaris.o port-tun.o port-uw.o
-+PORTS=port-aix.o port-irix.o port-linux.o port-linux-sshd.o port-linux-prng.o port-solaris.o port-tun.o port-uw.o
+@@ -20,7 +20,8 @@ OPENBSD=base64.o basename.o bcrypt_pbkdf
+ 	port-solaris.o \
+ 	port-net.o \
+ 	port-uw.o \
+-	port-linux-sshd.o
++	port-linux-sshd.o \
++	port-linux-prng.o
  
  .c.o:
  	$(CC) $(CFLAGS) $(CPPFLAGS) -c $<

openssh-6.6p1-force_krb.patch

@@ -207,7 +207,7 @@ index 28659ec..9c94d8e 100644
 --- a/session.c
 +++ b/session.c
 @@ -789,6 +789,29 @@ do_exec(Session *s, const char *command)
- 		command = forced_command;
+ 		command = auth_opts->force_command;
  		forced = "(key-option)";
  	}
 +#ifdef GSSAPI

openssh-6.6p1-keycat.patch

@@ -1,7 +1,7 @@
-diff -up openssh/misc.c.keycat openssh/misc.c
---- openssh/misc.c.keycat	2015-06-24 10:57:50.158849606 +0200
-+++ openssh/misc.c	2015-06-24 11:04:23.989868638 +0200
-@@ -490,6 +490,14 @@ subprocess(const char *tag, struct passw
+diff -up openssh/auth.c.keycat openssh/misc.c
+--- openssh/auth.c.keycat	2015-06-24 10:57:50.158849606 +0200
++++ openssh/auth.c	2015-06-24 11:04:23.989868638 +0200
+@@ -966,6 +966,14 @@ subprocess(const char *tag, struct passw
  			_exit(1);
  		}
  
@@ -52,14 +52,14 @@ diff -up openssh/Makefile.in.keycat openssh/Makefile.in
  AR=@AR@
  AWK=@AWK@
 @@ -65,7 +66,7 @@ EXEEXT=@EXEEXT@
- MANFMT=@MANFMT@
+ MKDIR_P=@MKDIR_P@
  INSTALL_SSH_LDAP_HELPER=@INSTALL_SSH_LDAP_HELPER@
  
 -TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-ldap-helper$(EXEEXT)
 +TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-ldap-helper$(EXEEXT) ssh-keycat$(EXEEXT)
  
- LIBOPENSSH_OBJS=\
- 	ssh_api.o \
+ XMSS_OBJS=\
+ 	ssh-xmss.o \
 @@ -190,6 +191,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT)
  ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o
  	$(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat -lfipscheck $(LIBS) $(LDAPLIBS)
@@ -203,7 +203,7 @@ diff -up openssh/platform.c.keycat openssh/platform.c
 diff -up openssh/ssh-keycat.c.keycat openssh/ssh-keycat.c
 --- openssh/ssh-keycat.c.keycat	2015-06-24 10:57:50.161849599 +0200
 +++ openssh/ssh-keycat.c	2015-06-24 10:57:50.161849599 +0200
-@@ -0,0 +1,238 @@
+@@ -0,0 +1,241 @@
 +/*
 + * Redistribution and use in source and binary forms, with or without
 + * modification, are permitted provided that the following conditions
@@ -253,6 +253,9 @@ diff -up openssh/ssh-keycat.c.keycat openssh/ssh-keycat.c
 +#include <pwd.h>
 +#include <fcntl.h>
 +#include <unistd.h>
++#ifdef HAVE_STDINT_H
++#include <stdint.h>
++#endif
 +
 +#include <security/pam_appl.h>
 +

openssh-6.6p1-kuserok.patch

@@ -192,15 +192,16 @@ diff -up openssh-7.4p1/servconf.c.kuserok openssh-7.4p1/servconf.c
  	if (options->password_authentication == -1)
  		options->password_authentication = 1;
  	if (options->kbd_interactive_authentication == -1)
-@@ -399,7 +402,7 @@ typedef enum {
+@@ -399,7 +402,8 @@ typedef enum {
  	sPermitRootLogin, sLogFacility, sLogLevel,
  	sRhostsRSAAuthentication, sRSAAuthentication,
  	sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
--	sKerberosGetAFSToken,
+-	sKerberosGetAFSToken, sChallengeResponseAuthentication,
 +	sKerberosGetAFSToken, sKerberosUseKuserok,
- 	sKerberosTgtPassing, sChallengeResponseAuthentication,
++ 	sChallengeResponseAuthentication,
  	sPasswordAuthentication, sKbdInteractiveAuthentication,
  	sListenAddress, sAddressFamily,
+ 	sPrintMotd, sPrintLastLog, sIgnoreRhosts,
 @@ -478,11 +481,13 @@ static struct {
  #else
  	{ "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL },

openssh-6.6p1-redhat.patch

@@ -64,7 +64,7 @@ diff -up openssh-7.4p1/sshd_config.5.redhat openssh-7.4p1/sshd_config.5
 diff -up openssh-7.4p1/sshd_config.redhat openssh-7.4p1/sshd_config
 --- openssh-7.4p1/sshd_config.redhat	2016-12-19 05:59:41.000000000 +0100
 +++ openssh-7.4p1/sshd_config	2016-12-23 13:33:05.386233133 +0100
-@@ -10,21 +10,35 @@
+@@ -10,20 +10,34 @@
  # possible, but leave them commented.  Uncommented options override the
  # default value.
  
@@ -79,7 +79,6 @@ diff -up openssh-7.4p1/sshd_config.redhat openssh-7.4p1/sshd_config
  
 -#HostKey /etc/ssh/ssh_host_rsa_key
 +HostKey /etc/ssh/ssh_host_rsa_key
- #HostKey /etc/ssh/ssh_host_dsa_key
 -#HostKey /etc/ssh/ssh_host_ecdsa_key
 -#HostKey /etc/ssh/ssh_host_ed25519_key
 +HostKey /etc/ssh/ssh_host_ecdsa_key

openssh-6.6p1-role-mls.patch

@@ -93,7 +93,7 @@ diff -up openssh-7.4p1/auth2-hostbased.c.role-mls openssh-7.4p1/auth2-hostbased.
 +#else
 +	    (r = sshbuf_put_cstring(b, authctxt->user)) != 0 ||
 +#endif
- 	    (r = sshbuf_put_cstring(b, service)) != 0 ||
+ 	    (r = sshbuf_put_cstring(b, authctxt->service)) != 0 ||
  	    (r = sshbuf_put_cstring(b, "hostbased")) != 0 ||
  	    (r = sshbuf_put_string(b, pkalg, alen)) != 0 ||
 diff -up openssh-7.4p1/auth2-pubkey.c.role-mls openssh-7.4p1/auth2-pubkey.c
@@ -116,7 +116,7 @@ diff -up openssh-7.4p1/auth2-pubkey.c.role-mls openssh-7.4p1/auth2-pubkey.c
 +#endif
  		if ((r = sshbuf_put_u8(b, SSH2_MSG_USERAUTH_REQUEST)) != 0 ||
  		    (r = sshbuf_put_cstring(b, userstyle)) != 0 ||
- 		    (r = sshbuf_put_cstring(b, ssh->compat & SSH_BUG_PKSERVICE ?
+ 		    (r = sshbuf_put_cstring(b, authctxt->service)) != 0 ||
 diff -up openssh-7.4p1/auth.h.role-mls openssh-7.4p1/auth.h
 --- openssh-7.4p1/auth.h.role-mls	2016-12-19 05:59:41.000000000 +0100
 +++ openssh-7.4p1/auth.h	2016-12-23 12:19:43.478510375 +0100
@@ -146,7 +146,7 @@ diff -up openssh-7.4p1/auth-pam.h.role-mls openssh-7.4p1/auth-pam.h
 --- openssh-7.4p1/auth-pam.h.role-mls	2016-12-23 12:19:43.478510375 +0100
 +++ openssh-7.4p1/auth-pam.h	2016-12-23 12:21:44.698101234 +0100
 @@ -31,7 +31,7 @@ u_int do_pam_account(void);
- void do_pam_session(void);
+ void do_pam_session(struct ssh *);
  void do_pam_setcred(int );
  void do_pam_chauthtok(void);
 -int do_pam_putenv(char *, char *);
@@ -316,7 +316,7 @@ diff -up openssh-7.4p1/monitor_wrap.c.role-mls openssh-7.4p1/monitor_wrap.c
 +
  /* Do the password authentication */
  int
- mm_auth_password(Authctxt *authctxt, char *password)
+ mm_auth_password(struct ssh *ssh, char *password)
 diff -up openssh-7.4p1/monitor_wrap.h.role-mls openssh-7.4p1/monitor_wrap.h
 --- openssh-7.4p1/monitor_wrap.h.role-mls	2016-12-19 05:59:41.000000000 +0100
 +++ openssh-7.4p1/monitor_wrap.h	2016-12-23 12:19:58.588459376 +0100
@@ -329,16 +329,17 @@ diff -up openssh-7.4p1/monitor_wrap.h.role-mls openssh-7.4p1/monitor_wrap.h
 +#endif
  struct passwd *mm_getpwnamallow(const char *);
  char *mm_auth2_read_banner(void);
- int mm_auth_password(struct Authctxt *, char *);
+ int mm_auth_password(struct ssh *, char *);
 diff -up openssh-7.4p1/openbsd-compat/Makefile.in.role-mls openssh-7.4p1/openbsd-compat/Makefile.in
 --- openssh-7.4p1/openbsd-compat/Makefile.in.role-mls	2016-12-23 12:19:58.588459376 +0100
 +++ openssh-7.4p1/openbsd-compat/Makefile.in	2016-12-23 12:24:06.042643938 +0100
-@@ -20,7 +20,7 @@ OPENBSD=base64.o basename.o bcrypt_pbkdf
- 
- COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-err.o bsd-getpagesize.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-malloc.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xcrypt.o kludge-fd_set.o
- 
--PORTS=port-aix.o port-irix.o port-linux.o port-solaris.o port-tun.o port-uw.o
-+PORTS=port-aix.o port-irix.o port-linux.o port-linux-sshd.o port-solaris.o port-tun.o port-uw.o
+@@ -20,7 +20,8 @@ OPENBSD=base64.o basename.o bcrypt_pbkdf
+ 	port-linux.o \
+ 	port-solaris.o \
+ 	port-net.o \
+-	port-uw.o
++	port-uw.o \
++	port-linux-sshd.o
  
  .c.o:
  	$(CC) $(CFLAGS) $(CPPFLAGS) -c $<

openssh-6.7p1-coverity.patch

@@ -27,7 +27,7 @@ diff -up openssh-7.4p1/monitor.c.coverity openssh-7.4p1/monitor.c
 +	while (pmonitor->m_log_recvfd >= 0 && monitor_read_log(pmonitor) == 0)
  		;
  
- 	close(pmonitor->m_sendfd);
+ 	if (pmonitor->m_recvfd >= 0)
 diff -up openssh-7.4p1/monitor_wrap.c.coverity openssh-7.4p1/monitor_wrap.c
 --- openssh-7.4p1/monitor_wrap.c.coverity	2016-12-23 16:40:26.892788689 +0100
 +++ openssh-7.4p1/monitor_wrap.c	2016-12-23 16:40:26.900788691 +0100
@@ -127,11 +127,11 @@ diff -up openssh-7.4p1/serverloop.c.coverity openssh-7.4p1/serverloop.c
  	}
  
  	tun = packet_get_int();
--	if (forced_tun_device != -1) {
-+	if (forced_tun_device >= 0) {
- 		if (tun != SSH_TUNID_ANY && forced_tun_device != tun)
+-	if (auth_opts->force_tun_device != -1) {
++	if (auth_opts->force_tun_device >= 0) {
+ 		if (tun != SSH_TUNID_ANY && auth_opts->force_tun_device != tun)
  			goto done;
- 		tun = forced_tun_device;
+ 		tun = auth_opts->force_tun_device;
 diff -up openssh-7.4p1/sftp.c.coverity openssh-7.4p1/sftp.c
 --- openssh-7.4p1/sftp.c.coverity	2016-12-19 05:59:41.000000000 +0100
 +++ openssh-7.4p1/sftp.c	2016-12-23 16:40:26.903788691 +0100

openssh-6.7p1-kdf-cavs.patch

@@ -10,14 +10,14 @@ diff -up openssh-6.8p1/Makefile.in.kdf-cavs openssh-6.8p1/Makefile.in
  PRIVSEP_PATH=@PRIVSEP_PATH@
  SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
 @@ -67,7 +68,7 @@ EXEEXT=@EXEEXT@
- MANFMT=@MANFMT@
+ MKDIR_P=@MKDIR_P@
  INSTALL_SSH_LDAP_HELPER=@INSTALL_SSH_LDAP_HELPER@
  
 -TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-ldap-helper$(EXEEXT) ssh-keycat$(EXEEXT) ctr-cavstest$(EXEEXT)
 +TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-ldap-helper$(EXEEXT) ssh-keycat$(EXEEXT) ctr-cavstest$(EXEEXT) ssh-cavs$(EXEEXT)
  
- LIBOPENSSH_OBJS=\
- 	ssh_api.o \
+ XMSS_OBJS=\
+ 	ssh-xmss.o \
 @@ -198,6 +199,9 @@ ssh-keycat$(EXEEXT): $(LIBCOMPAT) $(SSHD
  ctr-cavstest$(EXEEXT): $(LIBCOMPAT) libssh.a ctr-cavstest.o
  	$(LD) -o $@ ctr-cavstest.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lfipscheck $(LIBS)

openssh-6.7p1-ldap.patch

@@ -145,16 +145,16 @@ diff -up openssh-6.8p1/Makefile.in.ldap openssh-6.8p1/Makefile.in
  GSSLIBS=@GSSLIBS@
  SSHLIBS=@SSHLIBS@
 @@ -61,8 +63,9 @@ XAUTH_PATH=@XAUTH_PATH@
- LDFLAGS=-L. -Lopenbsd-compat/ @LDFLAGS@
  EXEEXT=@EXEEXT@
  MANFMT=@MANFMT@
+ MKDIR_P=@MKDIR_P@
 +INSTALL_SSH_LDAP_HELPER=@INSTALL_SSH_LDAP_HELPER@
  
 -TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT)
 +TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT) ssh-ldap-helper$(EXEEXT)
  
- LIBOPENSSH_OBJS=\
- 	ssh_api.o \
+ XMSS_OBJS=\
+ 	ssh-xmss.o \
 @@ -112,8 +115,8 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw
  	sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \
  	sandbox-solaris.o
@@ -197,7 +197,7 @@ diff -up openssh-6.8p1/Makefile.in.ldap openssh-6.8p1/Makefile.in
 +	fi
  
  install-sysconf:
- 	if [ ! -d $(DESTDIR)$(sysconfdir) ]; then \
+ 	$(MKDIR_P) $(DESTDIR)$(sysconfdir)
 @@ -356,6 +370,13 @@ install-sysconf:
  	else \
  		echo "$(DESTDIR)$(sysconfdir)/moduli already exists, install will not overwrite"; \
@@ -228,7 +228,7 @@ diff -up openssh-6.8p1/Makefile.in.ldap openssh-6.8p1/Makefile.in
 +	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-ldap-helper.8
  
  regress-prep:
- 	[ -d `pwd`/regress ] || mkdir -p `pwd`/regress
+ 	$(MKDIR_P) `pwd`/regress/unittests/test_helper
 diff -up openssh-6.8p1/configure.ac.ldap openssh-6.8p1/configure.ac
 --- openssh-6.8p1/configure.ac.ldap	2015-03-17 06:49:20.000000000 +0100
 +++ openssh-6.8p1/configure.ac	2015-03-18 11:11:29.030801464 +0100

openssh-6.8p1-memory-problems.patch

@@ -1,24 +0,0 @@
-diff -up openssh-7.4p1/servconf.c.memory openssh-7.4p1/servconf.c
---- openssh-7.4p1/servconf.c.memory	2016-12-23 15:37:48.181422360 +0100
-+++ openssh-7.4p1/servconf.c	2016-12-23 15:38:30.189429116 +0100
-@@ -2006,6 +2006,8 @@ copy_set_server_options(ServerOptions *d
- 		dst->n = src->n; \
- } while (0)
- 
-+	u_int i;
-+
- 	M_CP_INTOPT(password_authentication);
- 	M_CP_INTOPT(gss_authentication);
- 	M_CP_INTOPT(pubkey_authentication);
-@@ -2058,8 +2060,10 @@ copy_set_server_options(ServerOptions *d
- } while(0)
- #define M_CP_STRARRAYOPT(n, num_n) do {\
- 	if (src->num_n != 0) { \
-+		for (i = 0; i < dst->num_n; i++) \
-+			free(dst->n[i]); \
- 		for (dst->num_n = 0; dst->num_n < src->num_n; dst->num_n++) \
--			dst->n[dst->num_n] = xstrdup(src->n[dst->num_n]); \
-+			dst->n[dst->num_n] = src->n[dst->num_n]; \
- 	} \
- } while(0)
- #define M_CP_STRARRAYOPT_ALLOC(n, num_n) do { \

openssh-7.0p1-gssKexAlgorithms.patch

@@ -238,8 +238,8 @@ diff -up openssh-7.0p1/servconf.c.gsskexalg openssh-7.0p1/servconf.c
  #include "digest.h"
 +#include "ssh-gss.h"
  
- static void add_listen_addr(ServerOptions *, char *, int);
- static void add_one_listen_addr(ServerOptions *, char *, int);
+ static void add_listen_addr(ServerOptions *, const char *,
+     const char *, int);
 @@ -121,6 +122,7 @@ initialize_server_options(ServerOptions
  	options->gss_cleanup_creds = -1;
  	options->gss_strict_acceptor = -1;

openssh-7.1p2-audit-race-condition.patch

@@ -86,7 +86,7 @@ diff -up openssh-7.4p1/session.c.audit-race openssh-7.4p1/session.c
  /*
   * This is called to fork and execute a command when we have no tty.  This
 @@ -424,6 +430,8 @@ do_exec_no_pty(Session *s, const char *c
- 		cray_init_job(s->pw); /* set up cray jid and tmpdir */
+ 		close(err[0]);
  #endif
  
 +		child_destory_sensitive_data();
@@ -102,8 +102,8 @@ diff -up openssh-7.4p1/session.c.audit-race openssh-7.4p1/session.c
 +		child_destory_sensitive_data();
 +
  		/* record login, etc. similar to login(1) */
- #ifdef _UNICOS
- 		cray_init_job(s->pw); /* set up cray jid and tmpdir */
+ #ifndef HAVE_OSF_SIA
+ 		do_login(ssh, s, command);
 @@ -717,6 +728,8 @@ do_exec(Session *s, const char *command)
  	}
  	if (s->command != NULL && s->ptyfd == -1)

openssh-7.2p1-fips.patch

@@ -673,13 +673,13 @@ diff -up openssh-7.5p1/sshkey.c.fips openssh-7.5p1/sshkey.c
  
  #include "crypto_api.h"
 @@ -58,6 +59,7 @@
- #define SSHKEY_INTERNAL
  #include "sshkey.h"
+ #include "sshkey-xmss.h"
  #include "match.h"
 +#include "log.h"
  
- /* openssh private key file format */
- #define MARK_BEGIN		"-----BEGIN OPENSSH PRIVATE KEY-----\n"
+ #include "xmss_fast.h"
+ 
 @@ -1587,6 +1589,8 @@ rsa_generate_private_key(u_int bits, RSA
  	}
  	if (!BN_set_word(f4, RSA_F4) ||

openssh-7.2p1-gsskex.patch

@@ -1729,7 +1729,7 @@ diff -up openssh/monitor.c.gsskex openssh/monitor.c
 +	monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1);
 +#endif		
  
- 	if (!no_pty_flag) {
+ 	if (auth_opts->permit_pty_flag) {
  		monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1);
 @@ -1656,6 +1673,13 @@ monitor_apply_keystate(struct monitor *p
  # endif
@@ -2086,6 +2086,7 @@ diff -up openssh/regress/cert-userkey.sh.gsskex openssh/regress/cert-userkey.sh
  
 -PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'`
 +PLAIN_TYPES=`$SSH -Q key-plain | grep -v null | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'`
+ EXTRA_TYPES=""
  
  if echo "$PLAIN_TYPES" | grep '^rsa$' >/dev/null 2>&1 ; then
  	PLAIN_TYPES="$PLAIN_TYPES rsa-sha2-256 rsa-sha2-512"
@@ -2624,7 +2625,7 @@ diff -up openssh/sshd.c.gsskex openssh/sshd.c
  
 @@ -871,8 +871,9 @@ notify_hostkeys(struct ssh *ssh)
  	}
- 	debug3("%s: sent %d hostkeys", __func__, nkeys);
+ 	debug3("%s: sent %u hostkeys", __func__, nkeys);
  	if (nkeys == 0)
 -		fatal("%s: no hostkeys", __func__);
 -	packet_send();
@@ -2864,9 +2865,9 @@ diff -up openssh/sshkey.h.gsskex openssh/sshkey.h
 --- openssh/sshkey.h.gsskex	2017-09-25 01:48:10.000000000 +0200
 +++ openssh/sshkey.h	2017-09-27 13:54:53.602534414 +0200
 @@ -61,6 +61,7 @@ enum sshkey_types {
- 	KEY_DSA_CERT,
- 	KEY_ECDSA_CERT,
  	KEY_ED25519_CERT,
+ 	KEY_XMSS,
+ 	KEY_XMSS_CERT,
 +	KEY_NULL,
  	KEY_UNSPEC
  };

openssh-7.3p1-openssl-1.1.0.patch

@@ -471,7 +471,7 @@ diff -up openssh/kexgexc.c.openssl openssh/kexgexc.c
  
  	debug("got SSH2_MSG_KEX_DH_GEX_GROUP");
  
-@@ -119,26 +120,30 @@ input_kex_dh_gex_group(int type, u_int32
+@@ -119,24 +120,30 @@ input_kex_dh_gex_group(int type, u_int32
  	p = g = NULL; /* belong to kex->dh now */
  
  	/* generate and send 'e', client DH public key */
@@ -497,12 +497,8 @@ diff -up openssh/kexgexc.c.openssl openssh/kexgexc.c
  	ssh_dispatch_set(ssh, SSH2_MSG_KEX_DH_GEX_REPLY, &input_kex_dh_gex_reply);
  	r = 0;
  out:
--	if (p)
--		BN_clear_free(p);
--	if (g)
--		BN_clear_free(g);
-+	BN_clear_free(p);
-+	BN_clear_free(g);
+ 	BN_clear_free(p);
+ 	BN_clear_free(g);
 +	if (r != 0) {
 +		DH_free(kex->dh);
 +		kex->dh = NULL;
@@ -1419,17 +1415,6 @@ diff -up openssh/sshconnect2.c.openssl openssh/sshconnect2.c
  }
  
  /*
-diff -up openssh/sshconnect.c.openssl openssh/sshconnect.c
---- openssh/sshconnect.c.openssl	2017-09-26 13:19:31.759249464 +0200
-+++ openssh/sshconnect.c	2017-09-26 13:19:31.800249715 +0200
-@@ -1316,6 +1316,7 @@ ssh_login(Sensitive *sensitive, const ch
- 	char *server_user, *local_user;
- 
- 	local_user = xstrdup(pw->pw_name);
-+	free(pw);
- 	server_user = options.user ? options.user : local_user;
- 
- 	/* Convert the user-supplied hostname into all lowercase. */
 diff -up openssh/ssh.c.openssl openssh/ssh.c
 --- openssh/ssh.c.openssl	2017-09-26 13:19:31.786249629 +0200
 +++ openssh/ssh.c	2017-09-26 13:19:31.800249715 +0200
@@ -1443,14 +1428,6 @@ diff -up openssh/ssh.c.openssl openssh/ssh.c
  	if (access("/etc/system-fips", F_OK) == 0)
  		if (! FIPSCHECK_verify(NULL, NULL)){
  			if (FIPS_mode())
-@@ -1263,6 +1265,7 @@ main(int ac, char **av)
- 		free(cp);
- 	}
- 	free(conn_hash_hex);
-+	free(host_arg);
- 
- 	if (config_test) {
- 		dump_client_config(&options, host);
 diff -up openssh/sshd.c.openssl openssh/sshd.c
 --- openssh/sshd.c.openssl	2017-09-26 13:19:31.792249666 +0200
 +++ openssh/sshd.c	2017-09-26 13:19:31.801249721 +0200
@@ -1493,8 +1470,8 @@ diff -up openssh/ssh-dss.c.openssl openssh/ssh-dss.c
 +	BN_bn2bin(r, sigblob + SIGBLOB_LEN - INTBLOB_LEN - rlen);
 +	BN_bn2bin(s, sigblob + SIGBLOB_LEN - slen);
  
- 	if (compat & SSH_BUG_SIGBLOB) {
- 		if (sigp != NULL) {
+ 	if ((b = sshbuf_new()) == NULL) {
+ 		ret = SSH_ERR_ALLOC_FAIL;
 @@ -137,6 +139,7 @@ ssh_dss_verify(const struct sshkey *key,
  	int ret = SSH_ERR_INTERNAL_ERROR;
  	struct sshbuf *b = NULL;
@@ -1527,15 +1504,13 @@ diff -up openssh/ssh-dss.c.openssl openssh/ssh-dss.c
  
  	/* sha1 the data */
  	if ((ret = ssh_digest_memory(SSH_DIGEST_SHA1, data, datalen,
-@@ -207,8 +213,9 @@ ssh_dss_verify(const struct sshkey *key,
+@@ -207,7 +213,9 @@ ssh_dss_verify(const struct sshkey *key,
  
   out:
  	explicit_bzero(digest, sizeof(digest));
--	if (sig != NULL)
--		DSA_SIG_free(sig);
 +	BN_free(r);
 +	BN_free(s);
-+	DSA_SIG_free(sig);
+ 	DSA_SIG_free(sig);
  	sshbuf_free(b);
  	free(ktype);
  	if (sigblob != NULL) {
@@ -1597,15 +1572,13 @@ diff -up openssh/ssh-ecdsa.c.openssl openssh/ssh-ecdsa.c
  	if (sshbuf_len(sigbuf) != 0) {
  		ret = SSH_ERR_UNEXPECTED_TRAILING_DATA;
  		goto out;
-@@ -180,8 +191,9 @@ ssh_ecdsa_verify(const struct sshkey *ke
+@@ -180,7 +191,9 @@ ssh_ecdsa_verify(const struct sshkey *ke
  	explicit_bzero(digest, sizeof(digest));
  	sshbuf_free(sigbuf);
  	sshbuf_free(b);
--	if (sig != NULL)
--		ECDSA_SIG_free(sig);
 +	BN_free(r);
 +	BN_free(s);
-+	ECDSA_SIG_free(sig);
+	ECDSA_SIG_free(sig);
  	free(ktype);
  	return ret;
  }
@@ -1647,20 +1620,19 @@ diff -up openssh/sshkey.c.openssl openssh/sshkey.c
  #ifdef OPENSSL_HAS_ECC
        case KEY_ECDSA_CERT:
        case KEY_ECDSA:
-@@ -496,11 +501,7 @@ sshkey_new(int type)
+@@ -496,10 +501,7 @@ sshkey_new(int type)
  #ifdef WITH_OPENSSL
  	case KEY_RSA:
  	case KEY_RSA_CERT:
 -		if ((rsa = RSA_new()) == NULL ||
 -		    (rsa->n = BN_new()) == NULL ||
 -		    (rsa->e = BN_new()) == NULL) {
--			if (rsa != NULL)
--				RSA_free(rsa);
+-			RSA_free(rsa);
 +		if ((rsa = RSA_new()) == NULL) {
  			free(k);
  			return NULL;
  		}
-@@ -508,13 +509,7 @@ sshkey_new(int type)
+@@ -508,12 +509,7 @@ sshkey_new(int type)
  		break;
  	case KEY_DSA:
  	case KEY_DSA_CERT:
@@ -1669,8 +1641,7 @@ diff -up openssh/sshkey.c.openssl openssh/sshkey.c
 -		    (dsa->q = BN_new()) == NULL ||
 -		    (dsa->g = BN_new()) == NULL ||
 -		    (dsa->pub_key = BN_new()) == NULL) {
--			if (dsa != NULL)
--				DSA_free(dsa);
+-			DSA_free(dsa);
 +		if ((dsa = DSA_new()) == NULL) {
  			free(k);
  			return NULL;
@@ -2491,8 +2462,8 @@ diff -up openssh/sshkey.h.openssl openssh/sshkey.h
 -int ssh_rsa_generate_additional_parameters(struct sshkey *);
 +int ssh_rsa_generate_additional_parameters(struct sshkey *, BIGNUM *iqmp);
  
- #ifdef SSHKEY_INTERNAL
- int ssh_rsa_sign(const struct sshkey *key,
+ /* stateful keys (e.g. XMSS) */
+ #ifdef NO_ATTRIBUTE_ON_PROTOTYPE_ARGS
 diff -up openssh/ssh-pkcs11-client.c.openssl openssh/ssh-pkcs11-client.c
 --- openssh/ssh-pkcs11-client.c.openssl	2017-09-19 06:26:43.000000000 +0200
 +++ openssh/ssh-pkcs11-client.c	2017-09-26 13:19:31.803249734 +0200
@@ -2594,7 +2565,7 @@ diff -up openssh/ssh-pkcs11.c.openssl openssh/ssh-pkcs11.c
  			}
  		} else {
  			cp = attribs[2].pValue;
-@@ -525,17 +538,19 @@ pkcs11_fetch_keys_filter(struct pkcs11_p
+@@ -525,16 +538,18 @@ pkcs11_fetch_keys_filter(struct pkcs11_p
  			    == NULL) {
  				error("d2i_X509 failed");
  			} else if ((evp = X509_get_pubkey(x509)) == NULL ||
@@ -2608,8 +2579,7 @@ diff -up openssh/ssh-pkcs11.c.openssl openssh/ssh-pkcs11.c
  			    == NULL) {
  				error("RSAPublicKey_dup");
  			}
- 			if (x509)
- 				X509_free(x509);
+ 			X509_free(x509);
  		}
 -		if (rsa && rsa->n && rsa->e &&
 +		if (rsa)
@@ -2621,21 +2591,19 @@ diff -up openssh/ssh-pkcs11.c.openssl openssh/ssh-pkcs11.c
 diff -up openssh/ssh-rsa.c.openssl openssh/ssh-rsa.c
 --- openssh/ssh-rsa.c.openssl	2017-09-19 06:26:43.000000000 +0200
 +++ openssh/ssh-rsa.c	2017-09-26 13:19:31.803249734 +0200
-@@ -78,37 +78,46 @@ rsa_hash_alg_nid(int type)
- 	}
+@@ -78,38 +78,50 @@ rsa_hash_alg_nid(int type)
  }
  
--/* calculate p-1 and q-1 */
-+/* calculate d mod p-1 and d mod q-1 */
  int
 -ssh_rsa_generate_additional_parameters(struct sshkey *key)
 +ssh_rsa_generate_additional_parameters(struct sshkey *key, BIGNUM *iqmp)
  {
--	RSA *rsa;
  	BIGNUM *aux = NULL;
  	BN_CTX *ctx = NULL;
+-	BIGNUM d;
++	BIGNUM *d = NULL;
  	int r;
-+	const BIGNUM *p, *q, *d;
++	const BIGNUM *p, *q, *rsa_d;
 +	BIGNUM *dmp1 = NULL, *dmq1 = NULL;
  
  	if (key == NULL || key->rsa == NULL ||
@@ -2646,21 +2614,26 @@ diff -up openssh/ssh-rsa.c.openssl openssh/ssh-rsa.c
 -		return SSH_ERR_ALLOC_FAIL;
 -	if ((aux = BN_new()) == NULL) {
 +	RSA_get0_factors(key->rsa, &p, &q);
-+	RSA_get0_key(key->rsa, NULL, NULL, &d);
++	RSA_get0_key(key->rsa, NULL, NULL, &rsa_d);
 +
 +	if ((ctx = BN_CTX_new()) == NULL ||
 +	    (aux = BN_new()) == NULL ||
++	    (d = BN_new()) == NULL ||
 +	    (dmp1 = BN_new()) == NULL ||
 +	    (dmq1 = BN_new()) == NULL) {
  		r = SSH_ERR_ALLOC_FAIL;
  		goto out;
  	}
--	rsa = key->rsa;
+ 	BN_set_flags(aux, BN_FLG_CONSTTIME);
  
--	if ((BN_sub(aux, rsa->q, BN_value_one()) == 0) ||
--	    (BN_mod(rsa->dmq1, rsa->d, aux, ctx) == 0) ||
--	    (BN_sub(aux, rsa->p, BN_value_one()) == 0) ||
--	    (BN_mod(rsa->dmp1, rsa->d, aux, ctx) == 0)) {
+-	BN_init(&d);
+-	BN_with_flags(&d, key->rsa->d, BN_FLG_CONSTTIME);
++	BN_with_flags(d, rsa_d, BN_FLG_CONSTTIME);
+ 
+-	if ((BN_sub(aux, key->rsa->q, BN_value_one()) == 0) ||
+-	    (BN_mod(key->rsa->dmq1, &d, aux, ctx) == 0) ||
+-	    (BN_sub(aux, key->rsa->p, BN_value_one()) == 0) ||
+-	    (BN_mod(key->rsa->dmp1, &d, aux, ctx) == 0)) {
 +	if ((BN_sub(aux, q, BN_value_one()) == 0) ||
 +	    (BN_mod(dmq1, d, aux, ctx) == 0) ||
 +	    (BN_sub(aux, p, BN_value_one()) == 0) ||
@@ -2673,6 +2646,7 @@ diff -up openssh/ssh-rsa.c.openssl openssh/ssh-rsa.c
 +	dmq1 = NULL;
  	r = 0;
   out:
++	BN_free(d);
  	BN_clear_free(aux);
 +	BN_clear_free(dmp1);
 +	BN_clear_free(dmq1);

openssh-7.6p1-audit.patch

@@ -756,7 +756,7 @@ diff -up openssh-7.6p1/auth2-hostbased.c.audit openssh-7.6p1/auth2-hostbased.c
  	if (PRIVSEP(hostbased_key_allowed(authctxt->pw, cuser, chost, key)) &&
 -	    PRIVSEP(sshkey_verify(key, sig, slen,
 +	    PRIVSEP(hostbased_key_verify(key, sig, slen,
- 	    sshbuf_ptr(b), sshbuf_len(b), ssh->compat)) == 0)
+ 	    sshbuf_ptr(b), sshbuf_len(b), pkalg, ssh->compat)) == 0)
  		authenticated = 1;
  
 @@ -169,6 +169,19 @@ done:
@@ -765,11 +765,11 @@ diff -up openssh-7.6p1/auth2-hostbased.c.audit openssh-7.6p1/auth2-hostbased.c
  
 +int
 +hostbased_key_verify(const struct sshkey *key, const u_char *sig, size_t slen,
-+    const u_char *data, size_t datalen, u_int compat)
++    const u_char *data, size_t datalen, const char *pkalg, u_int compat)
 +{
 +	int rv;
 +
-+	rv = sshkey_verify(key, sig, slen, data, datalen, compat);
++	rv = sshkey_verify(key, sig, slen, data, datalen, pkalg, compat);
 +#ifdef SSH_AUDIT_EVENTS
 +	audit_key(0, &rv, key);
 +#endif
@@ -785,10 +785,10 @@ diff -up openssh-7.6p1/auth2-pubkey.c.audit openssh-7.6p1/auth2-pubkey.c
 @@ -206,7 +206,7 @@ userauth_pubkey(struct ssh *ssh)
  		/* test for correct signature */
  		authenticated = 0;
- 		if (PRIVSEP(user_key_allowed(authctxt->pw, key, 1)) &&
+ 		if (PRIVSEP(user_key_allowed(ssh, pw, key, 1, &authopts)) &&
 -		    PRIVSEP(sshkey_verify(key, sig, slen, sshbuf_ptr(b),
 +		    PRIVSEP(user_key_verify(key, sig, slen, sshbuf_ptr(b),
- 		    sshbuf_len(b), ssh->compat)) == 0) {
+ 		    sshbuf_len(b), NULL, ssh->compat)) == 0) {
  			authenticated = 1;
  		}
 @@ -250,6 +250,19 @@ done:
@@ -797,11 +797,11 @@ diff -up openssh-7.6p1/auth2-pubkey.c.audit openssh-7.6p1/auth2-pubkey.c
  
 +int
 +user_key_verify(const struct sshkey *key, const u_char *sig, size_t slen,
-+    const u_char *data, size_t datalen, u_int compat)
++    const u_char *data, size_t datalen, const char *pkalg, u_int compat)
 +{
 +	int rv;
 +
-+	rv = sshkey_verify(key, sig, slen, data, datalen, compat);
++	rv = sshkey_verify(key, sig, slen, data, datalen, pkalg, compat);
 +#ifdef SSH_AUDIT_EVENTS
 +	audit_key(1, &rv, key);
 +#endif
@@ -836,22 +836,24 @@ diff -up openssh-7.6p1/auth.c.audit openssh-7.6p1/auth.c
 diff -up openssh-7.6p1/auth.h.audit openssh-7.6p1/auth.h
 --- openssh-7.6p1/auth.h.audit	2017-10-04 17:18:32.768504711 +0200
 +++ openssh-7.6p1/auth.h	2017-10-04 17:18:32.836505059 +0200
-@@ -198,6 +198,7 @@ struct passwd * getpwnamallow(const char
+@@ -198,6 +198,8 @@ struct passwd * getpwnamallow(const char
  
  char	*expand_authorized_keys(const char *, struct passwd *pw);
  char	*authorized_principals_file(struct passwd *);
-+int	 user_key_verify(const struct sshkey *, const u_char *, size_t, const u_char *, size_t, u_int);
++int	 user_key_verify(const struct sshkey *, const u_char *, size_t,
++    const u_char *, size_t, const char *, u_int);
  
  FILE	*auth_openkeyfile(const char *, struct passwd *, int);
  FILE	*auth_openprincipals(const char *, struct passwd *, int);
-@@ -217,6 +218,7 @@ struct sshkey	*get_hostkey_private_by_ty
+@@ -217,6 +218,8 @@ struct sshkey	*get_hostkey_private_by_ty
  int	 get_hostkey_index(struct sshkey *, int, struct ssh *);
  int	 sshd_hostkey_sign(struct sshkey *, struct sshkey *, u_char **,
  	     size_t *, const u_char *, size_t, const char *, u_int);
-+int	 hostbased_key_verify(const struct sshkey *, const u_char *, size_t, const u_char *, size_t, u_int);
++int	 hostbased_key_verify(const struct sshkey *, const u_char *, size_t,
++    const u_char *, size_t, const char *, u_int);
  
- /* debug messages during authentication */
- void	 auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2)));
+ /* Key / cert options linkage to auth layer */
+ const struct sshauthopt *auth_options(struct ssh *);
 diff -up openssh-7.6p1/cipher.c.audit openssh-7.6p1/cipher.c
 --- openssh-7.6p1/cipher.c.audit	2017-10-02 21:34:26.000000000 +0200
 +++ openssh-7.6p1/cipher.c	2017-10-04 17:18:32.836505059 +0200
@@ -1100,8 +1102,8 @@ diff -up openssh-7.6p1/monitor.c.audit openssh-7.6p1/monitor.c
  #include "ssherr.h"
  
 @@ -117,6 +118,8 @@ extern Buffer auth_debug;
- extern int auth_debug_init;
  extern Buffer loginmsg;
+ extern struct sshauthopt *auth_opts; /* XXX move to permanent ssh->authctxt? */
  
 +extern void destroy_sensitive_data(int);
 +
@@ -1144,7 +1146,7 @@ diff -up openssh-7.6p1/monitor.c.audit openssh-7.6p1/monitor.c
      {0, 0, NULL}
  };
 @@ -1396,7 +1413,9 @@ mm_answer_keyverify(int sock, struct ssh
- 	u_char *signature, *data, *blob;
+ 	char *sigalg;
  	size_t signaturelen, datalen, bloblen;
  	int r, ret, valid_data = 0, encoded_ret;
 +	int type = 0;
@@ -1152,7 +1154,7 @@ diff -up openssh-7.6p1/monitor.c.audit openssh-7.6p1/monitor.c
 +	type = buffer_get_int(m);
  	if ((r = sshbuf_get_string(m, &blob, &bloblen)) != 0 ||
  	    (r = sshbuf_get_string(m, &signature, &signaturelen)) != 0 ||
- 	    (r = sshbuf_get_string(m, &data, &datalen)) != 0)
+ 	    (r = sshbuf_get_string(m, &data, &datalen)) != 0 ||
 @@ -1405,6 +1424,8 @@ mm_answer_keyverify(int sock, struct ssh
  	if (hostbased_cuser == NULL || hostbased_chost == NULL ||
  	  !monitor_allowed_key(blob, bloblen))
@@ -1160,20 +1162,20 @@ diff -up openssh-7.6p1/monitor.c.audit openssh-7.6p1/monitor.c
 +	if (type != key_blobtype)
 +		fatal("%s: bad key type", __func__);
  
- 	/* XXX use sshkey_froms here; need to change key_blob, etc. */
- 	if ((r = sshkey_from_blob(blob, bloblen, &key)) != 0)
+ 	/* Empty signature algorithm means NULL. */
+ 	if (*sigalg == '\0') {
 @@ -1414,21 +1435,24 @@ mm_answer_keyverify(int sock, struct ssh
  	case MM_USERKEY:
  		valid_data = monitor_valid_userblob(data, datalen);
  		auth_method = "publickey";
 +		ret = user_key_verify(key, signature, signaturelen, data,
-+		    datalen, active_state->compat);
++		    datalen, sigalg, active_state->compat);
  		break;
  	case MM_HOSTKEY:
  		valid_data = monitor_valid_hostbasedblob(data, datalen,
  		    hostbased_cuser, hostbased_chost);
 +		ret = hostbased_key_verify(key, signature, signaturelen, data,
-+		    datalen, active_state->compat);
++		    datalen, sigalg, active_state->compat);
  		auth_method = "hostbased";
  		break;
  	default:
@@ -1185,7 +1187,7 @@ diff -up openssh-7.6p1/monitor.c.audit openssh-7.6p1/monitor.c
  		fatal("%s: bad signature data blob", __func__);
  
 -	ret = sshkey_verify(key, signature, signaturelen, data, datalen,
--	    active_state->compat);
+-	    sigalg, active_state->compat);
  	debug3("%s: %s %p signature %s", __func__, auth_method, key,
  	    (ret == 0) ? "verified" : "unverified");
  	auth2_record_key(authctxt, ret == 0, key);
@@ -1400,7 +1402,7 @@ diff -up openssh-7.6p1/monitor_wrap.c.audit openssh-7.6p1/monitor_wrap.c
  int
 -mm_sshkey_verify(const struct sshkey *key, const u_char *sig, size_t siglen,
 +mm_sshkey_verify(enum mm_keytype type, const struct sshkey *key, const u_char *sig, size_t siglen,
-     const u_char *data, size_t datalen, u_int compat)
+     const u_char *data, size_t datalen, const char *sigalg, u_int compat)
  {
  	Buffer m;
 @@ -478,6 +478,7 @@ mm_sshkey_verify(const struct sshkey *ke
@@ -1417,16 +1419,16 @@ diff -up openssh-7.6p1/monitor_wrap.c.audit openssh-7.6p1/monitor_wrap.c
  
 +int
 +mm_hostbased_key_verify(const struct sshkey *key, const u_char *sig, size_t siglen,
-+    const u_char *data, size_t datalen, u_int compat)
++    const u_char *data, size_t datalen, const char *pkalg, u_int compat)
 +{
-+	return mm_sshkey_verify(MM_HOSTKEY, key, sig, siglen, data, datalen, compat);
++	return mm_sshkey_verify(MM_HOSTKEY, key, sig, siglen, data, datalen, pkalg, compat);
 +}
 +
 +int
 +mm_user_key_verify(const struct sshkey *key, const u_char *sig, size_t siglen,
-+    const u_char *data, size_t datalen, u_int compat)
++    const u_char *data, size_t datalen, const char *pkalg, u_int compat)
 +{
-+	return mm_sshkey_verify(MM_USERKEY, key, sig, siglen, data, datalen, compat);
++	return mm_sshkey_verify(MM_USERKEY, key, sig, siglen, data, datalen, pkalg, compat);
 +}
 +
  void
@@ -1547,14 +1549,14 @@ diff -up openssh-7.6p1/monitor_wrap.h.audit openssh-7.6p1/monitor_wrap.h
 --- openssh-7.6p1/monitor_wrap.h.audit	2017-10-04 17:18:32.750504619 +0200
 +++ openssh-7.6p1/monitor_wrap.h	2017-10-04 17:18:32.838505069 +0200
 @@ -53,7 +53,9 @@ int mm_key_allowed(enum mm_keytype, cons
- int mm_user_key_allowed(struct passwd *, struct sshkey *, int);
+     struct sshauthopt **);
  int mm_hostbased_key_allowed(struct passwd *, const char *,
      const char *, struct sshkey *);
 -int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t,
 +int mm_hostbased_key_verify(const struct sshkey *, const u_char *, size_t,
-+    const u_char *, size_t, u_int);
++    const u_char *, size_t, const char *, u_int);
 +int mm_user_key_verify(const struct sshkey *, const u_char *, size_t,
-     const u_char *, size_t, u_int);
+     const u_char *, size_t, const char *, u_int);
  
  #ifdef GSSAPI
 @@ -78,7 +80,12 @@ void mm_sshpam_free_ctx(void *);
@@ -1743,8 +1745,8 @@ diff -up openssh-7.6p1/session.c.audit openssh-7.6p1/session.c
 -extern void destroy_sensitive_data(void);
 +extern void destroy_sensitive_data(int);
  extern Buffer loginmsg;
- 
- /* original command from peer. */
+ extern struct sshauthopt *auth_opts;
+ char *tun_fwd_ifnames; /* serverloop.c */
 @@ -605,6 +605,14 @@ do_exec_pty(struct ssh *ssh, Session *s,
  	/* Parent.  Close the slave side of the pseudo tty. */
  	close(ttyfd);
@@ -1930,8 +1932,8 @@ diff -up openssh-7.6p1/sshd.c.audit openssh-7.6p1/sshd.c
  #include "monitor_wrap.h"
 +#include "audit.h"
  #include "ssh-sandbox.h"
+ #include "auth-options.h"
  #include "version.h"
- #include "ssherr.h"
 @@ -248,7 +249,7 @@ Buffer loginmsg;
  struct passwd *privsep_pw = NULL;
  
@@ -1970,7 +1972,7 @@ diff -up openssh-7.6p1/sshd.c.audit openssh-7.6p1/sshd.c
 -destroy_sensitive_data(void)
 +destroy_sensitive_data(int privsep)
  {
- 	int i;
+ 	u_int i;
 +#ifdef SSH_AUDIT_EVENTS
 +	pid_t pid;
 +	uid_t uid;
@@ -2009,7 +2011,7 @@ diff -up openssh-7.6p1/sshd.c.audit openssh-7.6p1/sshd.c
 @@ -499,12 +536,30 @@ demote_sensitive_data(void)
  {
  	struct sshkey *tmp;
- 	int i;
+ 	u_int i;
 +#ifdef SSH_AUDIT_EVENTS
 +	pid_t pid;
 +	uid_t uid;

openssh-7.6p1-cleanup-selinux.patch

@@ -9,11 +9,11 @@ diff -up openssh/auth2-pubkey.c.refactor openssh/auth2-pubkey.c
 +extern int rexeced_flag;
 +extern Authctxt *the_authctxt;
  
- static int
- userauth_pubkey(struct ssh *ssh)
+ static char *
+ format_key(const struct sshkey *key)
 @@ -432,7 +435,8 @@ match_principals_command(struct passwd *
  
- 	if ((pid = subprocess("AuthorizedPrincipalsCommand", pw, command,
+ 	if ((pid = subprocess("AuthorizedPrincipalsCommand", runas_pw, command,
  	    ac, av, &f,
 -	    SSH_SUBPROCESS_STDOUT_CAPTURE|SSH_SUBPROCESS_STDERR_DISCARD)) == 0)
 +	    SSH_SUBPROCESS_STDOUT_CAPTURE|SSH_SUBPROCESS_STDERR_DISCARD,
@@ -23,7 +23,7 @@ diff -up openssh/auth2-pubkey.c.refactor openssh/auth2-pubkey.c
  	uid_swapped = 1;
 @@ -762,7 +766,8 @@ user_key_command_allowed2(struct passwd
  
- 	if ((pid = subprocess("AuthorizedKeysCommand", pw, command,
+ 	if ((pid = subprocess("AuthorizedKeysCommand", runas_pw, command,
  	    ac, av, &f,
 -	    SSH_SUBPROCESS_STDOUT_CAPTURE|SSH_SUBPROCESS_STDERR_DISCARD)) == 0)
 +	    SSH_SUBPROCESS_STDOUT_CAPTURE|SSH_SUBPROCESS_STDERR_DISCARD,
@@ -31,9 +31,9 @@ diff -up openssh/auth2-pubkey.c.refactor openssh/auth2-pubkey.c
  		goto out;
  
  	uid_swapped = 1;
-diff -up openssh/misc.c.refactor openssh/misc.c
---- openssh/misc.c.refactor	2017-09-27 13:10:19.640831071 +0200
-+++ openssh/misc.c	2017-09-27 13:10:19.678831279 +0200
+diff -up openssh/auth.c.refactor openssh/auth.c
+--- openssh/auth.c.refactor	2017-09-27 13:10:19.640831071 +0200
++++ openssh/auth.c	2017-09-27 13:10:19.678831279 +0200
 @@ -1435,7 +1435,8 @@ argv_assemble(int argc, char **argv)
   */
  pid_t
@@ -53,18 +53,18 @@ diff -up openssh/misc.c.refactor openssh/misc.c
  			error ("failed to copy environment:  %s",
  			    strerror(errno));
  			_exit(127);
-diff -up openssh/misc.h.refactor openssh/misc.h
---- openssh/misc.h.refactor	2017-09-25 01:48:10.000000000 +0200
-+++ openssh/misc.h	2017-09-27 13:10:19.678831279 +0200
+diff -up openssh/auth.h.refactor openssh/auth.h
+--- openssh/auth.h.refactor	2017-09-25 01:48:10.000000000 +0200
++++ openssh/auth.h	2017-09-27 13:10:19.678831279 +0200
 @@ -144,7 +144,7 @@ int	 exited_cleanly(pid_t, const char *,
- #define SSH_SUBPROCESS_STDOUT_CAPTURE	(1<<1)	/* Redirect stdout */
- #define SSH_SUBPROCESS_STDERR_DISCARD	(1<<2)	/* Discard stderr */
- pid_t	 subprocess(const char *, struct passwd *,
+ #define	SSH_SUBPROCESS_STDOUT_CAPTURE  (1<<1)  /* Redirect stdout */
+ #define	SSH_SUBPROCESS_STDERR_DISCARD  (1<<2)  /* Discard stderr */
+ pid_t	subprocess(const char *, struct passwd *,
 -    const char *, int, char **, FILE **, u_int flags);
 +    const char *, int, char **, FILE **, u_int flags, int, void *);
  
- struct stat;
- int	 safe_path(const char *, struct stat *, const char *, uid_t,
+ int	 sys_auth_passwd(struct ssh *, const char *);
+ 
 diff -up openssh/openbsd-compat/port-linux.h.refactor openssh/openbsd-compat/port-linux.h
 --- openssh/openbsd-compat/port-linux.h.refactor	2017-09-27 13:10:19.634831038 +0200
 +++ openssh/openbsd-compat/port-linux.h	2017-09-27 13:10:54.954025248 +0200

openssh-7.6p1-permitopen-bug.patch

@@ -1,47 +0,0 @@
-From 7c9613fac3371cf65fb07739212cdd1ebf6575da Mon Sep 17 00:00:00 2001
-From: "djm@openbsd.org" <djm@openbsd.org>
-Date: Wed, 4 Oct 2017 18:49:30 +0000
-Subject: [PATCH] upstream commit
-
-fix (another) problem in PermitOpen introduced during the
-channels.c refactor: the third and subsequent arguments to PermitOpen were
-being silently ignored; ok markus@
-
-Upstream-ID: 067c89f1f53cbc381628012ba776d6861e6782fd
----
- servconf.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/servconf.c b/servconf.c
-index 2c321a4ad..956862959 100644
---- a/servconf.c
-+++ b/servconf.c
-@@ -1,5 +1,5 @@
- 
--/* $OpenBSD: servconf.c,v 1.312 2017/10/02 19:33:20 djm Exp $ */
-+/* $OpenBSD: servconf.c,v 1.313 2017/10/04 18:49:30 djm Exp $ */
- /*
-  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
-  *                    All rights reserved
-@@ -1663,9 +1663,9 @@ process_server_config_line(ServerOptions *options, char *line,
- 		if (!arg || *arg == '\0')
- 			fatal("%s line %d: missing PermitOpen specification",
- 			    filename, linenum);
--		i = options->num_permitted_opens;	/* modified later */
-+		value = options->num_permitted_opens;	/* modified later */
- 		if (strcmp(arg, "any") == 0 || strcmp(arg, "none") == 0) {
--			if (*activep && i == 0) {
-+			if (*activep && value == 0) {
- 				options->num_permitted_opens = 1;
- 				options->permitted_opens = xcalloc(1,
- 				    sizeof(*options->permitted_opens));
-@@ -1683,7 +1683,7 @@ process_server_config_line(ServerOptions *options, char *line,
- 			if (arg == NULL || ((port = permitopen_port(arg)) < 0))
- 				fatal("%s line %d: bad port number in "
- 				    "PermitOpen", filename, linenum);
--			if (*activep && i == 0) {
-+			if (*activep && value == 0) {
- 				options->permitted_opens = xrecallocarray(
- 				    options->permitted_opens,
- 				    options->num_permitted_opens,
-

openssh.spec

@@ -65,10 +65,10 @@
 %endif
 
 # Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
-%global openssh_ver 7.6p1
-%global openssh_rel 7
+%global openssh_ver 7.7p1
+%global openssh_rel 1
 %global pam_ssh_agent_ver 0.10.3
-%global pam_ssh_agent_rel 3
+%global pam_ssh_agent_rel 4
 
 Summary: An open source implementation of SSH protocol version 2
 Name: openssh
@@ -77,8 +77,9 @@ Release: %{openssh_rel}%{?dist}%{?rescue_rel}
 URL: http://www.openssh.com/portable.html
 #URL1: http://pamsshagentauth.sourceforge.net
 Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
-#Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.asc
+Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.asc
 Source2: sshd.pam
+Source3: DJM-GPG-KEY.gpg
 Source4: http://prdownloads.sourceforge.net/pamsshagentauth/pam_ssh_agent_auth/pam_ssh_agent_auth-%{pam_ssh_agent_ver}.tar.bz2
 Source5: pam_ssh_agent-rmheaders
 Source6: ssh-keycat.pam
@@ -209,9 +210,6 @@ Patch920: openssh-6.6.1p1-ip-port-config-parser.patch
 Patch922: openssh-6.8p1-sshdT-output.patch
 # Add sftp option to force mode of created files (#1191055)
 Patch926: openssh-6.7p1-sftp-force-permission.patch
-# Memory problems
-# https://bugzilla.mindrot.org/show_bug.cgi?id=2401
-Patch928: openssh-6.8p1-memory-problems.patch
 # Restore compatible default (#89216)
 Patch929: openssh-6.9p1-permit-root-login.patch
 # Add GSSAPIKexAlgorithms option for server and client application
@@ -228,8 +226,6 @@ Patch948: openssh-7.4p1-systemd.patch
 Patch949: openssh-7.6p1-cleanup-selinux.patch
 # Sandbox adjustments for s390 and audit
 Patch950: openssh-7.5p1-sandbox.patch
-# PermitOpen bug in OpenSSH 7.6:
-Patch951: openssh-7.6p1-permitopen-bug.patch
 
 
 License: BSD
@@ -276,6 +272,8 @@ BuildRequires: audit-libs >= 1.0.8
 %endif
 
 BuildRequires: xauth
+# for tarball signature verification
+BuildRequires: gnupg2
 
 %package clients
 Summary: An open source SSH client applications
@@ -378,6 +376,7 @@ remote ssh-agent instance.
 The module is most useful for su and sudo service stacks.
 
 %prep
+gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0}
 %setup -q -a 4
 #Do not enable by default
 %if 0
@@ -441,7 +440,6 @@ popd
 %patch802 -p1 -b .GSSAPIEnablek5users
 %patch922 -p1 -b .sshdt
 %patch926 -p1 -b .sftp-force-mode
-%patch928 -p1 -b .memory
 %patch929 -p1 -b .root-login
 %patch932 -p1 -b .gsskexalg
 %patch933 -p1 -b .fingerprint
@@ -451,7 +449,6 @@ popd
 %patch807 -p1 -b .gsskex-ec
 %patch949 -p1 -b .refactor
 %patch950 -p1 -b .sandbox
-%patch951 -p1 -b .permitOpen
 
 %patch200 -p1 -b .audit
 %patch201 -p1 -b .audit-race

pam_ssh_agent_auth-0.9.3-agent_structure.patch

@@ -154,3 +154,15 @@ diff -up openssh/pam_ssh_agent_auth-0.10.3/userauth_pubkey_from_id.c.psaa-agent
          goto user_auth_clean_exit;
  
      /* test for correct signature */
+diff -up openssh-7.7p1/pam_ssh_agent_auth-0.10.3/userauth_pubkey_from_id.c.psaa-sshkey openssh-7.7p1/pam_ssh_agent_auth-0.10.3/userauth_pubkey_from_id.c
+--- openssh-7.7p1/pam_ssh_agent_auth-0.10.3/userauth_pubkey_from_id.c.psaa-sshkey	2018-04-04 13:55:02.383899631 +0200
++++ openssh-7.7p1/pam_ssh_agent_auth-0.10.3/userauth_pubkey_from_id.c	2018-04-04 13:58:36.759339845 +0200
+@@ -89,7 +89,7 @@ userauth_pubkey_from_id(const char *ruse
+         goto user_auth_clean_exit;
+ 
+     /* test for correct signature */
+-    if(key_verify(id->key, sig, slen, buffer_ptr(&b), buffer_len(&b)) == 1)
++    if(sshkey_verify(id->key, sig, slen, buffer_ptr(&b), buffer_len(&b), NULL, 0) == 0)
+         authenticated = 1;
+ 
+   user_auth_clean_exit:

sources

@@ -1,2 +1,4 @@
-SHA512 (openssh-7.6p1.tar.gz) = de17fdcb8239401f76740c8d689a8761802f6df94e68d953f3c70b9f4f8bdb403617c48c1d01cc8c368d88e9d50aee540bf03d5a36687dfb39dfd28d73029d72
+SHA512 (openssh-7.7p1.tar.gz) = 597252cb48209a0cb98ca1928a67e8d63e4275252f25bc37269204c108f034baade6ba0634e32ae63422fddd280f73096a6b31ad2f2e7a848dde75ca30e14261
+SHA512 (openssh-7.7p1.tar.gz.asc) = 9445a589a84538fb0b4eae0f7bf6ce46def51b09254d6fffcc6ed64472f10ccf9e4d5d200387725043039d77ca886e2c8e8f3128e7969c582156fafb0783988d
+SHA512 (DJM-GPG-KEY.gpg) = db1191ed9b6495999e05eed2ef863fb5179bdb63e94850f192dad68eed8579836f88fbcfffd9f28524fe1457aff8cd248ee3e0afc112c8f609b99a34b80ecc0d
 SHA512 (pam_ssh_agent_auth-0.10.3.tar.bz2) = d75062c4e46b0b011f46aed9704a99049995fea8b5115ff7ee26dad7e93cbcf54a8af7efc6b521109d77dc03c6f5284574d2e1b84c6829cec25610f24fb4bd66