Ajouté ce que ça prend pour Squeeze
[sftp.git] / openssh-5.5p1-hpn13v9.diff.auf-patch
1 --- openssh-5.5p1-hpn13v9.diff.orig     2012-11-25 21:59:11.262388427 +0000
2 +++ openssh-5.5p1-hpn13v9.diff.auf      2012-11-25 21:52:24.462402816 +0000
3 @@ -1,6 +1,6 @@
4  diff -NupwB canonical-openssh5.5/auth2.c kitchensink-openssh5.5/auth2.c
5 ---- canonical-openssh5.5/auth2.c       2010-06-08 17:17:08.000000000 -0400
6 -+++ kitchensink-openssh5.5/auth2.c     2010-06-08 17:20:56.000000000 -0400
7 +--- canonical-openssh5.5/auth2.c       2012-11-25 21:46:51.000000000 +0000
8 ++++ kitchensink-openssh5.5/auth2.c     2012-11-25 21:46:19.000000000 +0000
9  @@ -49,6 +49,7 @@
10   #include "dispatch.h"
11   #include "pathnames.h"
12 @@ -9,7 +9,7 @@
13   
14   #ifdef GSSAPI
15   #include "ssh-gss.h"
16 -@@ -75,6 +76,9 @@ extern Authmethod method_gssapi;
17 +@@ -76,6 +77,9 @@ extern Authmethod method_gssapi;
18   extern Authmethod method_jpake;
19   #endif
20   
21 @@ -19,7 +19,7 @@
22   Authmethod *authmethods[] = {
23         &method_none,
24         &method_pubkey,
25 -@@ -225,6 +229,11 @@ input_userauth_request(int type, u_int32
26 +@@ -227,6 +231,11 @@ input_userauth_request(int type, u_int32
27         service = packet_get_string(NULL);
28         method = packet_get_string(NULL);
29         debug("userauth-request for user %s service %s method %s", user, service, method);
30 @@ -30,10 +30,10 @@
31  +      }
32         debug("attempt %d failures %d", authctxt->attempt, authctxt->failures);
33   
34 -       if ((style = strchr(user, ':')) != NULL)
35 +       if ((role = strchr(user, '/')) != NULL)
36  diff -NupwB canonical-openssh5.5/buffer.c kitchensink-openssh5.5/buffer.c
37 ---- canonical-openssh5.5/buffer.c      2010-06-08 17:17:08.000000000 -0400
38 -+++ kitchensink-openssh5.5/buffer.c    2010-06-08 17:20:56.000000000 -0400
39 +--- canonical-openssh5.5/buffer.c      2010-02-11 22:23:40.000000000 +0000
40 ++++ kitchensink-openssh5.5/buffer.c    2012-11-25 21:46:19.000000000 +0000
41  @@ -127,7 +127,7 @@ restart:
42   
43         /* Increase the size of the buffer and retry. */
44 @@ -44,8 +44,8 @@
45                     newlen);
46         buffer->buf = xrealloc(buffer->buf, 1, newlen);
47  diff -NupwB canonical-openssh5.5/buffer.h kitchensink-openssh5.5/buffer.h
48 ---- canonical-openssh5.5/buffer.h      2010-06-08 17:17:08.000000000 -0400
49 -+++ kitchensink-openssh5.5/buffer.h    2010-06-08 17:20:56.000000000 -0400
50 +--- canonical-openssh5.5/buffer.h      2010-02-11 22:23:40.000000000 +0000
51 ++++ kitchensink-openssh5.5/buffer.h    2012-11-25 21:46:19.000000000 +0000
52  @@ -16,6 +16,9 @@
53   #ifndef BUFFER_H
54   #define BUFFER_H
55 @@ -57,8 +57,8 @@
56         u_char  *buf;           /* Buffer for data. */
57         u_int    alloc;         /* Number of bytes allocated for data. */
58  diff -NupwB canonical-openssh5.5/channels.c kitchensink-openssh5.5/channels.c
59 ---- canonical-openssh5.5/channels.c    2010-06-08 17:17:08.000000000 -0400
60 -+++ kitchensink-openssh5.5/channels.c  2010-06-08 17:20:56.000000000 -0400
61 +--- canonical-openssh5.5/channels.c    2010-03-26 00:09:45.000000000 +0000
62 ++++ kitchensink-openssh5.5/channels.c  2012-11-25 21:46:19.000000000 +0000
63  @@ -170,8 +170,14 @@ static void port_open_helper(Channel *c,
64   static int connect_next(struct channel_connect *);
65   static void channel_connect_ctx_free(struct channel_connect *);
66 @@ -240,8 +240,8 @@
67                 (*chanids)[n] = nc->self;
68         }
69  diff -NupwB canonical-openssh5.5/channels.h kitchensink-openssh5.5/channels.h
70 ---- canonical-openssh5.5/channels.h    2010-06-08 17:17:08.000000000 -0400
71 -+++ kitchensink-openssh5.5/channels.h  2010-06-08 17:20:56.000000000 -0400
72 +--- canonical-openssh5.5/channels.h    2010-01-26 02:26:22.000000000 +0000
73 ++++ kitchensink-openssh5.5/channels.h  2012-11-25 21:46:19.000000000 +0000
74  @@ -124,8 +124,10 @@ struct Channel {
75         u_int   local_window_max;
76         u_int   local_consumed;
77 @@ -267,7 +267,7 @@
78   #define CHAN_X11_PACKET_DEFAULT       (16*1024)
79   #define CHAN_X11_WINDOW_DEFAULT       (4*CHAN_X11_PACKET_DEFAULT)
80   
81 -@@ -235,7 +239,7 @@ void        channel_input_status_confirm(int, 
82 +@@ -235,7 +239,7 @@ void        channel_input_status_confirm(int,
83   
84   void   channel_prepare_select(fd_set **, fd_set **, int *, u_int*, int);
85   void     channel_after_select(fd_set *, fd_set *);
86 @@ -285,8 +285,8 @@
87  +
88   #endif
89  diff -NupwB canonical-openssh5.5/cipher.c kitchensink-openssh5.5/cipher.c
90 ---- canonical-openssh5.5/cipher.c      2010-06-08 17:17:08.000000000 -0400
91 -+++ kitchensink-openssh5.5/cipher.c    2010-06-08 17:20:56.000000000 -0400
92 +--- canonical-openssh5.5/cipher.c      2009-01-28 05:38:41.000000000 +0000
93 ++++ kitchensink-openssh5.5/cipher.c    2012-11-25 21:46:19.000000000 +0000
94  @@ -55,6 +55,7 @@ extern const EVP_CIPHER *evp_ssh1_bf(voi
95   extern const EVP_CIPHER *evp_ssh1_3des(void);
96   extern void ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int);
97 @@ -335,8 +335,8 @@
98         case SSH_CIPHER_DES:
99         case SSH_CIPHER_BLOWFISH:
100  diff -NupwB canonical-openssh5.5/cipher-ctr-mt.c kitchensink-openssh5.5/cipher-ctr-mt.c
101 ---- canonical-openssh5.5/cipher-ctr-mt.c       1969-12-31 19:00:00.000000000 -0500
102 -+++ kitchensink-openssh5.5/cipher-ctr-mt.c     2010-06-08 17:20:56.000000000 -0400
103 +--- canonical-openssh5.5/cipher-ctr-mt.c       1970-01-01 00:00:00.000000000 +0000
104 ++++ kitchensink-openssh5.5/cipher-ctr-mt.c     2012-11-25 21:46:19.000000000 +0000
105  @@ -0,0 +1,473 @@
106  +/*
107  + * OpenSSH Multi-threaded AES-CTR Cipher
108 @@ -812,9 +812,9 @@
109  +      return (&aes_ctr);
110  +}
111  diff -NupwB canonical-openssh5.5/clientloop.c kitchensink-openssh5.5/clientloop.c
112 ---- canonical-openssh5.5/clientloop.c  2010-06-08 17:17:08.000000000 -0400
113 -+++ kitchensink-openssh5.5/clientloop.c        2010-06-08 17:20:56.000000000 -0400
114 -@@ -1701,9 +1701,15 @@ client_request_x11(const char *request_t
115 +--- canonical-openssh5.5/clientloop.c  2012-11-25 21:46:51.000000000 +0000
116 ++++ kitchensink-openssh5.5/clientloop.c        2012-11-25 21:46:19.000000000 +0000
117 +@@ -1721,9 +1721,15 @@ client_request_x11(const char *request_t
118         sock = x11_connect_display();
119         if (sock < 0)
120                 return NULL;
121 @@ -830,24 +830,24 @@
122         c->force_drain = 1;
123         return c;
124   }
125 -@@ -1723,9 +1729,15 @@ client_request_agent(const char *request
126 +@@ -1743,9 +1749,15 @@ client_request_agent(const char *request
127         sock = ssh_get_authentication_socket();
128         if (sock < 0)
129                 return NULL;
130  +      if (options.hpn_disabled) 
131 -       c = channel_new("authentication agent connection",
132 -           SSH_CHANNEL_OPEN, sock, sock, -1,
133 --          CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0,
134 ++      c = channel_new("authentication agent connection",
135 ++          SSH_CHANNEL_OPEN, sock, sock, -1,
136  +                  CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0,
137  +                  "authentication agent connection", 1);
138  +       else
139 -+      c = channel_new("authentication agent connection",
140 -+          SSH_CHANNEL_OPEN, sock, sock, -1,
141 +       c = channel_new("authentication agent connection",
142 +           SSH_CHANNEL_OPEN, sock, sock, -1,
143 +-          CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0,
144  +                   options.hpn_buffer_size, options.hpn_buffer_size, 0,
145             "authentication agent connection", 1);
146         c->force_drain = 1;
147         return c;
148 -@@ -1753,10 +1765,18 @@ client_request_tun_fwd(int tun_mode, int
149 +@@ -1773,10 +1785,18 @@ client_request_tun_fwd(int tun_mode, int
150                 return -1;
151         }
152   
153 @@ -868,8 +868,8 @@
154         if (options.tun_open == SSH_TUNMODE_POINTOPOINT)
155                 channel_register_filter(c->self, sys_tun_infilter,
156  diff -NupwB canonical-openssh5.5/compat.c kitchensink-openssh5.5/compat.c
157 ---- canonical-openssh5.5/compat.c      2010-06-08 17:17:08.000000000 -0400
158 -+++ kitchensink-openssh5.5/compat.c    2010-06-08 17:20:56.000000000 -0400
159 +--- canonical-openssh5.5/compat.c      2008-11-03 08:20:14.000000000 +0000
160 ++++ kitchensink-openssh5.5/compat.c    2012-11-25 21:46:19.000000000 +0000
161  @@ -170,6 +170,15 @@ compat_datafellows(const char *version)
162                     strlen(check[i].pat), 0) == 1) {
163                         debug("match: %s pat %s", version, check[i].pat);
164 @@ -887,8 +887,8 @@
165                 }
166         }
167  diff -NupwB canonical-openssh5.5/compat.h kitchensink-openssh5.5/compat.h
168 ---- canonical-openssh5.5/compat.h      2010-06-08 17:17:08.000000000 -0400
169 -+++ kitchensink-openssh5.5/compat.h    2010-06-08 17:20:56.000000000 -0400
170 +--- canonical-openssh5.5/compat.h      2008-11-03 08:20:14.000000000 +0000
171 ++++ kitchensink-openssh5.5/compat.h    2012-11-25 21:46:19.000000000 +0000
172  @@ -58,6 +58,7 @@
173   #define SSH_OLD_FORWARD_ADDR  0x01000000
174   #define SSH_BUG_RFWD_ADDR     0x02000000
175 @@ -898,9 +898,10 @@
176   void     enable_compat13(void);
177   void     enable_compat20(void);
178  Common subdirectories: canonical-openssh5.5/contrib and kitchensink-openssh5.5/contrib
179 +Common subdirectories: canonical-openssh5.5/debian and kitchensink-openssh5.5/debian
180  diff -NupwB canonical-openssh5.5/HPN-README kitchensink-openssh5.5/HPN-README
181 ---- canonical-openssh5.5/HPN-README    1969-12-31 19:00:00.000000000 -0500
182 -+++ kitchensink-openssh5.5/HPN-README  2010-06-08 17:20:56.000000000 -0400
183 +--- canonical-openssh5.5/HPN-README    1970-01-01 00:00:00.000000000 +0000
184 ++++ kitchensink-openssh5.5/HPN-README  2012-11-25 21:46:19.000000000 +0000
185  @@ -0,0 +1,128 @@
186  +Notes:
187  +
188 @@ -1031,17 +1032,17 @@
189  +         by Cisco System, Inc., the National Library of Medicine, 
190  +       and the National Science Foundation. 
191  diff -NupwB canonical-openssh5.5/kex.c kitchensink-openssh5.5/kex.c
192 ---- canonical-openssh5.5/kex.c 2010-06-08 17:17:08.000000000 -0400
193 -+++ kitchensink-openssh5.5/kex.c       2010-06-08 17:20:56.000000000 -0400
194 +--- canonical-openssh5.5/kex.c 2012-11-25 21:46:51.000000000 +0000
195 ++++ kitchensink-openssh5.5/kex.c       2012-11-25 21:46:19.000000000 +0000
196  @@ -49,6 +49,7 @@
197   #include "dispatch.h"
198   #include "monitor.h"
199   #include "roaming.h"
200  +#include "canohost.h"
201   
202 - #if OPENSSL_VERSION_NUMBER >= 0x00907000L
203 - # if defined(HAVE_EVP_SHA256)
204 -@@ -63,7 +64,8 @@ static void kex_kexinit_finish(Kex *);
205 + #ifdef GSSAPI
206 + #include "ssh-gss.h"
207 +@@ -67,7 +68,8 @@ static void kex_kexinit_finish(Kex *);
208   static void kex_choose_conf(Kex *);
209   
210   /* put algorithm proposal into buffer */
211 @@ -1051,7 +1052,7 @@
212   kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX])
213   {
214         u_int i;
215 -@@ -375,6 +377,13 @@ kex_choose_conf(Kex *kex)
216 +@@ -393,6 +395,13 @@ kex_choose_conf(Kex *kex)
217         int nenc, nmac, ncomp;
218         u_int mode, ctos, need;
219         int first_kex_follows, type;
220 @@ -1065,7 +1066,7 @@
221   
222         my   = kex_buf2prop(&kex->my, NULL);
223         peer = kex_buf2prop(&kex->peer, &first_kex_follows);
224 -@@ -409,11 +418,34 @@ kex_choose_conf(Kex *kex)
225 +@@ -427,11 +436,34 @@ kex_choose_conf(Kex *kex)
226                 choose_enc (&newkeys->enc,  cprop[nenc],  sprop[nenc]);
227                 choose_mac (&newkeys->mac,  cprop[nmac],  sprop[nmac]);
228                 choose_comp(&newkeys->comp, cprop[ncomp], sprop[ncomp]);
229 @@ -1101,9 +1102,9 @@
230         choose_kex(kex, cprop[PROPOSAL_KEX_ALGS], sprop[PROPOSAL_KEX_ALGS]);
231         choose_hostkeyalg(kex, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS],
232  diff -NupwB canonical-openssh5.5/kex.h kitchensink-openssh5.5/kex.h
233 ---- canonical-openssh5.5/kex.h 2010-06-08 17:17:08.000000000 -0400
234 -+++ kitchensink-openssh5.5/kex.h       2010-06-08 17:20:56.000000000 -0400
235 -@@ -132,6 +132,8 @@ struct Kex {
236 +--- canonical-openssh5.5/kex.h 2012-11-25 21:46:51.000000000 +0000
237 ++++ kitchensink-openssh5.5/kex.h       2012-11-25 21:46:19.000000000 +0000
238 +@@ -141,6 +141,8 @@ struct Kex {
239         void    (*kex[KEX_MAX])(Kex *);
240   };
241   
242 @@ -1113,9 +1114,9 @@
243   void   kex_finish(Kex *);
244   
245  diff -NupwB canonical-openssh5.5/Makefile.in kitchensink-openssh5.5/Makefile.in
246 ---- canonical-openssh5.5/Makefile.in   2010-06-08 17:17:08.000000000 -0400
247 -+++ kitchensink-openssh5.5/Makefile.in 2010-06-08 17:20:56.000000000 -0400
248 -@@ -45,7 +45,7 @@ CC=@CC@
249 +--- canonical-openssh5.5/Makefile.in   2012-11-25 21:46:51.000000000 +0000
250 ++++ kitchensink-openssh5.5/Makefile.in 2012-11-25 21:46:19.000000000 +0000
251 +@@ -47,7 +47,7 @@ CC=@CC@
252   LD=@LD@
253   CFLAGS=@CFLAGS@
254   CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
255 @@ -1124,7 +1125,7 @@
256   SSHDLIBS=@SSHDLIBS@
257   LIBEDIT=@LIBEDIT@
258   AR=@AR@
259 -@@ -66,7 +66,7 @@ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-a
260 +@@ -68,7 +68,7 @@ TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-a
261   
262   LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o bufbn.o buffer.o \
263         canohost.o channels.o cipher.o cipher-acss.o cipher-aes.o \
264 @@ -1134,8 +1135,8 @@
265         log.o match.o md-sha256.o moduli.o nchan.o packet.o \
266         readpass.o rsa.o ttymodes.o xmalloc.o addrmatch.o \
267  diff -NupwB canonical-openssh5.5/myproposal.h kitchensink-openssh5.5/myproposal.h
268 ---- canonical-openssh5.5/myproposal.h  2010-06-08 17:17:08.000000000 -0400
269 -+++ kitchensink-openssh5.5/myproposal.h        2010-06-08 17:20:56.000000000 -0400
270 +--- canonical-openssh5.5/myproposal.h  2010-02-26 20:55:05.000000000 +0000
271 ++++ kitchensink-openssh5.5/myproposal.h        2012-11-25 21:46:19.000000000 +0000
272  @@ -49,6 +49,8 @@
273         "arcfour256,arcfour128," \
274         "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \
275 @@ -1147,8 +1148,8 @@
276         "hmac-ripemd160@openssh.com," \
277  Common subdirectories: canonical-openssh5.5/openbsd-compat and kitchensink-openssh5.5/openbsd-compat
278  diff -NupwB canonical-openssh5.5/packet.c kitchensink-openssh5.5/packet.c
279 ---- canonical-openssh5.5/packet.c      2010-06-08 17:17:08.000000000 -0400
280 -+++ kitchensink-openssh5.5/packet.c    2010-06-08 17:20:56.000000000 -0400
281 +--- canonical-openssh5.5/packet.c      2009-10-02 01:49:04.000000000 +0000
282 ++++ kitchensink-openssh5.5/packet.c    2012-11-25 21:46:19.000000000 +0000
283  @@ -835,7 +835,7 @@ packet_enable_delayed_compress(void)
284   /*
285    * Finalize packet in SSH2 format (compress, mac, encrypt, enqueue)
286 @@ -1286,8 +1287,8 @@
287  +      return(active_state->after_authentication);
288  +}
289  diff -NupwB canonical-openssh5.5/packet.h kitchensink-openssh5.5/packet.h
290 ---- canonical-openssh5.5/packet.h      2010-06-08 17:17:08.000000000 -0400
291 -+++ kitchensink-openssh5.5/packet.h    2010-06-08 17:20:56.000000000 -0400
292 +--- canonical-openssh5.5/packet.h      2009-07-05 21:11:13.000000000 +0000
293 ++++ kitchensink-openssh5.5/packet.h    2012-11-25 21:46:19.000000000 +0000
294  @@ -20,6 +20,9 @@
295   
296   #include <openssl/bn.h>
297 @@ -1324,9 +1325,10 @@
298   void     packet_write_wait(void);
299   int      packet_have_data_to_write(void);
300   int      packet_not_very_much_data_to_write(void);
301 +Common subdirectories: canonical-openssh5.5/.pc and kitchensink-openssh5.5/.pc
302  diff -NupwB canonical-openssh5.5/progressmeter.c kitchensink-openssh5.5/progressmeter.c
303 ---- canonical-openssh5.5/progressmeter.c       2010-06-08 17:17:08.000000000 -0400
304 -+++ kitchensink-openssh5.5/progressmeter.c     2010-06-08 17:20:56.000000000 -0400
305 +--- canonical-openssh5.5/progressmeter.c       2006-08-05 02:39:40.000000000 +0000
306 ++++ kitchensink-openssh5.5/progressmeter.c     2012-11-25 21:46:19.000000000 +0000
307  @@ -68,6 +68,8 @@ static time_t last_update;   /* last progr
308   static char *file;            /* name of the file being transferred */
309   static off_t end_pos;         /* ending position of transfer */
310 @@ -1398,18 +1400,18 @@
311   
312   /*ARGSUSED*/
313  diff -NupwB canonical-openssh5.5/readconf.c kitchensink-openssh5.5/readconf.c
314 ---- canonical-openssh5.5/readconf.c    2010-06-08 17:17:08.000000000 -0400
315 -+++ kitchensink-openssh5.5/readconf.c  2010-06-08 17:20:56.000000000 -0400
316 -@@ -131,6 +131,8 @@ typedef enum {
317 -       oSendEnv, oControlPath, oControlMaster, oHashKnownHosts,
318 +--- canonical-openssh5.5/readconf.c    2012-11-25 21:46:51.000000000 +0000
319 ++++ kitchensink-openssh5.5/readconf.c  2012-11-25 21:46:19.000000000 +0000
320 +@@ -136,6 +136,8 @@ typedef enum {
321         oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
322         oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
323 +       oProtocolKeepAlives, oSetupTimeOut,
324  +      oNoneEnabled, oTcpRcvBufPoll, oTcpRcvBuf, oNoneSwitch, oHPNDisabled,
325  +      oHPNBufferSize,
326         oDeprecated, oUnsupported
327   } OpCodes;
328   
329 -@@ -237,6 +239,12 @@ static struct {
330 +@@ -251,6 +253,12 @@ static struct {
331   #else
332         { "zeroknowledgepasswordauthentication", oUnsupported },
333   #endif
334 @@ -1419,10 +1421,10 @@
335  +      { "noneswitch", oNoneSwitch },
336  +      { "hpndisabled", oHPNDisabled },
337  +      { "hpnbuffersize", oHPNBufferSize },
338 +       { "protocolkeepalives", oProtocolKeepAlives },
339 +       { "setuptimeout", oSetupTimeOut },
340   
341 -       { NULL, oBadOption }
342 - };
343 -@@ -468,6 +476,37 @@ parse_flag:
344 +@@ -504,6 +512,37 @@ parse_flag:
345                 intptr = &options->check_host_ip;
346                 goto parse_flag;
347   
348 @@ -1460,7 +1462,7 @@
349         case oVerifyHostKeyDNS:
350                 intptr = &options->verify_host_key_dns;
351                 goto parse_yesnoask;
352 -@@ -646,6 +685,10 @@ parse_int:
353 +@@ -682,6 +721,10 @@ parse_int:
354                 intptr = &options->connection_attempts;
355                 goto parse_int;
356   
357 @@ -1471,7 +1473,7 @@
358         case oCipher:
359                 intptr = &options->cipher;
360                 arg = strdelim(&s);
361 -@@ -1073,6 +1116,12 @@ initialize_options(Options * options)
362 +@@ -1115,6 +1158,12 @@ initialize_options(Options * options)
363         options->use_roaming = -1;
364         options->visual_host_key = -1;
365         options->zero_knowledge_password_authentication = -1;
366 @@ -1484,8 +1486,8 @@
367   }
368   
369   /*
370 -@@ -1195,6 +1244,29 @@ fill_default_options(Options * options)
371 -               options->server_alive_interval = 0;
372 +@@ -1250,6 +1299,29 @@ fill_default_options(Options * options)
373 +       }
374         if (options->server_alive_count_max == -1)
375                 options->server_alive_count_max = 3;
376  +      if (options->none_switch == -1)
377 @@ -1515,9 +1517,9 @@
378                 options->control_master = 0;
379         if (options->hash_known_hosts == -1)
380  diff -NupwB canonical-openssh5.5/readconf.h kitchensink-openssh5.5/readconf.h
381 ---- canonical-openssh5.5/readconf.h    2010-06-08 17:17:08.000000000 -0400
382 -+++ kitchensink-openssh5.5/readconf.h  2010-06-08 17:20:56.000000000 -0400
383 -@@ -57,6 +57,11 @@ typedef struct {
384 +--- canonical-openssh5.5/readconf.h    2012-11-25 21:46:51.000000000 +0000
385 ++++ kitchensink-openssh5.5/readconf.h  2012-11-25 21:46:19.000000000 +0000
386 +@@ -62,6 +62,11 @@ typedef struct {
387         int     compression_level;      /* Compression level 1 (fast) to 9
388                                          * (best). */
389         int     tcp_keep_alive; /* Set SO_KEEPALIVE. */
390 @@ -1529,7 +1531,7 @@
391         LogLevel log_level;     /* Level for logging. */
392   
393         int     port;           /* Port to connect. */
394 -@@ -102,6 +107,8 @@ typedef struct {
395 +@@ -107,6 +112,8 @@ typedef struct {
396   
397         int     enable_ssh_keysign;
398         int64_t rekey_limit;
399 @@ -1541,9 +1543,9 @@
400  Common subdirectories: canonical-openssh5.5/regress and kitchensink-openssh5.5/regress
401  Common subdirectories: canonical-openssh5.5/scard and kitchensink-openssh5.5/scard
402  diff -NupwB canonical-openssh5.5/scp.c kitchensink-openssh5.5/scp.c
403 ---- canonical-openssh5.5/scp.c 2010-06-08 17:17:08.000000000 -0400
404 -+++ kitchensink-openssh5.5/scp.c       2010-06-08 17:20:56.000000000 -0400
405 -@@ -639,7 +639,7 @@ source(int argc, char **argv)
406 +--- canonical-openssh5.5/scp.c 2012-11-25 21:46:51.000000000 +0000
407 ++++ kitchensink-openssh5.5/scp.c       2012-11-25 21:46:19.000000000 +0000
408 +@@ -647,7 +647,7 @@ source(int argc, char **argv)
409         off_t i, statbytes;
410         size_t amt;
411         int fd = -1, haderr, indx;
412 @@ -1552,7 +1554,7 @@
413         int len;
414   
415         for (indx = 0; indx < argc; ++indx) {
416 -@@ -875,7 +875,7 @@ sink(int argc, char **argv)
417 +@@ -883,7 +883,7 @@ sink(int argc, char **argv)
418         mode_t mode, omode, mask;
419         off_t size, statbytes;
420         int setimes, targisdir, wrerrno = 0;
421 @@ -1562,12 +1564,12 @@
422   
423   #define       atime   tv[0]
424  diff -NupwB canonical-openssh5.5/servconf.c kitchensink-openssh5.5/servconf.c
425 ---- canonical-openssh5.5/servconf.c    2010-06-08 17:17:08.000000000 -0400
426 -+++ kitchensink-openssh5.5/servconf.c  2010-06-08 17:20:56.000000000 -0400
427 -@@ -131,11 +131,21 @@ initialize_server_options(ServerOptions 
428 -       options->zero_knowledge_password_authentication = -1;
429 +--- canonical-openssh5.5/servconf.c    2012-11-25 21:46:51.000000000 +0000
430 ++++ kitchensink-openssh5.5/servconf.c  2012-11-25 21:46:19.000000000 +0000
431 +@@ -136,11 +136,21 @@ initialize_server_options(ServerOptions
432         options->revoked_keys_file = NULL;
433         options->trusted_user_ca_keys = NULL;
434 +       options->debian_banner = -1;
435  +      options->none_enabled = -1;
436  +      options->tcp_rcv_buf_poll = -1;
437  +      options->hpn_disabled = -1;
438 @@ -1586,9 +1588,9 @@
439         /* Portable-specific options */
440         if (options->use_pam == -1)
441                 options->use_pam = 0;
442 -@@ -266,6 +276,42 @@ fill_default_server_options(ServerOption
443 -       if (options->zero_knowledge_password_authentication == -1)
444 -               options->zero_knowledge_password_authentication = 0;
445 +@@ -281,6 +291,42 @@ fill_default_server_options(ServerOption
446 +       if (options->debian_banner == -1)
447 +               options->debian_banner = 1;
448   
449  +      if (options->hpn_disabled == -1) 
450  +              options->hpn_disabled = 0;
451 @@ -1629,18 +1631,18 @@
452         /* Turn privilege separation on by default */
453         if (use_privsep == -1)
454                 use_privsep = 1;
455 -@@ -311,6 +357,7 @@ typedef enum {
456 -       sUsePrivilegeSeparation, sAllowAgentForwarding,
457 +@@ -329,6 +375,7 @@ typedef enum {
458         sZeroKnowledgePasswordAuthentication, sHostCertificate,
459         sRevokedKeys, sTrustedUserCAKeys,
460 +       sDebianBanner,
461  +      sNoneEnabled, sTcpRcvBufPoll, sHPNDisabled, sHPNBufferSize,
462         sDeprecated, sUnsupported
463   } ServerOpCodes;
464   
465 -@@ -432,6 +479,10 @@ static struct {
466 -       { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL },
467 +@@ -462,6 +509,10 @@ static struct {
468         { "revokedkeys", sRevokedKeys, SSHCFG_ALL },
469         { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
470 +       { "debianbanner", sDebianBanner, SSHCFG_GLOBAL },
471  +      { "noneenabled", sNoneEnabled },
472  +      { "hpndisabled", sHPNDisabled },
473  +      { "hpnbuffersize", sHPNBufferSize },
474 @@ -1648,7 +1650,7 @@
475         { NULL, sBadOption, 0 }
476   };
477   
478 -@@ -458,6 +509,7 @@ parse_token(const char *cp, const char *
479 +@@ -488,6 +539,7 @@ parse_token(const char *cp, const char *
480   
481         for (i = 0; keywords[i].name; i++)
482                 if (strcasecmp(cp, keywords[i].name) == 0) {
483 @@ -1656,7 +1658,7 @@
484                         *flags = keywords[i].flags;
485                         return keywords[i].opcode;
486                 }
487 -@@ -880,6 +932,22 @@ process_server_config_line(ServerOptions
488 +@@ -910,6 +962,22 @@ process_server_config_line(ServerOptions
489                         *intptr = value;
490                 break;
491   
492 @@ -1680,9 +1682,9 @@
493                 intptr = &options->ignore_user_known_hosts;
494                 goto parse_flag;
495  diff -NupwB canonical-openssh5.5/servconf.h kitchensink-openssh5.5/servconf.h
496 ---- canonical-openssh5.5/servconf.h    2010-06-08 17:17:08.000000000 -0400
497 -+++ kitchensink-openssh5.5/servconf.h  2010-06-08 17:20:56.000000000 -0400
498 -@@ -148,6 +148,10 @@ typedef struct {
499 +--- canonical-openssh5.5/servconf.h    2012-11-25 21:46:51.000000000 +0000
500 ++++ kitchensink-openssh5.5/servconf.h  2012-11-25 21:46:19.000000000 +0000
501 +@@ -152,6 +152,10 @@ typedef struct {
502         char   *adm_forced_command;
503   
504         int     use_pam;                /* Enable auth via PAM */
505 @@ -1694,8 +1696,8 @@
506         int     permit_tun;
507   
508  diff -NupwB canonical-openssh5.5/serverloop.c kitchensink-openssh5.5/serverloop.c
509 ---- canonical-openssh5.5/serverloop.c  2010-06-08 17:17:08.000000000 -0400
510 -+++ kitchensink-openssh5.5/serverloop.c        2010-06-08 17:20:56.000000000 -0400
511 +--- canonical-openssh5.5/serverloop.c  2012-11-25 21:46:51.000000000 +0000
512 ++++ kitchensink-openssh5.5/serverloop.c        2012-11-25 21:46:19.000000000 +0000
513  @@ -94,10 +94,10 @@ static int fdin;           /* Descriptor for stdi
514   static int fdout;             /* Descriptor for stdout (for reading);
515                                    May be same number as fdin. */
516 @@ -1803,8 +1805,8 @@
517                 debug("session open failed, free channel %d", c->self);
518                 channel_free(c);
519  diff -NupwB canonical-openssh5.5/session.c kitchensink-openssh5.5/session.c
520 ---- canonical-openssh5.5/session.c     2010-06-08 17:17:08.000000000 -0400
521 -+++ kitchensink-openssh5.5/session.c   2010-06-08 17:20:56.000000000 -0400
522 +--- canonical-openssh5.5/session.c     2010-03-26 00:04:09.000000000 +0000
523 ++++ kitchensink-openssh5.5/session.c   2012-11-25 21:46:19.000000000 +0000
524  @@ -231,6 +231,7 @@ auth_input_request_forwarding(struct pas
525         }
526   
527 @@ -1831,8 +1833,8 @@
528   
529   /*
530  diff -NupwB canonical-openssh5.5/sftp.1 kitchensink-openssh5.5/sftp.1
531 ---- canonical-openssh5.5/sftp.1        2010-06-08 17:17:08.000000000 -0400
532 -+++ kitchensink-openssh5.5/sftp.1      2010-06-08 17:20:56.000000000 -0400
533 +--- canonical-openssh5.5/sftp.1        2010-02-11 22:21:03.000000000 +0000
534 ++++ kitchensink-openssh5.5/sftp.1      2012-11-25 21:46:19.000000000 +0000
535  @@ -234,7 +234,8 @@ diagnostic messages from
536   Specify how many requests may be outstanding at any one time.
537   Increasing this may slightly improve file transfer speed
538 @@ -1844,8 +1846,8 @@
539   Recursively copy entire directories when uploading and downloading.
540   Note that
541  diff -NupwB canonical-openssh5.5/sftp.c kitchensink-openssh5.5/sftp.c
542 ---- canonical-openssh5.5/sftp.c        2010-06-08 17:17:08.000000000 -0400
543 -+++ kitchensink-openssh5.5/sftp.c      2010-06-08 17:20:56.000000000 -0400
544 +--- canonical-openssh5.5/sftp.c        2010-01-27 19:27:54.000000000 +0000
545 ++++ kitchensink-openssh5.5/sftp.c      2012-11-25 21:46:19.000000000 +0000
546  @@ -69,7 +69,7 @@ typedef void EditLine;
547   #include "sftp-client.h"
548   
549 @@ -1856,8 +1858,8 @@
550   /* File to read commands from */
551   FILE* infile;
552  diff -NupwB canonical-openssh5.5/ssh.c kitchensink-openssh5.5/ssh.c
553 ---- canonical-openssh5.5/ssh.c 2010-06-08 17:17:08.000000000 -0400
554 -+++ kitchensink-openssh5.5/ssh.c       2010-06-08 17:20:56.000000000 -0400
555 +--- canonical-openssh5.5/ssh.c 2012-11-25 21:46:51.000000000 +0000
556 ++++ kitchensink-openssh5.5/ssh.c       2012-11-25 21:46:19.000000000 +0000
557  @@ -526,9 +526,6 @@ main(int ac, char **av)
558                         no_shell_flag = 1;
559                         no_tty_flag = 1;
560 @@ -1982,8 +1984,8 @@
561   
562         channel_send_open(c->self);
563  diff -NupwB canonical-openssh5.5/sshconnect2.c kitchensink-openssh5.5/sshconnect2.c
564 ---- canonical-openssh5.5/sshconnect2.c 2010-06-08 17:17:08.000000000 -0400
565 -+++ kitchensink-openssh5.5/sshconnect2.c       2010-06-08 17:20:56.000000000 -0400
566 +--- canonical-openssh5.5/sshconnect2.c 2012-11-25 21:46:51.000000000 +0000
567 ++++ kitchensink-openssh5.5/sshconnect2.c       2012-11-25 21:46:19.000000000 +0000
568  @@ -80,6 +80,12 @@
569   extern char *client_version_string;
570   extern char *server_version_string;
571 @@ -1997,7 +1999,7 @@
572   
573   /*
574    * SSH2 key exchange
575 -@@ -358,6 +364,28 @@ ssh_userauth2(const char *local_user, co
576 +@@ -416,6 +422,28 @@ ssh_userauth2(const char *local_user, co
577         pubkey_cleanup(&authctxt);
578         dispatch_range(SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL);
579   
580 @@ -2027,8 +2029,8 @@
581   }
582   
583  diff -NupwB canonical-openssh5.5/sshconnect.c kitchensink-openssh5.5/sshconnect.c
584 ---- canonical-openssh5.5/sshconnect.c  2010-06-08 17:17:08.000000000 -0400
585 -+++ kitchensink-openssh5.5/sshconnect.c        2010-06-08 17:20:56.000000000 -0400
586 +--- canonical-openssh5.5/sshconnect.c  2012-11-25 21:46:51.000000000 +0000
587 ++++ kitchensink-openssh5.5/sshconnect.c        2012-11-25 21:46:19.000000000 +0000
588  @@ -168,6 +168,31 @@ ssh_proxy_connect(const char *host, u_sh
589   }
590   
591 @@ -2080,19 +2082,10 @@
592         /* Bind the socket to an alternative local IP address */
593         if (options.bind_address == NULL)
594                 return sock;
595 -@@ -542,7 +572,7 @@ ssh_exchange_identification(int timeout_
596 -       snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s%s",
597 -           compat20 ? PROTOCOL_MAJOR_2 : PROTOCOL_MAJOR_1,
598 -           compat20 ? PROTOCOL_MINOR_2 : minor1,
599 --          SSH_VERSION, compat20 ? "\r\n" : "\n");
600 -+          SSH_RELEASE, compat20 ? "\r\n" : "\n");
601 -       if (roaming_atomicio(vwrite, connection_out, buf, strlen(buf))
602 -           != strlen(buf))
603 -               fatal("write: %.100s", strerror(errno));
604  diff -NupwB canonical-openssh5.5/sshd.c kitchensink-openssh5.5/sshd.c
605 ---- canonical-openssh5.5/sshd.c        2010-06-08 17:17:08.000000000 -0400
606 -+++ kitchensink-openssh5.5/sshd.c      2010-06-08 17:20:56.000000000 -0400
607 -@@ -137,6 +137,9 @@ int deny_severity;
608 +--- canonical-openssh5.5/sshd.c        2012-11-25 21:46:51.000000000 +0000
609 ++++ kitchensink-openssh5.5/sshd.c      2012-11-25 21:46:19.000000000 +0000
610 +@@ -141,6 +141,9 @@ int deny_severity;
611   #define REEXEC_CONFIG_PASS_FD         (STDERR_FILENO + 3)
612   #define REEXEC_MIN_FREE_FD            (STDERR_FILENO + 4)
613   
614 @@ -2102,16 +2095,7 @@
615   extern char *__progname;
616   
617   /* Server configuration options. */
618 -@@ -418,7 +421,7 @@ sshd_exchange_identification(int sock_in
619 -               minor = PROTOCOL_MINOR_1;
620 -       }
621 -       snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s%s", major, minor,
622 --          SSH_VERSION, newline);
623 -+          SSH_RELEASE, newline);
624 -       server_version_string = xstrdup(buf);
625
626 -       /* Send our protocol version identification. */
627 -@@ -469,6 +472,9 @@ sshd_exchange_identification(int sock_in
628 +@@ -474,6 +477,9 @@ sshd_exchange_identification(int sock_in
629         }
630         debug("Client protocol version %d.%d; client software version %.100s",
631             remote_major, remote_minor, remote_version);
632 @@ -2121,7 +2105,7 @@
633   
634         compat_datafellows(remote_version);
635   
636 -@@ -988,6 +994,8 @@ server_listen(void)
637 +@@ -993,6 +999,8 @@ server_listen(void)
638         int ret, listen_sock, on = 1;
639         struct addrinfo *ai;
640         char ntop[NI_MAXHOST], strport[NI_MAXSERV];
641 @@ -2130,7 +2114,7 @@
642   
643         for (ai = options.listen_addrs; ai; ai = ai->ai_next) {
644                 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
645 -@@ -1028,6 +1036,11 @@ server_listen(void)
646 +@@ -1033,6 +1041,11 @@ server_listen(void)
647   
648                 debug("Bind to port %s on %s.", strport, ntop);
649   
650 @@ -2142,17 +2126,17 @@
651                 /* Bind the socket to the desired port. */
652                 if (bind(listen_sock, ai->ai_addr, ai->ai_addrlen) < 0) {
653                         error("Bind to port %s on %s failed: %.200s.",
654 -@@ -1909,6 +1922,9 @@ main(int ac, char **av)
655 +@@ -1922,6 +1935,9 @@ main(int ac, char **av)
656         /* Log the connection. */
657         verbose("Connection from %.500s port %d", remote_ip, remote_port);
658   
659  +      /* set the HPN options for the child */
660  +      channel_set_hpn(options.hpn_disabled, options.hpn_buffer_size);
661  +
662 + #ifdef USE_SECURITY_SESSION_API
663         /*
664 -        * We don't want to listen forever unless the other side
665 -        * successfully authenticates itself.  So we set up an alarm which is
666 -@@ -2264,9 +2280,15 @@ do_ssh2_kex(void)
667 +        * Create a new security session for use by the new user login if
668 +@@ -2331,9 +2347,15 @@ do_ssh2_kex(void)
669   {
670         Kex *kex;
671   
672 @@ -2169,9 +2153,9 @@
673         myproposal[PROPOSAL_ENC_ALGS_CTOS] =
674             compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]);
675  diff -NupwB canonical-openssh5.5/sshd_config kitchensink-openssh5.5/sshd_config
676 ---- canonical-openssh5.5/sshd_config   2010-06-08 17:17:08.000000000 -0400
677 -+++ kitchensink-openssh5.5/sshd_config 2010-06-08 17:20:56.000000000 -0400
678 -@@ -110,6 +110,20 @@
679 +--- canonical-openssh5.5/sshd_config   2012-11-25 21:46:51.000000000 +0000
680 ++++ kitchensink-openssh5.5/sshd_config 2012-11-25 21:46:19.000000000 +0000
681 +@@ -113,6 +113,20 @@
682   # override default of no subsystems
683   Subsystem     sftp    /usr/libexec/sftp-server
684   
685 @@ -2193,12 +2177,15 @@
686   #Match User anoncvs
687   #     X11Forwarding no
688  diff -NupwB canonical-openssh5.5/version.h kitchensink-openssh5.5/version.h
689 ---- canonical-openssh5.5/version.h     2010-06-08 17:17:08.000000000 -0400
690 -+++ kitchensink-openssh5.5/version.h   2010-06-08 17:21:14.000000000 -0400
691 -@@ -3,4 +3,5 @@
692 +--- canonical-openssh5.5/version.h     2012-11-25 21:46:51.000000000 +0000
693 ++++ kitchensink-openssh5.5/version.h   2012-11-25 21:46:19.000000000 +0000
694 +@@ -3,7 +3,8 @@
695   #define SSH_VERSION   "OpenSSH_5.5"
696   
697   #define SSH_PORTABLE  "p1"
698 --#define SSH_RELEASE   SSH_VERSION SSH_PORTABLE
699 +-#define SSH_RELEASE_MINIMUM   SSH_VERSION SSH_PORTABLE
700  +#define SSH_HPN         "-hpn13v9"
701 -+#define SSH_RELEASE   SSH_VERSION SSH_PORTABLE SSH_HPN
702 ++#define SSH_RELEASE_MINIMUM   SSH_VERSION SSH_PORTABLE SSH_HPN
703 + #ifdef SSH_EXTRAVERSION
704 + #define SSH_RELEASE   SSH_RELEASE_MINIMUM " " SSH_EXTRAVERSION
705 + #else