Merge remote-tracking branch 'up/master' into master-riscv64

Signed-off-by: David Abdurachmanov <david.abdurachmanov@sifive.com>

.gitignore

@@ -40,3 +40,5 @@ pam_ssh_agent_auth-0.9.2.tar.bz2
 /openssh-8.1p1.tar.gz.asc
 /openssh-8.2p1.tar.gz
 /openssh-8.2p1.tar.gz.asc
+/openssh-8.3p1.tar.gz
+/openssh-8.3p1.tar.gz.asc

openssh-6.6p1-ctr-cavstest.patch

@@ -20,10 +20,10 @@ diff -up openssh-6.8p1/Makefile.in.ctr-cavs openssh-6.8p1/Makefile.in
  	ssh-xmss.o \
 @@ -194,6 +195,9 @@ ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) l
  ssh-keycat$(EXEEXT): $(LIBCOMPAT) $(SSHDOBJS) libssh.a ssh-keycat.o uidswap.o
- 	$(LD) -o $@ ssh-keycat.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(KEYCATLIBS) $(LIBS)
+ 	$(LD) -o $@ ssh-keycat.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(KEYCATLIBS) $(LIBS)
  
 +ctr-cavstest$(EXEEXT): $(LIBCOMPAT) libssh.a ctr-cavstest.o
-+	$(LD) -o $@ ctr-cavstest.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lfipscheck $(LIBS)
++	$(LD) -o $@ ctr-cavstest.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
 +
  ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHKEYSCAN_OBJS)
  	$(LD) -o $@ $(SSHKEYSCAN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)

openssh-6.6p1-keycat.patch

@@ -62,10 +62,10 @@ diff -up openssh/Makefile.in.keycat openssh/Makefile.in
  	ssh-xmss.o \
 @@ -190,6 +191,9 @@ ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT)
  ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o
- 	$(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat -lfipscheck $(LIBS) $(LDAPLIBS)
+ 	$(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) $(LDAPLIBS)
  
 +ssh-keycat$(EXEEXT): $(LIBCOMPAT) $(SSHDOBJS) libssh.a ssh-keycat.o uidswap.o
-+	$(LD) -o $@ ssh-keycat.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(KEYCATLIBS) $(LIBS)
++	$(LD) -o $@ ssh-keycat.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(KEYCATLIBS) $(LIBS)
 +
  ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHKEYSCAN_OBJS)
  	$(LD) -o $@ $(SSHKEYSCAN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)

openssh-6.7p1-kdf-cavs.patch

@@ -20,7 +20,7 @@ diff -up openssh-6.8p1/Makefile.in.kdf-cavs openssh-6.8p1/Makefile.in
  	ssh-xmss.o \
 @@ -198,6 +199,9 @@ ssh-keycat$(EXEEXT): $(LIBCOMPAT) $(SSHD
  ctr-cavstest$(EXEEXT): $(LIBCOMPAT) libssh.a ctr-cavstest.o
- 	$(LD) -o $@ ctr-cavstest.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lfipscheck $(LIBS)
+ 	$(LD) -o $@ ctr-cavstest.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
  
 +ssh-cavs$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-cavs.o $(SKOBJS)
 +	$(LD) -o $@ ssh-cavs.o $(SKOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)

openssh-6.7p1-ldap.patch

@@ -173,7 +173,7 @@ diff -up openssh-6.8p1/Makefile.in.ldap openssh-6.8p1/Makefile.in
  	$(LD) -o $@ $(SKHELPER_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) $(LIBFIDO2)
  
 +ssh-ldap-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o
-+	$(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat -lfipscheck $(LIBS) $(LDAPLIBS)
++	$(LD) -o $@ ldapconf.o ldapbody.o ldapmisc.o ldap-helper.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) $(LDAPLIBS)
 +
  ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHKEYSCAN_OBJS)
  	$(LD) -o $@ $(SSHKEYSCAN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)

openssh-7.6p1-audit.patch

@@ -883,8 +883,8 @@ diff -up openssh/cipher.c.audit openssh/cipher.c
 -	if (cc == NULL)
 +	if (cc == NULL || cc->cipher == NULL)
  		return;
- 	if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
- 		explicit_bzero(&cc->cp_ctx, sizeof(cc->cp_ctx));
+ 	if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) {
+ 		chachapoly_free(cc->cp_ctx);
 diff -up openssh/cipher.h.audit openssh/cipher.h
 --- openssh/cipher.h.audit	2019-03-27 23:26:14.000000000 +0100
 +++ openssh/cipher.h	2019-04-03 17:02:20.714886050 +0200
@@ -1738,7 +1738,7 @@ diff -up openssh/packet.c.audit openssh/packet.c
  		state->newkeys[mode] = NULL;
  	}
  	/* note that both bytes and the seqnr are not reset */
-@@ -2167,6 +2183,71 @@ ssh_packet_get_output(struct ssh *ssh)
+@@ -2167,6 +2183,72 @@ ssh_packet_get_output(struct ssh *ssh)
  	return (void *)ssh->state->output;
  }
  
@@ -1769,6 +1769,7 @@ diff -up openssh/packet.c.audit openssh/packet.c
 +
 +	cipher_free(state->receive_context);
 +	cipher_free(state->send_context);
++ 	state->send_context = state->receive_context = NULL;
 +
 +	sshbuf_free(state->input);
 +	state->input = NULL;

openssh-7.7p1-fips.patch

@@ -114,50 +114,6 @@ diff -up openssh-8.0p1/kexgexc.c.fips openssh-8.0p1/kexgexc.c
  	p = g = NULL; /* belong to kex->dh now */
  
  	/* generate and send 'e', client DH public key */
-diff -up openssh-8.0p1/Makefile.in.fips openssh-8.0p1/Makefile.in
---- openssh-8.0p1/Makefile.in.fips	2019-07-23 14:55:45.396526350 +0200
-+++ openssh-8.0p1/Makefile.in	2019-07-23 14:55:45.402526411 +0200
-@@ -180,25 +180,25 @@ libssh.a: $(LIBSSH_OBJS)
- 	$(RANLIB) $@
- 
- ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS)
--	$(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHLIBS) $(LIBS) $(GSSLIBS)
-+	$(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(SSHLIBS) $(LIBS) $(GSSLIBS)
- 
- sshd$(EXEEXT): libssh.a	$(LIBCOMPAT) $(SSHDOBJS)
--	$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS)
-+	$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS)
- 
- scp$(EXEEXT): $(LIBCOMPAT) libssh.a $(SCP_OBJS)
- 	$(LD) -o $@ $(SCP_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
- 
- ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHADD_OBJS)
--	$(LD) -o $@ $(SSHADD_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
-+	$(LD) -o $@ $(SSHADD_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
- 
- ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHAGENT_OBJS)
--	$(LD) -o $@ $(SSHAGENT_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
-+	$(LD) -o $@ $(SSHAGENT_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
- 
- ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHKEYGEN_OBJS)
--	$(LD) -o $@ $(SSHKEYGEN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
-+	$(LD) -o $@ $(SSHKEYGEN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
- 
- ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHKEYSIGN_OBJS)
--	$(LD) -o $@ $(SSHKEYSIGN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
-+	$(LD) -o $@ $(SSHKEYSIGN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)
- 
- ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a $(P11HELPER_OBJS)
- 	$(LD) -o $@ $(P11HELPER_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
-@@ -216,7 +216,7 @@ ssh-cavs$(EXEEXT): $(LIBCOMPAT) libssh.a
- 	$(LD) -o $@ ssh-cavs.o $(SKOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
- 
- ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHKEYSCAN_OBJS)
--	$(LD) -o $@ $(SSHKEYSCAN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
-+	$(LD) -o $@ $(SSHKEYSCAN_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lfipscheck $(LIBS)
- 
- sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a $(SFTPSERVER_OBJS)
- 	$(LD) -o $@ $(SFTPSERVER_OBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
 diff -up openssh-8.0p1/myproposal.h.fips openssh-8.0p1/myproposal.h
 --- openssh-8.0p1/myproposal.h.fips	2019-04-18 00:52:57.000000000 +0200
 +++ openssh-8.0p1/myproposal.h	2019-07-23 14:55:45.402526411 +0200
@@ -276,43 +232,25 @@ diff -up openssh-8.0p1/servconf.c.fips openssh-8.0p1/servconf.c
 diff -up openssh-8.0p1/ssh.c.fips openssh-8.0p1/ssh.c
 --- openssh-8.0p1/ssh.c.fips	2019-07-23 14:55:45.378526168 +0200
 +++ openssh-8.0p1/ssh.c	2019-07-23 14:55:45.403526421 +0200
-@@ -76,6 +76,8 @@
+@@ -76,6 +76,7 @@
  #include <openssl/evp.h>
  #include <openssl/err.h>
  #endif
 +#include <openssl/crypto.h>
-+#include <fipscheck.h>
  #include "openbsd-compat/openssl-compat.h"
  #include "openbsd-compat/sys-queue.h"
  
-@@ -600,6 +602,16 @@ main(int ac, char **av)
- 	sanitise_stdfd();
- 
- 	__progname = ssh_get_progname(av[0]);
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+	SSLeay_add_all_algorithms();
-+#endif
-+	if (access("/etc/system-fips", F_OK) == 0)
-+		if (! FIPSCHECK_verify(NULL, NULL)){
-+			if (FIPS_mode())
-+				fatal("FIPS integrity verification test failed.");
-+			else
-+				logit("FIPS integrity verification test failed.");
-+	}
- 
- #ifndef HAVE_SETPROCTITLE
- 	/* Prepare for later setproctitle emulation */
 @@ -614,6 +626,10 @@ main(int ac, char **av)
- 
- 	seed_rng();
- 
+ 		dump_client_config(&options, host);
+ 		exit(0);
+ 	}
++
 +	if (FIPS_mode()) {
 +		debug("FIPS mode initialized");
 +	}
-+
- 	/*
- 	 * Discard other fds that are hanging around. These can cause problem
- 	 * with backgrounded ssh processes started by ControlPersist.
+ 
+ 	/* Expand SecurityKeyProvider if it refers to an environment variable */
+ 	if (options.sk_provider != NULL && *options.sk_provider == '$' &&
 diff -up openssh-8.0p1/sshconnect2.c.fips openssh-8.0p1/sshconnect2.c
 --- openssh-8.0p1/sshconnect2.c.fips	2019-07-23 14:55:45.336525743 +0200
 +++ openssh-8.0p1/sshconnect2.c	2019-07-23 14:55:45.403526421 +0200
@@ -325,7 +263,7 @@ diff -up openssh-8.0p1/sshconnect2.c.fips openssh-8.0p1/sshconnect2.c
  #include "openbsd-compat/sys-queue.h"
  
  #include "xmalloc.h"
-@@ -198,29 +203,34 @@ ssh_kex2(struct ssh *ssh, char *host, st
+@@ -198,36 +203,41 @@ ssh_kex2(struct ssh *ssh, char *host, st
  
  #if defined(GSSAPI) && defined(WITH_OPENSSL)
  	if (options.gss_keyex) {
@@ -333,12 +271,19 @@ diff -up openssh-8.0p1/sshconnect2.c.fips openssh-8.0p1/sshconnect2.c
 -		 * client to the key exchange algorithm proposal */
 -		orig = myproposal[PROPOSAL_KEX_ALGS];
 -
--		if (options.gss_server_identity)
+-		if (options.gss_server_identity) {
 -			gss_host = xstrdup(options.gss_server_identity);
--		else if (options.gss_trust_dns)
+-		} else if (options.gss_trust_dns) {
 -			gss_host = remote_hostname(ssh);
--		else
+-			/* Fall back to specified host if we are using proxy command
+-			 * and can not use DNS on that socket */
+-			if (strcmp(gss_host, "UNKNOWN") == 0) {
+-				free(gss_host);
+-				gss_host = xstrdup(host);
+-			}
+-		} else {
 -			gss_host = xstrdup(host);
+-		}
 -
 -		gss = ssh_gssapi_client_mechanisms(gss_host,
 -		    options.gss_client_identity, options.gss_kex_algorithms);
@@ -360,12 +305,19 @@ diff -up openssh-8.0p1/sshconnect2.c.fips openssh-8.0p1/sshconnect2.c
 +			 * client to the key exchange algorithm proposal */
 +			orig = myproposal[PROPOSAL_KEX_ALGS];
 +
-+			if (options.gss_server_identity)
++			if (options.gss_server_identity) {
 +				gss_host = xstrdup(options.gss_server_identity);
-+			else if (options.gss_trust_dns)
++			} else if (options.gss_trust_dns) {
 +				gss_host = remote_hostname(ssh);
-+			else
++				/* Fall back to specified host if we are using proxy command
++				 * and can not use DNS on that socket */
++				if (strcmp(gss_host, "UNKNOWN") == 0) {
++					free(gss_host);
++					gss_host = xstrdup(host);
++				}
++			} else {
 +				gss_host = xstrdup(host);
++			}
 +
 +			gss = ssh_gssapi_client_mechanisms(gss_host,
 +			    options.gss_client_identity, options.gss_kex_algorithms);
@@ -394,31 +346,19 @@ diff -up openssh-8.0p1/sshd.c.fips openssh-8.0p1/sshd.c
  #include <stdarg.h>
  #include <stdio.h>
  #include <stdlib.h>
-@@ -77,6 +78,8 @@
+@@ -77,6 +78,7 @@
  #include <openssl/dh.h>
  #include <openssl/bn.h>
  #include <openssl/rand.h>
 +#include <openssl/crypto.h>
-+#include <fipscheck.h>
  #include "openbsd-compat/openssl-compat.h"
  #endif
  
-@@ -1529,6 +1532,18 @@ main(int ac, char **av)
+@@ -1529,6 +1532,7 @@ main(int ac, char **av)
  #endif
  	__progname = ssh_get_progname(av[0]);
  
 +	OpenSSL_add_all_algorithms();
-+	if (access("/etc/system-fips", F_OK) == 0)
-+		if (! FIPSCHECK_verify(NULL, NULL)) {
-+			openlog(__progname, LOG_PID, LOG_AUTHPRIV);
-+			if (FIPS_mode()) {
-+				syslog(LOG_CRIT, "FIPS integrity verification test failed.");
-+				cleanup_exit(255);
-+			}
-+			else
-+				syslog(LOG_INFO, "FIPS integrity verification test failed.");
-+			closelog();
-+		}
  	/* Save argv. Duplicate so setproctitle emulation doesn't clobber it */
  	saved_argc = ac;
  	rexec_argc = ac;
@@ -513,5 +453,5 @@ diff -up openssh-8.0p1/ssh-keygen.c.fips openssh-8.0p1/ssh-keygen.c
  		fflush(stdout);
 -		type = sshkey_type_from_name(key_types[i].key_type);
  		if ((fd = mkstemp(prv_tmp)) == -1) {
- 			error("Could not save your public key in %s: %s",
- 			    prv_tmp, strerror(errno));
+ 			error("Could not save your private key in %s: %s",
+			    prv_tmp, strerror(errno));

openssh-7.7p1-gssapi-new-unique.patch

@@ -480,7 +480,7 @@ index 6cae720e..16e55cbc 100644
 +	return 0;
  }
  
- /* This allows GSSAPI methods to do things to the childs environment based
+ /* This allows GSSAPI methods to do things to the child's environment based
 @@ -498,9 +500,7 @@ ssh_gssapi_rekey_creds() {
  	char *envstr;
  #endif
@@ -574,7 +574,7 @@ index 85df6a27..480a5ead 100644
 +++ b/session.c
 @@ -1033,7 +1033,8 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
  	/* Allow any GSSAPI methods that we've used to alter
- 	 * the childs environment as they see fit
+ 	 * the child's environment as they see fit
  	 */
 -	ssh_gssapi_do_child(&env, &envsize);
 +	if (s->authctxt->krb5_set_env)

openssh-7.7p1-redhat.patch

@@ -1,13 +1,16 @@
 diff -up openssh/ssh_config.redhat openssh/ssh_config
 --- openssh/ssh_config.redhat	2020-02-11 23:28:35.000000000 +0100
 +++ openssh/ssh_config	2020-02-13 18:13:39.180641839 +0100
-@@ -43,3 +43,7 @@
+@@ -43,3 +43,10 @@
  #   VisualHostKey no
  #   ProxyCommand ssh -q -W %h:%p gateway.example.com
  #   RekeyLimit 1G 1h
 +#
-+# To modify the system-wide ssh configuration, create a  *.conf  file under
-+#  /etc/ssh/ssh_config.d/  which will be automatically included below
++# This system is following system-wide crypto policy.
++# To modify the crypto properties (Ciphers, MACs, ...), create a  *.conf
++#  file under  /etc/ssh/ssh_config.d/  which will be automatically
++# included below. For more information, see manual page for
++#  update-crypto-policies(8)  and  ssh_config(5).
 +Include /etc/ssh/ssh_config.d/*.conf
 diff -up openssh/ssh_config_redhat.redhat openssh/ssh_config_redhat
 --- openssh/ssh_config_redhat.redhat	2020-02-13 18:13:39.180641839 +0100
@@ -65,10 +68,14 @@ diff -up openssh/sshd_config.5.redhat openssh/sshd_config.5
 diff -up openssh/sshd_config.redhat openssh/sshd_config
 --- openssh/sshd_config.redhat	2020-02-11 23:28:35.000000000 +0100
 +++ openssh/sshd_config	2020-02-13 18:20:16.349913681 +0100
-@@ -10,6 +10,10 @@
+@@ -10,6 +10,14 @@
  # possible, but leave them commented.  Uncommented options override the
  # default value.
- 
+
++# To modify the system-wide sshd configuration, create a  *.conf  file under
++#  /etc/ssh/sshd_config.d/  which will be automatically included below
++Include /etc/ssh/sshd_config.d/*.conf
++
 +# If you want to change the port on a SELinux system, you have to tell
 +# SELinux about this change.
 +# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
@@ -76,26 +83,16 @@ diff -up openssh/sshd_config.redhat openssh/sshd_config
  #Port 22
  #AddressFamily any
  #ListenAddress 0.0.0.0
-@@ -114,3 +118,7 @@ Subsystem	sftp	/usr/libexec/sftp-server
- #	AllowTcpForwarding no
- #	PermitTTY no
- #	ForceCommand cvs server
-+
-+# To modify the system-wide ssh configuration, create a  *.conf  file under
-+#  /etc/ssh/sshd_config.d/  which will be automatically included below
-+Include /etc/ssh/sshd_config.d/*.conf
 diff -up openssh/sshd_config_redhat.redhat openssh/sshd_config_redhat
 --- openssh/sshd_config_redhat.redhat	2020-02-13 18:14:02.268006439 +0100
 +++ openssh/sshd_config_redhat	2020-02-13 18:19:20.765035947 +0100
-@@ -0,0 +1,31 @@
-+# System-wide Crypto policy:
+@@ -0,0 +1,29 @@
 +# This system is following system-wide crypto policy. The changes to
-+# Ciphers, MACs, KexAlgoritms and GSSAPIKexAlgorithsm will not have any
-+# effect here. They will be overridden by command-line options passed on
-+# the server start up.
-+# To opt out, uncomment a line with redefinition of  CRYPTO_POLICY=
-+# variable in  /etc/sysconfig/sshd  to overwrite the policy.
-+# For more information, see manual page for update-crypto-policies(8).
++# crypto properties (Ciphers, MACs, ...) will not have any effect in
++# this or following included files. To override some configuration option,
++# write it before this block or include it before this file.
++# Please, see manual pages for update-crypto-policies(8) and sshd_config(5).
++Include /etc/crypto-policies/back-ends/opensshserver.config
 +
 +SyslogFacility AUTHPRIV
 +

openssh-8.0p1-crypto-policies.patch

@@ -1,8 +1,15 @@
-diff -up openssh/ssh_config.5.crypto-policies openssh/ssh_config.5
---- openssh/ssh_config.5.crypto-policies	2020-02-07 15:05:55.665451715 +0100
-+++ openssh/ssh_config.5	2020-02-07 15:07:11.632641922 +0100
-@@ -361,15 +361,15 @@ domains.
+diff -up openssh-8.2p1/ssh_config.5.crypto-policies openssh-8.2p1/ssh_config.5
+--- openssh-8.2p1/ssh_config.5.crypto-policies	2020-03-26 14:40:44.546775605 +0100
++++ openssh-8.2p1/ssh_config.5	2020-03-26 14:52:20.700649727 +0100
+@@ -359,17 +359,17 @@ or
+ .Qq *.c.example.com
+ domains.
  .It Cm CASignatureAlgorithms
++The default is handled system-wide by
++.Xr crypto-policies 7 .
++To see the defaults and how to modify this default, see manual page
++.Xr update-crypto-policies 8 .
++.Pp
  Specifies which algorithms are allowed for signing of certificates
  by certificate authorities (CAs).
 -The default is:
@@ -15,15 +22,39 @@ diff -up openssh/ssh_config.5.crypto-policies openssh/ssh_config.5
  will not accept host certificates signed using algorithms other than those
  specified.
 +.Pp
+ .It Cm CertificateFile
+ Specifies a file from which the user's certificate is read.
+ A corresponding private key must be provided separately in order
+@@ -424,20 +424,25 @@ If the option is set to
+ .Cm no ,
+ the check will not be executed.
+ .It Cm Ciphers
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
 +.Pp
- .It Cm CertificateFile
- Specifies a file from which the user's certificate is read.
- A corresponding private key must be provided separately in order
-@@ -453,12 +453,10 @@ aes256-gcm@openssh.com
+ Specifies the ciphers allowed and their order of preference.
+ Multiple ciphers must be comma-separated.
+ If the specified list begins with a
+ .Sq +
+-character, then the specified ciphers will be appended to the default set
++character, then the specified ciphers will be appended to the built-in default set
+ instead of replacing them.
+ If the specified list begins with a
+ .Sq -
+ character, then the specified ciphers (including wildcards) will be removed
+-from the default set instead of replacing them.
++from the built-in default set instead of replacing them.
+ If the specified list begins with a
+ .Sq ^
+ character, then the specified ciphers will be placed at the head of the
+-default set.
++built-in default set.
+ .Pp
+ The supported ciphers are:
+ .Bd -literal -offset indent
+@@ -453,13 +458,6 @@ aes256-gcm@openssh.com
  chacha20-poly1305@openssh.com
  .Ed
  .Pp
@@ -33,30 +64,59 @@ diff -up openssh/ssh_config.5.crypto-policies openssh/ssh_config.5
 -aes128-ctr,aes192-ctr,aes256-ctr,
 -aes128-gcm@openssh.com,aes256-gcm@openssh.com
 -.Ed
+-.Pp
+ The list of available ciphers may also be obtained using
+ .Qq ssh -Q cipher .
+ .It Cm ClearAllForwardings
+@@ -812,6 +810,11 @@ command line will be passed untouched to
+ The default is
+ .Dq no .
+ .It Cm GSSAPIKexAlgorithms
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
- .Pp
- The list of available ciphers may also be obtained using
- .Qq ssh -Q cipher .
-@@ -824,8 +822,10 @@ gss-nistp256-sha256-,
++.Pp
+ The list of key exchange algorithms that are offered for GSSAPI
+ key exchange. Possible values are
+ .Bd -literal -offset 3n
+@@ -824,10 +827,8 @@ gss-nistp256-sha256-,
  gss-curve25519-sha256-
  .Ed
  .Pp
 -The default is
--.Dq gss-gex-sha1-,gss-group14-sha1- .
+-.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-,
+-gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- .
+ This option only applies to connections using GSSAPI.
++.Pp
+ .It Cm HashKnownHosts
+ Indicates that
+ .Xr ssh 1
+@@ -1149,29 +1150,25 @@ it may be zero or more of:
+ and
+ .Cm pam .
+ .It Cm KexAlgorithms
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
- This option only applies to protocol version 2 connections using GSSAPI.
- .It Cm HashKnownHosts
- Indicates that
-@@ -1162,15 +1162,10 @@ If the specified list begins with a
++.Pp
+ Specifies the available KEX (Key Exchange) algorithms.
+ Multiple algorithms must be comma-separated.
+ If the specified list begins with a
+ .Sq +
+-character, then the specified methods will be appended to the default set
++character, then the specified methods will be appended to the built-in default set
+ instead of replacing them.
+ If the specified list begins with a
+ .Sq -
+ character, then the specified methods (including wildcards) will be removed
+-from the default set instead of replacing them.
++from the built-in default set instead of replacing them.
+ If the specified list begins with a
  .Sq ^
  character, then the specified methods will be placed at the head of the
- default set.
+-default set.
 -The default is:
 -.Bd -literal -offset indent
 -curve25519-sha256,curve25519-sha256@libssh.org,
@@ -66,14 +126,41 @@ diff -up openssh/ssh_config.5.crypto-policies openssh/ssh_config.5
 -diffie-hellman-group18-sha512,
 -diffie-hellman-group14-sha256
 -.Ed
++built-in default set.
+ .Pp
+ The list of available key exchange algorithms may also be obtained using
+ .Qq ssh -Q kex .
+@@ -1231,37 +1228,33 @@ The default is INFO.
+ DEBUG and DEBUG1 are equivalent.
+ DEBUG2 and DEBUG3 each specify higher levels of verbose output.
+ .It Cm MACs
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
++.Pp
+ Specifies the MAC (message authentication code) algorithms
+ in order of preference.
+ The MAC algorithm is used for data integrity protection.
+ Multiple algorithms must be comma-separated.
+ If the specified list begins with a
+ .Sq +
+-character, then the specified algorithms will be appended to the default set
++character, then the specified algorithms will be appended to the built-in default set
+ instead of replacing them.
+ If the specified list begins with a
+ .Sq -
+ character, then the specified algorithms (including wildcards) will be removed
+-from the default set instead of replacing them.
++from the built-in default set instead of replacing them.
+ If the specified list begins with a
+ .Sq ^
+ character, then the specified algorithms will be placed at the head of the
+-default set.
++built-in default set.
  .Pp
- The list of available key exchange algorithms may also be obtained using
- .Qq ssh -Q kex .
-@@ -1252,14 +1247,10 @@ The algorithms that contain
+ The algorithms that contain
+ .Qq -etm
  calculate the MAC after encryption (encrypt-then-mac).
  These are considered safer and their use recommended.
  .Pp
@@ -85,17 +172,35 @@ diff -up openssh/ssh_config.5.crypto-policies openssh/ssh_config.5
 -umac-64@openssh.com,umac-128@openssh.com,
 -hmac-sha2-256,hmac-sha2-512,hmac-sha1
 -.Ed
+-.Pp
+ The list of available MAC algorithms may also be obtained using
+ .Qq ssh -Q mac .
+ .It Cm NoHostAuthenticationForLocalhost
+@@ -1394,36 +1387,25 @@ instead of continuing to execute and pas
+ The default is
+ .Cm no .
+ .It Cm PubkeyAcceptedKeyTypes
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
- .Pp
- The list of available MAC algorithms may also be obtained using
- .Qq ssh -Q mac .
-@@ -1407,22 +1398,10 @@ If the specified list begins with a
++.Pp
+ Specifies the key types that will be used for public key authentication
+ as a comma-separated list of patterns.
+ If the specified list begins with a
+ .Sq +
+-character, then the key types after it will be appended to the default
++character, then the key types after it will be appended to the built-in default
+ instead of replacing it.
+ If the specified list begins with a
+ .Sq -
+ character, then the specified key types (including wildcards) will be removed
+-from the default set instead of replacing them.
++from the built-in default set instead of replacing them.
+ If the specified list begins with a
  .Sq ^
  character, then the specified key types will be placed at the head of the
- default set.
+-default set.
 -The default for this option is:
 -.Bd -literal -offset 3n
 -ecdsa-sha2-nistp256-cert-v01@openssh.com,
@@ -112,18 +217,22 @@ diff -up openssh/ssh_config.5.crypto-policies openssh/ssh_config.5
 -ssh-ed25519,sk-ssh-ed25519@openssh.com,
 -rsa-sha2-512,rsa-sha2-256,ssh-rsa
 -.Ed
++built-in default set.
+ .Pp
+ The list of available key types may also be obtained using
+ .Qq ssh -Q PubkeyAcceptedKeyTypes .
+diff -up openssh-8.2p1/sshd_config.5.crypto-policies openssh-8.2p1/sshd_config.5
+--- openssh-8.2p1/sshd_config.5.crypto-policies	2020-03-26 14:40:44.530775355 +0100
++++ openssh-8.2p1/sshd_config.5	2020-03-26 14:48:56.732468099 +0100
+@@ -375,16 +375,16 @@ If the argument is
+ then no banner is displayed.
+ By default, no banner is displayed.
+ .It Cm CASignatureAlgorithms
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
- .Pp
- The list of available key types may also be obtained using
- .Qq ssh -Q PubkeyAcceptedKeyTypes .
-diff -up openssh/sshd_config.5.crypto-policies openssh/sshd_config.5
---- openssh/sshd_config.5.crypto-policies	2020-02-07 15:05:55.639451308 +0100
-+++ openssh/sshd_config.5	2020-02-07 15:05:55.672451825 +0100
-@@ -377,14 +377,14 @@ By default, no banner is displayed.
- .It Cm CASignatureAlgorithms
++.Pp
  Specifies which algorithms are allowed for signing of certificates
  by certificate authorities (CAs).
 -The default is:
@@ -135,15 +244,39 @@ diff -up openssh/sshd_config.5.crypto-policies openssh/sshd_config.5
  Certificates signed using other algorithms will not be accepted for
  public key or host-based authentication.
 +.Pp
+ .It Cm ChallengeResponseAuthentication
+ Specifies whether challenge-response authentication is allowed (e.g. via
+ PAM or through authentication styles supported in
+@@ -446,20 +446,25 @@ The default is
+ indicating not to
+ .Xr chroot 2 .
+ .It Cm Ciphers
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
 +.Pp
- .It Cm ChallengeResponseAuthentication
- Specifies whether challenge-response authentication is allowed (e.g. via
- PAM or through authentication styles supported in
-@@ -486,12 +486,10 @@ aes256-gcm@openssh.com
+ Specifies the ciphers allowed.
+ Multiple ciphers must be comma-separated.
+ If the specified list begins with a
+ .Sq +
+-character, then the specified ciphers will be appended to the default set
++character, then the specified ciphers will be appended to the built-in default set
+ instead of replacing them.
+ If the specified list begins with a
+ .Sq -
+ character, then the specified ciphers (including wildcards) will be removed
+-from the default set instead of replacing them.
++from the built-in default set instead of replacing them.
+ If the specified list begins with a
+ .Sq ^
+ character, then the specified ciphers will be placed at the head of the
+-default set.
++built-in default set.
+ .Pp
+ The supported ciphers are:
+ .Pp
+@@ -486,13 +491,6 @@ aes256-gcm@openssh.com
  chacha20-poly1305@openssh.com
  .El
  .Pp
@@ -153,28 +286,54 @@ diff -up openssh/sshd_config.5.crypto-policies openssh/sshd_config.5
 -aes128-ctr,aes192-ctr,aes256-ctr,
 -aes128-gcm@openssh.com,aes256-gcm@openssh.com
 -.Ed
-+The default is handled system-wide by
-+.Xr crypto-policies 7 .
-+To see the defaults and how to modify this default, see manual page
-+.Xr update-crypto-policies 8 .
- .Pp
+-.Pp
  The list of available ciphers may also be obtained using
  .Qq ssh -Q cipher .
-@@ -693,8 +691,10 @@ gss-nistp256-sha256-,
- gss-curve25519-sha256-
- .Ed
- .Pp
--The default is
--.Dq gss-gex-sha1-,gss-group14-sha1- .
+ .It Cm ClientAliveCountMax
+@@ -681,22 +679,24 @@ For this to work
+ .Cm GSSAPIKeyExchange
+ needs to be enabled in the server and also used by the client.
+ .It Cm GSSAPIKexAlgorithms
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
- This option only applies to protocol version 2 connections using GSSAPI.
++.Pp
+ The list of key exchange algorithms that are accepted by GSSAPI
+ key exchange. Possible values are
+ .Bd -literal -offset 3n
+-gss-gex-sha1-,
+-gss-group1-sha1-,
+-gss-group14-sha1-,
+-gss-group14-sha256-,
+-gss-group16-sha512-,
+-gss-nistp256-sha256-,
++gss-gex-sha1-
++gss-group1-sha1-
++gss-group14-sha1-
++gss-group14-sha256-
++gss-group16-sha512-
++gss-nistp256-sha256-
+ gss-curve25519-sha256-
+ .Ed
+-.Pp
+-The default is
+-.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-,
+-gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- .
+ This option only applies to connections using GSSAPI.
++.Pp
  .It Cm HostbasedAcceptedKeyTypes
  Specifies the key types that will be accepted for hostbased authentication
-@@ -794,22 +794,10 @@ environment variable.
+ as a list of comma-separated patterns.
+@@ -793,25 +793,13 @@ is specified, the location of the socket
+ .Ev SSH_AUTH_SOCK
+ environment variable.
  .It Cm HostKeyAlgorithms
++The default is handled system-wide by
++.Xr crypto-policies 7 .
++To see the defaults and how to modify this default, see manual page
++.Xr update-crypto-policies 8 .
++.Pp
  Specifies the host key algorithms
  that the server offers.
 -The default for this option is:
@@ -193,14 +352,40 @@ diff -up openssh/sshd_config.5.crypto-policies openssh/sshd_config.5
 -ssh-ed25519,sk-ssh-ed25519@openssh.com,
 -rsa-sha2-512,rsa-sha2-256,ssh-rsa
 -.Ed
+-.Pp
+ The list of available key types may also be obtained using
+ .Qq ssh -Q HostKeyAlgorithms .
+ .It Cm IgnoreRhosts
+@@ -943,20 +931,25 @@ Specifies whether to look at .k5login fi
+ The default is
+ .Cm yes .
+ .It Cm KexAlgorithms
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
++.Pp
+ Specifies the available KEX (Key Exchange) algorithms.
+ Multiple algorithms must be comma-separated.
+ Alternately if the specified list begins with a
+ .Sq +
+-character, then the specified methods will be appended to the default set
++character, then the specified methods will be appended to the built-in default set
+ instead of replacing them.
+ If the specified list begins with a
+ .Sq -
+ character, then the specified methods (including wildcards) will be removed
+-from the default set instead of replacing them.
++from the built-in default set instead of replacing them.
+ If the specified list begins with a
+ .Sq ^
+ character, then the specified methods will be placed at the head of the
+-default set.
++built-in default set.
+ The supported algorithms are:
  .Pp
- The list of available key types may also be obtained using
- .Qq ssh -Q HostKeyAlgorithms .
-@@ -987,14 +975,10 @@ ecdh-sha2-nistp521
+ .Bl -item -compact -offset indent
+@@ -988,15 +981,6 @@ ecdh-sha2-nistp521
  sntrup4591761x25519-sha512@tinyssh.org
  .El
  .Pp
@@ -212,14 +397,41 @@ diff -up openssh/sshd_config.5.crypto-policies openssh/sshd_config.5
 -diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,
 -diffie-hellman-group14-sha256
 -.Ed
+-.Pp
+ The list of available key exchange algorithms may also be obtained using
+ .Qq ssh -Q KexAlgorithms .
+ .It Cm ListenAddress
+@@ -1065,21 +1049,26 @@ DEBUG and DEBUG1 are equivalent.
+ DEBUG2 and DEBUG3 each specify higher levels of debugging output.
+ Logging with a DEBUG level violates the privacy of users and is not recommended.
+ .It Cm MACs
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
++.Pp
+ Specifies the available MAC (message authentication code) algorithms.
+ The MAC algorithm is used for data integrity protection.
+ Multiple algorithms must be comma-separated.
+ If the specified list begins with a
+ .Sq +
+-character, then the specified algorithms will be appended to the default set
++character, then the specified algorithms will be appended to the built-in default set
+ instead of replacing them.
+ If the specified list begins with a
+ .Sq -
+ character, then the specified algorithms (including wildcards) will be removed
+-from the default set instead of replacing them.
++from the built-in default set instead of replacing them.
+ If the specified list begins with a
+ .Sq ^
+ character, then the specified algorithms will be placed at the head of the
+-default set.
++built-in default set.
  .Pp
- The list of available key exchange algorithms may also be obtained using
- .Qq ssh -Q KexAlgorithms .
-@@ -1121,14 +1105,10 @@ umac-64-etm@openssh.com
+ The algorithms that contain
+ .Qq -etm
+@@ -1122,15 +1111,6 @@ umac-64-etm@openssh.com
  umac-128-etm@openssh.com
  .El
  .Pp
@@ -231,17 +443,35 @@ diff -up openssh/sshd_config.5.crypto-policies openssh/sshd_config.5
 -umac-64@openssh.com,umac-128@openssh.com,
 -hmac-sha2-256,hmac-sha2-512,hmac-sha1
 -.Ed
+-.Pp
+ The list of available MAC algorithms may also be obtained using
+ .Qq ssh -Q mac .
+ .It Cm Match
+@@ -1480,36 +1460,25 @@ or equivalent.)
+ The default is
+ .Cm yes .
+ .It Cm PubkeyAcceptedKeyTypes
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
- .Pp
- The list of available MAC algorithms may also be obtained using
- .Qq ssh -Q mac .
-@@ -1492,22 +1472,10 @@ If the specified list begins with a
++.Pp
+ Specifies the key types that will be accepted for public key authentication
+ as a list of comma-separated patterns.
+ Alternately if the specified list begins with a
+ .Sq +
+-character, then the specified key types will be appended to the default set
++character, then the specified key types will be appended to the built-in default set
+ instead of replacing them.
+ If the specified list begins with a
+ .Sq -
+ character, then the specified key types (including wildcards) will be removed
+-from the default set instead of replacing them.
++from the built-in default set instead of replacing them.
+ If the specified list begins with a
  .Sq ^
  character, then the specified key types will be placed at the head of the
- default set.
+-default set.
 -The default for this option is:
 -.Bd -literal -offset 3n
 -ecdsa-sha2-nistp256-cert-v01@openssh.com,
@@ -258,10 +488,7 @@ diff -up openssh/sshd_config.5.crypto-policies openssh/sshd_config.5
 -ssh-ed25519,sk-ssh-ed25519@openssh.com,
 -rsa-sha2-512,rsa-sha2-256,ssh-rsa
 -.Ed
-+The default is handled system-wide by
-+.Xr crypto-policies 7 .
-+To see the defaults and how to modify this default, see manual page
-+.Xr update-crypto-policies 8 .
++built-in default set.
  .Pp
  The list of available key types may also be obtained using
  .Qq ssh -Q PubkeyAcceptedKeyTypes .

openssh-8.0p1-gssapi-keyex.patch

@@ -964,7 +964,7 @@ index ab3a15f0..6ce56e92 100644
 --- a/gss-serv.c
 +++ b/gss-serv.c
 @@ -1,7 +1,7 @@
- /* $OpenBSD: gss-serv.c,v 1.31 2018/07/09 21:37:55 markus Exp $ */
+ /* $OpenBSD: gss-serv.c,v 1.32 2020/03/13 03:17:07 djm Exp $ */
  
  /*
 - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -3253,7 +3253,7 @@ index 36180d07..70dd3665 100644
   *
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
-@@ -61,10 +61,30 @@
+@@ -61,10 +61,34 @@
  
  #define SSH_GSS_OIDTYPE 0x06
  
@@ -3273,8 +3273,12 @@ index 36180d07..70dd3665 100644
 +#define KEX_GSS_C25519_SHA256_ID			"gss-curve25519-sha256-"
 +
 +#define        GSS_KEX_DEFAULT_KEX \
-+	KEX_GSS_GEX_SHA1_ID "," \
-+	KEX_GSS_GRP14_SHA1_ID
++	KEX_GSS_GRP14_SHA256_ID "," \
++	KEX_GSS_GRP16_SHA512_ID	"," \
++	KEX_GSS_NISTP256_SHA256_ID "," \
++	KEX_GSS_C25519_SHA256_ID "," \
++	KEX_GSS_GRP14_SHA1_ID "," \
++	KEX_GSS_GEX_SHA1_ID
 +
  typedef struct {
  	char *filename;
@@ -3429,7 +3433,7 @@ diff --git a/ssh_config.5 b/ssh_config.5
 index 06a32d31..3f490697 100644
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -766,10 +766,67 @@ The default is
+@@ -766,10 +766,68 @@ The default is
  Specifies whether user authentication based on GSSAPI is allowed.
  The default is
  .Cm no .
@@ -3492,8 +3496,9 @@ index 06a32d31..3f490697 100644
 +.Ed
 +.Pp
 +The default is
-+.Dq gss-gex-sha1-,gss-group14-sha1- .
-+This option only applies to protocol version 2 connections using GSSAPI.
++.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-,
++gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- .
++This option only applies to connections using GSSAPI.
  .It Cm HashKnownHosts
  Indicates that
  .Xr ssh 1
@@ -3522,7 +3527,7 @@ index af00fb30..03bc87eb 100644
  	xxx_host = host;
  	xxx_hostaddr = hostaddr;
  
-@@ -206,6 +209,35 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
+@@ -206,6 +209,42 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
  		    compat_pkalg_proposal(options.hostkeyalgorithms);
  	}
  
@@ -3532,12 +3537,19 @@ index af00fb30..03bc87eb 100644
 +		 * client to the key exchange algorithm proposal */
 +		orig = myproposal[PROPOSAL_KEX_ALGS];
 +
-+		if (options.gss_server_identity)
++		if (options.gss_server_identity) {
 +			gss_host = xstrdup(options.gss_server_identity);
-+		else if (options.gss_trust_dns)
++		} else if (options.gss_trust_dns) {
 +			gss_host = remote_hostname(ssh);
-+		else
++			/* Fall back to specified host if we are using proxy command
++			 * and can not use DNS on that socket */
++			if (strcmp(gss_host, "UNKNOWN") == 0) {
++				free(gss_host);
++				gss_host = xstrdup(host);
++			}
++		} else {
 +			gss_host = xstrdup(host);
++		}
 +
 +		gss = ssh_gssapi_client_mechanisms(gss_host,
 +		    options.gss_client_identity, options.gss_kex_algorithms);
@@ -3626,18 +3638,25 @@ index af00fb30..03bc87eb 100644
  	{"gssapi-with-mic",
  		userauth_gssapi,
  		userauth_gssapi_cleanup,
-@@ -716,12 +784,25 @@ userauth_gssapi(struct ssh *ssh)
+@@ -716,12 +784,32 @@ userauth_gssapi(struct ssh *ssh)
  	OM_uint32 min;
  	int r, ok = 0;
  	gss_OID mech = NULL;
-+	char *gss_host;
++	char *gss_host = NULL;
 +
-+	if (options.gss_server_identity)
++	if (options.gss_server_identity) {
 +		gss_host = xstrdup(options.gss_server_identity);
-+	else if (options.gss_trust_dns)
++	} else if (options.gss_trust_dns) {
 +		gss_host = remote_hostname(ssh);
-+	else
++		/* Fall back to specified host if we are using proxy command
++		 * and can not use DNS on that socket */
++		if (strcmp(gss_host, "UNKNOWN") == 0) {
++			free(gss_host);
++			gss_host = xstrdup(authctxt->host);
++		}
++	} else {
 +		gss_host = xstrdup(authctxt->host);
++	}
  
  	/* Try one GSSAPI method at a time, rather than sending them all at
  	 * once. */
@@ -3849,7 +3868,7 @@ index 70ccea44..f6b41a2f 100644
  .It Cm GSSAPIStrictAcceptorCheck
  Determines whether to be strict about the identity of the GSSAPI acceptor
  a client authenticates against.
-@@ -660,6 +665,31 @@ machine's default store.
+@@ -660,6 +665,32 @@ machine's default store.
  This facility is provided to assist with operation on multi homed machines.
  The default is
  .Cm yes .
@@ -3876,8 +3895,9 @@ index 70ccea44..f6b41a2f 100644
 +.Ed
 +.Pp
 +The default is
-+.Dq gss-gex-sha1-,gss-group14-sha1- .
-+This option only applies to protocol version 2 connections using GSSAPI.
++.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-,
++gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- .
++This option only applies to connections using GSSAPI.
  .It Cm HostbasedAcceptedKeyTypes
  Specifies the key types that will be accepted for hostbased authentication
  as a list of comma-separated patterns.

openssh-8.0p1-pkcs11-uri.patch

@@ -48,7 +48,7 @@ index e7549470..4511f82a 100644
  	msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \
 -	ssh-pkcs11.o smult_curve25519_ref.o \
 +	ssh-pkcs11.o ssh-pkcs11-uri.o smult_curve25519_ref.o \
- 	poly1305.o chacha.o cipher-chachapoly.o \
+ 	poly1305.o chacha.o cipher-chachapoly.o cipher-chachapoly-libcrypto.o \
  	ssh-ed25519.o digest-openssl.o digest-libc.o \
  	hmac.o sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o \
 @@ -289,6 +289,8 @@ clean:	regressclean
@@ -2502,7 +2502,7 @@ index a302c79c..879fe917 100644
  	int ret = -1;
  	struct pkcs11_provider *p = NULL;
  	void *handle = NULL;
-@@ -1484,165 +1670,301 @@ pkcs11_register_provider(char *provider_id, char *pin,
+@@ -1484,167 +1670,303 @@ pkcs11_register_provider(char *provider_id, char *pin,
  	CK_FUNCTION_LIST *f = NULL;
  	CK_TOKEN_INFO *token;
  	CK_ULONG i;
@@ -2722,6 +2722,9 @@ index a302c79c..879fe917 100644
 +	}
 +
 +	provider_uri = pkcs11_uri_get(uri);
++	if (pin == NULL && uri->pin != NULL) {
++		pin = uri->pin;
++	}
 +	nkeys = 0;
 +	for (i = 0; i < p->module->nslots; i++) {
 +		token = &p->module->slotinfo[i].token;
@@ -2757,9 +2760,6 @@ index a302c79c..879fe917 100644
 +		    provider_uri, (unsigned long)i,
  		    token->label, token->manufacturerID, token->model,
  		    token->serialNumber, token->flags);
-+		if (pin == NULL && uri->pin != NULL) {
-+			pin = uri->pin;
-+		}
  		/*
 -		 * open session, login with pin and retrieve public
 -		 * keys (if keyp is provided)
@@ -2805,8 +2805,8 @@ index a302c79c..879fe917 100644
 +			pkcs11_fetch_certs(p, i, keyp, labelsp, &nkeys, uri);
 +			uri->object = label;
  		}
-+		pin = NULL; /* Will be cleaned up with URI */
  	}
++	pin = NULL; /* Will be cleaned up with URI */
  
  	/* now owned by caller */
  	*providerp = p;
@@ -2830,6 +2830,8 @@ index a302c79c..879fe917 100644
  	}
 -	if (handle)
 -		dlclose(handle);
+ 	if (ret > 0)
+ 		ret = -1;
  	return (ret);
  }
  
@@ -3109,9 +3111,9 @@ index 15aee569..976844cb 100644
 +		}
 +#endif /* ENABLE_PKCS11 */
 +		cp = tilde_expand_filename(name, getuid());
- 		filename = percent_expand(cp, "d", pw->pw_dir,
- 		    "u", pw->pw_name, "l", thishost, "h", host,
- 		    "r", options.user, (char *)NULL);
+ 		filename = default_client_percent_expand(cp,
+ 		    pw->pw_dir, host, options.user, pw->pw_name);
+ 		free(cp);
 diff --git a/ssh_config.5 b/ssh_config.5
 index 06a32d31..4b2763bd 100644
 --- a/ssh_config.5

openssh-8.2p1-visibility.patch

@@ -26,7 +26,7 @@ index dca158de..afdcb1d2 100644
  
 -int
 +int __attribute__((visibility("default")))
- sk_sign(uint32_t alg, const uint8_t *message, size_t message_len,
+ sk_sign(uint32_t alg, const uint8_t *data, size_t datalen,
      const char *application, const uint8_t *key_handle, size_t key_handle_len,
      uint8_t flags, const char *pin, struct sk_option **options,
 @@ -518,7 +518,7 @@ sk_sign(uint32_t alg, const uint8_t *message, size_t message_len,

openssh-8.2p1-x11-without-ipv6.patch

@@ -0,0 +1,30 @@
+diff --git a/channels.c b/channels.c
+--- a/channels.c
++++ b/channels.c
+@@ -3933,16 +3933,26 @@ x11_create_display_inet(int x11_display_
+ 			if (ai->ai_family == AF_INET6)
+ 				sock_set_v6only(sock);
+ 			if (x11_use_localhost)
+ 				set_reuseaddr(sock);
+ 			if (bind(sock, ai->ai_addr, ai->ai_addrlen) == -1) {
+ 				debug2("%s: bind port %d: %.100s", __func__,
+ 				    port, strerror(errno));
+ 				close(sock);
++
++				/* do not remove successfully opened
++				 * sockets if the request failed because
++				 * the protocol IPv4/6 is not available
++				 * (e.g. IPv6 may be disabled while being
++				 * supported)
++				 */
++				if (EADDRNOTAVAIL == errno)
++    					continue;
++
+ 				for (n = 0; n < num_socks; n++)
+ 					close(socks[n]);
+ 				num_socks = 0;
+ 				break;
+ 			}
+ 			socks[num_socks++] = sock;
+ 			if (num_socks == NUM_SOCKS)
+ 				break;

openssh-8.3p1-sshd_include.patch

@@ -0,0 +1,227 @@
+From 3caa40f40c7f97ecf46969e050e530338864033e Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Mon, 25 May 2020 15:46:51 +0200
+Subject: [PATCH 1/3] regress: Add more test cases
+
+---
+ regress/servcfginclude.sh | 36 +++++++++++++++++++++++++++++++++++-
+ 1 file changed, 35 insertions(+), 1 deletion(-)
+
+diff --git a/regress/servcfginclude.sh b/regress/servcfginclude.sh
+index b25c8faa..b6a9a248 100644
+--- a/regress/servcfginclude.sh
++++ b/regress/servcfginclude.sh
+@@ -146,9 +146,43 @@ Include
+ _EOF
+ 
+ trace "disallow invalid with no argument"
+-${SUDO} ${REAL_SSHD} -f $OBJ/sshd_config.i.x \
++${SUDO} ${REAL_SSHD} -f $OBJ/sshd_config.i.x -T \
+     -C "host=x,user=test,addr=127.0.0.1" 2>/dev/null && \
+ 	fail "sshd allowed Include with no argument"
+ 
++# Ensure the Include before any Match block works as expected (bug #3122)
++cat > $OBJ/sshd_config.i << _EOF
++Banner /xx
++HostKey $OBJ/host.ssh-ed25519
++Include $OBJ/sshd_config.i.2
++Match host a
++	Banner /aaaa
++_EOF
++cat > $OBJ/sshd_config.i.2 << _EOF
++Match host a
++	Banner /aa
++_EOF
++
++trace "Include before match blocks"
++trial a /aa "included file before match blocks is properly evaluated"
++
++# Port in included file is correctly interpretted (bug #3169)
++cat > $OBJ/sshd_config.i << _EOF
++Include $OBJ/sshd_config.i.2
++Port 7722
++_EOF
++cat > $OBJ/sshd_config.i.2 << _EOF
++HostKey $OBJ/host.ssh-ed25519
++_EOF
++
++trace "Port after included files"
++${SUDO} ${REAL_SSHD} -f $OBJ/sshd_config.i -T \
++    -C "host=x,user=test,addr=127.0.0.1" > $OBJ/sshd_config.out || \
++	fail "failed to parse Port after included files"
++_port=`grep -i '^port ' $OBJ/sshd_config.out | awk '{print $2}'`
++if test "x7722" != "x$_port" ; then
++	fail "The Port in included file was intertepretted wrongly. Expected 7722, got $_port"
++fi
++
+ # cleanup
+ rm -f $OBJ/sshd_config.i $OBJ/sshd_config.i.* $OBJ/sshd_config.out
+-- 
+2.25.4
+
+
+From 924922fcb8f34fb4a156367de2ee33ad92a68a6a Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Mon, 25 May 2020 16:56:39 +0200
+Subject: [PATCH 2/3] Do not call process_queued_listen_addrs() for every
+ included file
+
+Fixes #3169
+---
+ servconf.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/servconf.c b/servconf.c
+index 5bb4b1f8..78a7d87d 100644
+--- a/servconf.c
++++ b/servconf.c
+@@ -74,7 +74,7 @@ static void add_listen_addr(ServerOptions *, const char *,
+     const char *, int);
+ static void add_one_listen_addr(ServerOptions *, const char *,
+     const char *, int);
+-void parse_server_config_depth(ServerOptions *options, const char *filename,
++static void parse_server_config_depth(ServerOptions *options, const char *filename,
+     struct sshbuf *conf, struct include_list *includes,
+     struct connection_info *connectinfo, int flags, int *activep, int depth);
+ 
+@@ -2580,7 +2580,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
+ #undef M_CP_STRARRAYOPT
+ 
+ #define SERVCONF_MAX_DEPTH	16
+-void
++static void
+ parse_server_config_depth(ServerOptions *options, const char *filename,
+     struct sshbuf *conf, struct include_list *includes,
+     struct connection_info *connectinfo, int flags, int *activep, int depth)
+@@ -2606,7 +2606,6 @@ parse_server_config_depth(ServerOptions *options, const char *filename,
+ 	if (bad_options > 0)
+ 		fatal("%s: terminating, %d bad configuration options",
+ 		    filename, bad_options);
+-	process_queued_listen_addrs(options);
+ }
+ 
+ void
+@@ -2617,6 +2616,7 @@ parse_server_config(ServerOptions *options, const char *filename,
+ 	int active = connectinfo ? 0 : 1;
+ 	parse_server_config_depth(options, filename, conf, includes,
+ 	    connectinfo, 0, &active, 0);
++	process_queued_listen_addrs(options);
+ }
+ 
+ static const char *
+-- 
+2.25.4
+
+
+From 26d970b4fb373cb7bd99286e41dd095cd1eadbd0 Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Tue, 26 May 2020 16:25:24 +0200
+Subject: [PATCH 3/3] servconf: Fix parsing of Match blocks in included files
+ (#3122)
+
+---
+ servconf.c | 28 +++++++++++++++++++---------
+ 1 file changed, 19 insertions(+), 9 deletions(-)
+
+diff --git a/servconf.c b/servconf.c
+index 78a7d87d..a8541514 100644
+--- a/servconf.c
++++ b/servconf.c
+@@ -554,6 +554,7 @@ typedef enum {
+ #define SSHCFG_MATCH		0x02	/* allowed inside a Match section */
+ #define SSHCFG_ALL		(SSHCFG_GLOBAL|SSHCFG_MATCH)
+ #define SSHCFG_NEVERMATCH	0x04  /* Match never matches; internal only */
++#define SSHCFG_MATCH_ONLY	0x08  /* Match only in conditional blocks; internal only */
+ 
+ /* Textual representation of the tokens. */
+ static struct {
+@@ -1265,7 +1266,7 @@ static const struct multistate multistate_tcpfwd[] = {
+ static int
+ process_server_config_line_depth(ServerOptions *options, char *line,
+     const char *filename, int linenum, int *activep,
+-    struct connection_info *connectinfo, int inc_flags, int depth,
++    struct connection_info *connectinfo, int *inc_flags, int depth,
+     struct include_list *includes)
+ {
+ 	char ch, *cp, ***chararrayptr, **charptr, *arg, *arg2, *p;
+@@ -2012,7 +2013,9 @@ process_server_config_line_depth(ServerOptions *options, char *line,
+ 					parse_server_config_depth(options,
+ 					    item->filename, item->contents,
+ 					    includes, connectinfo,
+-					    (oactive ? 0 : SSHCFG_NEVERMATCH),
++					    (*inc_flags & SSHCFG_MATCH_ONLY
++					        ? SSHCFG_MATCH_ONLY : (oactive
++					            ? 0 : SSHCFG_NEVERMATCH)),
+ 					    activep, depth + 1);
+ 				}
+ 				found = 1;
+@@ -2060,7 +2063,9 @@ process_server_config_line_depth(ServerOptions *options, char *line,
+ 				parse_server_config_depth(options,
+ 				    item->filename, item->contents,
+ 				    includes, connectinfo,
+-				    (oactive ? 0 : SSHCFG_NEVERMATCH),
++				    (*inc_flags & SSHCFG_MATCH_ONLY
++				        ? SSHCFG_MATCH_ONLY : (oactive
++				            ? 0 : SSHCFG_NEVERMATCH)),
+ 				    activep, depth + 1);
+ 				*activep = oactive;
+ 				TAILQ_INSERT_TAIL(includes, item, entry);
+@@ -2078,11 +2083,14 @@ process_server_config_line_depth(ServerOptions *options, char *line,
+ 		if (cmdline)
+ 			fatal("Match directive not supported as a command-line "
+ 			   "option");
+-		value = match_cfg_line(&cp, linenum, connectinfo);
++		value = match_cfg_line(&cp, linenum,
++		    (*inc_flags & SSHCFG_NEVERMATCH ? NULL : connectinfo));
+ 		if (value < 0)
+ 			fatal("%s line %d: Bad Match condition", filename,
+ 			    linenum);
+-		*activep = (inc_flags & SSHCFG_NEVERMATCH) ? 0 : value;
++		*activep = (*inc_flags & SSHCFG_NEVERMATCH) ? 0 : value;
++		/* The MATCH_ONLY is applicable only until the first match block */
++		*inc_flags &= ~SSHCFG_MATCH_ONLY;
+ 		break;
+ 
+ 	case sKerberosUseKuserok:
+@@ -2385,8 +2393,9 @@ process_server_config_line(ServerOptions *options, char *line,
+     const char *filename, int linenum, int *activep,
+     struct connection_info *connectinfo, struct include_list *includes)
+ {
++	int inc_flags = 0;
+ 	return process_server_config_line_depth(options, line, filename,
+-	    linenum, activep, connectinfo, 0, 0, includes);
++	    linenum, activep, connectinfo, &inc_flags, 0, includes);
+ }
+ 
+ 
+@@ -2591,14 +2600,15 @@ parse_server_config_depth(ServerOptions *options, const char *filename,
+ 	if (depth < 0 || depth > SERVCONF_MAX_DEPTH)
+ 		fatal("Too many recursive configuration includes");
+ 
+-	debug2("%s: config %s len %zu", __func__, filename, sshbuf_len(conf));
++	debug2("%s: config %s len %zu%s", __func__, filename, sshbuf_len(conf),
++	    (flags & SSHCFG_NEVERMATCH ? " [checking syntax only]" : ""));
+ 
+ 	if ((obuf = cbuf = sshbuf_dup_string(conf)) == NULL)
+ 		fatal("%s: sshbuf_dup_string failed", __func__);
+ 	linenum = 1;
+ 	while ((cp = strsep(&cbuf, "\n")) != NULL) {
+ 		if (process_server_config_line_depth(options, cp,
+-		    filename, linenum++, activep, connectinfo, flags,
++		    filename, linenum++, activep, connectinfo, &flags,
+ 		    depth, includes) != 0)
+ 			bad_options++;
+ 	}
+@@ -2615,7 +2625,7 @@ parse_server_config(ServerOptions *options, const char *filename,
+ {
+ 	int active = connectinfo ? 0 : 1;
+ 	parse_server_config_depth(options, filename, conf, includes,
+-	    connectinfo, 0, &active, 0);
++	    connectinfo, (connectinfo ? SSHCFG_MATCH_ONLY : 0), &active, 0);
+ 	process_queued_listen_addrs(options);
+ }
+ 
+-- 
+2.25.4
+
+

openssh.spec

@@ -65,10 +65,10 @@
 %endif
 
 # Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
-%global openssh_ver 8.2p1
-%global openssh_rel 2
+%global openssh_ver 8.3p1
+%global openssh_rel 3
 %global pam_ssh_agent_ver 0.10.3
-%global pam_ssh_agent_rel 9
+%global pam_ssh_agent_rel 10
 
 Summary: An open source implementation of SSH protocol version 2
 Name: openssh
@@ -213,6 +213,10 @@ Patch963: openssh-8.0p1-openssl-evp.patch
 Patch964: openssh-8.0p1-openssl-kdf.patch
 # sk-dummy.so built with -fvisibility=hidden does not work
 Patch965: openssh-8.2p1-visibility.patch
+# Do not break X11 without IPv6
+Patch966: openssh-8.2p1-x11-without-ipv6.patch
+# Unbreak sshd_config include corner cases (#3122)
+Patch967: openssh-8.3p1-sshd_include.patch
 
 License: BSD
 Requires: /sbin/nologin
@@ -233,7 +237,6 @@ BuildRequires: autoconf, automake, perl-interpreter, perl-generators, zlib-devel
 BuildRequires: audit-libs-devel >= 2.0.5
 BuildRequires: util-linux, groff
 BuildRequires: pam-devel
-BuildRequires: fipscheck-devel >= 1.3.0
 BuildRequires: openssl-devel >= 0.9.8j
 BuildRequires: perl-podlators
 BuildRequires: systemd-devel
@@ -264,16 +267,14 @@ BuildRequires: gnupg2
 %package clients
 Summary: An open source SSH client applications
 Requires: openssh = %{version}-%{release}
-Requires: fipscheck-lib%{_isa} >= 1.3.0
-Requires: crypto-policies >= 20180306-1
+Requires: crypto-policies >= 20200610-1
 
 %package server
 Summary: An open source SSH server daemon
 Requires: openssh = %{version}-%{release}
 Requires(pre): /usr/sbin/useradd
 Requires: pam >= 1.0.1-3
-Requires: fipscheck-lib%{_isa} >= 1.3.0
-Requires: crypto-policies >= 20180306-1
+Requires: crypto-policies >= 20200610-1
 %{?systemd_requires}
 
 %if %{ldap}
@@ -415,6 +416,8 @@ popd
 %patch963 -p1 -b .openssl-evp
 %patch964 -p1 -b .openssl-kdf
 %patch965 -p1 -b .visibility
+%patch966 -p1 -b .x11-ipv6
+%patch967 -p1 -b .include
 
 %patch200 -p1 -b .audit
 %patch201 -p1 -b .audit-race
@@ -545,14 +548,6 @@ make
 popd
 %endif
 
-# Add generation of HMAC checksums of the final stripped binaries
-%global __spec_install_post \
-    %%{?__debug_package:%%{__debug_install_post}} \
-    %%{__arch_install_post} \
-    %%{__os_install_post} \
-    fipshmac -d $RPM_BUILD_ROOT%{_libdir}/fipscheck $RPM_BUILD_ROOT%{_bindir}/ssh $RPM_BUILD_ROOT%{_sbindir}/sshd \
-%{nil}
-
 %check
 #to run tests use "--with check"
 %if %{?_with_check:1}%{!?_with_check:0}
@@ -572,12 +567,11 @@ rm -f $RPM_BUILD_ROOT%{_sysconfdir}/ssh/ldap.conf
 install -d $RPM_BUILD_ROOT/etc/pam.d/
 install -d $RPM_BUILD_ROOT/etc/sysconfig/
 install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh
-install -d $RPM_BUILD_ROOT%{_libdir}/fipscheck
 install -m644 %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/sshd
 install -m644 %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/ssh-keycat
 install -m644 %{SOURCE7} $RPM_BUILD_ROOT/etc/sysconfig/sshd
-install -m644 ssh_config_redhat $RPM_BUILD_ROOT/etc/ssh/ssh_config.d/05-redhat.conf
-install -m644 sshd_config_redhat $RPM_BUILD_ROOT/etc/ssh/sshd_config.d/05-redhat.conf
+install -m644 ssh_config_redhat $RPM_BUILD_ROOT/etc/ssh/ssh_config.d/50-redhat.conf
+install -m644 sshd_config_redhat $RPM_BUILD_ROOT/etc/ssh/sshd_config.d/50-redhat.conf
 install -d -m755 $RPM_BUILD_ROOT/%{_unitdir}
 install -m644 %{SOURCE9} $RPM_BUILD_ROOT/%{_unitdir}/sshd@.service
 install -m644 %{SOURCE10} $RPM_BUILD_ROOT/%{_unitdir}/sshd.socket
@@ -644,13 +638,12 @@ getent passwd sshd >/dev/null || \
 
 %files clients
 %attr(0755,root,root) %{_bindir}/ssh
-%attr(0644,root,root) %{_libdir}/fipscheck/ssh.hmac
 %attr(0644,root,root) %{_mandir}/man1/ssh.1*
 %attr(0755,root,root) %{_bindir}/scp
 %attr(0644,root,root) %{_mandir}/man1/scp.1*
 %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
 %dir %attr(0755,root,root) %{_sysconfdir}/ssh/ssh_config.d/
-%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config.d/05-redhat.conf
+%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config.d/50-redhat.conf
 %attr(0644,root,root) %{_mandir}/man5/ssh_config.5*
 %if ! %{rescue}
 %attr(0755,root,root) %{_bindir}/ssh-agent
@@ -673,7 +666,6 @@ getent passwd sshd >/dev/null || \
 %files server
 %dir %attr(0711,root,root) %{_var}/empty/sshd
 %attr(0755,root,root) %{_sbindir}/sshd
-%attr(0644,root,root) %{_libdir}/fipscheck/sshd.hmac
 %attr(0755,root,root) %{_libexecdir}/openssh/sftp-server
 %attr(0755,root,root) %{_libexecdir}/openssh/sshd-keygen
 %attr(0644,root,root) %{_mandir}/man5/sshd_config.5*
@@ -682,7 +674,7 @@ getent passwd sshd >/dev/null || \
 %attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
 %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
 %dir %attr(0700,root,root) %{_sysconfdir}/ssh/sshd_config.d/
-%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config.d/05-redhat.conf
+%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config.d/50-redhat.conf
 %attr(0644,root,root) %config(noreplace) /etc/pam.d/sshd
 %attr(0640,root,root) %config(noreplace) /etc/sysconfig/sshd
 %attr(0644,root,root) %{_unitdir}/sshd.service
@@ -728,9 +720,32 @@ getent passwd sshd >/dev/null || \
 %endif
 
 %changelog
-* Thu Mar 26 2020 David Abdurachmanov <david.abdurachmanov@sifive.com> - 8.2p1-2 + 0.10.3-9.0.riscv64
+* Thu Jul 23 2020 David Abdurachmanov <david.abdurachmanov@sifive.com> - 8.3p1-3 + 0.10.3-10.0.riscv64
 - Add support for RISC-V (riscv64)
 
+* Wed Jun 10 2020 Jakub Jelen <jjelen@redhat.com> - 8.3p1-3 + 0.10.3-10
+- Do not lose PIN when more slots match PKCS#11 URI (#1843372)
+- Update to new crypto-policies version on server (using sshd_config include)
+- Move redhat configuraion files to larger number to allow simpler override
+- Move sshd_config include before any other definitions (#1824913)
+
+* Mon Jun 01 2020 Jakub Jelen <jjelen@redhat.com> - 8.3p1-2 + 0.10.3-10
+- Fix crash on cleanup (#1842281)
+
+* Wed May 27 2020 Jakub Jelen <jjelen@redhat.com> - 8.3p1-1 + 0.10.3-10
+- New upstream release (#1840503)
+- Unbreak corner cases of sshd_config include
+- Fix order of gssapi key exchange algorithms
+
+* Wed Apr 08 2020 Jakub Jelen <jjelen@redhat.com> - 8.2p1-3 + 0.10.3-9
+- Simplify reference to crypto policies in configuration files
+- Unbreak gssapi authentication with GSSAPITrustDNS over jump hosts
+- Correctly print FIPS mode initialized in debug mode
+- Enable SHA2-based GSSAPI key exchange methods (#1666781)
+- Do not break X11 forwarding when IPv6 is disabled
+- Remove fipscheck dependency as OpenSSH is no longer FIPS module
+- Improve documentation about crypto policies defaults in manual pages
+
 * Thu Feb 20 2020 Jakub Jelen <jjelen@redhat.com> - 8.2p1-2 + 0.10.3-9
 - Build against libfido2 to unbreak internal u2f support
 

sources

@@ -1,4 +1,4 @@
-SHA512 (openssh-8.2p1.tar.gz) = c4db64e52a3a4c410de9de49f9cb104dd493b10250af3599b92457dd986277b3fd99a6f51cec94892fd1be5bd0369c5757262ea7805f0de464b245c3d34c120a
-SHA512 (openssh-8.2p1.tar.gz.asc) = e6d091289d62d3a01d5978e3c26f72d8ea6979c345fbebc215515185ea567c959f5b17e32052d752829ab4c6bc537fd977f7aa02cf0a23280da63fd9d880f303
+SHA512 (openssh-8.3p1.tar.gz) = b5232f7c85bf59ae2ff9d17b030117012e257e3b8c0d5ac60bb139a85b1fbf298b40f2e04203a2e13ca7273053ed668b9dedd54d3a67a7cb8e8e58c0228c5f40
+SHA512 (openssh-8.3p1.tar.gz.asc) = 569fa12b3671af15bd7cd54fc7b13d1d64f3e96eb28f6dc430082f7bec4595689c633d3d56c23faad45b73e4da666c3ec090de26bf54f49410ba9bb8b5363e75
 SHA512 (DJM-GPG-KEY.gpg) = db1191ed9b6495999e05eed2ef863fb5179bdb63e94850f192dad68eed8579836f88fbcfffd9f28524fe1457aff8cd248ee3e0afc112c8f609b99a34b80ecc0d
 SHA512 (pam_ssh_agent_auth-0.10.3.tar.bz2) = d75062c4e46b0b011f46aed9704a99049995fea8b5115ff7ee26dad7e93cbcf54a8af7efc6b521109d77dc03c6f5284574d2e1b84c6829cec25610f24fb4bd66

sshd.service

@@ -6,10 +6,9 @@ Wants=sshd-keygen.target
 
 [Service]
 Type=notify
-EnvironmentFile=-/etc/crypto-policies/back-ends/opensshserver.config
 EnvironmentFile=-/etc/sysconfig/sshd-permitrootlogin
 EnvironmentFile=-/etc/sysconfig/sshd
-ExecStart=/usr/sbin/sshd -D $OPTIONS $CRYPTO_POLICY $PERMITROOTLOGIN
+ExecStart=/usr/sbin/sshd -D $OPTIONS $PERMITROOTLOGIN
 ExecReload=/bin/kill -HUP $MAINPID
 KillMode=process
 Restart=on-failure

sshd@.service

@@ -5,8 +5,7 @@ Wants=sshd-keygen.target
 After=sshd-keygen.target
 
 [Service]
-EnvironmentFile=-/etc/crypto-policies/back-ends/opensshserver.config
 EnvironmentFile=-/etc/sysconfig/sshd-permitrootlogin
 EnvironmentFile=-/etc/sysconfig/sshd
-ExecStart=-/usr/sbin/sshd -i $OPTIONS $CRYPTO_POLICY $PERMITROOTLOGIN
+ExecStart=-/usr/sbin/sshd -i $OPTIONS $PERMITROOTLOGIN
 StandardInput=socket