From dba154f20cc511f7ee6c316070e1c0c7aefc3655 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Aug 31 2018 11:26:44 +0000
Subject: Unbreak gssapi rekeying (#1624344)


---

diff --git a/openssh-7.8p1-gsskex.patch b/openssh-7.8p1-gsskex.patch
index a41925e..f655f21 100644
--- a/openssh-7.8p1-gsskex.patch
+++ b/openssh-7.8p1-gsskex.patch
@@ -2467,7 +2467,7 @@ diff -up openssh/sshconnect2.c.gsskex openssh/sshconnect2.c
 +	 * 'null' hostkey, as a last resort */
 +	if (options.gss_keyex && gss) {
 +		orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS];
-+		xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS], 
++		xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS],
 +		    "%s,null", orig);
 +		free(gss);
 +	}
@@ -2874,4 +2874,31 @@ diff -up openssh/sshkey.h.gsskex openssh/sshkey.h
 +	KEY_NULL,
  	KEY_UNSPEC
  };
+
+--- openssh/sshconnect2.c.orig  2017-01-04 19:47:10.000000000 +0100
++++ openssh/sshconnect2.c       2017-01-05 04:13:08.977425272 +0100
+@@ -344,7 +344,6 @@
+ 		orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS];
+ 		xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS],
+ 		    "%s,null", orig);
+-		free(gss);
+ 	}
+ #endif
+ 
+@@ -398,6 +397,16 @@
+ 	/* remove ext-info from the KEX proposals for rekeying */
+ 	myproposal[PROPOSAL_KEX_ALGS] =
+ 	    compat_kex_proposal(options.kex_algorithms);
++#ifdef GSSAPI
++	/* repair myproposal after it was crumpled by the */
++	/* ext-info removal above */
++	if (gss) {
++		orig = myproposal[PROPOSAL_KEX_ALGS];
++		xasprintf(&myproposal[PROPOSAL_KEX_ALGS],
++		    "%s,%s", gss, orig);
++		free(gss);
++	}
++#endif
+ 	if ((r = kex_prop2buf(kex->my, myproposal)) != 0)
+ 		fatal("kex_prop2buf: %s", ssh_err(r));