Polish diff against upstream.

- Revert unneeded whitespace changes.
- Revert modifications to loginrec.c, as the upstream version already
  does the right thing.
- Fix indentation and whitespace of local changes.

Approved by:	des
MFC after:	1 month

crypto/openssh/auth2.c

@@ -223,8 +223,8 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
 	login_cap_t *lc;
 	const char *from_host, *from_ip;
 
-        from_host = get_canonical_hostname(options.use_dns);
-        from_ip = get_remote_ipaddr();
+	from_host = get_canonical_hostname(options.use_dns);
+	from_ip = get_remote_ipaddr();
 #endif
 
 	if (authctxt == NULL)
@@ -272,23 +272,23 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
 	}
 
 #ifdef HAVE_LOGIN_CAP
-        if (authctxt->pw != NULL) {
-                lc = login_getpwclass(authctxt->pw);
-                if (lc == NULL)
-                        lc = login_getclassbyname(NULL, authctxt->pw);
-                if (!auth_hostok(lc, from_host, from_ip)) {
-                        logit("Denied connection for %.200s from %.200s [%.200s].",
-                            authctxt->pw->pw_name, from_host, from_ip);
-                        packet_disconnect("Sorry, you are not allowed to connect.");
-                }
-                if (!auth_timeok(lc, time(NULL))) {
-                        logit("LOGIN %.200s REFUSED (TIME) FROM %.200s",
-                            authctxt->pw->pw_name, from_host);
-                        packet_disconnect("Logins not available right now.");
-                }
-                login_close(lc);
-                lc = NULL;
-        }
+	if (authctxt->pw != NULL) {
+		lc = login_getpwclass(authctxt->pw);
+		if (lc == NULL)
+			lc = login_getclassbyname(NULL, authctxt->pw);
+		if (!auth_hostok(lc, from_host, from_ip)) {
+			logit("Denied connection for %.200s from %.200s [%.200s].",
+			    authctxt->pw->pw_name, from_host, from_ip);
+			packet_disconnect("Sorry, you are not allowed to connect.");
+		}
+		if (!auth_timeok(lc, time(NULL))) {
+			logit("LOGIN %.200s REFUSED (TIME) FROM %.200s",
+			    authctxt->pw->pw_name, from_host);
+			packet_disconnect("Logins not available right now.");
+		}
+		login_close(lc);
+		lc = NULL;
+	}
 #endif  /* HAVE_LOGIN_CAP */
 
 	/* reset state */

crypto/openssh/channels.c

@@ -824,7 +824,7 @@ channel_tcpwinsz(void)
 	u_int maxlen;
 
 	/* If we are not on a socket return 128KB. */
-	if (!packet_connection_is_on_socket()) 
+	if (!packet_connection_is_on_socket())
 		return (128 * 1024);
 
 	tcpwinsz = 0;
@@ -854,7 +854,7 @@ channel_pre_open(Channel *c, fd_set *readset, fd_set *writeset)
 
 	limit = MIN(compat20 ? c->remote_window : packet_get_maxsize(),
 	    2 * c->tcpwinsz);
-	
+
 	if (c->istate == CHAN_INPUT_OPEN &&
 	    limit > 0 &&
 	    buffer_len(&c->input) < limit &&
@@ -2687,10 +2687,10 @@ channel_set_af(int af)
 	IPv4or6 = af;
 }
 
-void 
+void
 channel_set_hpn(int disabled, u_int buf_size)
 {
-      	hpn_disabled = disabled;
+	hpn_disabled = disabled;
 	buffer_size = buf_size;
 	debug("HPN Disabled: %d, HPN Buffer Size: %d",
 	    hpn_disabled, buffer_size);
@@ -2856,10 +2856,10 @@ channel_setup_fwd_listener(int type, const char *listen_addr,
 			c = channel_new("port listener", type, sock, sock, -1,
 			    CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT,
 			    0, "port listener", 1);
- 		else
- 			c = channel_new("port listener", type, sock, sock, -1,
- 		    	    buffer_size, CHAN_TCP_PACKET_DEFAULT,
- 		    	    0, "port listener", 1);
+		else
+			c = channel_new("port listener", type, sock, sock, -1,
+			    buffer_size, CHAN_TCP_PACKET_DEFAULT,
+			    0, "port listener", 1);
 		c->path = xstrdup(host);
 		c->host_port = port_to_connect;
 		c->listening_port = listen_port;

crypto/openssh/channels.h

@@ -126,7 +126,7 @@ struct Channel {
 	u_int	local_window_max;
 	u_int	local_consumed;
 	u_int	local_maxpacket;
-	u_int 	tcpwinsz;	
+	u_int	tcpwinsz;
 	int	dynamic_window;
 	int     extended_usage;
 	int	single_connection;
@@ -165,13 +165,10 @@ struct Channel {
 /* default window/packet sizes for tcp/x11-fwd-channel */
 #define CHAN_SES_PACKET_DEFAULT	(32*1024)
 #define CHAN_SES_WINDOW_DEFAULT	(64*CHAN_SES_PACKET_DEFAULT)
-
 #define CHAN_TCP_PACKET_DEFAULT	(32*1024)
 #define CHAN_TCP_WINDOW_DEFAULT	(64*CHAN_TCP_PACKET_DEFAULT)
-
 #define CHAN_X11_PACKET_DEFAULT	(16*1024)
 #define CHAN_X11_WINDOW_DEFAULT	(4*CHAN_X11_PACKET_DEFAULT)
-
 #define CHAN_HPN_MIN_WINDOW_DEFAULT	(2*1024*1024)
 
 /* possible input states */
@@ -302,6 +299,7 @@ void	 chan_write_failed(Channel *);
 void	 chan_obuf_empty(Channel *);
 
 /* hpn handler */
-void     channel_set_hpn(int, u_int);
+
+void	channel_set_hpn(int, u_int);
 
 #endif

crypto/openssh/kex.c

@@ -457,13 +457,13 @@ kex_choose_conf(Kex *kex)
 #ifdef	NONE_CIPHER_ENABLED
 		debug("REQUESTED ENC.NAME is '%s'", newkeys->enc.name);
 		if (strcmp(newkeys->enc.name, "none") == 0) {
-			debug("Requesting NONE. Authflag is %d", auth_flag);			
+			debug("Requesting NONE. Authflag is %d", auth_flag);
 			if (auth_flag == 1)
 				debug("None requested post authentication.");
 			else
 				fatal("Pre-authentication none cipher requests "
 				    "are not allowed.");
-		} 
+		}
 #endif
 		debug("kex: %s %s %s %s",
 		    ctos ? "client->server" : "server->client",

crypto/openssh/loginrec.c

@@ -146,7 +146,6 @@
  */
 
 #include "includes.h"
-__RCSID("$FreeBSD$");
 
 #include <sys/types.h>
 #include <sys/stat.h>
@@ -516,10 +515,6 @@ getlast_entry(struct logininfo *li)
 	return (utmpx_get_entry(li));
 #endif
 
-#if 1
-	return (utmpx_get_entry(li));
-#endif
-
 #if defined(DISABLE_LASTLOG)
 	/* On some systems we shouldn't even try to obtain last login
 	 * time, e.g. AIX */

crypto/openssh/readconf.c

@@ -264,6 +264,7 @@ static struct {
 	{ "noneswitch", oNoneSwitch },
 #endif
 	{ "versionaddendum", oVersionAddendum },
+
 	{ NULL, oBadOption }
 };
 
@@ -1092,9 +1093,9 @@ process_config_line(Options *options, const char *host,
 	case oNoneEnabled:
 		intptr = &options->none_enabled;
 		goto parse_flag;
- 
+
 	/*
-         * We check to see if the command comes from the command line or not.
+	 * We check to see if the command comes from the command line or not.
 	 * If it does then enable it otherwise fail.  NONE must never be a
 	 * default configuration.
 	 */
@@ -1110,7 +1111,7 @@ process_config_line(Options *options, const char *host,
 			    "from the command line", filename);
 			error("Continuing...");
 			return 0;
-	        }
+		}
 #endif
 
 	case oVersionAddendum:
@@ -1458,7 +1459,7 @@ fill_default_options(Options * options)
 	/* options->host_key_alias should not be set by default */
 	/* options->preferred_authentications will be set in ssh */
 	if (options->hpn_disabled == -1)
-	        options->hpn_disabled = 0;
+		options->hpn_disabled = 0;
 	if (options->hpn_buffer_size > -1)
 	{
 		u_int maxlen;
@@ -1478,7 +1479,7 @@ fill_default_options(Options * options)
 	}
 	if (options->tcp_rcv_buf == 0)
 		options->tcp_rcv_buf = 1;
-	if (options->tcp_rcv_buf > -1) 
+	if (options->tcp_rcv_buf > -1)
 		options->tcp_rcv_buf *= 1024;
 	if (options->tcp_rcv_buf_poll == -1)
 		options->tcp_rcv_buf_poll = 1;

crypto/openssh/readconf.h

@@ -133,6 +133,7 @@ typedef struct {
 	int	visual_host_key;
 
 	int	use_roaming;
+
 	int	request_tty;
 
 	int	hpn_disabled;	/* Switch to disable HPN buffer management. */

crypto/openssh/servconf.c

@@ -166,7 +166,7 @@ fill_default_server_options(ServerOptions *options)
 			    _PATH_HOST_KEY_FILE;
 		if (options->protocol & SSH_PROTO_2) {
 			options->host_key_files[options->num_host_key_files++] =
-                            _PATH_HOST_RSA_KEY_FILE;
+			    _PATH_HOST_RSA_KEY_FILE;
 			options->host_key_files[options->num_host_key_files++] =
 			    _PATH_HOST_DSA_KEY_FILE;
 #ifdef OPENSSL_HAS_ECC
@@ -286,7 +286,7 @@ fill_default_server_options(ServerOptions *options)
 		options->ip_qos_interactive = IPTOS_LOWDELAY;
 	if (options->ip_qos_bulk == -1)
 		options->ip_qos_bulk = IPTOS_THROUGHPUT;
-	if (options->hpn_disabled == -1) 
+	if (options->hpn_disabled == -1)
 		options->hpn_disabled = 0;
 	if (options->hpn_buffer_size == -1) {
 		/*

crypto/openssh/sftp.1

@@ -246,7 +246,7 @@ diagnostic messages from
 Specify how many requests may be outstanding at any one time.
 Increasing this may slightly improve file transfer speed
 but will increase memory usage.
-The default is 256 outstanding requests providing for 8MB 
+The default is 256 outstanding requests providing for 8MB
 of outstanding data with a 32KB buffer.
 .It Fl r
 Recursively copy entire directories when uploading and downloading.

crypto/openssh/ssh.c

@@ -1461,6 +1461,7 @@ ssh_session2_open(void)
 		c->dynamic_window = 1;
 		debug("Enabled Dynamic Window Scaling\n");
 	}
+
 	debug3("ssh_session2_open: channel_new: %d", c->self);
 
 	channel_send_open(c->self);

crypto/openssh/sshd.c

@@ -1916,11 +1916,11 @@ main(int ac, char **av)
 #ifdef __FreeBSD__
 	/*
 	 * Initialize the resolver.  This may not happen automatically
-	 * before privsep chroot().                                   
+	 * before privsep chroot().
 	 */
 	if ((_res.options & RES_INIT) == 0) {
-		debug("res_init()");         
-		res_init();         
+		debug("res_init()");
+		res_init();
 	}
 #ifdef GSSAPI
 	/*

crypto/openssh/sshd_config.5

@@ -499,7 +499,7 @@ or
 .Pp
 .Pa /etc/hosts.equiv
 and
-.Pa /etc/ssh/shosts.equiv 
+.Pa /etc/ssh/shosts.equiv
 are still used.
 The default is
 .Dq yes .

crypto/openssh/version.h

@@ -2,11 +2,11 @@
 /* $FreeBSD$ */
 
 #ifndef SSH_VERSION
-#define SSH_VERSION_BASE        "OpenSSH_5.9p1"
-#define SSH_VERSION_ADDENDUM    "FreeBSD-20111001"
+#define SSH_VERSION_BASE	"OpenSSH_5.9p1"
+#define SSH_VERSION_ADDENDUM	"FreeBSD-20111001"
 #define SSH_VERSION_HPN		"_hpn13v11"
 #define SSH_VERSION		SSH_VERSION_BASE SSH_VERSION_HPN " " SSH_VERSION_ADDENDUM
-#define SSH_RELEASE             (ssh_version_get())
+#define SSH_RELEASE		(ssh_version_get())
 
 const char *ssh_version_get(void);
 void ssh_version_set_addendum(const char *);