Name already in use

 * Print PKCS#11 URIs from ssh-keygen
 * Accept PKCS#11 URIs in -i argument to ssh
 * Allow PKCS#11 URI specification in ssh_config
 * Fallback to p11-kit-proxy
 * PKCS#11 URI support for ssh-add and ssh-agent
  * internal representation is URI
 * Allow to specify pin-value in URI to avoid interactive prompts

Currently recognized and used parts of PKCS#11 URI:
 * path (optional)
  * token
  * id
  * manufacturer
  * (library-manufacturer)
 * query (optional)
  * module-path
  * pin-value

Unit test for PKCS#11 URIs

 * test PKCS#11 URI parser, generator
 * test percent_encodeer and decoder

Regression tests for PKCS#11 URI support

 * soft-pkcs11.so  from people.su.se/~lha/soft-pkcs11
  * Return correct CKR for unknown attributes
  * Adjust and build it with regress tests (allowing agent-pkcs11 test)
 * Test PKCS#11 URIs support with soft-pkcs11
  * Direct usage from commandline (URI, provider and combination)
  * Usage from configuration files
  * Usage in ssh-agent (add, sign, remove)
  * Make sure it is built with correct paths

If the PAM account stack reaturns any messages, send them to the user
not just if the check succeeds.  bz#2049, ok djm@

* Only use heimdal kerberos implementation
* Fetch yubico/libfido2 (see: https://github.com/Yubico/libfido2)
* Add one target for
    * all features
    * each feature alone
    * no features

bz#960, ok dtucker

avoids warnings on NetBSD

Needed for NetBSD. etc that supply these macros

Previously if the user specified a custom extension then the everything would
be in order except the custom ones. bz3198 ok dtucker markus

OpenBSD-Commit-ID: d97deb90587b06cb227c66ffebb2d9667bf886f0

sftp. The default remains to not forward an agent, even when ssh_config
enables it. ok jmc dtucker markus

OpenBSD-Commit-ID: 36cc526aa3b0f94e4704b8d7b969dd63e8576822

FALLTHROUGH */ comments, which is the style we currently use, and gives too
many boring warnings. ok djm

OpenBSD-Commit-ID: 07b5031e9f49f2b69ac5e85b8da4fc9e393992a0

bz#3057, ok djm@

OpenBSD-Commit-ID: 9bbc1d138adb34c54f3c03a15a91f75dbf418782

It hasn't been useful since we switched to git in 2014.  ok djm@

configure.ac is not detecting -Wextra in compilers that implement the
option. The problem is that -Wextra implies -Wunused-parameter, and the
C excerpt used by aclocal.m4 does not use argv.  Patch from pedro at
ambientworks.net, ok djm@

Based on patch from Fabio Pedretti

the other keywords that recently got %k.

OpenBSD-Commit-ID: 1857d1c40f270cbc254fca91e66110641dddcfdb

OpenBSD-Commit-ID: 624e47ab209450ad9ad5c69f54fa69244de5ed9a

OpenBSD-Regress-ID: 8ed1ba1a811790031aad3fcea860a34ad7910456

OpenBSD-Regress-ID: bccf8060306c841bbcceb1392644f906a4d6ca51

OpenBSD-Commit-ID: f733d7b3b05e3c68967dc18dfe39b9e8fad29851

the destination.  This allows, eg, keeping host keys in individual files
using "UserKnownHostsFile ~/.ssh/known_hosts.d/%k". bz#1654, ok djm@, jmc@
(man page bits)

OpenBSD-Commit-ID: 7084d723c9cc987a5c47194219efd099af5beadc

UserKnownHostsFile, allowing the file to be automagically split up in the
configuration (eg bz#1654).  ok djm@, man page parts jmc@

OpenBSD-Commit-ID: 7e1b406caf147638bb51558836a72d6cc0bd1b18

Reorder parameters list in the first usage() case - Sentence rewording

ok dtucker@
jmc@ noticed usage() missed -a flag too

OpenBSD-Commit-ID: f06b9afe91cc96f260b929a56e9930caecbde246

OpenBSD-Commit-ID: ab06581d51b2b4cc1b4aab781f7f3cfa56cad973

This is a frankenstein monster of AMD64 instructions/calling conventions
but with a 4GB address space. Allegedly deprecated but people still run
into it causing weird sandbox failures, e.g. bz#3085

OpenBSD-Regress-ID: 821cdd1dff9c502cceff4518b6afcb81767cad5a

OpenBSD-Regress-ID: 965bda1f95f09a765050707340c73ad755f41167

OpenBSD-Commit-ID: cb7e9aa04ace01a98e63e4bd77f34a42ab169b15