From 48b7683ce33d6b9a7f708727e0122c357625a456 Mon Sep 17 00:00:00 2001
From: glebius <glebius@FreeBSD.org>
Date: Thu, 14 Jan 2016 22:42:43 +0000
Subject: Merge r294048: fix OpenSSH client information leak.

Security:	SA-16:07.openssh
Security:	CVE-2016-0777
---
 crypto/openssh/readconf.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/crypto/openssh/readconf.c b/crypto/openssh/readconf.c
index 9145b46..16f62fe 100644
--- a/crypto/openssh/readconf.c
+++ b/crypto/openssh/readconf.c
@@ -1643,7 +1643,7 @@ initialize_options(Options * options)
 	options->tun_remote = -1;
 	options->local_command = NULL;
 	options->permit_local_command = -1;
-	options->use_roaming = -1;
+	options->use_roaming = 0;
 	options->visual_host_key = -1;
 	options->ip_qos_interactive = -1;
 	options->ip_qos_bulk = -1;
@@ -1825,8 +1825,7 @@ fill_default_options(Options * options)
 		options->tun_remote = SSH_TUNID_ANY;
 	if (options->permit_local_command == -1)
 		options->permit_local_command = 0;
-	if (options->use_roaming == -1)
-		options->use_roaming = 1;
+	options->use_roaming = 0;
 	if (options->visual_host_key == -1)
 		options->visual_host_key = 0;
 	if (options->ip_qos_interactive == -1)
-- 
cgit v1.1