vendor/openssh/6.0p1

author: Dag-Erling Smørgrav <des@FreeBSD.org> 2012-08-29 15:46:01 +0000
committer: Dag-Erling Smørgrav <des@FreeBSD.org> 2012-08-29 15:46:01 +0000
commit: 2e97a36905ba9936cb9972e37c5e56deb288e442 (patch)
tree: 63724b2d8e911727737ec31273789b3f46ffa6ff /openbsd-compat
parent: 4bc11fc94e472842a59429d633d4b97124da2a2e (diff)
19 files changed, 624 insertions, 195 deletions
diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in
index 41b22d837b14e..196a81d132735 100644
--- a/openbsd-compat/Makefile.in
+++ b/openbsd-compat/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.46 2010/10/07 11:19:24 djm Exp $
+# $Id: Makefile.in,v 1.48 2011/11/04 00:25:25 dtucker Exp $
 
 sysconfdir=@sysconfdir@
 piddir=@piddir@
@@ -16,9 +16,9 @@ RANLIB=@RANLIB@
 INSTALL=@INSTALL@
 LDFLAGS=-L. @LDFLAGS@
 
-OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o timingsafe_bcmp.o vis.o
+OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strnlen.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o timingsafe_bcmp.o vis.o
 
-COMPAT=bsd-arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o
+COMPAT=bsd-arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o
 
 PORTS=port-aix.o port-irix.o port-linux.o port-solaris.o port-tun.o port-uw.o
 
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index 9eedc88d2c1cd..6befc016f1c26 100644
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -76,6 +76,7 @@ static struct wenv {
 	{ NL("OS=") },
 	{ NL("PATH=") },
 	{ NL("PATHEXT=") },
+	{ NL("PROGRAMFILES=") },
 	{ NL("SYSTEMDRIVE=") },
 	{ NL("SYSTEMROOT=") },
 	{ NL("WINDIR=") }
diff --git a/openbsd-compat/bsd-cygwin_util.h b/openbsd-compat/bsd-cygwin_util.h
index 48f64b7406907..d223792d72574 100644
--- a/openbsd-compat/bsd-cygwin_util.h
+++ b/openbsd-compat/bsd-cygwin_util.h
@@ -1,4 +1,4 @@
-/* $Id: bsd-cygwin_util.h,v 1.13 2011/08/17 01:31:09 djm Exp $ */
+/* $Id: bsd-cygwin_util.h,v 1.14 2012/03/30 03:07:07 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001, 2011 Corinna Vinschen <vinschen@redhat.com>
@@ -40,6 +40,12 @@
 #include <sys/cygwin.h>
 #include <io.h>
 
+/* Make sure _WIN32 isn't defined later in the code, otherwise headers from
+   other packages might get the wrong idea about the target system. */
+#ifdef _WIN32
+#undef _WIN32
+#endif
+
 int binary_open(const char *, int , ...);
 int check_ntsec(const char *);
 char **fetch_windows_environment(void);
diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h
index e70c3f9e9ebe5..e3717562564e7 100644
--- a/openbsd-compat/bsd-misc.h
+++ b/openbsd-compat/bsd-misc.h
@@ -1,4 +1,4 @@
-/* $Id: bsd-misc.h,v 1.19 2010/11/08 22:26:23 tim Exp $ */
+/* $Id: bsd-misc.h,v 1.20 2012/02/14 18:03:31 tim Exp $ */
 
 /*
  * Copyright (c) 1999-2004 Damien Miller <djm@mindrot.org>
@@ -86,7 +86,7 @@ int tcsendbreak(int, int);
 #endif
 
 #ifndef HAVE_UNSETENV
-void unsetenv(const char *);
+int unsetenv(const char *);
 #endif
 
 /* wrapper for signal interface */
diff --git a/openbsd-compat/getcwd.c b/openbsd-compat/getcwd.c
index 711cb9cd5d47e..3edbb9cba3de5 100644
--- a/openbsd-compat/getcwd.c
+++ b/openbsd-compat/getcwd.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: getcwd.c,v 1.14 2005/08/08 08:05:34 espie Exp $ */
+/*	from OpenBSD: getcwd.c,v 1.14 2005/08/08 08:05:34 espie Exp */
 /*
  * Copyright (c) 1989, 1991, 1993
  *	The Regents of the University of California.  All rights reserved.
diff --git a/openbsd-compat/getgrouplist.c b/openbsd-compat/getgrouplist.c
index a57d7d3886269..3afcb9281bb3c 100644
--- a/openbsd-compat/getgrouplist.c
+++ b/openbsd-compat/getgrouplist.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: getgrouplist.c,v 1.12 2005/08/08 08:05:34 espie Exp $ */
+/*	from OpenBSD: getgrouplist.c,v 1.12 2005/08/08 08:05:34 espie Exp */
 /*
  * Copyright (c) 1991, 1993
  *	The Regents of the University of California.  All rights reserved.
diff --git a/openbsd-compat/getrrsetbyname-ldns.c b/openbsd-compat/getrrsetbyname-ldns.c
new file mode 100644
index 0000000000000..8ce5678c9a446
--- /dev/null
+++ b/openbsd-compat/getrrsetbyname-ldns.c
@@ -0,0 +1,284 @@
+/* $OpenBSD: getrrsetbyname.c,v 1.10 2005/03/30 02:58:28 tedu Exp $ */
+
+/*
+ * Copyright (c) 2007 Simon Vallet / Genoscope <svallet@genoscope.cns.fr>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Portions Copyright (c) 1999-2001 Internet Software Consortium.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
+ * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
+ * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
+ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include "includes.h"
+
+#if !defined (HAVE_GETRRSETBYNAME) && defined (HAVE_LDNS)
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <ldns/ldns.h>
+
+#include "getrrsetbyname.h"
+#include "log.h"
+#include "xmalloc.h"
+
+#define malloc(x)	(xmalloc(x))
+#define calloc(x, y)	(xcalloc((x),(y)))
+#define free(x)		(xfree(x))
+
+int
+getrrsetbyname(const char *hostname, unsigned int rdclass,
+	       unsigned int rdtype, unsigned int flags,
+	       struct rrsetinfo **res)
+{
+	int result;
+	unsigned int i, j, index_ans, index_sig;
+	struct rrsetinfo *rrset = NULL;
+	struct rdatainfo *rdata;
+	size_t len;
+	ldns_resolver *ldns_res;
+	ldns_rdf *domain = NULL;
+	ldns_pkt *pkt = NULL;
+	ldns_rr_list *rrsigs = NULL, *rrdata = NULL;
+	ldns_status err;
+	ldns_rr *rr;
+
+	/* check for invalid class and type */
+	if (rdclass > 0xffff || rdtype > 0xffff) {
+		result = ERRSET_INVAL;
+		goto fail;
+	}
+
+	/* don't allow queries of class or type ANY */
+	if (rdclass == 0xff || rdtype == 0xff) {
+		result = ERRSET_INVAL;
+		goto fail;
+	}
+
+	/* don't allow flags yet, unimplemented */
+	if (flags) {
+		result = ERRSET_INVAL;
+		goto fail;
+	}
+
+	/* Initialize resolver from resolv.conf */
+	domain = ldns_dname_new_frm_str(hostname);
+	if ((err = ldns_resolver_new_frm_file(&ldns_res, NULL)) != \
+	    LDNS_STATUS_OK) {
+		result = ERRSET_FAIL;
+		goto fail;
+	}
+
+#ifdef LDNS_DEBUG
+	ldns_resolver_set_debug(ldns_res, true);
+#endif /* LDNS_DEBUG */
+
+	ldns_resolver_set_dnssec(ldns_res, true); /* Use DNSSEC */
+
+	/* make query */
+	pkt = ldns_resolver_query(ldns_res, domain, rdtype, rdclass, LDNS_RD);
+
+	/*** TODO: finer errcodes -- see original **/
+	if (!pkt || ldns_pkt_ancount(pkt) < 1) {
+		result = ERRSET_FAIL;
+		goto fail;
+	}
+
+	/* initialize rrset */
+	rrset = calloc(1, sizeof(struct rrsetinfo));
+	if (rrset == NULL) {
+		result = ERRSET_NOMEMORY;
+		goto fail;
+	}
+
+	rrdata = ldns_pkt_rr_list_by_type(pkt, rdtype, LDNS_SECTION_ANSWER);
+	rrset->rri_nrdatas = ldns_rr_list_rr_count(rrdata);
+	if (!rrset->rri_nrdatas) {
+		result = ERRSET_NODATA;
+		goto fail;
+	}
+
+	/* copy name from answer section */
+	len = ldns_rdf_size(ldns_rr_owner(ldns_rr_list_rr(rrdata, 0)));
+	if ((rrset->rri_name = malloc(len)) == NULL) {
+		result = ERRSET_NOMEMORY;
+		goto fail;
+	}
+	memcpy(rrset->rri_name,
+	    ldns_rdf_data(ldns_rr_owner(ldns_rr_list_rr(rrdata, 0))), len);
+
+	rrset->rri_rdclass = ldns_rr_get_class(ldns_rr_list_rr(rrdata, 0));
+	rrset->rri_rdtype = ldns_rr_get_type(ldns_rr_list_rr(rrdata, 0));
+	rrset->rri_ttl = ldns_rr_ttl(ldns_rr_list_rr(rrdata, 0));
+
+	debug2("ldns: got %u answers from DNS", rrset->rri_nrdatas);
+
+	/* Check for authenticated data */
+	if (ldns_pkt_ad(pkt)) {
+		rrset->rri_flags |= RRSET_VALIDATED;
+	} else { /* AD is not set, try autonomous validation */
+		ldns_rr_list * trusted_keys = ldns_rr_list_new();
+
+		debug2("ldns: trying to validate RRset");
+		/* Get eventual sigs */
+		rrsigs = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_RRSIG,
+		    LDNS_SECTION_ANSWER);
+
+		rrset->rri_nsigs = ldns_rr_list_rr_count(rrsigs);
+		debug2("ldns: got %u signature(s) (RRTYPE %u) from DNS",
+		       rrset->rri_nsigs, LDNS_RR_TYPE_RRSIG);
+
+		if ((err = ldns_verify_trusted(ldns_res, rrdata, rrsigs,
+		     trusted_keys)) == LDNS_STATUS_OK) {
+			rrset->rri_flags |= RRSET_VALIDATED;
+			debug2("ldns: RRset is signed with a valid key");
+		} else {
+			debug2("ldns: RRset validation failed: %s",
+			    ldns_get_errorstr_by_id(err));
+		}
+
+		ldns_rr_list_deep_free(trusted_keys);
+	}
+
+	/* allocate memory for answers */
+	rrset->rri_rdatas = calloc(rrset->rri_nrdatas,
+	   sizeof(struct rdatainfo));
+
+	if (rrset->rri_rdatas == NULL) {
+		result = ERRSET_NOMEMORY;
+		goto fail;
+	}
+
+	/* allocate memory for signatures */
+	if (rrset->rri_nsigs > 0) {
+		rrset->rri_sigs = calloc(rrset->rri_nsigs,
+		    sizeof(struct rdatainfo));
+
+		if (rrset->rri_sigs == NULL) {
+			result = ERRSET_NOMEMORY;
+			goto fail;
+		}
+	}
+
+	/* copy answers & signatures */
+	for (i=0, index_ans=0, index_sig=0; i< pkt->_header->_ancount; i++) {
+		rdata = NULL;
+		rr = ldns_rr_list_rr(ldns_pkt_answer(pkt), i);
+
+		if (ldns_rr_get_class(rr) == rrset->rri_rdclass &&
+		    ldns_rr_get_type(rr) == rrset->rri_rdtype) {
+			rdata = &rrset->rri_rdatas[index_ans++];
+		}
+
+		if (rr->_rr_class == rrset->rri_rdclass &&
+		    rr->_rr_type == LDNS_RR_TYPE_RRSIG) {
+			rdata = &rrset->rri_sigs[index_sig++];
+		}
+
+		if (rdata) {
+			size_t rdata_offset = 0;
+
+			rdata->rdi_length = 0;
+			for (j=0; j< rr->_rd_count; j++) {
+				rdata->rdi_length +=
+				    ldns_rdf_size(ldns_rr_rdf(rr, j));
+			}
+
+			rdata->rdi_data = malloc(rdata->rdi_length);
+			if (rdata->rdi_data == NULL) {
+				result = ERRSET_NOMEMORY;
+				goto fail;
+			}
+
+			/* Re-create the raw DNS RDATA */
+			for (j=0; j< rr->_rd_count; j++) {
+				len = ldns_rdf_size(ldns_rr_rdf(rr, j));
+				memcpy(rdata->rdi_data + rdata_offset,
+				       ldns_rdf_data(ldns_rr_rdf(rr, j)), len);
+				rdata_offset += len;
+			}
+		}
+	}
+
+	*res = rrset;
+	result = ERRSET_SUCCESS;
+
+fail:
+	/* freerrset(rrset); */
+	ldns_rdf_deep_free(domain);
+	ldns_pkt_free(pkt);
+	ldns_rr_list_deep_free(rrsigs);
+	ldns_rr_list_deep_free(rrdata);
+	ldns_resolver_deep_free(ldns_res);
+
+	return result;
+}
+
+
+void
+freerrset(struct rrsetinfo *rrset)
+{
+	u_int16_t i;
+
+	if (rrset == NULL)
+		return;
+
+	if (rrset->rri_rdatas) {
+		for (i = 0; i < rrset->rri_nrdatas; i++) {
+			if (rrset->rri_rdatas[i].rdi_data == NULL)
+				break;
+			free(rrset->rri_rdatas[i].rdi_data);
+		}
+		free(rrset->rri_rdatas);
+	}
+
+	if (rrset->rri_sigs) {
+		for (i = 0; i < rrset->rri_nsigs; i++) {
+			if (rrset->rri_sigs[i].rdi_data == NULL)
+				break;
+			free(rrset->rri_sigs[i].rdi_data);
+		}
+		free(rrset->rri_sigs);
+	}
+
+	if (rrset->rri_name)
+		free(rrset->rri_name);
+	free(rrset);
+}
+
+
+#endif /* !defined (HAVE_GETRRSETBYNAME) && defined (HAVE_LDNS) */
diff --git a/openbsd-compat/getrrsetbyname.c b/openbsd-compat/getrrsetbyname.c
index 98876673d0027..dc6fe05337324 100644
--- a/openbsd-compat/getrrsetbyname.c
+++ b/openbsd-compat/getrrsetbyname.c
@@ -47,7 +47,7 @@
 
 #include "includes.h"
 
-#ifndef HAVE_GETRRSETBYNAME
+#if !defined (HAVE_GETRRSETBYNAME) && !defined (HAVE_LDNS)
 
 #include <stdlib.h>
 #include <string.h>
@@ -607,4 +607,4 @@ count_dns_rr(struct dns_rr *p, u_int16_t class, u_int16_t type)
 	return (n);
 }
 
-#endif /* !defined(HAVE_GETRRSETBYNAME) */
+#endif /*  !defined (HAVE_GETRRSETBYNAME) && !defined (HAVE_LDNS) */
diff --git a/openbsd-compat/glob.c b/openbsd-compat/glob.c
index 0341225cd12b5..742b4b954a32f 100644
--- a/openbsd-compat/glob.c
+++ b/openbsd-compat/glob.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: glob.c,v 1.35 2011/01/12 01:53:14 djm Exp $ */
+/*	$OpenBSD: glob.c,v 1.38 2011/09/22 06:27:29 djm Exp $ */
 /*
  * Copyright (c) 1989, 1993
  *	The Regents of the University of California.  All rights reserved.
@@ -66,6 +66,7 @@
 #include <dirent.h>
 #include <ctype.h>
 #include <errno.h>
+#include <limits.h>
 #include <pwd.h>
 #include <stdlib.h>
 #include <string.h>
@@ -132,13 +133,22 @@ typedef char Char;
 #define	GLOB_LIMIT_STAT		128
 #define	GLOB_LIMIT_READDIR	16384
 
+/* Limit of recursion during matching attempts. */
+#define GLOB_LIMIT_RECUR	64
+
 struct glob_lim {
 	size_t	glim_malloc;
 	size_t	glim_stat;
 	size_t	glim_readdir;
 };
 
+struct glob_path_stat {
+	char		*gps_path;
+	struct stat	*gps_stat;
+};
+
 static int	 compare(const void *, const void *);
+static int	 compare_gps(const void *, const void *);
 static int	 g_Ctoc(const Char *, char *, u_int);
 static int	 g_lstat(Char *, struct stat *, glob_t *);
 static DIR	*g_opendir(Char *, glob_t *);
@@ -158,7 +168,7 @@ static const Char *
 static int	 globexp1(const Char *, glob_t *, struct glob_lim *);
 static int	 globexp2(const Char *, const Char *, glob_t *,
 		    struct glob_lim *);
-static int	 match(Char *, Char *, Char *);
+static int	 match(Char *, Char *, Char *, int);
 #ifdef DEBUG
 static void	 qprintf(const char *, Char *);
 #endif
@@ -172,6 +182,9 @@ glob(const char *pattern, int flags, int (*errfunc)(const char *, int),
 	Char *bufnext, *bufend, patbuf[MAXPATHLEN];
 	struct glob_lim limit = { 0, 0, 0 };
 
+	if (strnlen(pattern, PATH_MAX) == PATH_MAX)
+		return(GLOB_NOMATCH);
+
 	patnext = (u_char *) pattern;
 	if (!(flags & GLOB_APPEND)) {
 		pglob->gl_pathc = 0;
@@ -548,9 +561,32 @@ glob0(const Char *pattern, glob_t *pglob, struct glob_lim *limitp)
 		else
 			return(GLOB_NOMATCH);
 	}
-	if (!(pglob->gl_flags & GLOB_NOSORT))
-		qsort(pglob->gl_pathv + pglob->gl_offs + oldpathc,
-		    pglob->gl_pathc - oldpathc, sizeof(char *), compare);
+	if (!(pglob->gl_flags & GLOB_NOSORT)) {
+		if ((pglob->gl_flags & GLOB_KEEPSTAT)) {
+			/* Keep the paths and stat info synced during sort */
+			struct glob_path_stat *path_stat;
+			int i;
+			int n = pglob->gl_pathc - oldpathc;
+			int o = pglob->gl_offs + oldpathc;
+
+			if ((path_stat = calloc(n, sizeof(*path_stat))) == NULL)
+				return GLOB_NOSPACE;
+			for (i = 0; i < n; i++) {
+				path_stat[i].gps_path = pglob->gl_pathv[o + i];
+				path_stat[i].gps_stat = pglob->gl_statv[o + i];
+			}
+			qsort(path_stat, n, sizeof(*path_stat), compare_gps);
+			for (i = 0; i < n; i++) {
+				pglob->gl_pathv[o + i] = path_stat[i].gps_path;
+				pglob->gl_statv[o + i] = path_stat[i].gps_stat;
+			}
+			free(path_stat);
+		} else {
+			qsort(pglob->gl_pathv + pglob->gl_offs + oldpathc,
+			    pglob->gl_pathc - oldpathc, sizeof(char *),
+			    compare);
+		}
+	}
 	return(0);
 }
 
@@ -561,6 +597,15 @@ compare(const void *p, const void *q)
 }
 
 static int
+compare_gps(const void *_p, const void *_q)
+{
+	const struct glob_path_stat *p = (const struct glob_path_stat *)_p;
+	const struct glob_path_stat *q = (const struct glob_path_stat *)_q;
+
+	return(strcmp(p->gps_path, q->gps_path));
+}
+
+static int
 glob1(Char *pattern, Char *pattern_last, glob_t *pglob, struct glob_lim *limitp)
 {
 	Char pathbuf[MAXPATHLEN];
@@ -697,7 +742,8 @@ glob3(Char *pathbuf, Char *pathbuf_last, Char *pathend, Char *pathend_last,
 			errno = 0;
 			*pathend++ = SEP;
 			*pathend = EOS;
-			return(GLOB_NOSPACE);
+			err = GLOB_NOSPACE;
+			break;
 		}
 
 		/* Initial DOT must be matched literally. */
@@ -713,7 +759,7 @@ glob3(Char *pathbuf, Char *pathbuf_last, Char *pathend, Char *pathend_last,
 			break;
 		}
 
-		if (!match(pathend, pattern, restpattern)) {
+		if (!match(pathend, pattern, restpattern, GLOB_LIMIT_RECUR)) {
 			*pathend = EOS;
 			continue;
 		}
@@ -850,19 +896,24 @@ globextend(const Char *path, glob_t *pglob, struct glob_lim *limitp,
  * pattern causes a recursion level.
  */
 static int
-match(Char *name, Char *pat, Char *patend)
+match(Char *name, Char *pat, Char *patend, int recur)
 {
 	int ok, negate_range;
 	Char c, k;
 
+	if (recur-- == 0)
+		return(GLOB_NOSPACE);
+
 	while (pat < patend) {
 		c = *pat++;
 		switch (c & M_MASK) {
 		case M_ALL:
+			while (pat < patend && (*pat & M_MASK) == M_ALL)
+				pat++;	/* eat consecutive '*' */
 			if (pat == patend)
 				return(1);
 			do {
-			    if (match(name, pat, patend))
+			    if (match(name, pat, patend, recur))
 				    return(1);
 			} while (*name++ != EOS);
 			return(0);
diff --git a/openbsd-compat/inet_ntop.c b/openbsd-compat/inet_ntop.c
index e7ca4b7f8bebe..3259037baadd8 100644
--- a/openbsd-compat/inet_ntop.c
+++ b/openbsd-compat/inet_ntop.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: inet_ntop.c,v 1.7 2005/08/06 20:30:03 espie Exp $	*/
+/*	$OpenBSD: inet_ntop.c,v 1.8 2008/12/09 19:38:38 otto Exp $	*/
 
 /* Copyright (c) 1996 by Internet Software Consortium.
  *
@@ -57,13 +57,13 @@ static const char *inet_ntop6(const u_char *src, char *dst, size_t size);
  *	Paul Vixie, 1996.
  */
 const char *
-inet_ntop(int af, const void *src, char *dst, size_t size)
+inet_ntop(int af, const void *src, char *dst, socklen_t size)
 {
 	switch (af) {
 	case AF_INET:
-		return (inet_ntop4(src, dst, size));
+		return (inet_ntop4(src, dst, (size_t)size));
 	case AF_INET6:
-		return (inet_ntop6(src, dst, size));
+		return (inet_ntop6(src, dst, (size_t)size));
 	default:
 		errno = EAFNOSUPPORT;
 		return (NULL);
diff --git a/openbsd-compat/mktemp.c b/openbsd-compat/mktemp.c
index 2285c84dfd727..4eb52f421b722 100644
--- a/openbsd-compat/mktemp.c
+++ b/openbsd-compat/mktemp.c
@@ -1,34 +1,22 @@
 /* THIS FILE HAS BEEN MODIFIED FROM THE ORIGINAL OPENBSD SOURCE */
 /* Changes: Removed mktemp */
 
-/*	$OpenBSD: mktemp.c,v 1.19 2005/08/08 08:05:36 espie Exp $ */
+/*	$OpenBSD: mktemp.c,v 1.30 2010/03/21 23:09:30 schwarze Exp $ */
 /*
- * Copyright (c) 1987, 1993
- *	The Regents of the University of California.  All rights reserved.
+ * Copyright (c) 1996-1998, 2008 Theo de Raadt
+ * Copyright (c) 1997, 2008-2009 Todd C. Miller
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
  *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
 /* OPENBSD ORIGINAL: lib/libc/stdio/mktemp.c */
@@ -37,142 +25,117 @@
 
 #include <sys/types.h>
 #include <sys/stat.h>
-
+#include <errno.h>
 #include <fcntl.h>
+#include <limits.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
 #include <ctype.h>
-#include <errno.h>
 #include <unistd.h>
 
 #if !defined(HAVE_MKDTEMP) || defined(HAVE_STRICT_MKSTEMP)
 
-static int _gettemp(char *, int *, int, int);
+#define MKTEMP_NAME	0
+#define MKTEMP_FILE	1
+#define MKTEMP_DIR	2
 
-int
-mkstemps(char *path, int slen)
+#define TEMPCHARS	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
+#define NUM_CHARS	(sizeof(TEMPCHARS) - 1)
+
+static int
+mktemp_internal(char *path, int slen, int mode)
 {
+	char *start, *cp, *ep;
+	const char *tempchars = TEMPCHARS;
+	unsigned int r, tries;
+	struct stat sb;
+	size_t len;
 	int fd;
 
-	return (_gettemp(path, &fd, 0, slen) ? fd : -1);
+	len = strlen(path);
+	if (len == 0 || slen < 0 || (size_t)slen >= len) {
+		errno = EINVAL;
+		return(-1);
+	}
+	ep = path + len - slen;
+
+	tries = 1;
+	for (start = ep; start > path && start[-1] == 'X'; start--) {
+		if (tries < INT_MAX / NUM_CHARS)
+			tries *= NUM_CHARS;
+	}
+	tries *= 2;
+
+	do {
+		for (cp = start; cp != ep; cp++) {
+			r = arc4random_uniform(NUM_CHARS);
+			*cp = tempchars[r];
+		}
+
+		switch (mode) {
+		case MKTEMP_NAME:
+			if (lstat(path, &sb) != 0)
+				return(errno == ENOENT ? 0 : -1);
+			break;
+		case MKTEMP_FILE:
+			fd = open(path, O_CREAT|O_EXCL|O_RDWR, S_IRUSR|S_IWUSR);
+			if (fd != -1 || errno != EEXIST)
+				return(fd);
+			break;
+		case MKTEMP_DIR:
+			if (mkdir(path, S_IRUSR|S_IWUSR|S_IXUSR) == 0)
+				return(0);
+			if (errno != EEXIST)
+				return(-1);
+			break;
+		}
+	} while (--tries);
+
+	errno = EEXIST;
+	return(-1);
 }
 
-int
-mkstemp(char *path)
-{
-	int fd;
+#if 0
+char *_mktemp(char *);
 
-	return (_gettemp(path, &fd, 0, 0) ? fd : -1);
+char *
+_mktemp(char *path)
+{
+	if (mktemp_internal(path, 0, MKTEMP_NAME) == -1)
+		return(NULL);
+	return(path);
 }
 
+__warn_references(mktemp,
+    "warning: mktemp() possibly used unsafely; consider using mkstemp()");
+
 char *
-mkdtemp(char *path)
+mktemp(char *path)
 {
-	return(_gettemp(path, (int *)NULL, 1, 0) ? path : (char *)NULL);
+	return(_mktemp(path));
 }
+#endif
 
-static int
-_gettemp(path, doopen, domkdir, slen)
-	char *path;
-	register int *doopen;
-	int domkdir;
-	int slen;
+int
+mkstemp(char *path)
 {
-	register char *start, *trv, *suffp;
-	struct stat sbuf;
-	int rval;
-	pid_t pid;
+	return(mktemp_internal(path, 0, MKTEMP_FILE));
+}
 
-	if (doopen && domkdir) {
-		errno = EINVAL;
-		return(0);
-	}
+int
+mkstemps(char *path, int slen)
+{
+	return(mktemp_internal(path, slen, MKTEMP_FILE));
+}
 
-	for (trv = path; *trv; ++trv)
-		;
-	trv -= slen;
-	suffp = trv;
-	--trv;
-	if (trv < path) {
-		errno = EINVAL;
-		return (0);
-	}
-	pid = getpid();
-	while (trv >= path && *trv == 'X' && pid != 0) {
-		*trv-- = (pid % 10) + '0';
-		pid /= 10;
-	}
-	while (trv >= path && *trv == 'X') {
-		char c;
-
-		pid = (arc4random() & 0xffff) % (26+26);
-		if (pid < 26)
-			c = pid + 'A';
-		else
-			c = (pid - 26) + 'a';
-		*trv-- = c;
-	}
-	start = trv + 1;
-
-	/*
-	 * check the target directory; if you have six X's and it
-	 * doesn't exist this runs for a *very* long time.
-	 */
-	if (doopen || domkdir) {
-		for (;; --trv) {
-			if (trv <= path)
-				break;
-			if (*trv == '/') {
-				*trv = '\0';
-				rval = stat(path, &sbuf);
-				*trv = '/';
-				if (rval != 0)
-					return(0);
-				if (!S_ISDIR(sbuf.st_mode)) {
-					errno = ENOTDIR;
-					return(0);
-				}
-				break;
-			}
-		}
-	}
+char *
+mkdtemp(char *path)
+{
+	int error;
 
-	for (;;) {
-		if (doopen) {
-			if ((*doopen =
-			    open(path, O_CREAT|O_EXCL|O_RDWR, 0600)) >= 0)
-				return(1);
-			if (errno != EEXIST)
-				return(0);
-		} else if (domkdir) {
-			if (mkdir(path, 0700) == 0)
-				return(1);
-			if (errno != EEXIST)
-				return(0);
-		} else if (lstat(path, &sbuf))
-			return(errno == ENOENT ? 1 : 0);
-
-		/* tricky little algorithm for backward compatibility */
-		for (trv = start;;) {
-			if (!*trv)
-				return (0);
-			if (*trv == 'Z') {
-				if (trv == suffp)
-					return (0);
-				*trv++ = 'a';
-			} else {
-				if (isdigit(*trv))
-					*trv = 'a';
-				else if (*trv == 'z')	/* inc from z to A */
-					*trv = 'A';
-				else {
-					if (trv == suffp)
-						return (0);
-					++*trv;
-				}
-				break;
-			}
-		}
-	}
-	/*NOTREACHED*/
+	error = mktemp_internal(path, 0, MKTEMP_DIR);
+	return(error ? NULL : path);
 }
 
 #endif /* !defined(HAVE_MKDTEMP) || defined(HAVE_STRICT_MKSTEMP) */
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index 77c5ed2b1ee5a..807acf6267300 100644
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -1,4 +1,4 @@
-/* $Id: openbsd-compat.h,v 1.51 2010/10/07 10:25:29 djm Exp $ */
+/* $Id: openbsd-compat.h,v 1.52 2011/09/23 01:16:11 djm Exp $ */
 
 /*
  * Copyright (c) 1999-2003 Damien Miller.  All rights reserved.
@@ -116,7 +116,7 @@ char *inet_ntoa(struct in_addr in);
 #endif
 
 #ifndef HAVE_INET_NTOP
-const char *inet_ntop(int af, const void *src, char *dst, size_t size);
+const char *inet_ntop(int af, const void *src, char *dst, socklen_t size);
 #endif
 
 #ifndef HAVE_INET_ATON
diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h
index c5fc24eb4b715..a151eff38b37a 100644
--- a/openbsd-compat/openssl-compat.h
+++ b/openbsd-compat/openssl-compat.h
@@ -1,4 +1,4 @@
-/* $Id: openssl-compat.h,v 1.19 2011/05/10 01:13:38 dtucker Exp $ */
+/* $Id: openssl-compat.h,v 1.20 2012/01/17 03:03:39 dtucker Exp $ */
 
 /*
  * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@@ -130,5 +130,10 @@ int ssh_EVP_CipherInit(EVP_CIPHER_CTX *, const EVP_CIPHER *, unsigned char *,
 int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int);
 int ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *);
 void ssh_OpenSSL_add_all_algorithms(void);
+
+# ifndef HAVE_HMAC_CTX_INIT
+#  define HMAC_CTX_init(a)
+# endif
+
 #endif	/* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */
 
diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c
index ea8dff40f706e..aba75387c754d 100644
--- a/openbsd-compat/port-linux.c
+++ b/openbsd-compat/port-linux.c
@@ -1,4 +1,4 @@
-/* $Id: port-linux.c,v 1.16 2011/08/29 06:09:57 djm Exp $ */
+/* $Id: port-linux.c,v 1.17 2012/03/08 23:25:18 djm Exp $ */
 
 /*
  * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com>
@@ -60,7 +60,7 @@ ssh_selinux_enabled(void)
 static security_context_t
 ssh_selinux_getctxbyname(char *pwname)
 {
-	security_context_t sc;
+	security_context_t sc = NULL;
 	char *sename = NULL, *lvl = NULL;
 	int r;
 
@@ -86,6 +86,7 @@ ssh_selinux_getctxbyname(char *pwname)
 		case 0:
 			error("%s: Failed to get default SELinux security "
 			    "context for %s", __func__, pwname);
+			sc = NULL;
 			break;
 		default:
 			fatal("%s: Failed to get default SELinux security "
@@ -101,7 +102,7 @@ ssh_selinux_getctxbyname(char *pwname)
 		xfree(lvl);
 #endif
 
-	return (sc);
+	return sc;
 }
 
 /* Set the execution context to the default for the specified user */
diff --git a/openbsd-compat/setenv.c b/openbsd-compat/setenv.c
index e2a8b6dd3ca97..373b701d9c6fe 100644
--- a/openbsd-compat/setenv.c
+++ b/openbsd-compat/setenv.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: setenv.c,v 1.9 2005/08/08 08:05:37 espie Exp $ */
+/*	$OpenBSD: setenv.c,v 1.13 2010/08/23 22:31:50 millert Exp $ */
 /*
  * Copyright (c) 1987 Regents of the University of California.
  * All rights reserved.
@@ -31,35 +31,38 @@
 /* OPENBSD ORIGINAL: lib/libc/stdlib/setenv.c */
 
 #include "includes.h"
+
 #if !defined(HAVE_SETENV) || !defined(HAVE_UNSETENV)
 
+#include <errno.h>
 #include <stdlib.h>
 #include <string.h>
 
 extern char **environ;
+static char **lastenv;				/* last value of environ */
 
 /* OpenSSH Portable: __findenv is from getenv.c rev 1.8, made static */
 /*
  * __findenv --
  *	Returns pointer to value associated with name, if any, else NULL.
+ *	Starts searching within the environmental array at offset.
  *	Sets offset to be the offset of the name/value combination in the
- *	environmental array, for use by setenv(3) and unsetenv(3).
+ *	environmental array, for use by putenv(3), setenv(3) and unsetenv(3).
  *	Explicitly removes '=' in argument name.
+ *
+ *	This routine *should* be a static; don't use it.
  */
 static char *
-__findenv(const char *name, size_t *offset)
+__findenv(const char *name, int len, int *offset)
 {
 	extern char **environ;
-	int len, i;
+	int i;
 	const char *np;
 	char **p, *cp;
 
 	if (name == NULL || environ == NULL)
 		return (NULL);
-	for (np = name; *np && *np != '='; ++np)
-		;
-	len = np - name;
-	for (p = environ; (cp = *p) != NULL; ++p) {
+	for (p = environ + *offset; (cp = *p) != NULL; ++p) {
 		for (np = name, i = len; i && *cp; i--)
 			if (*cp++ != *np++)
 				break;
@@ -71,6 +74,54 @@ __findenv(const char *name, size_t *offset)
 	return (NULL);
 }
 
+#if 0 /* nothing uses putenv */
+/*
+ * putenv --
+ *	Add a name=value string directly to the environmental, replacing
+ *	any current value.
+ */
+int
+putenv(char *str)
+{
+	char **P, *cp;
+	size_t cnt;
+	int offset = 0;
+
+	for (cp = str; *cp && *cp != '='; ++cp)
+		;
+	if (*cp != '=') {
+		errno = EINVAL;
+		return (-1);			/* missing `=' in string */
+	}
+
+	if (__findenv(str, (int)(cp - str), &offset) != NULL) {
+		environ[offset++] = str;
+		/* could be set multiple times */
+		while (__findenv(str, (int)(cp - str), &offset)) {
+			for (P = &environ[offset];; ++P)
+				if (!(*P = *(P + 1)))
+					break;
+		}
+		return (0);
+	}
+
+	/* create new slot for string */
+	for (P = environ; *P != NULL; P++)
+		;
+	cnt = P - environ;
+	P = (char **)realloc(lastenv, sizeof(char *) * (cnt + 2));
+	if (!P)
+		return (-1);
+	if (lastenv != environ)
+		memcpy(P, environ, cnt * sizeof(char *));
+	lastenv = environ = P;
+	environ[cnt] = str;
+	environ[cnt + 1] = NULL;
+	return (0);
+}
+
+#endif
+
 #ifndef HAVE_SETENV
 /*
  * setenv --
@@ -80,24 +131,39 @@ __findenv(const char *name, size_t *offset)
 int
 setenv(const char *name, const char *value, int rewrite)
 {
-	static char **lastenv;			/* last value of environ */
-	char *C;
-	size_t l_value, offset;
+	char *C, **P;
+	const char *np;
+	int l_value, offset = 0;
+
+	for (np = name; *np && *np != '='; ++np)
+		;
+#ifdef notyet
+	if (*np) {
+		errno = EINVAL;
+		return (-1);			/* has `=' in name */
+	}
+#endif
 
-	if (*value == '=')			/* no `=' in value */
-		++value;
 	l_value = strlen(value);
-	if ((C = __findenv(name, &offset))) {	/* find if already exists */
+	if ((C = __findenv(name, (int)(np - name), &offset)) != NULL) {
+		int tmpoff = offset + 1;
 		if (!rewrite)
 			return (0);
+#if 0 /* XXX - existing entry may not be writable */
 		if (strlen(C) >= l_value) {	/* old larger; copy over */
 			while ((*C++ = *value++))
 				;
 			return (0);
 		}
+#endif
+		/* could be set multiple times */
+		while (__findenv(name, (int)(np - name), &tmpoff)) {
+			for (P = &environ[tmpoff];; ++P)
+				if (!(*P = *(P + 1)))
+					break;
+		}
 	} else {					/* create new slot */
 		size_t cnt;
-		char **P;
 
 		for (P = environ; *P != NULL; P++)
 			;
@@ -111,10 +177,8 @@ setenv(const char *name, const char *value, int rewrite)
 		offset = cnt;
 		environ[cnt + 1] = NULL;
 	}
-	for (C = (char *)name; *C && *C != '='; ++C)
-		;				/* no `=' in name */
 	if (!(environ[offset] =			/* name + `=' + value */
-	    malloc((size_t)((int)(C - name) + l_value + 2))))
+	    malloc((size_t)((int)(np - name) + l_value + 2))))
 		return (-1);
 	for (C = environ[offset]; (*C = *name++) && *C != '='; ++C)
 		;
@@ -122,6 +186,7 @@ setenv(const char *name, const char *value, int rewrite)
 		;
 	return (0);
 }
+
 #endif /* HAVE_SETENV */
 
 #ifndef HAVE_UNSETENV
@@ -129,17 +194,33 @@ setenv(const char *name, const char *value, int rewrite)
  * unsetenv(name) --
  *	Delete environmental variable "name".
  */
-void
+int
 unsetenv(const char *name)
 {
 	char **P;
-	size_t offset;
+	const char *np;
+	int offset = 0;
 
-	while (__findenv(name, &offset))	/* if set multiple times */
+	if (!name || !*name) {
+		errno = EINVAL;
+		return (-1);
+	}
+	for (np = name; *np && *np != '='; ++np)
+		;
+	if (*np) {
+		errno = EINVAL;
+		return (-1);			/* has `=' in name */
+	}
+
+	/* could be set multiple times */
+	while (__findenv(name, (int)(np - name), &offset)) {
 		for (P = &environ[offset];; ++P)
 			if (!(*P = *(P + 1)))
 				break;
+	}
+	return (0);
 }
 #endif /* HAVE_UNSETENV */
 
 #endif /* !defined(HAVE_SETENV) || !defined(HAVE_UNSETENV) */
+
diff --git a/openbsd-compat/sha2.c b/openbsd-compat/sha2.c
index cf8e0ad667ba6..f5bf74d1fb5c2 100644
--- a/openbsd-compat/sha2.c
+++ b/openbsd-compat/sha2.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: sha2.c,v 1.11 2005/08/08 08:05:35 espie Exp $	*/
+/*	from OpenBSD: sha2.c,v 1.11 2005/08/08 08:05:35 espie Exp 	*/
 
 /*
  * FILE:	sha2.c
diff --git a/openbsd-compat/sha2.h b/openbsd-compat/sha2.h
index 821f2dd6c5109..73e94f1503302 100644
--- a/openbsd-compat/sha2.h
+++ b/openbsd-compat/sha2.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: sha2.h,v 1.6 2004/06/22 01:57:30 jfb Exp $	*/
+/*	OpenBSD: sha2.h,v 1.6 2004/06/22 01:57:30 jfb Exp 	*/
 
 /*
  * FILE:	sha2.h
diff --git a/openbsd-compat/strlcpy.c b/openbsd-compat/strlcpy.c
index 679a5b291f58b..b4b1b6015a28e 100644
--- a/openbsd-compat/strlcpy.c
+++ b/openbsd-compat/strlcpy.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: strlcpy.c,v 1.10 2005/08/08 08:05:37 espie Exp $	*/
+/*	$OpenBSD: strlcpy.c,v 1.11 2006/05/05 15:27:38 millert Exp $	*/
 
 /*
  * Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
@@ -37,11 +37,11 @@ strlcpy(char *dst, const char *src, size_t siz)
 	size_t n = siz;
 
 	/* Copy as many bytes as will fit */
-	if (n != 0 && --n != 0) {
-		do {
-			if ((*d++ = *s++) == 0)
+	if (n != 0) {
+		while (--n != 0) {
+			if ((*d++ = *s++) == '\0')
 				break;
-		} while (--n != 0);
+		}
 	}
 
 	/* Not enough room in dst, add NUL and traverse rest of src */
diff --git a/openbsd-compat/strnlen.c b/openbsd-compat/strnlen.c
new file mode 100644
index 0000000000000..93d515595c97f
--- /dev/null
+++ b/openbsd-compat/strnlen.c
@@ -0,0 +1,37 @@
+/*	$OpenBSD: strnlen.c,v 1.3 2010/06/02 12:58:12 millert Exp $	*/
+
+/*
+ * Copyright (c) 2010 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* OPENBSD ORIGINAL: lib/libc/string/strnlen.c */
+
+#include "config.h"
+#ifndef HAVE_STRNLEN
+#include <sys/types.h>
+
+#include <string.h>
+
+size_t
+strnlen(const char *str, size_t maxlen)
+{
+	const char *cp;
+
+	for (cp = str; maxlen != 0 && *cp != '\0'; cp++, maxlen--)
+		;
+
+	return (size_t)(cp - str);
+}
+#endif
author	Dag-Erling Smørgrav <des@FreeBSD.org>	2012-08-29 15:46:01 +0000
committer	Dag-Erling Smørgrav <des@FreeBSD.org>	2012-08-29 15:46:01 +0000
commit	2e97a36905ba9936cb9972e37c5e56deb288e442 (patch)
tree	63724b2d8e911727737ec31273789b3f46ffa6ff /openbsd-compat
parent	4bc11fc94e472842a59429d633d4b97124da2a2e (diff)