(bal/tim) [acconfig.h configure.ac monitor_mm.c servconf.c

  openbsd-compat/Makefile.in] support compression on platforms that
  have no/broken MAP_ANON. Moved code to openbsd-compat/xmmap.c
  Based on patch from nalin@redhat.com of code extracted from Owl's package

7 files changed, 77 insertions, 42 deletions

diff --git a/ChangeLog b/ChangeLog
index 632b41da0..67cc57cbd 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
 20020714
  - (tim) [Makefile.in] replace "id sshd" with "sshd -t"
+ - (bal/tim) [acconfig.h configure.ac monitor_mm.c servconf.c
+   openbsd-compat/Makefile.in] support compression on platforms that
+   have no/broken MAP_ANON. Moved code to openbsd-compat/xmmap.c
+   Based on patch from nalin@redhat.com of code extracted from Owl's package
 
 20020712
  - (tim) [Makefile.in] quiet down install-files: and check-user:
@@ -1352,4 +1356,4 @@
  - (stevesk) entropy.c: typo in debug message
  - (djm) ssh-keygen -i needs seeded RNG; report from markus@
 
-$Id: ChangeLog,v 1.2362 2002/07/14 17:02:20 tim Exp $
+$Id: ChangeLog,v 1.2363 2002/07/14 20:36:49 tim Exp $
diff --git a/acconfig.h b/acconfig.h
index 147295510..f8fc650d7 100644
--- a/acconfig.h
+++ b/acconfig.h
@@ -1,4 +1,4 @@
-/* $Id: acconfig.h,v 1.143 2002/07/09 14:06:40 mouring Exp $ */
+/* $Id: acconfig.h,v 1.144 2002/07/14 20:36:50 tim Exp $ */
 
 #ifndef _CONFIG_H
 #define _CONFIG_H
@@ -358,9 +358,6 @@
 /* Path that unprivileged child will chroot() to in privep mode */
 #undef PRIVSEP_PATH
 
-/* Define if you have the `mmap' function that supports MAP_ANON|SHARED */
-#undef HAVE_MMAP_ANON_SHARED
-
 /* Define if your platform needs to skip post auth file descriptor passing */
 #undef DISABLE_FD_PASSING
 
diff --git a/configure.ac b/configure.ac
index 0c60c5e61..1fb3056e6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-# $Id: configure.ac,v 1.78 2002/07/13 01:11:25 tim Exp $
+# $Id: configure.ac,v 1.79 2002/07/14 20:36:50 tim Exp $
 
 AC_INIT
 AC_CONFIG_SRCDIR([ssh.c])
@@ -583,31 +583,6 @@ AC_CHECK_FUNCS(arc4random b64_ntop bcopy bindresvport_sa \
         socketpair strerror strlcat strlcpy strmode strsep sysconf tcgetpgrp \
         truncate utimes vhangup vsnprintf waitpid __b64_ntop _getpty)
 
-if test $ac_cv_func_mmap = yes ; then
-AC_MSG_CHECKING([for mmap anon shared])
-AC_TRY_RUN(
-        [
-#include <stdio.h>
-#include <sys/types.h>
-#include <sys/mman.h>
-#if !defined(MAP_ANON) && defined(MAP_ANONYMOUS)
-#define MAP_ANON MAP_ANONYMOUS
-#endif
-main() { char *p;
-p = (char *) mmap(NULL, 10, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED, -1, 0);
-if (p == (char *)-1)
-        exit(1);
-exit(0);
-}
-        ],
-        [
-                AC_MSG_RESULT(yes)
-                AC_DEFINE(HAVE_MMAP_ANON_SHARED)
-        ],
-        [ AC_MSG_RESULT(no) ] 
-)
-fi
-
 dnl IRIX and Solaris 2.5.1 have dirname() in libgen
 AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
         AC_CHECK_LIB(gen, dirname,[
diff --git a/monitor_mm.c b/monitor_mm.c
index f72a180ea..fb5f2c82c 100644
--- a/monitor_mm.c
+++ b/monitor_mm.c
@@ -91,15 +91,9 @@ mm_create(struct mm_master *mmalloc, size_t size)
          */
         mm->mmalloc = mmalloc;
 
-#ifdef HAVE_MMAP_ANON_SHARED
-        address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED,
-            -1, 0);
+        address = xmmap(size);
         if (address == MAP_FAILED)
                 fatal("mmap(%lu): %s", (u_long)size, strerror(errno));
-#else
-        fatal("%s: UsePrivilegeSeparation=yes and Compression=yes not supported",
-            __func__);
-#endif
 
         mm->address = address;
         mm->size = size;
@@ -137,7 +131,7 @@ mm_destroy(struct mm_master *mm)
         mm_freelist(mm->mmalloc, &mm->rb_free);
         mm_freelist(mm->mmalloc, &mm->rb_allocated);
 
-#ifdef HAVE_MMAP_ANON_SHARED
+#ifdef HAVE_MMAP
         if (munmap(mm->address, mm->size) == -1)
                 fatal("munmap(%p, %lu): %s", mm->address, (u_long)mm->size,
                     strerror(errno));
diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in
index 3e09cfefe..c365ae18f 100644
--- a/openbsd-compat/Makefile.in
+++ b/openbsd-compat/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.21 2002/02/19 20:27:57 mouring Exp $
+# $Id: Makefile.in,v 1.22 2002/07/14 20:36:51 tim Exp $
 
 sysconfdir=@sysconfdir@
 piddir=@piddir@
@@ -18,7 +18,7 @@ LDFLAGS=-L. @LDFLAGS@
 
 OPENBSD=base64.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o
 
-COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-misc.o bsd-nextstep.o bsd-snprintf.o bsd-waitpid.o fake-getaddrinfo.o fake-getnameinfo.o
+COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-misc.o bsd-nextstep.o bsd-snprintf.o bsd-waitpid.o fake-getaddrinfo.o fake-getnameinfo.o xmmap.o
 
 PORTS=port-irix.o port-aix.o
 
diff --git a/openbsd-compat/xmmap.c b/openbsd-compat/xmmap.c
new file mode 100644
index 000000000..a6b7d3bdf
--- /dev/null
+++ b/openbsd-compat/xmmap.c
@@ -0,0 +1,65 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "includes.h"
+
+#ifdef HAVE_SYS_MMAN_H
+#include <sys/mman.h>
+#endif
+
+void *xmmap(size_t size)
+{
+        void *address;
+
+#ifdef HAVE_MMAP
+# ifdef MAP_ANON
+        address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED,
+            -1, 0);
+# else
+        address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_SHARED,
+            open("/dev/zero", O_RDWR), 0);
+# endif
+
+#define MM_SWAP_TEMPLATE "/var/run/sshd.mm.XXXXXXXX"
+        if (address == MAP_FAILED) {
+                char tmpname[sizeof(MM_SWAP_TEMPLATE)] = MM_SWAP_TEMPLATE;
+                int tmpfd;
+
+                tmpfd = mkstemp(tmpname);
+                if (tmpfd == -1)
+                        fatal("mkstemp(\"%s\"): %s",
+                            MM_SWAP_TEMPLATE, strerror(errno));
+                unlink(tmpname);
+                ftruncate(tmpfd, size);
+                address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_SHARED,
+                    tmpfd, 0);
+                close(tmpfd);
+        }
+
+        return (address);
+#else
+        fatal("%s: UsePrivilegeSeparation=yes and Compression=yes not supported",
+            __func__);
+#endif /* HAVE_MMAP */
+
+}
+
diff --git a/servconf.c b/servconf.c
index f311ae48d..bdf39afb8 100644
--- a/servconf.c
+++ b/servconf.c
@@ -257,7 +257,7 @@ fill_default_server_options(ServerOptions *options)
         if (use_privsep == -1)
                 use_privsep = 1;
 
-#if !defined(HAVE_MMAP_ANON_SHARED)
+#ifndef HAVE_MMAP
         if (use_privsep && options->compression == 1) {
                 error("This platform does not support both privilege "
                     "separation and compression");