* New upstream release (closes: #453367).

  - CVE-2007-4752: Prevent ssh(1) from using a trusted X11 cookie if
    creation of an untrusted cookie fails; found and fixed by Jan Pechanec
    (closes: #444738).
  - sshd(8) in new installations defaults to SSH Protocol 2 only. Existing
    installations are unchanged.
  - The SSH channel window size has been increased, and both ssh(1)
    sshd(8) now send window updates more aggressively. These improves
    performance on high-BDP (Bandwidth Delay Product) networks.
  - ssh(1) and sshd(8) now preserve MAC contexts between packets, which
    saves 2 hash calls per packet and results in 12-16% speedup for
    arcfour256/hmac-md5.
  - A new MAC algorithm has been added, UMAC-64 (RFC4418) as
    "umac-64@openssh.com". UMAC-64 has been measured to be approximately
    20% faster than HMAC-MD5.
  - Failure to establish a ssh(1) TunnelForward is now treated as a fatal
    error when the ExitOnForwardFailure option is set.
  - ssh(1) returns a sensible exit status if the control master goes away
    without passing the full exit status.
  - When using a ProxyCommand in ssh(1), set the outgoing hostname with
    gethostname(2), allowing hostbased authentication to work.
  - Make scp(1) skip FIFOs rather than hanging (closes: #246774).
  - Encode non-printing characters in scp(1) filenames. These could cause
    copies to be aborted with a "protocol error".
  - Handle SIGINT in sshd(8) privilege separation child process to ensure
    that wtmp and lastlog records are correctly updated.
  - Report GSSAPI mechanism in errors, for libraries that support multiple
    mechanisms.
  - Improve documentation for ssh-add(1)'s -d option.
  - Rearrange and tidy GSSAPI code, removing server-only code being linked
    into the client.
  - Delay execution of ssh(1)'s LocalCommand until after all forwardings
    have been established.
  - In scp(1), do not truncate non-regular files.
  - Improve exit message from ControlMaster clients.
  - Prevent sftp-server(8) from reading until it runs out of buffer space,
    whereupon it would exit with a fatal error (closes: #365541).
  - pam_end() was not being called if authentication failed
    (closes: #405041).
  - Manual page datestamps updated (closes: #433181).

1 files changed, 117 insertions, 0 deletions

diff --git a/openbsd-compat/bsd-poll.c b/openbsd-compat/bsd-poll.c
new file mode 100644
index 000000000..836882eea
--- /dev/null
+++ b/openbsd-compat/bsd-poll.c
@@ -0,0 +1,117 @@
+/* $Id: bsd-poll.c,v 1.1 2007/06/25 12:15:13 dtucker Exp $ */
+
+/*
+ * Copyright (c) 2004, 2005, 2007 Darren Tucker (dtucker at zip com au).
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include "includes.h"
+#if !defined(HAVE_POLL) && defined(HAVE_SELECT)
+
+#ifdef HAVE_SYS_SELECT_H
+# include <sys/select.h>
+#endif
+
+#include <errno.h>
+#include "bsd-poll.h"
+
+/*
+ * A minimal implementation of poll(2), built on top of select(2).
+ *
+ * Only supports POLLIN and POLLOUT flags in pfd.events, and POLLIN, POLLOUT
+ * and POLLERR flags in revents.
+ *
+ * Supports pfd.fd = -1 meaning "unused" although it's not standard.
+ */
+
+int
+poll(struct pollfd *fds, nfds_t nfds, int timeout)
+{
+        nfds_t i;
+        int saved_errno, ret, fd, maxfd = 0;
+        fd_set *readfds = NULL, *writefds = NULL, *exceptfds = NULL;
+        size_t nmemb;
+        struct timeval tv, *tvp = NULL;
+
+        for (i = 0; i < nfds; i++) {
+                if (fd >= FD_SETSIZE) {
+                        errno = EINVAL;
+                        return -1;
+                }
+                maxfd = MAX(maxfd, fds[i].fd);
+        }
+
+        nmemb = howmany(maxfd + 1 , NFDBITS);
+        if ((readfds = calloc(nmemb, sizeof(fd_mask))) == NULL ||
+            (writefds = calloc(nmemb, sizeof(fd_mask))) == NULL ||
+            (exceptfds = calloc(nmemb, sizeof(fd_mask))) == NULL) {
+                saved_errno = ENOMEM;
+                ret = -1;
+                goto out;
+        }
+
+        /* populate event bit vectors for the events we're interested in */
+        for (i = 0; i < nfds; i++) {
+                fd = fds[i].fd;
+                if (fd == -1)
+                        continue;
+                if (fds[i].events & POLLIN) {
+                        FD_SET(fd, readfds);
+                        FD_SET(fd, exceptfds);
+                }
+                if (fds[i].events & POLLOUT) {
+                        FD_SET(fd, writefds);
+                        FD_SET(fd, exceptfds);
+                }
+        }
+
+        /* poll timeout is msec, select is timeval (sec + usec) */
+        if (timeout >= 0) {
+                tv.tv_sec = timeout / 1000;
+                tv.tv_usec = (timeout % 1000) * 1000;
+                tvp = &tv;
+        }
+
+        ret = select(maxfd + 1, readfds, writefds, exceptfds, tvp);
+        saved_errno = errno;
+
+        /* scan through select results and set poll() flags */
+        for (i = 0; i < nfds; i++) {
+                fd = fds[i].fd;
+                fds[i].revents = 0;
+                if (fd == -1)
+                        continue;
+                if (FD_ISSET(fd, readfds)) {
+                        fds[i].revents |= POLLIN;
+                }
+                if (FD_ISSET(fd, writefds)) {
+                        fds[i].revents |= POLLOUT;
+                }
+                if (FD_ISSET(fd, exceptfds)) {
+                        fds[i].revents |= POLLERR;
+                }
+        }
+
+out:
+        if (readfds != NULL)
+                free(readfds);
+        if (writefds != NULL)
+                free(writefds);
+        if (exceptfds != NULL)
+                free(exceptfds);
+        if (ret == -1)
+                errno = saved_errno;
+        return ret;
+}
+#endif