Merge 6.7p1.

  * New upstream release (http://www.openssh.com/txt/release-6.7):
    - sshd(8): The default set of ciphers and MACs has been altered to
      remove unsafe algorithms.  In particular, CBC ciphers and arcfour* are
      disabled by default.  The full set of algorithms remains available if
      configured explicitly via the Ciphers and MACs sshd_config options.
    - ssh(1), sshd(8): Add support for Unix domain socket forwarding.  A
      remote TCP port may be forwarded to a local Unix domain socket and
      vice versa or both ends may be a Unix domain socket (closes: #236718).
    - ssh(1), ssh-keygen(1): Add support for SSHFP DNS records for ED25519
      key types.
    - sftp(1): Allow resumption of interrupted uploads.
    - ssh(1): When rekeying, skip file/DNS lookups of the hostkey if it is
      the same as the one sent during initial key exchange.
    - sshd(8): Allow explicit ::1 and 127.0.0.1 forwarding bind addresses
      when GatewayPorts=no; allows client to choose address family.
    - sshd(8): Add a sshd_config PermitUserRC option to control whether
      ~/.ssh/rc is executed, mirroring the no-user-rc authorized_keys
      option.
    - ssh(1): Add a %C escape sequence for LocalCommand and ControlPath that
      expands to a unique identifer based on a hash of the tuple of (local
      host, remote user, hostname, port).  Helps avoid exceeding miserly
      pathname limits for Unix domain sockets in multiplexing control paths.
    - sshd(8): Make the "Too many authentication failures" message include
      the user, source address, port and protocol in a format similar to the
      authentication success / failure messages.
    - Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC when it is
      available. It considers time spent suspended, thereby ensuring
      timeouts (e.g. for expiring agent keys) fire correctly (closes:
      #734553).
    - Use prctl() to prevent sftp-server from accessing
      /proc/self/{mem,maps}.
  * Restore TCP wrappers support, removed upstream in 6.7.  It is true that
    dropping this reduces preauth attack surface in sshd.  On the other
    hand, this support seems to be quite widely used, and abruptly dropping
    it (from the perspective of users who don't read openssh-unix-dev) could
    easily cause more serious problems in practice.  It's not entirely clear
    what the right long-term answer for Debian is, but it at least probably
    doesn't involve dropping this feature shortly before a freeze.
  * Replace patch to disable OpenSSL version check with an updated version
    of Kurt Roeckx's patch from #732940 to just avoid checking the status
    field.

13 files changed, 217 insertions, 253 deletions

diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in
index 6ecfb93d5..ab1a3e315 100644
--- a/openbsd-compat/Makefile.in
+++ b/openbsd-compat/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.55 2014/02/04 00:37:50 djm Exp $
+# $Id: Makefile.in,v 1.56 2014/09/30 23:43:08 djm Exp $
 
 sysconfdir=@sysconfdir@
 piddir=@piddir@
@@ -18,7 +18,7 @@ LDFLAGS=-L. @LDFLAGS@
 
 OPENBSD=base64.o basename.o bcrypt_pbkdf.o bindresvport.o blowfish.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt_long.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strnlen.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o strtoull.o timingsafe_bcmp.o vis.o blowfish.o bcrypt_pbkdf.o explicit_bzero.o
 
-COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o
+COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o kludge-fd_set.o
 
 PORTS=port-aix.o port-irix.o port-linux.o port-solaris.o port-tun.o port-uw.o
 
diff --git a/openbsd-compat/arc4random.c b/openbsd-compat/arc4random.c
index eac073cc0..09dbfda16 100644
--- a/openbsd-compat/arc4random.c
+++ b/openbsd-compat/arc4random.c
@@ -87,7 +87,7 @@ _rs_stir(void)
                 _rs_init(rnd, sizeof(rnd));
         } else
                 _rs_rekey(rnd, sizeof(rnd));
-        memset(rnd, 0, sizeof(rnd));
+        explicit_bzero(rnd, sizeof(rnd));
 
         /* invalidate rs_buf */
         rs_have = 0;
@@ -229,7 +229,7 @@ arc4random_buf(void *_buf, size_t n)
                 buf[i] = r & 0xff;
                 r >>= 8;
         }
-        i = r = 0;
+        explicit_bzero(&r, sizeof(r));
 }
 #endif /* !defined(HAVE_ARC4RANDOM_BUF) && defined(HAVE_ARC4RANDOM) */
 
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index 267e77a11..a2d82126d 100644
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -57,6 +57,22 @@ check_ntsec(const char *filename)
         return (pathconf(filename, _PC_POSIX_PERMISSIONS));
 }
 
+const char *
+cygwin_ssh_privsep_user()
+{
+  static char cyg_privsep_user[DNLEN + UNLEN + 2];
+
+  if (!cyg_privsep_user[0])
+    {
+#ifdef CW_CYGNAME_FROM_WINNAME
+      if (cygwin_internal (CW_CYGNAME_FROM_WINNAME, "sshd", cyg_privsep_user,
+                           sizeof cyg_privsep_user) != 0)
+#endif
+        strcpy (cyg_privsep_user, "sshd");
+    }
+  return cyg_privsep_user;
+}
+
 #define NL(x) x, (sizeof (x) - 1)
 #define WENV_SIZ (sizeof (wenv_arr) / sizeof (wenv_arr[0]))
 
diff --git a/openbsd-compat/bsd-cygwin_util.h b/openbsd-compat/bsd-cygwin_util.h
index 1177366f1..79cb2a197 100644
--- a/openbsd-compat/bsd-cygwin_util.h
+++ b/openbsd-compat/bsd-cygwin_util.h
@@ -1,4 +1,4 @@
-/* $Id: bsd-cygwin_util.h,v 1.17 2014/01/18 10:04:00 dtucker Exp $ */
+/* $Id: bsd-cygwin_util.h,v 1.18 2014/05/27 04:34:43 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001, 2011, 2013 Corinna Vinschen <vinschen@redhat.com>
@@ -39,6 +39,8 @@
 /* Avoid including windows headers. */
 typedef void *HANDLE;
 #define INVALID_HANDLE_VALUE ((HANDLE) -1)
+#define DNLEN 16
+#define UNLEN 256
 
 /* Cygwin functions for which declarations are only available when including
    windows headers, so we have to define them here explicitely. */
@@ -48,6 +50,8 @@ extern void cygwin_set_impersonation_token (const HANDLE);
 #include <sys/cygwin.h>
 #include <io.h>
 
+#define CYGWIN_SSH_PRIVSEP_USER (cygwin_ssh_privsep_user())
+const char *cygwin_ssh_privsep_user();
 
 int binary_open(const char *, int , ...);
 int check_ntsec(const char *);
diff --git a/openbsd-compat/bsd-snprintf.c b/openbsd-compat/bsd-snprintf.c
index 975991e7f..23a635989 100644
--- a/openbsd-compat/bsd-snprintf.c
+++ b/openbsd-compat/bsd-snprintf.c
@@ -538,7 +538,7 @@ fmtstr(char *buffer, size_t *currlen, size_t maxlen,
         }
         while (*value && (cnt < max)) {
                 DOPR_OUTCH(buffer, *currlen, maxlen, *value);
-                *value++;
+                value++;
                 ++cnt;
         }
         while ((padlen < 0) && (cnt < max)) {
@@ -553,7 +553,7 @@ fmtstr(char *buffer, size_t *currlen, size_t maxlen,
 
 static int
 fmtint(char *buffer, size_t *currlen, size_t maxlen,
-                    LLONG value, int base, int min, int max, int flags)
+    intmax_t value, int base, int min, int max, int flags)
 {
         int signvalue = 0;
         unsigned LLONG uvalue;
diff --git a/openbsd-compat/explicit_bzero.c b/openbsd-compat/explicit_bzero.c
index b106741e5..3c85a4843 100644
--- a/openbsd-compat/explicit_bzero.c
+++ b/openbsd-compat/explicit_bzero.c
@@ -7,14 +7,34 @@
 
 #include "includes.h"
 
+/*
+ * explicit_bzero - don't let the compiler optimize away bzero
+ */
+
 #ifndef HAVE_EXPLICIT_BZERO
 
+#ifdef HAVE_MEMSET_S
+
+void
+explicit_bzero(void *p, size_t n)
+{
+        (void)memset_s(p, n, 0, n);
+}
+
+#else /* HAVE_MEMSET_S */
+
 /*
- * explicit_bzero - don't let the compiler optimize away bzero
+ * Indirect bzero through a volatile pointer to hopefully avoid
+ * dead-store optimisation eliminating the call.
  */
+static void (* volatile ssh_bzero)(void *, size_t) = bzero;
+
 void
 explicit_bzero(void *p, size_t n)
 {
-        bzero(p, n);
+        ssh_bzero(p, n);
 }
-#endif
+
+#endif /* HAVE_MEMSET_S */
+
+#endif /* HAVE_EXPLICIT_BZERO */
diff --git a/openbsd-compat/kludge-fd_set.c b/openbsd-compat/kludge-fd_set.c
new file mode 100644
index 000000000..6c2ffb64b
--- /dev/null
+++ b/openbsd-compat/kludge-fd_set.c
@@ -0,0 +1,28 @@
+/* Placed in the public domain.  */
+
+/*
+ * _FORTIFY_SOURCE includes a misguided check for FD_SET(n)/FD_ISSET(b)
+ * where n > FD_SETSIZE. This breaks OpenSSH and other programs that
+ * explicitly allocate fd_sets. To avoid this, we wrap FD_SET in a
+ * function compiled without _FORTIFY_SOURCE.
+ */
+
+#include "config.h"
+
+#if defined(HAVE_FEATURES_H) && defined(_FORTIFY_SOURCE)
+# include <features.h>
+# if defined(__GNU_LIBRARY__) && defined(__GLIBC_PREREQ)
+#  if __GLIBC_PREREQ(2, 15) && (_FORTIFY_SOURCE > 0)
+#   undef _FORTIFY_SOURCE
+#   undef __USE_FORTIFY_LEVEL
+#   include <sys/socket.h>
+void kludge_FD_SET(int n, fd_set *set) {
+        FD_SET(n, set);
+}
+int kludge_FD_ISSET(int n, fd_set *set) {
+        return FD_ISSET(n, set);
+}
+#  endif /* __GLIBC_PREREQ(2, 15) && (_FORTIFY_SOURCE > 0) */
+# endif /* __GNU_LIBRARY__ && __GLIBC_PREREQ */
+#endif /* HAVE_FEATURES_H && _FORTIFY_SOURCE */
+
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index bc9888e31..ce6abae82 100644
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -1,4 +1,4 @@
-/* $Id: openbsd-compat.h,v 1.61 2014/02/04 00:18:23 djm Exp $ */
+/* $Id: openbsd-compat.h,v 1.62 2014/09/30 23:43:08 djm Exp $ */
 
 /*
  * Copyright (c) 1999-2003 Damien Miller.  All rights reserved.
@@ -268,4 +268,20 @@ char *shadow_pw(struct passwd *pw);
 #include "port-tun.h"
 #include "port-uw.h"
 
+/* _FORTIFY_SOURCE breaks FD_ISSET(n)/FD_SET(n) for n > FD_SETSIZE. Avoid. */
+#if defined(HAVE_FEATURES_H) && defined(_FORTIFY_SOURCE)
+# include <features.h>
+# if defined(__GNU_LIBRARY__) && defined(__GLIBC_PREREQ)
+#  if __GLIBC_PREREQ(2, 15) && (_FORTIFY_SOURCE > 0)
+#   include <sys/socket.h>  /* Ensure include guard is defined */
+#   undef FD_SET
+#   undef FD_ISSET
+#   define FD_SET(n, set)       kludge_FD_SET(n, set)
+#   define FD_ISSET(n, set)     kludge_FD_ISSET(n, set)
+void kludge_FD_SET(int, fd_set *);
+int kludge_FD_ISSET(int, fd_set *);
+#  endif /* __GLIBC_PREREQ(2, 15) && (_FORTIFY_SOURCE > 0) */
+# endif /* __GNU_LIBRARY__ && __GLIBC_PREREQ */
+#endif /* HAVE_FEATURES_H && _FORTIFY_SOURCE */
+
 #endif /* _OPENBSD_COMPAT_H */
diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c
index 885c121f2..defd5fb61 100644
--- a/openbsd-compat/openssl-compat.c
+++ b/openbsd-compat/openssl-compat.c
@@ -1,4 +1,4 @@
-/* $Id: openssl-compat.c,v 1.17 2014/02/13 05:38:33 dtucker Exp $ */
+/* $Id: openssl-compat.c,v 1.19 2014/07/02 05:28:07 djm Exp $ */
 
 /*
  * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@@ -16,6 +16,7 @@
  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
+#define SSH_DONT_OVERLOAD_OPENSSL_FUNCS
 #include "includes.h"
 
 #include <stdarg.h>
@@ -26,147 +27,44 @@
 # include <openssl/conf.h>
 #endif
 
-#ifndef HAVE_RSA_GET_DEFAULT_METHOD
-# include <openssl/rsa.h>
-#endif
-
 #include "log.h"
 
-#define SSH_DONT_OVERLOAD_OPENSSL_FUNCS
 #include "openssl-compat.h"
 
-#ifdef SSH_OLD_EVP
-int
-ssh_EVP_CipherInit(EVP_CIPHER_CTX *evp, const EVP_CIPHER *type,
-    unsigned char *key, unsigned char *iv, int enc)
-{
-        EVP_CipherInit(evp, type, key, iv, enc);
-        return 1;
-}
-
-int
-ssh_EVP_Cipher(EVP_CIPHER_CTX *evp, char *dst, char *src, int len)
-{
-        EVP_Cipher(evp, dst, src, len);
-        return 1;
-}
-
-int
-ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *evp)
-{
-        EVP_CIPHER_CTX_cleanup(evp);
-        return 1;
-}
-#endif
-
-#ifndef HAVE_EVP_DIGESTINIT_EX
-int
-EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *md, void *engine)
-{
-        if (engine != NULL)
-                fatal("%s: ENGINE is not supported", __func__);
-# ifdef OPENSSL_EVP_DIGESTUPDATE_VOID
-        EVP_DigestInit(ctx, md);
-        return 1;
-# else
-        return EVP_DigestInit(ctx, md);
-# endif
-}
-#endif
-
-#ifndef HAVE_EVP_DIGESTFINAL_EX
-int
-EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s)
-{
-# ifdef OPENSSL_EVP_DIGESTUPDATE_VOID
-        EVP_DigestFinal(ctx, md, s);
-        return 1;
-# else
-        return EVP_DigestFinal(ctx, md, s);
-# endif
-}
-#endif
-
-#ifdef OPENSSL_EVP_DIGESTUPDATE_VOID
-int
-ssh_EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt)
-{
-        EVP_DigestUpdate(ctx, d, cnt);
-        return 1;
-}
-#endif
-
-#ifndef HAVE_EVP_MD_CTX_COPY_EX
-int
-EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
-{
-        return EVP_MD_CTX_copy(out, in);
-}
-#endif
-
-#ifndef HAVE_BN_IS_PRIME_EX
-int
-BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, void *cb)
-{
-        if (cb != NULL)
-                fatal("%s: callback args not supported", __func__);
-        return BN_is_prime(p, nchecks, NULL, ctx, NULL);
-}
-#endif
-
-#ifndef HAVE_RSA_GENERATE_KEY_EX
-int
-RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *bn_e, void *cb)
-{
-        RSA *new_rsa, tmp_rsa;
-        unsigned long e;
-
-        if (cb != NULL)
-                fatal("%s: callback args not supported", __func__);
-        e = BN_get_word(bn_e);
-        if (e == 0xffffffffL)
-                fatal("%s: value of e too large", __func__);
-        new_rsa = RSA_generate_key(bits, e, NULL, NULL);
-        if (new_rsa == NULL)
-                return 0;
-        /* swap rsa/new_rsa then free new_rsa */
-        tmp_rsa = *rsa;
-        *rsa = *new_rsa;
-        *new_rsa = tmp_rsa;
-        RSA_free(new_rsa);
-        return 1;
-}
-#endif
+/*
+ * OpenSSL version numbers: MNNFFPPS: major minor fix patch status
+ * We match major, minor, fix and status (not patch) for <1.0.0.
+ * After that, we accept compatible fix and status versions (so we
+ * allow 1.0.1 to work with 1.0.0). Going backwards is only allowed
+ * within a patch series.
+ */
 
-#ifndef HAVE_DSA_GENERATE_PARAMETERS_EX
 int
-DSA_generate_parameters_ex(DSA *dsa, int bits, const unsigned char *seed,
-    int seed_len, int *counter_ret, unsigned long *h_ret, void *cb)
+ssh_compatible_openssl(long headerver, long libver)
 {
-        DSA *new_dsa, tmp_dsa;
-
-        if (cb != NULL)
-                fatal("%s: callback args not supported", __func__);
-        new_dsa = DSA_generate_parameters(bits, (unsigned char *)seed, seed_len,
-            counter_ret, h_ret, NULL, NULL);
-        if (new_dsa == NULL)
-                return 0;
-        /* swap dsa/new_dsa then free new_dsa */
-        tmp_dsa = *dsa;
-        *dsa = *new_dsa;
-        *new_dsa = tmp_dsa;
-        DSA_free(new_dsa);
-        return 1;
-}
-#endif
-
-#ifndef HAVE_RSA_GET_DEFAULT_METHOD
-RSA_METHOD *
-RSA_get_default_method(void)
-{
-        return RSA_PKCS1_SSLeay();
+        long mask, hfix, lfix;
+
+        /* exact match is always OK */
+        if (headerver == libver)
+                return 1;
+
+        /* for versions < 1.0.0, major,minor,fix,status must match */
+        if (headerver < 0x1000000f) {
+                mask = 0xfffff00fL; /* major,minor,fix,status */
+                return (headerver & mask) == (libver & mask);
+        }
+        
+        /*
+         * For versions >= 1.0.0, major,minor must match and library
+         * fix version must be equal to or newer than the header.
+         */
+        mask = 0xfff00000L; /* major,minor */
+        hfix = (headerver & 0x000ff000) >> 12;
+        lfix = (libver & 0x000ff000) >> 12;
+        if ( (headerver & mask) == (libver & mask) && lfix >= hfix)
+                return 1;
+        return 0;
 }
-#endif
 
 #ifdef  USE_OPENSSL_ENGINE
 void
diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h
index 276b9706d..3695d412b 100644
--- a/openbsd-compat/openssl-compat.h
+++ b/openbsd-compat/openssl-compat.h
@@ -1,4 +1,4 @@
-/* $Id: openssl-compat.h,v 1.26 2014/02/13 05:38:33 dtucker Exp $ */
+/* $Id: openssl-compat.h,v 1.31 2014/08/29 18:18:29 djm Exp $ */
 
 /*
  * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@@ -16,28 +16,19 @@
  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
+#ifndef _OPENSSL_COMPAT_H
+#define _OPENSSL_COMPAT_H
+
 #include "includes.h"
 #include <openssl/opensslv.h>
 #include <openssl/evp.h>
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
 
-/* Only in 0.9.8 */
-#ifndef OPENSSL_DSA_MAX_MODULUS_BITS
-# define OPENSSL_DSA_MAX_MODULUS_BITS        10000
-#endif
-#ifndef OPENSSL_RSA_MAX_MODULUS_BITS
-# define OPENSSL_RSA_MAX_MODULUS_BITS        16384
-#endif
-
-/* OPENSSL_free() is Free() in versions before OpenSSL 0.9.6 */
-#if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x0090600f)
-# define OPENSSL_free(x) Free(x)
-#endif
+int ssh_compatible_openssl(long, long);
 
-#if OPENSSL_VERSION_NUMBER < 0x00906000L
-# define SSH_OLD_EVP
-# define EVP_CIPHER_CTX_get_app_data(e)         ((e)->app_data)
+#if (OPENSSL_VERSION_NUMBER <= 0x0090805fL)
+# error OpenSSL 0.9.8f or greater is required
 #endif
 
 #if OPENSSL_VERSION_NUMBER < 0x10000001L
@@ -46,27 +37,17 @@
 # define LIBCRYPTO_EVP_INL_TYPE size_t
 #endif
 
-#if (OPENSSL_VERSION_NUMBER < 0x00907000L) || defined(OPENSSL_LOBOTOMISED_AES)
-# define USE_BUILTIN_RIJNDAEL
+#ifndef OPENSSL_RSA_MAX_MODULUS_BITS
+# define OPENSSL_RSA_MAX_MODULUS_BITS   16384
 #endif
-
-#ifdef USE_BUILTIN_RIJNDAEL
-# include "rijndael.h"
-# define AES_KEY rijndael_ctx
-# define AES_BLOCK_SIZE 16
-# define AES_encrypt(a, b, c)           rijndael_encrypt(c, a, b)
-# define AES_set_encrypt_key(a, b, c)   rijndael_set_key(c, (char *)a, b, 1)
-# define EVP_aes_128_cbc evp_rijndael
-# define EVP_aes_192_cbc evp_rijndael
-# define EVP_aes_256_cbc evp_rijndael
-const EVP_CIPHER *evp_rijndael(void);
-void ssh_rijndael_iv(EVP_CIPHER_CTX *, int, u_char *, u_int);
+#ifndef OPENSSL_DSA_MAX_MODULUS_BITS
+# define OPENSSL_DSA_MAX_MODULUS_BITS   10000
 #endif
 
 #ifndef OPENSSL_HAVE_EVPCTR
-#define EVP_aes_128_ctr evp_aes_128_ctr
-#define EVP_aes_192_ctr evp_aes_128_ctr
-#define EVP_aes_256_ctr evp_aes_128_ctr
+# define EVP_aes_128_ctr evp_aes_128_ctr
+# define EVP_aes_192_ctr evp_aes_128_ctr
+# define EVP_aes_256_ctr evp_aes_128_ctr
 const EVP_CIPHER *evp_aes_128_ctr(void);
 void ssh_aes_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, size_t);
 #endif
@@ -88,26 +69,9 @@ void ssh_aes_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, size_t);
 # endif
 #endif
 
-#if OPENSSL_VERSION_NUMBER < 0x00907000L
-#define EVP_X_STATE(evp)        &(evp).c
-#define EVP_X_STATE_LEN(evp)    sizeof((evp).c)
-#else
-#define EVP_X_STATE(evp)        (evp).cipher_data
-#define EVP_X_STATE_LEN(evp)    (evp).cipher->ctx_size
-#endif
-
-/* OpenSSL 0.9.8e returns cipher key len not context key len */
-#if (OPENSSL_VERSION_NUMBER == 0x0090805fL)
-# define EVP_CIPHER_CTX_key_length(c) ((c)->key_len)
-#endif
-
-#ifndef HAVE_RSA_GET_DEFAULT_METHOD
-RSA_METHOD *RSA_get_default_method(void);
-#endif
-
 /*
  * We overload some of the OpenSSL crypto functions with ssh_* equivalents
- * which cater for older and/or less featureful OpenSSL version.
+ * to automatically handle OpenSSL engine initialisation.
  *
  * In order for the compat library to call the real functions, it must
  * define SSH_DONT_OVERLOAD_OPENSSL_FUNCS before including this file and
@@ -115,19 +79,6 @@ RSA_METHOD *RSA_get_default_method(void);
  */
 #ifndef SSH_DONT_OVERLOAD_OPENSSL_FUNCS
 
-# ifdef SSH_OLD_EVP
-#  ifdef EVP_Cipher
-#   undef EVP_Cipher
-#  endif
-#  define EVP_CipherInit(a,b,c,d,e)     ssh_EVP_CipherInit((a),(b),(c),(d),(e))
-#  define EVP_Cipher(a,b,c,d)           ssh_EVP_Cipher((a),(b),(c),(d))
-#  define EVP_CIPHER_CTX_cleanup(a)     ssh_EVP_CIPHER_CTX_cleanup((a))
-# endif /* SSH_OLD_EVP */
-
-# ifdef OPENSSL_EVP_DIGESTUPDATE_VOID
-#  define EVP_DigestUpdate(a,b,c)       ssh_EVP_DigestUpdate((a),(b),(c))
-#  endif
-
 # ifdef USE_OPENSSL_ENGINE
 #  ifdef OpenSSL_add_all_algorithms
 #   undef OpenSSL_add_all_algorithms
@@ -135,48 +86,8 @@ RSA_METHOD *RSA_get_default_method(void);
 #  define OpenSSL_add_all_algorithms()  ssh_OpenSSL_add_all_algorithms()
 # endif
 
-# ifndef HAVE_BN_IS_PRIME_EX
-int BN_is_prime_ex(const BIGNUM *, int, BN_CTX *, void *);
-# endif
-
-# ifndef HAVE_DSA_GENERATE_PARAMETERS_EX
-int DSA_generate_parameters_ex(DSA *, int, const unsigned char *, int, int *,
-    unsigned long *, void *);
-# endif
-
-# ifndef HAVE_RSA_GENERATE_KEY_EX
-int RSA_generate_key_ex(RSA *, int, BIGNUM *, void *);
-# endif
-
-# ifndef HAVE_EVP_DIGESTINIT_EX
-int EVP_DigestInit_ex(EVP_MD_CTX *, const EVP_MD *, void *);
-# endif
-
-# ifndef HAVE_EVP_DISESTFINAL_EX
-int EVP_DigestFinal_ex(EVP_MD_CTX *, unsigned char *, unsigned int *);
-# endif
-
-# ifndef EVP_MD_CTX_COPY_EX
-int EVP_MD_CTX_copy_ex(EVP_MD_CTX *, const EVP_MD_CTX *);
-# endif
-
-int ssh_EVP_CipherInit(EVP_CIPHER_CTX *, const EVP_CIPHER *, unsigned char *,
-    unsigned char *, int);
-int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int);
-int ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *);
 void ssh_OpenSSL_add_all_algorithms(void);
 
-# ifndef HAVE_HMAC_CTX_INIT
-#  define HMAC_CTX_init(a)
-# endif
-
-# ifndef HAVE_EVP_MD_CTX_INIT
-#  define EVP_MD_CTX_init(a)
-# endif
-
-# ifndef HAVE_EVP_MD_CTX_CLEANUP
-#  define EVP_MD_CTX_cleanup(a)
-# endif
-
 #endif  /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */
 
+#endif /* _OPENSSL_COMPAT_H */
diff --git a/openbsd-compat/port-uw.c b/openbsd-compat/port-uw.c
index b1fbfa208..db24dbb94 100644
--- a/openbsd-compat/port-uw.c
+++ b/openbsd-compat/port-uw.c
@@ -42,6 +42,7 @@
 #include "key.h"
 #include "auth-options.h"
 #include "log.h"
+#include "misc.h"       /* servconf.h needs misc.h for struct ForwardOptions */
 #include "servconf.h"
 #include "hostfile.h"
 #include "auth.h"
diff --git a/openbsd-compat/regress/Makefile.in b/openbsd-compat/regress/Makefile.in
index bcf214bd0..dabdb0912 100644
--- a/openbsd-compat/regress/Makefile.in
+++ b/openbsd-compat/regress/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.4 2006/08/19 09:12:14 dtucker Exp $
+# $Id: Makefile.in,v 1.5 2014/06/17 13:06:08 dtucker Exp $
 
 sysconfdir=@sysconfdir@
 piddir=@piddir@
@@ -16,11 +16,11 @@ LIBS=@LIBS@
 LDFLAGS=@LDFLAGS@ $(LIBCOMPAT)
 
 TESTPROGS=closefromtest$(EXEEXT) snprintftest$(EXEEXT) strduptest$(EXEEXT) \
-        strtonumtest$(EXEEXT)
+        strtonumtest$(EXEEXT) opensslvertest$(EXEEXT)
 
 all:    t-exec ${OTHERTESTS}
 
-%$(EXEEXT):     %.c
+%$(EXEEXT):     %.c $(LIBCOMPAT)
         $(CC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o $@ $< $(LIBCOMPAT) $(LIBS)
 
 t-exec: $(TESTPROGS)
diff --git a/openbsd-compat/regress/opensslvertest.c b/openbsd-compat/regress/opensslvertest.c
new file mode 100644
index 000000000..58474873d
--- /dev/null
+++ b/openbsd-compat/regress/opensslvertest.c
@@ -0,0 +1,70 @@
+/*
+ * Copyright (c) 2014 Darren Tucker
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+int ssh_compatible_openssl(long, long);
+
+struct version_test {
+        long headerver;
+        long libver;
+        int result;
+} version_tests[] = {
+        /* built with 0.9.8b release headers */
+        { 0x0090802fL, 0x0090802fL, 1}, /* exact match */
+        { 0x0090802fL, 0x0090804fL, 1}, /* newer library fix version: ok */
+        { 0x0090802fL, 0x0090801fL, 1}, /* older library fix version: ok */
+        { 0x0090802fL, 0x0090702fL, 0}, /* older library minor version: NO */
+        { 0x0090802fL, 0x0090902fL, 0}, /* newer library minor version: NO */
+        { 0x0090802fL, 0x0080802fL, 0}, /* older library major version: NO */
+        { 0x0090802fL, 0x1000100fL, 0}, /* newer library major version: NO */
+
+        /* built with 1.0.1b release headers */
+        { 0x1000101fL, 0x1000101fL, 1},/* exact match */
+        { 0x1000101fL, 0x10001010L, 1}, /* different status: ok */
+        { 0x1000101fL, 0x1000102fL, 1}, /* newer library patch version: ok */
+        { 0x1000101fL, 0x1000100fL, 1}, /* older library patch version: ok */
+        { 0x1000101fL, 0x1000201fL, 1}, /* newer library fix version: ok */
+        { 0x1000101fL, 0x1000001fL, 0}, /* older library fix version: NO */
+        { 0x1000101fL, 0x1010101fL, 0}, /* newer library minor version: NO */
+        { 0x1000101fL, 0x0000101fL, 0}, /* older library major version: NO */
+        { 0x1000101fL, 0x2000101fL, 0}, /* newer library major version: NO */
+};
+
+void
+fail(long hver, long lver, int result)
+{
+        fprintf(stderr, "opensslver: header %lx library %lx != %d \n", hver, lver, result);
+        exit(1);
+}
+
+int
+main(void)
+{
+        unsigned int i;
+        int res;
+        long hver, lver;
+
+        for (i = 0; i < sizeof(version_tests) / sizeof(version_tests[0]); i++) {
+                hver = version_tests[i].headerver;
+                lver = version_tests[i].libver;
+                res = version_tests[i].result;
+                if (ssh_compatible_openssl(hver, lver) != res)
+                        fail(hver, lver, res);
+        }
+        exit(0);
+}