Import openssh_8.1p1.orig.tar.gz

author: Colin Watson <cjwatson@debian.org> 2019-10-09 22:59:48 +0100
committer: Colin Watson <cjwatson@debian.org> 2019-10-09 22:59:48 +0100
commit: 4213eec74e74de6310c27a40c3e9759a08a73996 (patch)
tree: e97a6dcafc6763aea7c804e4e113c2750cb1400d /openbsd-compat
parent: 102062f825fb26a74295a1c089c00c4c4c76b68a (diff)
parent: cdf1d0a9f5d18535e0a18ff34860e81a6d83aa5c (diff)
18 files changed, 521 insertions, 451 deletions
diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in
index c1e14cbd0..1162dc550 100644
--- a/openbsd-compat/Makefile.in
+++ b/openbsd-compat/Makefile.in
@@ -34,11 +34,11 @@ OPENBSD=base64.o \
        inet_ntoa.o \
        inet_ntop.o \
        md5.o \
+        memmem.o \
        mktemp.o \
        pwcache.o \
        readpassphrase.o \
        reallocarray.o \
-        realpath.o \
        recallocarray.o \
        rmd160.o \
        rresvport.o \
diff --git a/openbsd-compat/bsd-closefrom.c b/openbsd-compat/bsd-closefrom.c
index b56476a2d..8fadca2da 100644
--- a/openbsd-compat/bsd-closefrom.c
+++ b/openbsd-compat/bsd-closefrom.c
@@ -46,6 +46,9 @@
 #  include <ndir.h>
 # endif
 #endif
+#if defined(HAVE_LIBPROC_H)
+# include <libproc.h>
+#endif
 #ifndef OPEN_MAX
 # define OPEN_MAX       256
@@ -55,21 +58,73 @@
 __unused static const char rcsid[] = "$Sudo: closefrom.c,v 1.11 2006/08/17 15:26:54 millert Exp $";
 #endif /* lint */
+#ifndef HAVE_FCNTL_CLOSEM
 /*
 * Close all file descriptors greater than or equal to lowfd.
 */
+static void
+closefrom_fallback(int lowfd)
+{
+        long fd, maxfd;
+        /*
+         * Fall back on sysconf() or getdtablesize().  We avoid checking
+         * resource limits since it is possible to open a file descriptor
+         * and then drop the rlimit such that it is below the open fd.
+         */
+#ifdef HAVE_SYSCONF
+        maxfd = sysconf(_SC_OPEN_MAX);
+#else
+        maxfd = getdtablesize();
+#endif /* HAVE_SYSCONF */
+        if (maxfd < 0)
+                maxfd = OPEN_MAX;
+        for (fd = lowfd; fd < maxfd; fd++)
+                (void) close((int) fd);
+}
+#endif /* HAVE_FCNTL_CLOSEM */
 #ifdef HAVE_FCNTL_CLOSEM
 void
 closefrom(int lowfd)
 {
    (void) fcntl(lowfd, F_CLOSEM, 0);
 }
-#else
+#elif defined(HAVE_LIBPROC_H) && defined(HAVE_PROC_PIDINFO)
 void
 closefrom(int lowfd)
 {
-    long fd, maxfd;
+        int i, r, sz;
-#if defined(HAVE_DIRFD) && defined(HAVE_PROC_PID)
+        pid_t pid = getpid();
+        struct proc_fdinfo *fdinfo_buf = NULL;
+        sz = proc_pidinfo(pid, PROC_PIDLISTFDS, 0, NULL, 0);
+        if (sz == 0)
+                return; /* no fds, really? */
+        else if (sz == -1)
+                goto fallback;
+        if ((fdinfo_buf = malloc(sz)) == NULL)
+                goto fallback;
+        r = proc_pidinfo(pid, PROC_PIDLISTFDS, 0, fdinfo_buf, sz);
+        if (r < 0 || r > sz)
+                goto fallback;
+        for (i = 0; i < r / (int)PROC_PIDLISTFD_SIZE; i++) {
+                if (fdinfo_buf[i].proc_fd >= lowfd)
+                        close(fdinfo_buf[i].proc_fd);
+        }
+        free(fdinfo_buf);
+        return;
+ fallback:
+        free(fdinfo_buf);
+        closefrom_fallback(lowfd);
+        return;
+}
+#elif defined(HAVE_DIRFD) && defined(HAVE_PROC_PID)
+void
+closefrom(int lowfd)
+{
+    long fd;
    char fdpath[PATH_MAX], *endp;
    struct dirent *dent;
    DIR *dirp;
@@ -85,25 +140,16 @@ closefrom(int lowfd)
                (void) close((int) fd);
        }
        (void) closedir(dirp);
-    } else
+        return;
-#endif
-    {
-        /*
-         * Fall back on sysconf() or getdtablesize().  We avoid checking
-         * resource limits since it is possible to open a file descriptor
-         * and then drop the rlimit such that it is below the open fd.
-         */
-#ifdef HAVE_SYSCONF
-        maxfd = sysconf(_SC_OPEN_MAX);
-#else
-        maxfd = getdtablesize();
-#endif /* HAVE_SYSCONF */
-        if (maxfd < 0)
-            maxfd = OPEN_MAX;
-        for (fd = lowfd; fd < maxfd; fd++)
-            (void) close((int) fd);
    }
+    /* /proc/$$/fd strategy failed, fall back to brute force closure */
+    closefrom_fallback(lowfd);
+}
+#else
+void
+closefrom(int lowfd)
+{
+        closefrom_fallback(lowfd);
 }
 #endif /* !HAVE_FCNTL_CLOSEM */
 #endif /* HAVE_CLOSEFROM */
diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c
index aa1c7d7a3..7a26ee40c 100644
--- a/openbsd-compat/bsd-misc.c
+++ b/openbsd-compat/bsd-misc.c
@@ -172,7 +172,7 @@ fchownat(int fd, const char *path, uid_t owner, gid_t group, int flag)
                return -1;
        }
 # ifndef HAVE_FCHOWN
-        return chown(pathname, owner, group);
+        return chown(path, owner, group);
 # else
 #  ifdef O_NOFOLLOW
        if (flag & AT_SYMLINK_NOFOLLOW)
@@ -203,7 +203,7 @@ fchmodat(int fd, const char *path, mode_t mode, int flag)
                return -1;
        }
 # ifndef HAVE_FCHMOD
-        return chown(pathname, owner, group);
+        return chmod(path, mode);
 # else
 #  ifdef O_NOFOLLOW
        if (flag & AT_SYMLINK_NOFOLLOW)
diff --git a/openbsd-compat/bsd-openpty.c b/openbsd-compat/bsd-openpty.c
index e8ad542f8..123a9be56 100644
--- a/openbsd-compat/bsd-openpty.c
+++ b/openbsd-compat/bsd-openpty.c
@@ -121,6 +121,15 @@ openpty(int *amaster, int *aslave, char *name, struct termios *termp,
                return (-1);
        }
+# if defined(I_FIND) && defined(__SVR4)
+        /*
+         * If the streams modules have already been pushed then there
+         * is no more work to do here.
+         */
+        if (ioctl(*aslave, I_FIND, "ptem") != 0)
+                return 0;
+# endif
        /*
         * Try to push the appropriate streams modules, as described
         * in Solaris pts(7).
diff --git a/openbsd-compat/bsd-setres_id.c b/openbsd-compat/bsd-setres_id.c
index 696ae7b28..04752d5af 100644
--- a/openbsd-compat/bsd-setres_id.c
+++ b/openbsd-compat/bsd-setres_id.c
@@ -37,20 +37,20 @@ setresgid(gid_t rgid, gid_t egid, gid_t sgid)
 #if defined(HAVE_SETREGID) && !defined(BROKEN_SETREGID)
        if (setregid(rgid, egid) < 0) {
                saved_errno = errno;
-                error("setregid %u: %.100s", rgid, strerror(errno));
+                error("setregid %lu: %.100s", (u_long)rgid, strerror(errno));
                errno = saved_errno;
                ret = -1;
        }
 #else
        if (setegid(egid) < 0) {
                saved_errno = errno;
-                error("setegid %u: %.100s", (u_int)egid, strerror(errno));
+                error("setegid %lu: %.100s", (u_long)egid, strerror(errno));
                errno = saved_errno;
                ret = -1;
        }
        if (setgid(rgid) < 0) {
                saved_errno = errno;
-                error("setgid %u: %.100s", rgid, strerror(errno));
+                error("setgid %lu: %.100s", (u_long)rgid, strerror(errno));
                errno = saved_errno;
                ret = -1;
        }
@@ -72,7 +72,7 @@ setresuid(uid_t ruid, uid_t euid, uid_t suid)
 #if defined(HAVE_SETREUID) && !defined(BROKEN_SETREUID)
        if (setreuid(ruid, euid) < 0) {
                saved_errno = errno;
-                error("setreuid %u: %.100s", ruid, strerror(errno));
+                error("setreuid %lu: %.100s", (u_long)ruid, strerror(errno));
                errno = saved_errno;
                ret = -1;
        }
@@ -81,14 +81,14 @@ setresuid(uid_t ruid, uid_t euid, uid_t suid)
 # ifndef SETEUID_BREAKS_SETUID
        if (seteuid(euid) < 0) {
                saved_errno = errno;
-                error("seteuid %u: %.100s", euid, strerror(errno));
+                error("seteuid %lu: %.100s", (u_long)euid, strerror(errno));
                errno = saved_errno;
                ret = -1;
        }
 # endif
        if (setuid(ruid) < 0) {
                saved_errno = errno;
-                error("setuid %u: %.100s", ruid, strerror(errno));
+                error("setuid %lu: %.100s", (u_long)ruid, strerror(errno));
                errno = saved_errno;
                ret = -1;
        }
diff --git a/openbsd-compat/bsd-signal.c b/openbsd-compat/bsd-signal.c
index 979010e84..0b816a3a6 100644
--- a/openbsd-compat/bsd-signal.c
+++ b/openbsd-compat/bsd-signal.c
@@ -17,6 +17,7 @@
 #include "includes.h"
 #include <signal.h>
+#include <stdio.h>
 #include <string.h>
 #include <unistd.h>
diff --git a/openbsd-compat/memmem.c b/openbsd-compat/memmem.c
new file mode 100644
index 000000000..3e5e6b5e6
--- /dev/null
+++ b/openbsd-compat/memmem.c
@@ -0,0 +1,69 @@
+/*      $OpenBSD: memmem.c,v 1.4 2015/08/31 02:53:57 guenther Exp $ */
+/*-
+ * Copyright (c) 2005 Pascal Gloor <pascal.gloor@spale.com>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ *    products derived from this software without specific prior written
+ *    permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+#include "includes.h"
+#ifndef HAVE_MEMMEM
+#include <string.h>
+/*
+ * Find the first occurrence of the byte string s in byte string l.
+ */
+void *
+memmem(const void *l, size_t l_len, const void *s, size_t s_len)
+{
+        const char *cur, *last;
+        const char *cl = l;
+        const char *cs = s;
+        /* a zero length needle should just return the haystack */
+        if (s_len == 0)
+                return (void *)cl;
+        /* "s" must be smaller or equal to "l" */
+        if (l_len < s_len)
+                return NULL;
+        /* special case where s_len == 1 */
+        if (s_len == 1)
+                return memchr(l, *cs, l_len);
+        /* the last position where its possible to find "s" in "l" */
+        last = cl + l_len - s_len;
+        for (cur = cl; cur <= last; cur++)
+                if (cur[0] == cs[0] && memcmp(cur, cs, s_len) == 0)
+                        return (void *)cur;
+        return NULL;
+}
+DEF_WEAK(memmem);
+#endif /* HAVE_MEMMEM */
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index 865aaee53..fda6706f8 100644
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -73,6 +73,10 @@ int getpagesize(void);
 char *getcwd(char *pt, size_t size);
 #endif
+#ifdef HAVE_MEMMEM
+void *memmem(const void *, size_t, const void *, size_t);
+#endif
 #ifndef HAVE_REALLOCARRAY
 void *reallocarray(void *, size_t, size_t);
 #endif
@@ -81,18 +85,6 @@ void *reallocarray(void *, size_t, size_t);
 void *recallocarray(void *, size_t, size_t, size_t);
 #endif
-#if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH)
-/*
- * glibc's FORTIFY_SOURCE can redefine this and prevent us picking up the
- * compat version.
- */
-# ifdef BROKEN_REALPATH
-#  define realpath(x, y) _ssh_compat_realpath(x, y)
-# endif
-char *realpath(const char *path, char *resolved);
-#endif
 #ifndef HAVE_RRESVPORT_AF
 int rresvport_af(int *alport, sa_family_t af);
 #endif
@@ -109,6 +101,14 @@ size_t strlcat(char *dst, const char *src, size_t siz);
 char *strcasestr(const char *, const char *);
 #endif
+#ifndef HAVE_STRNLEN
+size_t strnlen(const char *, size_t);
+#endif
+#ifndef HAVE_STRNDUP
+char *strndup(const char *s, size_t n);
+#endif
 #ifndef HAVE_SETENV
 int setenv(register const char *name, register const char *value, int rewrite);
 #endif
diff --git a/openbsd-compat/port-irix.c b/openbsd-compat/port-irix.c
index 525b02909..aebffb014 100644
--- a/openbsd-compat/port-irix.c
+++ b/openbsd-compat/port-irix.c
@@ -43,6 +43,8 @@
 # include <sat.h>
 #endif /* WITH_IRIX_AUDIT */
+#include "log.h"
 void
 irix_setusercontext(struct passwd *pw)
 {
diff --git a/openbsd-compat/port-solaris.c b/openbsd-compat/port-solaris.c
index 0e89dc326..7d5a28cd0 100644
--- a/openbsd-compat/port-solaris.c
+++ b/openbsd-compat/port-solaris.c
@@ -284,11 +284,10 @@ solaris_drop_privs_pinfo_net_fork_exec(void)
            priv_addset(npset, PRIV_FILE_OWNER) != 0)
                fatal("priv_addset: %s", strerror(errno));
-        if (priv_delset(npset, PRIV_FILE_LINK_ANY) != 0 ||
+        if (priv_delset(npset, PRIV_PROC_EXEC) != 0 ||
 #ifdef PRIV_NET_ACCESS
            priv_delset(npset, PRIV_NET_ACCESS) != 0 ||
 #endif
-            priv_delset(npset, PRIV_PROC_EXEC) != 0 ||
            priv_delset(npset, PRIV_PROC_FORK) != 0 ||
            priv_delset(npset, PRIV_PROC_INFO) != 0 ||
            priv_delset(npset, PRIV_PROC_SESSION) != 0)
@@ -348,8 +347,7 @@ solaris_drop_privs_root_pinfo_net_exec(void)
            priv_delset(pset, PRIV_NET_ACCESS) != 0 ||
 #endif
            priv_delset(pset, PRIV_PROC_EXEC) != 0 ||
-            priv_delset(pset, PRIV_PROC_INFO) != 0 ||
+            priv_delset(pset, PRIV_PROC_INFO) != 0)
-            priv_delset(pset, PRIV_PROC_SESSION) != 0)
                fatal("priv_delset: %s", strerror(errno));
        if (setppriv(PRIV_SET, PRIV_PERMITTED, pset) != 0 ||
diff --git a/openbsd-compat/pwcache.c b/openbsd-compat/pwcache.c
index 5a8b78801..826c2378b 100644
--- a/openbsd-compat/pwcache.c
+++ b/openbsd-compat/pwcache.c
@@ -67,7 +67,7 @@ user_from_uid(uid_t uid, int nouser)
                if ((pw = getpwuid(uid)) == NULL) {
                        if (nouser)
                                return (NULL);
-                        (void)snprintf(nbuf, sizeof(nbuf), "%u", uid);
+                        (void)snprintf(nbuf, sizeof(nbuf), "%lu", (u_long)uid);
                }
                cp->uid = uid;
                if (cp->name != NULL)
@@ -102,7 +102,7 @@ group_from_gid(gid_t gid, int nogroup)
                if ((gr = getgrgid(gid)) == NULL) {
                        if (nogroup)
                                return (NULL);
-                        (void)snprintf(nbuf, sizeof(nbuf), "%u", gid);
+                        (void)snprintf(nbuf, sizeof(nbuf), "%lu", (u_long)gid);
                }
                cp->gid = gid;
                if (cp->name != NULL)
diff --git a/openbsd-compat/realpath.c b/openbsd-compat/realpath.c
deleted file mode 100644
index a2f090e55..000000000
--- a/openbsd-compat/realpath.c
+++ /dev/null
@@ -1,229 +0,0 @@
-/*      $OpenBSD: realpath.c,v 1.20 2015/10/13 20:55:37 millert Exp $ */
-/*
- * Copyright (c) 2003 Constantin S. Svintsoff <kostik@iclub.nsu.ru>
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The names of the authors may not be used to endorse or promote
- *    products derived from this software without specific prior written
- *    permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-/* OPENBSD ORIGINAL: lib/libc/stdlib/realpath.c */
-#include "includes.h"
-#if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH)
-#include <sys/types.h>
-#include <sys/param.h>
-#include <sys/stat.h>
-#include <errno.h>
-#include <stdlib.h>
-#include <stddef.h>
-#include <string.h>
-#include <unistd.h>
-#include <limits.h>
-#ifndef SYMLOOP_MAX
-# define SYMLOOP_MAX 32
-#endif
-/* A slightly modified copy of this file exists in libexec/ld.so */
-/*
- * char *realpath(const char *path, char resolved[PATH_MAX]);
- *
- * Find the real name of path, by removing all ".", ".." and symlink
- * components.  Returns (resolved) on success, or (NULL) on failure,
- * in which case the path which caused trouble is left in (resolved).
- */
-char *
-realpath(const char *path, char *resolved)
-{
-        struct stat sb;
-        char *p, *q, *s;
-        size_t left_len, resolved_len;
-        unsigned symlinks;
-        int serrno, slen, mem_allocated;
-        char left[PATH_MAX], next_token[PATH_MAX], symlink[PATH_MAX];
-        if (path[0] == '\0') {
-                errno = ENOENT;
-                return (NULL);
-        }
-        serrno = errno;
-        if (resolved == NULL) {
-                resolved = malloc(PATH_MAX);
-                if (resolved == NULL)
-                        return (NULL);
-                mem_allocated = 1;
-        } else
-                mem_allocated = 0;
-        symlinks = 0;
-        if (path[0] == '/') {
-                resolved[0] = '/';
-                resolved[1] = '\0';
-                if (path[1] == '\0')
-                        return (resolved);
-                resolved_len = 1;
-                left_len = strlcpy(left, path + 1, sizeof(left));
-        } else {
-                if (getcwd(resolved, PATH_MAX) == NULL) {
-                        if (mem_allocated)
-                                free(resolved);
-                        else
-                                strlcpy(resolved, ".", PATH_MAX);
-                        return (NULL);
-                }
-                resolved_len = strlen(resolved);
-                left_len = strlcpy(left, path, sizeof(left));
-        }
-        if (left_len >= sizeof(left) || resolved_len >= PATH_MAX) {
-                errno = ENAMETOOLONG;
-                goto err;
-        }
-        /*
-         * Iterate over path components in `left'.
-         */
-        while (left_len != 0) {
-                /*
-                 * Extract the next path component and adjust `left'
-                 * and its length.
-                 */
-                p = strchr(left, '/');
-                s = p ? p : left + left_len;
-                if (s - left >= (ptrdiff_t)sizeof(next_token)) {
-                        errno = ENAMETOOLONG;
-                        goto err;
-                }
-                memcpy(next_token, left, s - left);
-                next_token[s - left] = '\0';
-                left_len -= s - left;
-                if (p != NULL)
-                        memmove(left, s + 1, left_len + 1);
-                if (resolved[resolved_len - 1] != '/') {
-                        if (resolved_len + 1 >= PATH_MAX) {
-                                errno = ENAMETOOLONG;
-                                goto err;
-                        }
-                        resolved[resolved_len++] = '/';
-                        resolved[resolved_len] = '\0';
-                }
-                if (next_token[0] == '\0')
-                        continue;
-                else if (strcmp(next_token, ".") == 0)
-                        continue;
-                else if (strcmp(next_token, "..") == 0) {
-                        /*
-                         * Strip the last path component except when we have
-                         * single "/"
-                         */
-                        if (resolved_len > 1) {
-                                resolved[resolved_len - 1] = '\0';
-                                q = strrchr(resolved, '/') + 1;
-                                *q = '\0';
-                                resolved_len = q - resolved;
-                        }
-                        continue;
-                }
-                /*
-                 * Append the next path component and lstat() it. If
-                 * lstat() fails we still can return successfully if
-                 * there are no more path components left.
-                 */
-                resolved_len = strlcat(resolved, next_token, PATH_MAX);
-                if (resolved_len >= PATH_MAX) {
-                        errno = ENAMETOOLONG;
-                        goto err;
-                }
-                if (lstat(resolved, &sb) != 0) {
-                        if (errno == ENOENT && p == NULL) {
-                                errno = serrno;
-                                return (resolved);
-                        }
-                        goto err;
-                }
-                if (S_ISLNK(sb.st_mode)) {
-                        if (symlinks++ > SYMLOOP_MAX) {
-                                errno = ELOOP;
-                                goto err;
-                        }
-                        slen = readlink(resolved, symlink, sizeof(symlink) - 1);
-                        if (slen < 0)
-                                goto err;
-                        symlink[slen] = '\0';
-                        if (symlink[0] == '/') {
-                                resolved[1] = 0;
-                                resolved_len = 1;
-                        } else if (resolved_len > 1) {
-                                /* Strip the last path component. */
-                                resolved[resolved_len - 1] = '\0';
-                                q = strrchr(resolved, '/') + 1;
-                                *q = '\0';
-                                resolved_len = q - resolved;
-                        }
-                        /*
-                         * If there are any path components left, then
-                         * append them to symlink. The result is placed
-                         * in `left'.
-                         */
-                        if (p != NULL) {
-                                if (symlink[slen - 1] != '/') {
-                                        if (slen + 1 >=
-                                            (ptrdiff_t)sizeof(symlink)) {
-                                                errno = ENAMETOOLONG;
-                                                goto err;
-                                        }
-                                        symlink[slen] = '/';
-                                        symlink[slen + 1] = 0;
-                                }
-                                left_len = strlcat(symlink, left, sizeof(symlink));
-                                if (left_len >= sizeof(symlink)) {
-                                        errno = ENAMETOOLONG;
-                                        goto err;
-                                }
-                        }
-                        left_len = strlcpy(left, symlink, sizeof(left));
-                }
-        }
-        /*
-         * Remove trailing slash except when the resolved pathname
-         * is a single "/".
-         */
-        if (resolved_len > 1 && resolved[resolved_len - 1] == '/')
-                resolved[resolved_len - 1] = '\0';
-        return (resolved);
-err:
-        if (mem_allocated)
-                free(resolved);
-        return (NULL);
-}
-#endif /* !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH) */
diff --git a/openbsd-compat/regress/snprintftest.c b/openbsd-compat/regress/snprintftest.c
index 4ca63e180..6dc2e222a 100644
--- a/openbsd-compat/regress/snprintftest.c
+++ b/openbsd-compat/regress/snprintftest.c
@@ -47,7 +47,7 @@ int
 main(void)
 {
        char b[5];
-        char *src;
+        char *src = NULL;
        snprintf(b,5,"123456789");
        if (b[4] != '\0')
@@ -69,5 +69,6 @@ main(void)
        if (x_snprintf(b, 1, "%s %d", "hello", 12345) != 11)
                fail("vsnprintf does not return required length");
+        free(src);
        return failed;
 }
diff --git a/openbsd-compat/regress/utimensattest.c b/openbsd-compat/regress/utimensattest.c
index a7bc7634b..24312e5d8 100644
--- a/openbsd-compat/regress/utimensattest.c
+++ b/openbsd-compat/regress/utimensattest.c
@@ -33,7 +33,14 @@
 int utimensat(int, const char *, const struct timespec[2], int);
-void
+static void
+cleanup(void)
+{
+        (void)unlink(TMPFILE);
+        (void)unlink(TMPFILE2);
+}
+static void
 fail(char *msg, long expect, long got)
 {
        int saved_errno = errno;
@@ -44,6 +51,7 @@ fail(char *msg, long expect, long got)
        else
                fprintf(stderr, "utimensat: %s: expected %ld got %ld\n",
                     msg, expect, got);
+        cleanup();
        exit(1);
 }
@@ -54,6 +62,7 @@ main(void)
        struct stat sb;
        struct timespec ts[2];
+        cleanup();
        if ((fd = open(TMPFILE, O_CREAT, 0600)) == -1)
                fail("open", 0, 0);
        close(fd);
@@ -83,15 +92,27 @@ main(void)
                fail("mtim.tv_nsec", 45678000, sb.st_mtim.tv_nsec);
 #endif
+        /*
+         * POSIX specifies that when given a symlink, AT_SYMLINK_NOFOLLOW
+         * should update the symlink and not the destination.  The compat
+         * code doesn't have a way to do this, so where possible it fails
+         * with instead of following a symlink when explicitly asked not to.
+         * Here we just test that it does not update the destination.
+         */
        if (rename(TMPFILE, TMPFILE2) == -1)
                fail("rename", 0, 0);
        if (symlink(TMPFILE2, TMPFILE) == -1)
                fail("symlink", 0, 0);
+        ts[0].tv_sec = 11223344;
+        ts[1].tv_sec = 55667788;
+        (void)utimensat(AT_FDCWD, TMPFILE, ts, AT_SYMLINK_NOFOLLOW);
+        if (stat(TMPFILE2, &sb) == -1)
+                fail("stat", 0, 0 );
+        if (sb.st_atime == 11223344)
+                fail("utimensat symlink st_atime", 0, 0 );
+        if (sb.st_mtime == 55667788)
+                fail("utimensat symlink st_mtime", 0, 0 );
-        if (utimensat(AT_FDCWD, TMPFILE, ts, AT_SYMLINK_NOFOLLOW) != -1)
+        cleanup();
-                fail("utimensat followed symlink", 0, 0);
-        if (!(unlink(TMPFILE) == 0 && unlink(TMPFILE2) == 0))
-                fail("unlink", 0, 0);
        exit(0);
 }
diff --git a/openbsd-compat/setproctitle.c b/openbsd-compat/setproctitle.c
index dbd1a95a0..e4064323a 100644
--- a/openbsd-compat/setproctitle.c
+++ b/openbsd-compat/setproctitle.c
@@ -36,6 +36,7 @@
 #ifndef HAVE_SETPROCTITLE
 #include <stdarg.h>
+#include <stdio.h>
 #include <stdlib.h>
 #include <unistd.h>
 #ifdef HAVE_SYS_PSTAT_H
diff --git a/openbsd-compat/sha1.c b/openbsd-compat/sha1.c
index 4b5381f87..73f897485 100644
--- a/openbsd-compat/sha1.c
+++ b/openbsd-compat/sha1.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: sha1.c,v 1.23 2014/01/08 06:14:57 tedu Exp $  */
+/*      $OpenBSD: sha1.c,v 1.27 2019/06/07 22:56:36 dtucker Exp $       */
 /*
 * SHA-1 in C
@@ -18,7 +18,7 @@
 #ifndef WITH_OPENSSL
-#include <sys/param.h>
+#include <sys/types.h>
 #include <string.h>
 #define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
@@ -101,6 +101,7 @@ SHA1Transform(u_int32_t state[5], const u_int8_t buffer[SHA1_BLOCK_LENGTH])
        /* Wipe variables */
        a = b = c = d = e = 0;
 }
+DEF_WEAK(SHA1Transform);
 /*
@@ -118,6 +119,7 @@ SHA1Init(SHA1_CTX *context)
        context->state[3] = 0x10325476;
        context->state[4] = 0xC3D2E1F0;
 }
+DEF_WEAK(SHA1Init);
 /*
@@ -129,7 +131,7 @@ SHA1Update(SHA1_CTX *context, const u_int8_t *data, size_t len)
        size_t i, j;
        j = (size_t)((context->count >> 3) & 63);
-        context->count += (len << 3);
+        context->count += ((u_int64_t)len << 3);
        if ((j + len) > 63) {
                (void)memcpy(&context->buffer[j], data, (i = 64-j));
                SHA1Transform(context->state, context->buffer);
@@ -141,6 +143,7 @@ SHA1Update(SHA1_CTX *context, const u_int8_t *data, size_t len)
        }
        (void)memcpy(&context->buffer[j], &data[i], len - i);
 }
+DEF_WEAK(SHA1Update);
 /*
@@ -161,6 +164,7 @@ SHA1Pad(SHA1_CTX *context)
                SHA1Update(context, (u_int8_t *)"\0", 1);
        SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */
 }
+DEF_WEAK(SHA1Pad);
 void
 SHA1Final(u_int8_t digest[SHA1_DIGEST_LENGTH], SHA1_CTX *context)
@@ -172,6 +176,7 @@ SHA1Final(u_int8_t digest[SHA1_DIGEST_LENGTH], SHA1_CTX *context)
                digest[i] = (u_int8_t)
                   ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
        }
-        memset(context, 0, sizeof(*context));
+        explicit_bzero(context, sizeof(*context));
 }
+DEF_WEAK(SHA1Final);
 #endif /* !WITH_OPENSSL */
diff --git a/openbsd-compat/sha2.c b/openbsd-compat/sha2.c
index b55ea30ac..e63324c99 100644
--- a/openbsd-compat/sha2.c
+++ b/openbsd-compat/sha2.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: sha2.c,v 1.11 2005/08/08 08:05:35 espie Exp   */
+/*      $OpenBSD: sha2.c,v 1.28 2019/07/23 12:35:22 dtucker Exp $       */
 /*
 * FILE:        sha2.c
@@ -38,18 +38,14 @@
 #include "includes.h"
-#ifdef WITH_OPENSSL
+#if !defined(HAVE_SHA256UPDATE) || !defined(HAVE_SHA384UPDATE) || \
-# include <openssl/opensslv.h>
+    !defined(HAVE_SHA512UPDATE)
-# if !defined(HAVE_EVP_SHA256) && (OPENSSL_VERSION_NUMBER >= 0x00907000L)
-#  define _NEED_SHA2 1
-# endif
-#else
-# define _NEED_SHA2 1
-#endif
-#if defined(_NEED_SHA2) && !defined(HAVE_SHA256_UPDATE)
+/* no-op out, similar to DEF_WEAK but only needed here */
+#define MAKE_CLONE(x, y)        void __ssh_compat_make_clone_##x_##y(void);
 #include <string.h>
+#include <sha2.h>
 /*
 * UNROLLED TRANSFORM LOOP NOTE:
@@ -64,8 +60,13 @@
 *   #define SHA2_UNROLL_TRANSFORM
 *
 */
+#ifndef SHA2_SMALL
+#if defined(__amd64__) || defined(__i386__)
+#define SHA2_UNROLL_TRANSFORM
+#endif
+#endif
-/*** SHA-256/384/512 Machine Architecture Definitions *****************/
+/*** SHA-224/256/384/512 Machine Architecture Definitions *****************/
 /*
 * BYTE_ORDER NOTE:
 *
@@ -98,8 +99,9 @@
 #endif
-/*** SHA-256/384/512 Various Length Definitions ***********************/
+/*** SHA-224/256/384/512 Various Length Definitions ***********************/
 /* NOTE: Most of these are in sha2.h */
+#define SHA224_SHORT_BLOCK_LENGTH       (SHA224_BLOCK_LENGTH - 8)
 #define SHA256_SHORT_BLOCK_LENGTH       (SHA256_BLOCK_LENGTH - 8)
 #define SHA384_SHORT_BLOCK_LENGTH       (SHA384_BLOCK_LENGTH - 16)
 #define SHA512_SHORT_BLOCK_LENGTH       (SHA512_BLOCK_LENGTH - 16)
@@ -152,22 +154,22 @@
 * Bit shifting and rotation (used by the six SHA-XYZ logical functions:
 *
 *   NOTE:  The naming of R and S appears backwards here (R is a SHIFT and
- *   S is a ROTATION) because the SHA-256/384/512 description document
+ *   S is a ROTATION) because the SHA-224/256/384/512 description document
 *   (see http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf) uses this
 *   same "backwards" definition.
 */
-/* Shift-right (used in SHA-256, SHA-384, and SHA-512): */
+/* Shift-right (used in SHA-224, SHA-256, SHA-384, and SHA-512): */
 #define R(b,x)          ((x) >> (b))
-/* 32-bit Rotate-right (used in SHA-256): */
+/* 32-bit Rotate-right (used in SHA-224 and SHA-256): */
 #define S32(b,x)        (((x) >> (b)) | ((x) << (32 - (b))))
 /* 64-bit Rotate-right (used in SHA-384 and SHA-512): */
 #define S64(b,x)        (((x) >> (b)) | ((x) << (64 - (b))))
-/* Two of six logical functions used in SHA-256, SHA-384, and SHA-512: */
+/* Two of six logical functions used in SHA-224, SHA-256, SHA-384, and SHA-512: */
 #define Ch(x,y,z)       (((x) & (y)) ^ ((~(x)) & (z)))
 #define Maj(x,y,z)      (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
-/* Four of six logical functions used in SHA-256: */
+/* Four of six logical functions used in SHA-224 and SHA-256: */
 #define Sigma0_256(x)   (S32(2,  (x)) ^ S32(13, (x)) ^ S32(22, (x)))
 #define Sigma1_256(x)   (S32(6,  (x)) ^ S32(11, (x)) ^ S32(25, (x)))
 #define sigma0_256(x)   (S32(7,  (x)) ^ S32(18, (x)) ^ R(3 ,   (x)))
@@ -181,8 +183,8 @@
 /*** SHA-XYZ INITIAL HASH VALUES AND CONSTANTS ************************/
-/* Hash constant words K for SHA-256: */
+/* Hash constant words K for SHA-224 and SHA-256: */
-const static u_int32_t K256[64] = {
+static const u_int32_t K256[64] = {
        0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL,
        0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL,
        0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL,
@@ -202,7 +204,7 @@ const static u_int32_t K256[64] = {
 };
 /* Initial hash value H for SHA-256: */
-const static u_int32_t sha256_initial_hash_value[8] = {
+static const u_int32_t sha256_initial_hash_value[8] = {
        0x6a09e667UL,
        0xbb67ae85UL,
        0x3c6ef372UL,
@@ -214,7 +216,7 @@ const static u_int32_t sha256_initial_hash_value[8] = {
 };
 /* Hash constant words K for SHA-384 and SHA-512: */
-const static u_int64_t K512[80] = {
+static const u_int64_t K512[80] = {
        0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL,
        0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL,
        0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL,
@@ -257,8 +259,35 @@ const static u_int64_t K512[80] = {
        0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL
 };
+/* Initial hash value H for SHA-512 */
+static const u_int64_t sha512_initial_hash_value[8] = {
+        0x6a09e667f3bcc908ULL,
+        0xbb67ae8584caa73bULL,
+        0x3c6ef372fe94f82bULL,
+        0xa54ff53a5f1d36f1ULL,
+        0x510e527fade682d1ULL,
+        0x9b05688c2b3e6c1fULL,
+        0x1f83d9abfb41bd6bULL,
+        0x5be0cd19137e2179ULL
+};
+#if !defined(SHA2_SMALL)
+#if 0
+/* Initial hash value H for SHA-224: */
+static const u_int32_t sha224_initial_hash_value[8] = {
+        0xc1059ed8UL,
+        0x367cd507UL,
+        0x3070dd17UL,
+        0xf70e5939UL,
+        0xffc00b31UL,
+        0x68581511UL,
+        0x64f98fa7UL,
+        0xbefa4fa4UL
+};
+#endif /* 0 */
 /* Initial hash value H for SHA-384 */
-const static u_int64_t sha384_initial_hash_value[8] = {
+static const u_int64_t sha384_initial_hash_value[8] = {
        0xcbbb9d5dc1059ed8ULL,
        0x629a292a367cd507ULL,
        0x9159015a3070dd17ULL,
@@ -269,30 +298,67 @@ const static u_int64_t sha384_initial_hash_value[8] = {
        0x47b5481dbefa4fa4ULL
 };
-/* Initial hash value H for SHA-512 */
+#if 0
-const static u_int64_t sha512_initial_hash_value[8] = {
+/* Initial hash value H for SHA-512-256 */
-        0x6a09e667f3bcc908ULL,
+static const u_int64_t sha512_256_initial_hash_value[8] = {
-        0xbb67ae8584caa73bULL,
+        0x22312194fc2bf72cULL,
-        0x3c6ef372fe94f82bULL,
+        0x9f555fa3c84c64c2ULL,
-        0xa54ff53a5f1d36f1ULL,
+        0x2393b86b6f53b151ULL,
-        0x510e527fade682d1ULL,
+        0x963877195940eabdULL,
-        0x9b05688c2b3e6c1fULL,
+        0x96283ee2a88effe3ULL,
-        0x1f83d9abfb41bd6bULL,
+        0xbe5e1e2553863992ULL,
-        0x5be0cd19137e2179ULL
+        0x2b0199fc2c85b8aaULL,
+        0x0eb72ddc81c52ca2ULL
 };
+/*** SHA-224: *********************************************************/
+void
+SHA224Init(SHA2_CTX *context)
+{
+        memcpy(context->state.st32, sha224_initial_hash_value,
+            sizeof(sha224_initial_hash_value));
+        memset(context->buffer, 0, sizeof(context->buffer));
+        context->bitcount[0] = 0;
+}
+DEF_WEAK(SHA224Init);
+MAKE_CLONE(SHA224Transform, SHA256Transform);
+MAKE_CLONE(SHA224Update, SHA256Update);
+MAKE_CLONE(SHA224Pad, SHA256Pad);
+DEF_WEAK(SHA224Transform);
+DEF_WEAK(SHA224Update);
+DEF_WEAK(SHA224Pad);
+void
+SHA224Final(u_int8_t digest[SHA224_DIGEST_LENGTH], SHA2_CTX *context)
+{
+        SHA224Pad(context);
+#if BYTE_ORDER == LITTLE_ENDIAN
+        int     i;
+        /* Convert TO host byte order */
+        for (i = 0; i < 7; i++)
+                BE_32_TO_8(digest + i * 4, context->state.st32[i]);
+#else
+        memcpy(digest, context->state.st32, SHA224_DIGEST_LENGTH);
+#endif
+        explicit_bzero(context, sizeof(*context));
+}
+DEF_WEAK(SHA224Final);
+#endif /* !defined(SHA2_SMALL) */
+#endif /* 0 */
 /*** SHA-256: *********************************************************/
 void
-SHA256_Init(SHA256_CTX *context)
+SHA256Init(SHA2_CTX *context)
 {
-        if (context == NULL)
+        memcpy(context->state.st32, sha256_initial_hash_value,
-                return;
-        memcpy(context->state, sha256_initial_hash_value,
            sizeof(sha256_initial_hash_value));
        memset(context->buffer, 0, sizeof(context->buffer));
-        context->bitcount = 0;
+        context->bitcount[0] = 0;
 }
+DEF_WEAK(SHA256Init);
 #ifdef SHA2_UNROLL_TRANSFORM
@@ -320,7 +386,7 @@ SHA256_Init(SHA256_CTX *context)
 } while(0)
 void
-SHA256_Transform(u_int32_t state[8], const u_int8_t data[SHA256_BLOCK_LENGTH])
+SHA256Transform(u_int32_t state[8], const u_int8_t data[SHA256_BLOCK_LENGTH])
 {
        u_int32_t       a, b, c, d, e, f, g, h, s0, s1;
        u_int32_t       T1, W256[16];
@@ -378,7 +444,7 @@ SHA256_Transform(u_int32_t state[8], const u_int8_t data[SHA256_BLOCK_LENGTH])
 #else /* SHA2_UNROLL_TRANSFORM */
 void
-SHA256_Transform(u_int32_t state[8], const u_int8_t data[SHA256_BLOCK_LENGTH])
+SHA256Transform(u_int32_t state[8], const u_int8_t data[SHA256_BLOCK_LENGTH])
 {
        u_int32_t       a, b, c, d, e, f, g, h, s0, s1;
        u_int32_t       T1, T2, W256[16];
@@ -451,17 +517,18 @@ SHA256_Transform(u_int32_t state[8], const u_int8_t data[SHA256_BLOCK_LENGTH])
 }
 #endif /* SHA2_UNROLL_TRANSFORM */
+DEF_WEAK(SHA256Transform);
 void
-SHA256_Update(SHA256_CTX *context, const u_int8_t *data, size_t len)
+SHA256Update(SHA2_CTX *context, const u_int8_t *data, size_t len)
 {
-        size_t  freespace, usedspace;
+        u_int64_t       freespace, usedspace;
        /* Calling with no data is valid (we do nothing) */
        if (len == 0)
                return;
-        usedspace = (context->bitcount >> 3) % SHA256_BLOCK_LENGTH;
+        usedspace = (context->bitcount[0] >> 3) % SHA256_BLOCK_LENGTH;
        if (usedspace > 0) {
                /* Calculate how much free space is available in the buffer */
                freespace = SHA256_BLOCK_LENGTH - usedspace;
@@ -469,14 +536,14 @@ SHA256_Update(SHA256_CTX *context, const u_int8_t *data, size_t len)
                if (len >= freespace) {
                        /* Fill the buffer completely and process it */
                        memcpy(&context->buffer[usedspace], data, freespace);
-                        context->bitcount += freespace << 3;
+                        context->bitcount[0] += freespace << 3;
                        len -= freespace;
                        data += freespace;
-                        SHA256_Transform(context->state, context->buffer);
+                        SHA256Transform(context->state.st32, context->buffer);
                } else {
                        /* The buffer is not yet full */
                        memcpy(&context->buffer[usedspace], data, len);
-                        context->bitcount += len << 3;
+                        context->bitcount[0] += (u_int64_t)len << 3;
                        /* Clean up: */
                        usedspace = freespace = 0;
                        return;
@@ -484,26 +551,27 @@ SHA256_Update(SHA256_CTX *context, const u_int8_t *data, size_t len)
        }
        while (len >= SHA256_BLOCK_LENGTH) {
                /* Process as many complete blocks as we can */
-                SHA256_Transform(context->state, data);
+                SHA256Transform(context->state.st32, data);
-                context->bitcount += SHA256_BLOCK_LENGTH << 3;
+                context->bitcount[0] += SHA256_BLOCK_LENGTH << 3;
                len -= SHA256_BLOCK_LENGTH;
                data += SHA256_BLOCK_LENGTH;
        }
        if (len > 0) {
                /* There's left-overs, so save 'em */
                memcpy(context->buffer, data, len);
-                context->bitcount += len << 3;
+                context->bitcount[0] += len << 3;
        }
        /* Clean up: */
        usedspace = freespace = 0;
 }
+DEF_WEAK(SHA256Update);
 void
-SHA256_Pad(SHA256_CTX *context)
+SHA256Pad(SHA2_CTX *context)
 {
        unsigned int    usedspace;
-        usedspace = (context->bitcount >> 3) % SHA256_BLOCK_LENGTH;
+        usedspace = (context->bitcount[0] >> 3) % SHA256_BLOCK_LENGTH;
        if (usedspace > 0) {
                /* Begin padding with a 1 bit: */
                context->buffer[usedspace++] = 0x80;
@@ -518,7 +586,7 @@ SHA256_Pad(SHA256_CTX *context)
                                    SHA256_BLOCK_LENGTH - usedspace);
                        }
                        /* Do second-to-last transform: */
-                        SHA256_Transform(context->state, context->buffer);
+                        SHA256Transform(context->state.st32, context->buffer);
                        /* Prepare for last transform: */
                        memset(context->buffer, 0, SHA256_SHORT_BLOCK_LENGTH);
@@ -532,47 +600,45 @@ SHA256_Pad(SHA256_CTX *context)
        }
        /* Store the length of input data (in bits) in big endian format: */
        BE_64_TO_8(&context->buffer[SHA256_SHORT_BLOCK_LENGTH],
-            context->bitcount);
+            context->bitcount[0]);
        /* Final transform: */
-        SHA256_Transform(context->state, context->buffer);
+        SHA256Transform(context->state.st32, context->buffer);
        /* Clean up: */
        usedspace = 0;
 }
+DEF_WEAK(SHA256Pad);
 void
-SHA256_Final(u_int8_t digest[SHA256_DIGEST_LENGTH], SHA256_CTX *context)
+SHA256Final(u_int8_t digest[SHA256_DIGEST_LENGTH], SHA2_CTX *context)
 {
-        SHA256_Pad(context);
+        SHA256Pad(context);
-        /* If no digest buffer is passed, we don't bother doing this: */
-        if (digest != NULL) {
 #if BYTE_ORDER == LITTLE_ENDIAN
-                int     i;
+        int     i;
-                /* Convert TO host byte order */
+        /* Convert TO host byte order */
-                for (i = 0; i < 8; i++)
+        for (i = 0; i < 8; i++)
-                        BE_32_TO_8(digest + i * 4, context->state[i]);
+                BE_32_TO_8(digest + i * 4, context->state.st32[i]);
 #else
-                memcpy(digest, context->state, SHA256_DIGEST_LENGTH);
+        memcpy(digest, context->state.st32, SHA256_DIGEST_LENGTH);
 #endif
-                memset(context, 0, sizeof(*context));
+        explicit_bzero(context, sizeof(*context));
-        }
 }
+DEF_WEAK(SHA256Final);
 /*** SHA-512: *********************************************************/
 void
-SHA512_Init(SHA512_CTX *context)
+SHA512Init(SHA2_CTX *context)
 {
-        if (context == NULL)
+        memcpy(context->state.st64, sha512_initial_hash_value,
-                return;
-        memcpy(context->state, sha512_initial_hash_value,
            sizeof(sha512_initial_hash_value));
        memset(context->buffer, 0, sizeof(context->buffer));
        context->bitcount[0] = context->bitcount[1] =  0;
 }
+DEF_WEAK(SHA512Init);
 #ifdef SHA2_UNROLL_TRANSFORM
@@ -601,7 +667,7 @@ SHA512_Init(SHA512_CTX *context)
 } while(0)
 void
-SHA512_Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH])
+SHA512Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH])
 {
        u_int64_t       a, b, c, d, e, f, g, h, s0, s1;
        u_int64_t       T1, W512[16];
@@ -659,7 +725,7 @@ SHA512_Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH])
 #else /* SHA2_UNROLL_TRANSFORM */
 void
-SHA512_Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH])
+SHA512Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH])
 {
        u_int64_t       a, b, c, d, e, f, g, h, s0, s1;
        u_int64_t       T1, T2, W512[16];
@@ -732,9 +798,10 @@ SHA512_Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH])
 }
 #endif /* SHA2_UNROLL_TRANSFORM */
+DEF_WEAK(SHA512Transform);
 void
-SHA512_Update(SHA512_CTX *context, const u_int8_t *data, size_t len)
+SHA512Update(SHA2_CTX *context, const u_int8_t *data, size_t len)
 {
        size_t  freespace, usedspace;
@@ -753,7 +820,7 @@ SHA512_Update(SHA512_CTX *context, const u_int8_t *data, size_t len)
                        ADDINC128(context->bitcount, freespace << 3);
                        len -= freespace;
                        data += freespace;
-                        SHA512_Transform(context->state, context->buffer);
+                        SHA512Transform(context->state.st64, context->buffer);
                } else {
                        /* The buffer is not yet full */
                        memcpy(&context->buffer[usedspace], data, len);
@@ -765,7 +832,7 @@ SHA512_Update(SHA512_CTX *context, const u_int8_t *data, size_t len)
        }
        while (len >= SHA512_BLOCK_LENGTH) {
                /* Process as many complete blocks as we can */
-                SHA512_Transform(context->state, data);
+                SHA512Transform(context->state.st64, data);
                ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3);
                len -= SHA512_BLOCK_LENGTH;
                data += SHA512_BLOCK_LENGTH;
@@ -778,9 +845,10 @@ SHA512_Update(SHA512_CTX *context, const u_int8_t *data, size_t len)
        /* Clean up: */
        usedspace = freespace = 0;
 }
+DEF_WEAK(SHA512Update);
 void
-SHA512_Pad(SHA512_CTX *context)
+SHA512Pad(SHA2_CTX *context)
 {
        unsigned int    usedspace;
@@ -797,7 +865,7 @@ SHA512_Pad(SHA512_CTX *context)
                                memset(&context->buffer[usedspace], 0, SHA512_BLOCK_LENGTH - usedspace);
                        }
                        /* Do second-to-last transform: */
-                        SHA512_Transform(context->state, context->buffer);
+                        SHA512Transform(context->state.st64, context->buffer);
                        /* And set-up for the last transform: */
                        memset(context->buffer, 0, SHA512_BLOCK_LENGTH - 2);
@@ -816,89 +884,127 @@ SHA512_Pad(SHA512_CTX *context)
            context->bitcount[0]);
        /* Final transform: */
-        SHA512_Transform(context->state, context->buffer);
+        SHA512Transform(context->state.st64, context->buffer);
        /* Clean up: */
        usedspace = 0;
 }
+DEF_WEAK(SHA512Pad);
 void
-SHA512_Final(u_int8_t digest[SHA512_DIGEST_LENGTH], SHA512_CTX *context)
+SHA512Final(u_int8_t digest[SHA512_DIGEST_LENGTH], SHA2_CTX *context)
 {
-        SHA512_Pad(context);
+        SHA512Pad(context);
-        /* If no digest buffer is passed, we don't bother doing this: */
-        if (digest != NULL) {
 #if BYTE_ORDER == LITTLE_ENDIAN
-                int     i;
+        int     i;
-                /* Convert TO host byte order */
+        /* Convert TO host byte order */
-                for (i = 0; i < 8; i++)
+        for (i = 0; i < 8; i++)
-                        BE_64_TO_8(digest + i * 8, context->state[i]);
+                BE_64_TO_8(digest + i * 8, context->state.st64[i]);
 #else
-                memcpy(digest, context->state, SHA512_DIGEST_LENGTH);
+        memcpy(digest, context->state.st64, SHA512_DIGEST_LENGTH);
 #endif
-                memset(context, 0, sizeof(*context));
+        explicit_bzero(context, sizeof(*context));
-        }
 }
+DEF_WEAK(SHA512Final);
+#if !defined(SHA2_SMALL)
 /*** SHA-384: *********************************************************/
 void
-SHA384_Init(SHA384_CTX *context)
+SHA384Init(SHA2_CTX *context)
 {
-        if (context == NULL)
+        memcpy(context->state.st64, sha384_initial_hash_value,
-                return;
-        memcpy(context->state, sha384_initial_hash_value,
            sizeof(sha384_initial_hash_value));
        memset(context->buffer, 0, sizeof(context->buffer));
        context->bitcount[0] = context->bitcount[1] = 0;
 }
+DEF_WEAK(SHA384Init);
-#if 0
+MAKE_CLONE(SHA384Transform, SHA512Transform);
-__weak_alias(SHA384_Transform, SHA512_Transform);
+MAKE_CLONE(SHA384Update, SHA512Update);
-__weak_alias(SHA384_Update, SHA512_Update);
+MAKE_CLONE(SHA384Pad, SHA512Pad);
-__weak_alias(SHA384_Pad, SHA512_Pad);
+DEF_WEAK(SHA384Transform);
-#endif
+DEF_WEAK(SHA384Update);
+DEF_WEAK(SHA384Pad);
+/* Equivalent of MAKE_CLONE (which is a no-op) for SHA384 funcs */
 void
-SHA384_Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH])
+SHA384Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH])
 {
-        return SHA512_Transform(state, data);
+        SHA512Transform(state, data);
 }
 void
-SHA384_Update(SHA512_CTX *context, const u_int8_t *data, size_t len)
+SHA384Update(SHA2_CTX *context, const u_int8_t *data, size_t len)
 {
-        SHA512_Update(context, data, len);
+        SHA512Update(context, data, len);
 }
 void
-SHA384_Pad(SHA512_CTX *context)
+SHA384Pad(SHA2_CTX *context)
 {
-        SHA512_Pad(context);
+        SHA512Pad(context);
 }
 void
-SHA384_Final(u_int8_t digest[SHA384_DIGEST_LENGTH], SHA384_CTX *context)
+SHA384Final(u_int8_t digest[SHA384_DIGEST_LENGTH], SHA2_CTX *context)
 {
-        SHA384_Pad(context);
+        SHA384Pad(context);
-        /* If no digest buffer is passed, we don't bother doing this: */
-        if (digest != NULL) {
 #if BYTE_ORDER == LITTLE_ENDIAN
-                int     i;
+        int     i;
-                /* Convert TO host byte order */
+        /* Convert TO host byte order */
-                for (i = 0; i < 6; i++)
+        for (i = 0; i < 6; i++)
-                        BE_64_TO_8(digest + i * 8, context->state[i]);
+                BE_64_TO_8(digest + i * 8, context->state.st64[i]);
 #else
-                memcpy(digest, context->state, SHA384_DIGEST_LENGTH);
+        memcpy(digest, context->state.st64, SHA384_DIGEST_LENGTH);
 #endif
-        }
+        /* Zero out state data */
+        explicit_bzero(context, sizeof(*context));
+}
+DEF_WEAK(SHA384Final);
+#if 0
+/*** SHA-512/256: *********************************************************/
+void
+SHA512_256Init(SHA2_CTX *context)
+{
+        memcpy(context->state.st64, sha512_256_initial_hash_value,
+            sizeof(sha512_256_initial_hash_value));
+        memset(context->buffer, 0, sizeof(context->buffer));
+        context->bitcount[0] = context->bitcount[1] = 0;
+}
+DEF_WEAK(SHA512_256Init);
+MAKE_CLONE(SHA512_256Transform, SHA512Transform);
+MAKE_CLONE(SHA512_256Update, SHA512Update);
+MAKE_CLONE(SHA512_256Pad, SHA512Pad);
+DEF_WEAK(SHA512_256Transform);
+DEF_WEAK(SHA512_256Update);
+DEF_WEAK(SHA512_256Pad);
+void
+SHA512_256Final(u_int8_t digest[SHA512_256_DIGEST_LENGTH], SHA2_CTX *context)
+{
+        SHA512_256Pad(context);
+#if BYTE_ORDER == LITTLE_ENDIAN
+        int     i;
+        /* Convert TO host byte order */
+        for (i = 0; i < 4; i++)
+                BE_64_TO_8(digest + i * 8, context->state.st64[i]);
+#else
+        memcpy(digest, context->state.st64, SHA512_256_DIGEST_LENGTH);
+#endif
        /* Zero out state data */
-        memset(context, 0, sizeof(*context));
+        explicit_bzero(context, sizeof(*context));
 }
+DEF_WEAK(SHA512_256Final);
+#endif /* !defined(SHA2_SMALL) */
+#endif /* 0 */
-#endif /* defined(_NEED_SHA2) && !defined(HAVE_SHA256_UPDATE) */
+#endif /* HAVE_SHA{256,384,512}UPDATE */
diff --git a/openbsd-compat/sha2.h b/openbsd-compat/sha2.h
index c6e6c97a5..d051e96e8 100644
--- a/openbsd-compat/sha2.h
+++ b/openbsd-compat/sha2.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: sha2.h,v 1.6 2004/06/22 01:57:30 jfb Exp      */
+/*      $OpenBSD: sha2.h,v 1.10 2016/09/03 17:00:29 tedu Exp $  */
 /*
 * FILE:        sha2.h
@@ -41,18 +41,13 @@
 #include "includes.h"
-#ifdef WITH_OPENSSL
+#if !defined(HAVE_SHA256UPDATE) || !defined(HAVE_SHA384UPDATE) || \
-# include <openssl/opensslv.h>
+    !defined(HAVE_SHA512UPDATE)
-# if !defined(HAVE_EVP_SHA256) && (OPENSSL_VERSION_NUMBER >= 0x00907000L)
-#  define _NEED_SHA2 1
-# endif
-#else
-# define _NEED_SHA2 1
-#endif
-#if defined(_NEED_SHA2) && !defined(HAVE_SHA256_UPDATE)
 /*** SHA-256/384/512 Various Length Definitions ***********************/
+#define SHA224_BLOCK_LENGTH             64
+#define SHA224_DIGEST_LENGTH            28
+#define SHA224_DIGEST_STRING_LENGTH     (SHA224_DIGEST_LENGTH * 2 + 1)
 #define SHA256_BLOCK_LENGTH             64
 #define SHA256_DIGEST_LENGTH            32
 #define SHA256_DIGEST_STRING_LENGTH     (SHA256_DIGEST_LENGTH * 2 + 1)
@@ -62,73 +57,118 @@
 #define SHA512_BLOCK_LENGTH             128
 #define SHA512_DIGEST_LENGTH            64
 #define SHA512_DIGEST_STRING_LENGTH     (SHA512_DIGEST_LENGTH * 2 + 1)
+#define SHA512_256_BLOCK_LENGTH         128
+#define SHA512_256_DIGEST_LENGTH        32
+#define SHA512_256_DIGEST_STRING_LENGTH (SHA512_256_DIGEST_LENGTH * 2 + 1)
-/*** SHA-256/384/512 Context Structures *******************************/
+/*** SHA-224/256/384/512 Context Structure *******************************/
-typedef struct _SHA256_CTX {
+typedef struct _SHA2_CTX {
-        u_int32_t       state[8];
+        union {
-        u_int64_t       bitcount;
+                u_int32_t       st32[8];
-        u_int8_t        buffer[SHA256_BLOCK_LENGTH];
+                u_int64_t       st64[8];
-} SHA256_CTX;
+        } state;
-typedef struct _SHA512_CTX {
-        u_int64_t       state[8];
        u_int64_t       bitcount[2];
        u_int8_t        buffer[SHA512_BLOCK_LENGTH];
-} SHA512_CTX;
+} SHA2_CTX;
-typedef SHA512_CTX SHA384_CTX;
+#if 0
+__BEGIN_DECLS
+void SHA224Init(SHA2_CTX *);
+void SHA224Transform(u_int32_t state[8], const u_int8_t [SHA224_BLOCK_LENGTH]);
+void SHA224Update(SHA2_CTX *, const u_int8_t *, size_t)
+        __attribute__((__bounded__(__string__,2,3)));
+void SHA224Pad(SHA2_CTX *);
+void SHA224Final(u_int8_t [SHA224_DIGEST_LENGTH], SHA2_CTX *)
+        __attribute__((__bounded__(__minbytes__,1,SHA224_DIGEST_LENGTH)));
+char *SHA224End(SHA2_CTX *, char *)
+        __attribute__((__bounded__(__minbytes__,2,SHA224_DIGEST_STRING_LENGTH)));
+char *SHA224File(const char *, char *)
+        __attribute__((__bounded__(__minbytes__,2,SHA224_DIGEST_STRING_LENGTH)));
+char *SHA224FileChunk(const char *, char *, off_t, off_t)
+        __attribute__((__bounded__(__minbytes__,2,SHA224_DIGEST_STRING_LENGTH)));
+char *SHA224Data(const u_int8_t *, size_t, char *)
+        __attribute__((__bounded__(__string__,1,2)))
+        __attribute__((__bounded__(__minbytes__,3,SHA224_DIGEST_STRING_LENGTH)));
+#endif /* 0 */
-void SHA256_Init(SHA256_CTX *);
+#ifndef HAVE_SHA256UPDATE
-void SHA256_Transform(u_int32_t state[8], const u_int8_t [SHA256_BLOCK_LENGTH]);
+void SHA256Init(SHA2_CTX *);
-void SHA256_Update(SHA256_CTX *, const u_int8_t *, size_t)
+void SHA256Transform(u_int32_t state[8], const u_int8_t [SHA256_BLOCK_LENGTH]);
+void SHA256Update(SHA2_CTX *, const u_int8_t *, size_t)
        __attribute__((__bounded__(__string__,2,3)));
-void SHA256_Pad(SHA256_CTX *);
+void SHA256Pad(SHA2_CTX *);
-void SHA256_Final(u_int8_t [SHA256_DIGEST_LENGTH], SHA256_CTX *)
+void SHA256Final(u_int8_t [SHA256_DIGEST_LENGTH], SHA2_CTX *)
        __attribute__((__bounded__(__minbytes__,1,SHA256_DIGEST_LENGTH)));
-char *SHA256_End(SHA256_CTX *, char *)
+char *SHA256End(SHA2_CTX *, char *)
        __attribute__((__bounded__(__minbytes__,2,SHA256_DIGEST_STRING_LENGTH)));
-char *SHA256_File(const char *, char *)
+char *SHA256File(const char *, char *)
        __attribute__((__bounded__(__minbytes__,2,SHA256_DIGEST_STRING_LENGTH)));
-char *SHA256_FileChunk(const char *, char *, off_t, off_t)
+char *SHA256FileChunk(const char *, char *, off_t, off_t)
        __attribute__((__bounded__(__minbytes__,2,SHA256_DIGEST_STRING_LENGTH)));
-char *SHA256_Data(const u_int8_t *, size_t, char *)
+char *SHA256Data(const u_int8_t *, size_t, char *)
        __attribute__((__bounded__(__string__,1,2)))
        __attribute__((__bounded__(__minbytes__,3,SHA256_DIGEST_STRING_LENGTH)));
+#endif /* HAVE_SHA256UPDATE */
-void SHA384_Init(SHA384_CTX *);
+#ifndef HAVE_SHA384UPDATE
-void SHA384_Transform(u_int64_t state[8], const u_int8_t [SHA384_BLOCK_LENGTH]);
+void SHA384Init(SHA2_CTX *);
-void SHA384_Update(SHA384_CTX *, const u_int8_t *, size_t)
+void SHA384Transform(u_int64_t state[8], const u_int8_t [SHA384_BLOCK_LENGTH]);
+void SHA384Update(SHA2_CTX *, const u_int8_t *, size_t)
        __attribute__((__bounded__(__string__,2,3)));
-void SHA384_Pad(SHA384_CTX *);
+void SHA384Pad(SHA2_CTX *);
-void SHA384_Final(u_int8_t [SHA384_DIGEST_LENGTH], SHA384_CTX *)
+void SHA384Final(u_int8_t [SHA384_DIGEST_LENGTH], SHA2_CTX *)
        __attribute__((__bounded__(__minbytes__,1,SHA384_DIGEST_LENGTH)));
-char *SHA384_End(SHA384_CTX *, char *)
+char *SHA384End(SHA2_CTX *, char *)
        __attribute__((__bounded__(__minbytes__,2,SHA384_DIGEST_STRING_LENGTH)));
-char *SHA384_File(const char *, char *)
+char *SHA384File(const char *, char *)
        __attribute__((__bounded__(__minbytes__,2,SHA384_DIGEST_STRING_LENGTH)));
-char *SHA384_FileChunk(const char *, char *, off_t, off_t)
+char *SHA384FileChunk(const char *, char *, off_t, off_t)
        __attribute__((__bounded__(__minbytes__,2,SHA384_DIGEST_STRING_LENGTH)));
-char *SHA384_Data(const u_int8_t *, size_t, char *)
+char *SHA384Data(const u_int8_t *, size_t, char *)
        __attribute__((__bounded__(__string__,1,2)))
        __attribute__((__bounded__(__minbytes__,3,SHA384_DIGEST_STRING_LENGTH)));
+#endif /* HAVE_SHA384UPDATE */
-void SHA512_Init(SHA512_CTX *);
+#ifndef HAVE_SHA512UPDATE
-void SHA512_Transform(u_int64_t state[8], const u_int8_t [SHA512_BLOCK_LENGTH]);
+void SHA512Init(SHA2_CTX *);
-void SHA512_Update(SHA512_CTX *, const u_int8_t *, size_t)
+void SHA512Transform(u_int64_t state[8], const u_int8_t [SHA512_BLOCK_LENGTH]);
+void SHA512Update(SHA2_CTX *, const u_int8_t *, size_t)
        __attribute__((__bounded__(__string__,2,3)));
-void SHA512_Pad(SHA512_CTX *);
+void SHA512Pad(SHA2_CTX *);
-void SHA512_Final(u_int8_t [SHA512_DIGEST_LENGTH], SHA512_CTX *)
+void SHA512Final(u_int8_t [SHA512_DIGEST_LENGTH], SHA2_CTX *)
        __attribute__((__bounded__(__minbytes__,1,SHA512_DIGEST_LENGTH)));
-char *SHA512_End(SHA512_CTX *, char *)
+char *SHA512End(SHA2_CTX *, char *)
        __attribute__((__bounded__(__minbytes__,2,SHA512_DIGEST_STRING_LENGTH)));
-char *SHA512_File(const char *, char *)
+char *SHA512File(const char *, char *)
        __attribute__((__bounded__(__minbytes__,2,SHA512_DIGEST_STRING_LENGTH)));
-char *SHA512_FileChunk(const char *, char *, off_t, off_t)
+char *SHA512FileChunk(const char *, char *, off_t, off_t)
        __attribute__((__bounded__(__minbytes__,2,SHA512_DIGEST_STRING_LENGTH)));
-char *SHA512_Data(const u_int8_t *, size_t, char *)
+char *SHA512Data(const u_int8_t *, size_t, char *)
        __attribute__((__bounded__(__string__,1,2)))
        __attribute__((__bounded__(__minbytes__,3,SHA512_DIGEST_STRING_LENGTH)));
+#endif /* HAVE_SHA512UPDATE */
+#if 0
+void SHA512_256Init(SHA2_CTX *);
+void SHA512_256Transform(u_int64_t state[8], const u_int8_t [SHA512_256_BLOCK_LENGTH]);
+void SHA512_256Update(SHA2_CTX *, const u_int8_t *, size_t)
+        __attribute__((__bounded__(__string__,2,3)));
+void SHA512_256Pad(SHA2_CTX *);
+void SHA512_256Final(u_int8_t [SHA512_256_DIGEST_LENGTH], SHA2_CTX *)
+        __attribute__((__bounded__(__minbytes__,1,SHA512_256_DIGEST_LENGTH)));
+char *SHA512_256End(SHA2_CTX *, char *)
+        __attribute__((__bounded__(__minbytes__,2,SHA512_256_DIGEST_STRING_LENGTH)));
+char *SHA512_256File(const char *, char *)
+        __attribute__((__bounded__(__minbytes__,2,SHA512_256_DIGEST_STRING_LENGTH)));
+char *SHA512_256FileChunk(const char *, char *, off_t, off_t)
+        __attribute__((__bounded__(__minbytes__,2,SHA512_256_DIGEST_STRING_LENGTH)));
+char *SHA512_256Data(const u_int8_t *, size_t, char *)
+        __attribute__((__bounded__(__string__,1,2)))
+        __attribute__((__bounded__(__minbytes__,3,SHA512_256_DIGEST_STRING_LENGTH)));
+__END_DECLS
+#endif /* 0 */
-#endif /* defined(_NEED_SHA2) && !defined(HAVE_SHA256_UPDATE) */
+#endif /* HAVE_SHA{256,384,512}UPDATE */
 #endif /* _SSHSHA2_H */
author	Colin Watson <cjwatson@debian.org>	2019-10-09 22:59:48 +0100
committer	Colin Watson <cjwatson@debian.org>	2019-10-09 22:59:48 +0100
commit	4213eec74e74de6310c27a40c3e9759a08a73996 (patch)
tree	e97a6dcafc6763aea7c804e4e113c2750cb1400d /openbsd-compat
parent	102062f825fb26a74295a1c089c00c4c4c76b68a (diff)
parent	cdf1d0a9f5d18535e0a18ff34860e81a6d83aa5c (diff)