* New upstream release (http://www.openssh.org/txt/release-5.7):

  - Implement Elliptic Curve Cryptography modes for key exchange (ECDH)
    and host/user keys (ECDSA) as specified by RFC5656.  ECDH and ECDSA
    offer better performance than plain DH and DSA at the same equivalent
    symmetric key length, as well as much shorter keys.
  - sftp(1)/sftp-server(8): add a protocol extension to support a hard
    link operation.  It is available through the "ln" command in the
    client.  The old "ln" behaviour of creating a symlink is available
    using its "-s" option or through the preexisting "symlink" command.
  - scp(1): Add a new -3 option to scp: Copies between two remote hosts
    are transferred through the local host (closes: #508613).
  - ssh(1): "atomically" create the listening mux socket by binding it on
    a temporary name and then linking it into position after listen() has
    succeeded.  This allows the mux clients to determine that the server
    socket is either ready or stale without races (closes: #454784).
    Stale server sockets are now automatically removed (closes: #523250).
  - ssh(1): install a SIGCHLD handler to reap expired child process
    (closes: #594687).
  - ssh(1)/ssh-agent(1): honour $TMPDIR for client xauth and ssh-agent
    temporary directories (closes: #357469, although only if you arrange
    for ssh-agent to actually see $TMPDIR since the setgid bit will cause
    it to be stripped off).

14 files changed, 488 insertions, 117 deletions

diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in
index d22efd66c..41b22d837 100644
--- a/openbsd-compat/Makefile.in
+++ b/openbsd-compat/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.45 2010/08/16 03:15:23 dtucker Exp $
+# $Id: Makefile.in,v 1.46 2010/10/07 11:19:24 djm Exp $
 
 sysconfdir=@sysconfdir@
 piddir=@piddir@
@@ -16,7 +16,7 @@ RANLIB=@RANLIB@
 INSTALL=@INSTALL@
 LDFLAGS=-L. @LDFLAGS@
 
-OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o vis.o
+OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o timingsafe_bcmp.o vis.o
 
 COMPAT=bsd-arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o
 
diff --git a/openbsd-compat/bindresvport.c b/openbsd-compat/bindresvport.c
index c0d5bdb5c..c89f21403 100644
--- a/openbsd-compat/bindresvport.c
+++ b/openbsd-compat/bindresvport.c
@@ -89,7 +89,7 @@ bindresvport_sa(int sd, struct sockaddr *sa)
 
         port = ntohs(*portp);
         if (port == 0)
-                port = (arc4random() % NPORTS) + STARTPORT;
+                port = arc4random_uniform(NPORTS) + STARTPORT;
 
         /* Avoid warning */
         error = -1;
diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c
index 55f100ac0..3ef373f56 100644
--- a/openbsd-compat/bsd-misc.c
+++ b/openbsd-compat/bsd-misc.c
@@ -240,3 +240,10 @@ strdup(const char *str)
         return NULL;
 }
 #endif
+
+#ifndef HAVE_ISBLANK
+int isblank(int c)
+{
+        return (c == ' ' || c == '\t');
+}
+#endif
diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h
index b61ec4244..e70c3f9e9 100644
--- a/openbsd-compat/bsd-misc.h
+++ b/openbsd-compat/bsd-misc.h
@@ -1,4 +1,4 @@
-/* $Id: bsd-misc.h,v 1.18 2005/02/25 23:07:38 dtucker Exp $ */
+/* $Id: bsd-misc.h,v 1.19 2010/11/08 22:26:23 tim Exp $ */
 
 /*
  * Copyright (c) 1999-2004 Damien Miller <djm@mindrot.org>
@@ -95,4 +95,8 @@ mysig_t mysignal(int sig, mysig_t act);
 
 #define signal(a,b) mysignal(a,b)
 
+#ifndef HAVE_ISBLANK
+int     isblank(int);
+#endif
+
 #endif /* _BSD_MISC_H */
diff --git a/openbsd-compat/charclass.h b/openbsd-compat/charclass.h
new file mode 100644
index 000000000..91f517447
--- /dev/null
+++ b/openbsd-compat/charclass.h
@@ -0,0 +1,31 @@
+/*
+ * Public domain, 2008, Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ * $OpenBSD: charclass.h,v 1.1 2008/10/01 23:04:13 millert Exp $
+ */
+
+/* OPENBSD ORIGINAL: lib/libc/gen/charclass.h */
+
+/*
+ * POSIX character class support for fnmatch() and glob().
+ */
+static struct cclass {
+        const char *name;
+        int (*isctype)(int);
+} cclasses[] = {
+        { "alnum",      isalnum },
+        { "alpha",      isalpha },
+        { "blank",      isblank },
+        { "cntrl",      iscntrl },
+        { "digit",      isdigit },
+        { "graph",      isgraph },
+        { "lower",      islower },
+        { "print",      isprint },
+        { "punct",      ispunct },
+        { "space",      isspace },
+        { "upper",      isupper },
+        { "xdigit",     isxdigit },
+        { NULL,         NULL }
+};
+
+#define NCCLASSES       (sizeof(cclasses) / sizeof(cclasses[0]) - 1)
diff --git a/openbsd-compat/glob.c b/openbsd-compat/glob.c
index 74b506403..0341225cd 100644
--- a/openbsd-compat/glob.c
+++ b/openbsd-compat/glob.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: glob.c,v 1.26 2005/11/28 17:50:12 deraadt Exp $ */
+/*      $OpenBSD: glob.c,v 1.35 2011/01/12 01:53:14 djm Exp $ */
 /*
  * Copyright (c) 1989, 1993
  *      The Regents of the University of California.  All rights reserved.
@@ -33,36 +33,6 @@
 
 /* OPENBSD ORIGINAL: lib/libc/gen/glob.c */
 
-#include "includes.h"
-
-#include <sys/types.h>
-#include <sys/stat.h>
-
-#include <dirent.h>
-#include <ctype.h>
-#include <errno.h>
-#include <pwd.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-
-#if !defined(HAVE_GLOB) || !defined(GLOB_HAS_ALTDIRFUNC) || \
-    !defined(GLOB_HAS_GL_MATCHC) || \
-    !defined(HAVE_DECL_GLOB_NOMATCH) || HAVE_DECL_GLOB_NOMATCH == 0 || \
-    defined(BROKEN_GLOB)
-
-static long
-get_arg_max(void)
-{
-#ifdef ARG_MAX
-        return(ARG_MAX);
-#elif defined(HAVE_SYSCONF) && defined(_SC_ARG_MAX)
-        return(sysconf(_SC_ARG_MAX));
-#else
-        return(256); /* XXX: arbitrary */
-#endif
-}
-
 /*
  * glob(3) -- a superset of the one defined in POSIX 1003.2.
  *
@@ -88,6 +58,25 @@ get_arg_max(void)
  *      Number of matches in the current invocation of glob.
  */
 
+#include "includes.h"
+
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include <dirent.h>
+#include <ctype.h>
+#include <errno.h>
+#include <pwd.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#if !defined(HAVE_GLOB) || !defined(GLOB_HAS_ALTDIRFUNC) || \
+    !defined(GLOB_HAS_GL_MATCHC) || !defined(GLOB_HAS_GL_STATV) || \
+    !defined(HAVE_DECL_GLOB_NOMATCH) || HAVE_DECL_GLOB_NOMATCH == 0 || \
+    defined(BROKEN_GLOB)
+
+#include "charclass.h"
 
 #define DOLLAR          '$'
 #define DOT             '.'
@@ -100,7 +89,6 @@ get_arg_max(void)
 #define RBRACKET        ']'
 #define SEP             '/'
 #define STAR            '*'
-#undef TILDE                    /* Some platforms may already define it */
 #define TILDE           '~'
 #define UNDERSCORE      '_'
 #define LBRACE          '{'
@@ -137,26 +125,39 @@ typedef char Char;
 #define M_ONE           META('?')
 #define M_RNG           META('-')
 #define M_SET           META('[')
+#define M_CLASS         META(':')
 #define ismeta(c)       (((c)&M_QUOTE) != 0)
 
+#define GLOB_LIMIT_MALLOC       65536
+#define GLOB_LIMIT_STAT         128
+#define GLOB_LIMIT_READDIR      16384
+
+struct glob_lim {
+        size_t  glim_malloc;
+        size_t  glim_stat;
+        size_t  glim_readdir;
+};
 
 static int       compare(const void *, const void *);
 static int       g_Ctoc(const Char *, char *, u_int);
 static int       g_lstat(Char *, struct stat *, glob_t *);
 static DIR      *g_opendir(Char *, glob_t *);
-static Char     *g_strchr(Char *, int);
+static Char     *g_strchr(const Char *, int);
+static int       g_strncmp(const Char *, const char *, size_t);
 static int       g_stat(Char *, struct stat *, glob_t *);
-static int       glob0(const Char *, glob_t *);
-static int       glob1(Char *, Char *, glob_t *, size_t *);
+static int       glob0(const Char *, glob_t *, struct glob_lim *);
+static int       glob1(Char *, Char *, glob_t *, struct glob_lim *);
 static int       glob2(Char *, Char *, Char *, Char *, Char *, Char *,
-                    glob_t *, size_t *);
+                    glob_t *, struct glob_lim *);
 static int       glob3(Char *, Char *, Char *, Char *, Char *,
-                    Char *, Char *, glob_t *, size_t *);
-static int       globextend(const Char *, glob_t *, size_t *);
+                    Char *, Char *, glob_t *, struct glob_lim *);
+static int       globextend(const Char *, glob_t *, struct glob_lim *,
+                    struct stat *);
 static const Char *
                  globtilde(const Char *, Char *, size_t, glob_t *);
-static int       globexp1(const Char *, glob_t *);
-static int       globexp2(const Char *, const Char *, glob_t *, int *);
+static int       globexp1(const Char *, glob_t *, struct glob_lim *);
+static int       globexp2(const Char *, const Char *, glob_t *,
+                    struct glob_lim *);
 static int       match(Char *, Char *, Char *);
 #ifdef DEBUG
 static void      qprintf(const char *, Char *);
@@ -169,11 +170,13 @@ glob(const char *pattern, int flags, int (*errfunc)(const char *, int),
         const u_char *patnext;
         int c;
         Char *bufnext, *bufend, patbuf[MAXPATHLEN];
+        struct glob_lim limit = { 0, 0, 0 };
 
         patnext = (u_char *) pattern;
         if (!(flags & GLOB_APPEND)) {
                 pglob->gl_pathc = 0;
                 pglob->gl_pathv = NULL;
+                pglob->gl_statv = NULL;
                 if (!(flags & GLOB_DOOFFS))
                         pglob->gl_offs = 0;
         }
@@ -181,6 +184,11 @@ glob(const char *pattern, int flags, int (*errfunc)(const char *, int),
         pglob->gl_errfunc = errfunc;
         pglob->gl_matchc = 0;
 
+        if (pglob->gl_offs < 0 || pglob->gl_pathc < 0 ||
+            pglob->gl_offs >= INT_MAX || pglob->gl_pathc >= INT_MAX ||
+            pglob->gl_pathc >= INT_MAX - pglob->gl_offs - 1)
+                return GLOB_NOSPACE;
+
         bufnext = patbuf;
         bufend = bufnext + MAXPATHLEN - 1;
         if (flags & GLOB_NOESCAPE)
@@ -201,9 +209,9 @@ glob(const char *pattern, int flags, int (*errfunc)(const char *, int),
         *bufnext = EOS;
 
         if (flags & GLOB_BRACE)
-                return globexp1(patbuf, pglob);
+                return globexp1(patbuf, pglob, &limit);
         else
-                return glob0(patbuf, pglob);
+                return glob0(patbuf, pglob, &limit);
 }
 
 /*
@@ -212,20 +220,18 @@ glob(const char *pattern, int flags, int (*errfunc)(const char *, int),
  * characters
  */
 static int
-globexp1(const Char *pattern, glob_t *pglob)
+globexp1(const Char *pattern, glob_t *pglob, struct glob_lim *limitp)
 {
         const Char* ptr = pattern;
-        int rv;
 
         /* Protect a single {}, for find(1), like csh */
         if (pattern[0] == LBRACE && pattern[1] == RBRACE && pattern[2] == EOS)
-                return glob0(pattern, pglob);
+                return glob0(pattern, pglob, limitp);
 
-        while ((ptr = (const Char *) g_strchr((Char *) ptr, LBRACE)) != NULL)
-                if (!globexp2(ptr, pattern, pglob, &rv))
-                        return rv;
+        if ((ptr = (const Char *) g_strchr(ptr, LBRACE)) != NULL)
+                return globexp2(ptr, pattern, pglob, limitp);
 
-        return glob0(pattern, pglob);
+        return glob0(pattern, pglob, limitp);
 }
 
 
@@ -235,9 +241,10 @@ globexp1(const Char *pattern, glob_t *pglob)
  * If it fails then it tries to glob the rest of the pattern and returns.
  */
 static int
-globexp2(const Char *ptr, const Char *pattern, glob_t *pglob, int *rv)
+globexp2(const Char *ptr, const Char *pattern, glob_t *pglob,
+    struct glob_lim *limitp)
 {
-        int     i;
+        int     i, rv;
         Char   *lm, *ls;
         const Char *pe, *pm, *pl;
         Char    patbuf[MAXPATHLEN];
@@ -270,10 +277,8 @@ globexp2(const Char *ptr, const Char *pattern, glob_t *pglob, int *rv)
                 }
 
         /* Non matching braces; just glob the pattern */
-        if (i != 0 || *pe == EOS) {
-                *rv = glob0(patbuf, pglob);
-                return 0;
-        }
+        if (i != 0 || *pe == EOS)
+                return glob0(patbuf, pglob, limitp);
 
         for (i = 0, pl = pm = ptr; pm <= pe; pm++) {
                 switch (*pm) {
@@ -319,7 +324,9 @@ globexp2(const Char *ptr, const Char *pattern, glob_t *pglob, int *rv)
 #ifdef DEBUG
                                 qprintf("globexp2:", patbuf);
 #endif
-                                *rv = globexp1(patbuf, pglob);
+                                rv = globexp1(patbuf, pglob, limitp);
+                                if (rv && rv != GLOB_NOMATCH)
+                                        return rv;
 
                                 /* move after the comma, to the next string */
                                 pl = pm + 1;
@@ -330,7 +337,6 @@ globexp2(const Char *ptr, const Char *pattern, glob_t *pglob, int *rv)
                         break;
                 }
         }
-        *rv = 0;
         return 0;
 }
 
@@ -399,6 +405,47 @@ globtilde(const Char *pattern, Char *patbuf, size_t patbuf_len, glob_t *pglob)
         return patbuf;
 }
 
+static int
+g_strncmp(const Char *s1, const char *s2, size_t n)
+{
+        int rv = 0;
+
+        while (n--) {
+                rv = *(Char *)s1 - *(const unsigned char *)s2++;
+                if (rv)
+                        break;
+                if (*s1++ == '\0')
+                        break;
+        }
+        return rv;
+}
+
+static int
+g_charclass(const Char **patternp, Char **bufnextp)
+{
+        const Char *pattern = *patternp + 1;
+        Char *bufnext = *bufnextp;
+        const Char *colon;
+        struct cclass *cc;
+        size_t len;
+
+        if ((colon = g_strchr(pattern, ':')) == NULL || colon[1] != ']')
+                return 1;       /* not a character class */
+
+        len = (size_t)(colon - pattern);
+        for (cc = cclasses; cc->name != NULL; cc++) {
+                if (!g_strncmp(pattern, cc->name, len) && cc->name[len] == '\0')
+                        break;
+        }
+        if (cc->name == NULL)
+                return -1;      /* invalid character class */
+        *bufnext++ = M_CLASS;
+        *bufnext++ = (Char)(cc - &cclasses[0]);
+        *bufnextp = bufnext;
+        *patternp += len + 3;
+
+        return 0;
+}
 
 /*
  * The main glob() routine: compiles the pattern (optionally processing
@@ -408,12 +455,11 @@ globtilde(const Char *pattern, Char *patbuf, size_t patbuf_len, glob_t *pglob)
  * to find no matches.
  */
 static int
-glob0(const Char *pattern, glob_t *pglob)
+glob0(const Char *pattern, glob_t *pglob, struct glob_lim *limitp)
 {
         const Char *qpatnext;
         int c, err, oldpathc;
         Char *bufnext, patbuf[MAXPATHLEN];
-        size_t limit = 0;
 
         qpatnext = globtilde(pattern, patbuf, MAXPATHLEN, pglob);
         oldpathc = pglob->gl_pathc;
@@ -427,7 +473,7 @@ glob0(const Char *pattern, glob_t *pglob)
                         if (c == NOT)
                                 ++qpatnext;
                         if (*qpatnext == EOS ||
-                            g_strchr((Char *) qpatnext+1, RBRACKET) == NULL) {
+                            g_strchr(qpatnext+1, RBRACKET) == NULL) {
                                 *bufnext++ = LBRACKET;
                                 if (c == NOT)
                                         --qpatnext;
@@ -438,6 +484,20 @@ glob0(const Char *pattern, glob_t *pglob)
                                 *bufnext++ = M_NOT;
                         c = *qpatnext++;
                         do {
+                                if (c == LBRACKET && *qpatnext == ':') {
+                                        do {
+                                                err = g_charclass(&qpatnext,
+                                                    &bufnext);
+                                                if (err)
+                                                        break;
+                                                c = *qpatnext++;
+                                        } while (c == LBRACKET && *qpatnext == ':');
+                                        if (err == -1 &&
+                                            !(pglob->gl_flags & GLOB_NOCHECK))
+                                                return GLOB_NOMATCH;
+                                        if (c == RBRACKET)
+                                                break;
+                                }
                                 *bufnext++ = CHAR(c);
                                 if (*qpatnext == RANGE &&
                                     (c = qpatnext[1]) != RBRACKET) {
@@ -471,7 +531,7 @@ glob0(const Char *pattern, glob_t *pglob)
         qprintf("glob0:", patbuf);
 #endif
 
-        if ((err = glob1(patbuf, patbuf+MAXPATHLEN-1, pglob, &limit)) != 0)
+        if ((err = glob1(patbuf, patbuf+MAXPATHLEN-1, pglob, limitp)) != 0)
                 return(err);
 
         /*
@@ -484,7 +544,7 @@ glob0(const Char *pattern, glob_t *pglob)
                 if ((pglob->gl_flags & GLOB_NOCHECK) ||
                     ((pglob->gl_flags & GLOB_NOMAGIC) &&
                     !(pglob->gl_flags & GLOB_MAGCHAR)))
-                        return(globextend(pattern, pglob, &limit));
+                        return(globextend(pattern, pglob, limitp, NULL));
                 else
                         return(GLOB_NOMATCH);
         }
@@ -501,7 +561,7 @@ compare(const void *p, const void *q)
 }
 
 static int
-glob1(Char *pattern, Char *pattern_last, glob_t *pglob, size_t *limitp)
+glob1(Char *pattern, Char *pattern_last, glob_t *pglob, struct glob_lim *limitp)
 {
         Char pathbuf[MAXPATHLEN];
 
@@ -520,7 +580,7 @@ glob1(Char *pattern, Char *pattern_last, glob_t *pglob, size_t *limitp)
  */
 static int
 glob2(Char *pathbuf, Char *pathbuf_last, Char *pathend, Char *pathend_last,
-    Char *pattern, Char *pattern_last, glob_t *pglob, size_t *limitp)
+    Char *pattern, Char *pattern_last, glob_t *pglob, struct glob_lim *limitp)
 {
         struct stat sb;
         Char *p, *q;
@@ -536,6 +596,14 @@ glob2(Char *pathbuf, Char *pathbuf_last, Char *pathend, Char *pathend_last,
                         if (g_lstat(pathbuf, &sb, pglob))
                                 return(0);
 
+                        if ((pglob->gl_flags & GLOB_LIMIT) &&
+                            limitp->glim_stat++ >= GLOB_LIMIT_STAT) {
+                                errno = 0;
+                                *pathend++ = SEP;
+                                *pathend = EOS;
+                                return(GLOB_NOSPACE);
+                        }
+
                         if (((pglob->gl_flags & GLOB_MARK) &&
                             pathend[-1] != SEP) && (S_ISDIR(sb.st_mode) ||
                             (S_ISLNK(sb.st_mode) &&
@@ -547,7 +615,7 @@ glob2(Char *pathbuf, Char *pathbuf_last, Char *pathend, Char *pathend_last,
                                 *pathend = EOS;
                         }
                         ++pglob->gl_matchc;
-                        return(globextend(pathbuf, pglob, limitp));
+                        return(globextend(pathbuf, pglob, limitp, &sb));
                 }
 
                 /* Find end of next segment, copy tentatively to pathend. */
@@ -581,7 +649,7 @@ glob2(Char *pathbuf, Char *pathbuf_last, Char *pathend, Char *pathend_last,
 static int
 glob3(Char *pathbuf, Char *pathbuf_last, Char *pathend, Char *pathend_last,
     Char *pattern, Char *restpattern, Char *restpattern_last, glob_t *pglob,
-    size_t *limitp)
+    struct glob_lim *limitp)
 {
         struct dirent *dp;
         DIR *dirp;
@@ -624,6 +692,14 @@ glob3(Char *pathbuf, Char *pathbuf_last, Char *pathend, Char *pathend_last,
                 u_char *sc;
                 Char *dc;
 
+                if ((pglob->gl_flags & GLOB_LIMIT) &&
+                    limitp->glim_readdir++ >= GLOB_LIMIT_READDIR) {
+                        errno = 0;
+                        *pathend++ = SEP;
+                        *pathend = EOS;
+                        return(GLOB_NOSPACE);
+                }
+
                 /* Initial DOT must be matched literally. */
                 if (dp->d_name[0] == DOT && *pattern != DOT)
                         continue;
@@ -670,25 +746,44 @@ glob3(Char *pathbuf, Char *pathbuf_last, Char *pathend, Char *pathend_last,
  *      gl_pathv points to (gl_offs + gl_pathc + 1) items.
  */
 static int
-globextend(const Char *path, glob_t *pglob, size_t *limitp)
+globextend(const Char *path, glob_t *pglob, struct glob_lim *limitp,
+    struct stat *sb)
 {
         char **pathv;
-        int i;
-        u_int newsize, len;
-        char *copy;
+        ssize_t i;
+        size_t newn, len;
+        char *copy = NULL;
         const Char *p;
-
-        newsize = sizeof(*pathv) * (2 + pglob->gl_pathc + pglob->gl_offs);
-        pathv = pglob->gl_pathv ? realloc((char *)pglob->gl_pathv, newsize) :
-            malloc(newsize);
-        if (pathv == NULL) {
+        struct stat **statv;
+
+        newn = 2 + pglob->gl_pathc + pglob->gl_offs;
+        if (pglob->gl_offs >= INT_MAX ||
+            pglob->gl_pathc >= INT_MAX ||
+            newn >= INT_MAX ||
+            SIZE_MAX / sizeof(*pathv) <= newn ||
+            SIZE_MAX / sizeof(*statv) <= newn) {
+ nospace:
+                for (i = pglob->gl_offs; i < (ssize_t)(newn - 2); i++) {
+                        if (pglob->gl_pathv && pglob->gl_pathv[i])
+                                free(pglob->gl_pathv[i]);
+                        if ((pglob->gl_flags & GLOB_KEEPSTAT) != 0 &&
+                            pglob->gl_pathv && pglob->gl_pathv[i])
+                                free(pglob->gl_statv[i]);
+                }
                 if (pglob->gl_pathv) {
                         free(pglob->gl_pathv);
                         pglob->gl_pathv = NULL;
                 }
+                if (pglob->gl_statv) {
+                        free(pglob->gl_statv);
+                        pglob->gl_statv = NULL;
+                }
                 return(GLOB_NOSPACE);
         }
 
+        pathv = realloc(pglob->gl_pathv, newn * sizeof(*pathv));
+        if (pathv == NULL)
+                goto nospace;
         if (pglob->gl_pathv == NULL && pglob->gl_offs > 0) {
                 /* first time around -- clear initial gl_offs items */
                 pathv += pglob->gl_offs;
@@ -697,10 +792,39 @@ globextend(const Char *path, glob_t *pglob, size_t *limitp)
         }
         pglob->gl_pathv = pathv;
 
+        if ((pglob->gl_flags & GLOB_KEEPSTAT) != 0) {
+                statv = realloc(pglob->gl_statv, newn * sizeof(*statv));
+                if (statv == NULL)
+                        goto nospace;
+                if (pglob->gl_statv == NULL && pglob->gl_offs > 0) {
+                        /* first time around -- clear initial gl_offs items */
+                        statv += pglob->gl_offs;
+                        for (i = pglob->gl_offs; --i >= 0; )
+                                *--statv = NULL;
+                }
+                pglob->gl_statv = statv;
+                if (sb == NULL)
+                        statv[pglob->gl_offs + pglob->gl_pathc] = NULL;
+                else {
+                        limitp->glim_malloc += sizeof(**statv);
+                        if ((pglob->gl_flags & GLOB_LIMIT) &&
+                            limitp->glim_malloc >= GLOB_LIMIT_MALLOC) {
+                                errno = 0;
+                                return(GLOB_NOSPACE);
+                        }
+                        if ((statv[pglob->gl_offs + pglob->gl_pathc] =
+                            malloc(sizeof(**statv))) == NULL)
+                                goto copy_error;
+                        memcpy(statv[pglob->gl_offs + pglob->gl_pathc], sb,
+                            sizeof(*sb));
+                }
+                statv[pglob->gl_offs + pglob->gl_pathc + 1] = NULL;
+        }
+
         for (p = path; *p++;)
                 ;
         len = (size_t)(p - path);
-        *limitp += len;
+        limitp->glim_malloc += len;
         if ((copy = malloc(len)) != NULL) {
                 if (g_Ctoc(path, copy, len)) {
                         free(copy);
@@ -711,11 +835,12 @@ globextend(const Char *path, glob_t *pglob, size_t *limitp)
         pathv[pglob->gl_offs + pglob->gl_pathc] = NULL;
 
         if ((pglob->gl_flags & GLOB_LIMIT) &&
-            newsize + *limitp >= (u_int) get_arg_max()) {
+            (newn * sizeof(*pathv)) + limitp->glim_malloc >
+            GLOB_LIMIT_MALLOC) {
                 errno = 0;
                 return(GLOB_NOSPACE);
         }
-
+ copy_error:
         return(copy == NULL ? GLOB_NOSPACE : 0);
 }
 
@@ -751,13 +876,21 @@ match(Char *name, Char *pat, Char *patend)
                                 return(0);
                         if ((negate_range = ((*pat & M_MASK) == M_NOT)) != EOS)
                                 ++pat;
-                        while (((c = *pat++) & M_MASK) != M_END)
+                        while (((c = *pat++) & M_MASK) != M_END) {
+                                if ((c & M_MASK) == M_CLASS) {
+                                        Char idx = *pat & M_MASK;
+                                        if (idx < NCCLASSES &&
+                                            cclasses[idx].isctype(k))
+                                                ok = 1;
+                                        ++pat;
+                                }
                                 if ((*pat & M_MASK) == M_RNG) {
                                         if (c <= k && k <= pat[1])
                                                 ok = 1;
                                         pat += 2;
                                 } else if (c == k)
                                         ok = 1;
+                        }
                         if (ok == negate_range)
                                 return(0);
                         break;
@@ -785,6 +918,14 @@ globfree(glob_t *pglob)
                 free(pglob->gl_pathv);
                 pglob->gl_pathv = NULL;
         }
+        if (pglob->gl_statv != NULL) {
+                for (i = 0; i < pglob->gl_pathc; i++) {
+                        if (pglob->gl_statv[i] != NULL)
+                                free(pglob->gl_statv[i]);
+                }
+                free(pglob->gl_statv);
+                pglob->gl_statv = NULL;
+        }
 }
 
 static DIR *
@@ -830,11 +971,11 @@ g_stat(Char *fn, struct stat *sb, glob_t *pglob)
 }
 
 static Char *
-g_strchr(Char *str, int ch)
+g_strchr(const Char *str, int ch)
 {
         do {
                 if (*str == ch)
-                        return (str);
+                        return ((Char *)str);
         } while (*str++);
         return (NULL);
 }
@@ -870,5 +1011,4 @@ qprintf(const char *str, Char *s)
 #endif
 
 #endif /* !defined(HAVE_GLOB) || !defined(GLOB_HAS_ALTDIRFUNC) ||
-          !defined(GLOB_HAS_GL_MATCHC) */
-
+          !defined(GLOB_HAS_GL_MATCHC) || !defined(GLOB_HAS_GL_STATV) */
diff --git a/openbsd-compat/glob.h b/openbsd-compat/glob.h
index a2b36f974..f8a7fa5ff 100644
--- a/openbsd-compat/glob.h
+++ b/openbsd-compat/glob.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: glob.h,v 1.10 2005/12/13 00:35:22 millert Exp $       */
+/*      $OpenBSD: glob.h,v 1.11 2010/09/24 13:32:55 djm Exp $   */
 /*      $NetBSD: glob.h,v 1.5 1994/10/26 00:55:56 cgd Exp $     */
 
 /*
@@ -38,13 +38,15 @@
 /* OPENBSD ORIGINAL: include/glob.h */
 
 #if !defined(HAVE_GLOB_H) || !defined(GLOB_HAS_ALTDIRFUNC) || \
-    !defined(GLOB_HAS_GL_MATCHC) || \
+    !defined(GLOB_HAS_GL_MATCHC) || !defined(GLOB_HAS_GL_STATV) || \
     !defined(HAVE_DECL_GLOB_NOMATCH) || HAVE_DECL_GLOB_NOMATCH == 0 || \
     defined(BROKEN_GLOB)
 
 #ifndef _GLOB_H_
 #define _GLOB_H_
 
+#include <sys/stat.h>
+
 struct stat;
 typedef struct {
         int gl_pathc;           /* Count of total paths so far. */
@@ -52,6 +54,7 @@ typedef struct {
         int gl_offs;            /* Reserved at beginning of gl_pathv. */
         int gl_flags;           /* Copy of flags parameter to glob. */
         char **gl_pathv;        /* List of paths matching pattern. */
+        struct stat **gl_statv; /* Stat entries corresponding to gl_pathv */
                                 /* Copy of errfunc parameter to glob. */
         int (*gl_errfunc)(const char *, int);
 
@@ -75,12 +78,10 @@ typedef struct {
 #define GLOB_NOSORT     0x0020  /* Don't sort. */
 #define GLOB_NOESCAPE   0x1000  /* Disable backslash escaping. */
 
-/* Error values returned by glob(3) */
 #define GLOB_NOSPACE    (-1)    /* Malloc call failed. */
 #define GLOB_ABORTED    (-2)    /* Unignored error. */
 #define GLOB_NOMATCH    (-3)    /* No match and GLOB_NOCHECK not set. */
 #define GLOB_NOSYS      (-4)    /* Function not supported. */
-#define GLOB_ABEND      GLOB_ABORTED
 
 #define GLOB_ALTDIRFUNC 0x0040  /* Use alternately specified directory funcs. */
 #define GLOB_BRACE      0x0080  /* Expand braces ala csh. */
@@ -89,6 +90,8 @@ typedef struct {
 #define GLOB_QUOTE      0x0400  /* Quote special chars with \. */
 #define GLOB_TILDE      0x0800  /* Expand tilde names from the passwd file. */
 #define GLOB_LIMIT      0x2000  /* Limit pattern match output to ARG_MAX */
+#define GLOB_KEEPSTAT   0x4000  /* Retain stat data for paths in gl_statv. */
+#define GLOB_ABEND      GLOB_ABORTED /* backward compatibility */
 
 int     glob(const char *, int, int (*)(const char *, int), glob_t *);
 void    globfree(glob_t *);
@@ -96,5 +99,5 @@ void	globfree(glob_t *);
 #endif /* !_GLOB_H_ */
 
 #endif /* !defined(HAVE_GLOB_H) || !defined(GLOB_HAS_ALTDIRFUNC)  ||
-          !defined(GLOB_HAS_GL_MATCHC */
+          !defined(GLOB_HAS_GL_MATCHC) || !defined(GLOH_HAS_GL_STATV) */
 
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index e15d2bd96..77c5ed2b1 100644
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -1,4 +1,4 @@
-/* $Id: openbsd-compat.h,v 1.50 2010/08/16 03:15:23 dtucker Exp $ */
+/* $Id: openbsd-compat.h,v 1.51 2010/10/07 10:25:29 djm Exp $ */
 
 /*
  * Copyright (c) 1999-2003 Damien Miller.  All rights reserved.
@@ -213,6 +213,10 @@ char *user_from_uid(uid_t, int);
 char *group_from_gid(gid_t, int);
 #endif
 
+#ifndef HAVE_TIMINGSAFE_BCMP
+int timingsafe_bcmp(const void *, const void *, size_t);
+#endif
+
 void *xmmap(size_t size);
 char *xcrypt(const char *password, const char *salt);
 char *shadow_pw(struct passwd *pw);
diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c
index 420496caa..b617fdf19 100644
--- a/openbsd-compat/openssl-compat.c
+++ b/openbsd-compat/openssl-compat.c
@@ -1,4 +1,4 @@
-/* $Id: openssl-compat.c,v 1.9 2010/01/28 23:54:11 dtucker Exp $ */
+/* $Id: openssl-compat.c,v 1.13 2011/01/21 22:37:06 dtucker Exp $ */
 
 /*
  * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@@ -18,10 +18,20 @@
 
 #include "includes.h"
 
+#include <stdarg.h>
+#include <string.h>
+
 #ifdef USE_OPENSSL_ENGINE
 # include <openssl/engine.h>
+# include <openssl/conf.h>
+#endif
+
+#ifndef HAVE_RSA_GET_DEFAULT_METHOD
+# include <openssl/rsa.h>
 #endif
 
+#include "log.h"
+
 #define SSH_DONT_OVERLOAD_OPENSSL_FUNCS
 #include "openssl-compat.h"
 
@@ -58,6 +68,70 @@ ssh_EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt)
 }
 #endif
 
+#ifndef HAVE_BN_IS_PRIME_EX
+int
+BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, void *cb)
+{
+        if (cb != NULL)
+                fatal("%s: callback args not supported", __func__);
+        return BN_is_prime(p, nchecks, NULL, ctx, NULL);
+}
+#endif
+
+#ifndef HAVE_RSA_GENERATE_KEY_EX
+int
+RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *bn_e, void *cb)
+{
+        RSA *new_rsa, tmp_rsa;
+        unsigned long e;
+
+        if (cb != NULL)
+                fatal("%s: callback args not supported", __func__);
+        e = BN_get_word(bn_e);
+        if (e == 0xffffffffL)
+                fatal("%s: value of e too large", __func__);
+        new_rsa = RSA_generate_key(bits, e, NULL, NULL);
+        if (new_rsa == NULL)
+                return 0;
+        /* swap rsa/new_rsa then free new_rsa */
+        tmp_rsa = *rsa;
+        *rsa = *new_rsa;
+        *new_rsa = tmp_rsa;
+        RSA_free(new_rsa);
+        return 1;
+}
+#endif
+
+#ifndef HAVE_DSA_GENERATE_PARAMETERS_EX
+int
+DSA_generate_parameters_ex(DSA *dsa, int bits, const unsigned char *seed,
+    int seed_len, int *counter_ret, unsigned long *h_ret, void *cb)
+{
+        DSA *new_dsa, tmp_dsa;
+
+        if (cb != NULL)
+                fatal("%s: callback args not supported", __func__);
+        new_dsa = DSA_generate_parameters(bits, (unsigned char *)seed, seed_len,
+            counter_ret, h_ret, NULL, NULL);
+        if (new_dsa == NULL)
+                return 0;
+        /* swap dsa/new_dsa then free new_dsa */
+        tmp_dsa = *dsa;
+        *dsa = *new_dsa;
+        *new_dsa = tmp_dsa;
+        DSA_free(new_dsa);
+        return 1;
+}
+#endif
+
+#ifndef HAVE_RSA_GET_DEFAULT_METHOD
+RSA_METHOD *
+RSA_get_default_method(void)
+{
+        return RSA_PKCS1_SSLeay();
+}
+#endif
+
 #ifdef  USE_OPENSSL_ENGINE
 void
 ssh_SSLeay_add_all_algorithms(void)
diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h
index b7caa650c..6d4f3f215 100644
--- a/openbsd-compat/openssl-compat.h
+++ b/openbsd-compat/openssl-compat.h
@@ -1,4 +1,4 @@
-/* $Id: openssl-compat.h,v 1.15 2010/05/12 07:50:02 djm Exp $ */
+/* $Id: openssl-compat.h,v 1.18 2011/01/21 22:37:06 dtucker Exp $ */
 
 /*
  * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@@ -17,6 +17,7 @@
  */
 
 #include "includes.h"
+#include <openssl/opensslv.h>
 #include <openssl/evp.h>
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
@@ -39,6 +40,12 @@
 # define EVP_CIPHER_CTX_get_app_data(e)         ((e)->app_data)
 #endif
 
+#if OPENSSL_VERSION_NUMBER < 0x1000000fL
+# define LIBCRYPTO_EVP_INL_TYPE unsigned int
+#else
+# define LIBCRYPTO_EVP_INL_TYPE size_t
+#endif
+
 #if (OPENSSL_VERSION_NUMBER < 0x00907000L) || defined(OPENSSL_LOBOTOMISED_AES)
 # define USE_BUILTIN_RIJNDAEL
 #endif
@@ -71,6 +78,10 @@ extern const EVP_CIPHER *evp_acss(void);
 # define EVP_CIPHER_CTX_key_length(c) ((c)->key_len)
 #endif
 
+#ifndef HAVE_RSA_GET_DEFAULT_METHOD
+RSA_METHOD *RSA_get_default_method(void);
+#endif
+
 /*
  * We overload some of the OpenSSL crypto functions with ssh_* equivalents
  * which cater for older and/or less featureful OpenSSL version.
@@ -101,6 +112,19 @@ extern const EVP_CIPHER *evp_acss(void);
 #  define SSLeay_add_all_algorithms()  ssh_SSLeay_add_all_algorithms()
 # endif
 
+# ifndef HAVE_BN_IS_PRIME_EX
+int BN_is_prime_ex(const BIGNUM *, int, BN_CTX *, void *);
+# endif
+
+# ifndef HAVE_DSA_GENERATE_PARAMETERS_EX
+int DSA_generate_parameters_ex(DSA *, int, const unsigned char *, int, int *,
+    unsigned long *, void *);
+# endif
+
+# ifndef HAVE_RSA_GENERATE_KEY_EX
+int RSA_generate_key_ex(RSA *, int, BIGNUM *, void *);
+# endif
+
 int ssh_EVP_CipherInit(EVP_CIPHER_CTX *, const EVP_CIPHER *, unsigned char *,
     unsigned char *, int);
 int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int);
diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c
index c0ac9065e..86a7146a6 100644
--- a/openbsd-compat/port-linux.c
+++ b/openbsd-compat/port-linux.c
@@ -1,4 +1,4 @@
-/* $Id: port-linux.c,v 1.8 2010/03/01 04:52:50 dtucker Exp $ */
+/* $Id: port-linux.c,v 1.11 2011/01/17 07:50:24 dtucker Exp $ */
 
 /*
  * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com>
@@ -53,7 +53,7 @@ ssh_selinux_enabled(void)
         static int enabled = -1;
 
         if (enabled == -1) {
-                enabled = is_selinux_enabled();
+                enabled = (is_selinux_enabled() == 1);
                 debug("SELinux support %s", enabled ? "enabled" : "disabled");
         }
 
@@ -225,14 +225,22 @@ ssh_selinux_change_context(const char *newname)
 #endif /* WITH_SELINUX */
 
 #ifdef LINUX_OOM_ADJUST
-#define OOM_ADJ_PATH    "/proc/self/oom_adj"
 /*
- * The magic "don't kill me", as documented in eg:
+ * The magic "don't kill me" values, old and new, as documented in eg:
  * http://lxr.linux.no/#linux+v2.6.32/Documentation/filesystems/proc.txt
+ * http://lxr.linux.no/#linux+v2.6.36/Documentation/filesystems/proc.txt
  */
-#define OOM_ADJ_NOKILL  -17
 
 static int oom_adj_save = INT_MIN;
+static char *oom_adj_path = NULL;
+struct {
+        char *path;
+        int value;
+} oom_adjust[] = {
+        {"/proc/self/oom_score_adj", -1000},    /* kernels >= 2.6.36 */
+        {"/proc/self/oom_adj", -17},            /* kernels <= 2.6.35 */
+        {NULL, 0},
+};
 
 /*
  * Tell the kernel's out-of-memory killer to avoid sshd.
@@ -241,23 +249,31 @@ static int oom_adj_save = INT_MIN;
 void
 oom_adjust_setup(void)
 {
+        int i, value;
         FILE *fp;
 
         debug3("%s", __func__);
-        if ((fp = fopen(OOM_ADJ_PATH, "r+")) != NULL) {
-                if (fscanf(fp, "%d", &oom_adj_save) != 1)
-                        verbose("error reading %s: %s", OOM_ADJ_PATH, strerror(errno));
-                else {
-                        rewind(fp);
-                        if (fprintf(fp, "%d\n", OOM_ADJ_NOKILL) <= 0)
-                                verbose("error writing %s: %s",
-                                    OOM_ADJ_PATH, strerror(errno));
-                        else
-                                verbose("Set %s from %d to %d",
-                                    OOM_ADJ_PATH, oom_adj_save, OOM_ADJ_NOKILL);
+         for (i = 0; oom_adjust[i].path != NULL; i++) {
+                oom_adj_path = oom_adjust[i].path;
+                value = oom_adjust[i].value;
+                if ((fp = fopen(oom_adj_path, "r+")) != NULL) {
+                        if (fscanf(fp, "%d", &oom_adj_save) != 1)
+                                verbose("error reading %s: %s", oom_adj_path,
+                                    strerror(errno));
+                        else {
+                                rewind(fp);
+                                if (fprintf(fp, "%d\n", value) <= 0)
+                                        verbose("error writing %s: %s",
+                                           oom_adj_path, strerror(errno));
+                                else
+                                        verbose("Set %s from %d to %d",
+                                           oom_adj_path, oom_adj_save, value);
+                        }
+                        fclose(fp);
+                        return;
                 }
-                fclose(fp);
         }
+        oom_adj_path = NULL;
 }
 
 /* Restore the saved OOM adjustment */
@@ -267,13 +283,14 @@ oom_adjust_restore(void)
         FILE *fp;
 
         debug3("%s", __func__);
-        if (oom_adj_save == INT_MIN || (fp = fopen(OOM_ADJ_PATH, "w")) == NULL)
+        if (oom_adj_save == INT_MIN || oom_adj_path == NULL ||
+            (fp = fopen(oom_adj_path, "w")) == NULL)
                 return;
 
         if (fprintf(fp, "%d\n", oom_adj_save) <= 0)
-                verbose("error writing %s: %s", OOM_ADJ_PATH, strerror(errno));
+                verbose("error writing %s: %s", oom_adj_path, strerror(errno));
         else
-                verbose("Set %s to %d", OOM_ADJ_PATH, oom_adj_save);
+                verbose("Set %s to %d", oom_adj_path, oom_adj_save);
 
         fclose(fp);
         return;
diff --git a/openbsd-compat/port-solaris.c b/openbsd-compat/port-solaris.c
index 2ab64d487..25382f1c9 100644
--- a/openbsd-compat/port-solaris.c
+++ b/openbsd-compat/port-solaris.c
@@ -1,4 +1,4 @@
-/* $Id: port-solaris.c,v 1.3 2006/10/31 23:28:49 dtucker Exp $ */
+/* $Id: port-solaris.c,v 1.4 2010/11/05 01:03:05 dtucker Exp $ */
 
 /*
  * Copyright (c) 2006 Chad Mynhier.
@@ -197,3 +197,33 @@ solaris_contract_post_fork_parent(pid_t pid)
                 close(ctl_fd);
 }
 #endif
+
+#ifdef USE_SOLARIS_PROJECTS
+#include <sys/task.h>
+#include <project.h>
+
+/*
+ * Get/set solaris default project.
+ * If we fail, just run along gracefully.
+ */
+void
+solaris_set_default_project(struct passwd *pw)
+{
+        struct project  *defaultproject;
+        struct project   tempproject;
+        char buf[1024];
+
+        /* get default project, if we fail just return gracefully  */
+        if ((defaultproject = getdefaultproj(pw->pw_name, &tempproject, &buf,
+            sizeof(buf))) > 0) {
+                /* set default project */
+                if (setproject(defaultproject->pj_name, pw->pw_name,
+                    TASK_NORMAL) != 0)
+                        debug("setproject(%s): %s", defaultproject->pj_name,
+                            strerror(errno));
+        } else {
+                /* debug on getdefaultproj() error */
+                debug("getdefaultproj(%s): %s", pw->pw_name, strerror(errno));
+        }
+}
+#endif /* USE_SOLARIS_PROJECTS */
diff --git a/openbsd-compat/port-solaris.h b/openbsd-compat/port-solaris.h
index 4c324871e..cd442e78b 100644
--- a/openbsd-compat/port-solaris.h
+++ b/openbsd-compat/port-solaris.h
@@ -1,4 +1,4 @@
-/* $Id: port-solaris.h,v 1.1 2006/08/30 17:24:42 djm Exp $ */
+/* $Id: port-solaris.h,v 1.2 2010/11/05 01:03:05 dtucker Exp $ */
 
 /*
  * Copyright (c) 2006 Chad Mynhier.
@@ -20,8 +20,11 @@
 
 #include <sys/types.h>
 
+#include <pwd.h>
+
 void solaris_contract_pre_fork(void);
 void solaris_contract_post_fork_child(void);
 void solaris_contract_post_fork_parent(pid_t pid);
+void solaris_set_default_project(struct passwd *);
 
 #endif
diff --git a/openbsd-compat/timingsafe_bcmp.c b/openbsd-compat/timingsafe_bcmp.c
new file mode 100644
index 000000000..7e28c0e2a
--- /dev/null
+++ b/openbsd-compat/timingsafe_bcmp.c
@@ -0,0 +1,34 @@
+/*      $OpenBSD: timingsafe_bcmp.c,v 1.1 2010/09/24 13:33:00 matthew Exp $     */
+/*
+ * Copyright (c) 2010 Damien Miller.  All rights reserved.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* OPENBSD ORIGINAL: lib/libc/string/timingsafe_bcmp.c */
+
+#include "includes.h"
+#ifndef HAVE_TIMINGSAFE_BCMP
+
+int
+timingsafe_bcmp(const void *b1, const void *b2, size_t n)
+{
+        const unsigned char *p1 = b1, *p2 = b2;
+        int ret = 0;
+
+        for (; n > 0; n--)
+                ret |= *p1++ ^ *p2++;
+        return (ret != 0);
+}
+
+#endif /* TIMINGSAFE_BCMP */