Merge 4.0p1 to the trunk.

17 files changed, 269 insertions, 84 deletions

diff --git a/openbsd-compat/bsd-arc4random.c b/openbsd-compat/bsd-arc4random.c
index 5284e1af8..1eeb6953b 100644
--- a/openbsd-compat/bsd-arc4random.c
+++ b/openbsd-compat/bsd-arc4random.c
@@ -17,7 +17,7 @@
 #include "includes.h"
 #include "log.h"
 
-RCSID("$Id: bsd-arc4random.c,v 1.9 2004/07/18 23:30:40 djm Exp $");
+RCSID("$Id: bsd-arc4random.c,v 1.10 2005/02/16 02:01:28 djm Exp $");
 
 #ifndef HAVE_ARC4RANDOM
 
@@ -34,7 +34,8 @@ RCSID("$Id: bsd-arc4random.c,v 1.9 2004/07/18 23:30:40 djm Exp $");
 static int rc4_ready = 0;
 static RC4_KEY rc4;
 
-unsigned int arc4random(void)
+unsigned int
+arc4random(void)
 {
         unsigned int r = 0;
         static int first_time = 1;
@@ -53,7 +54,8 @@ unsigned int arc4random(void)
         return(r);
 }
 
-void arc4random_stir(void)
+void
+arc4random_stir(void)
 {
         unsigned char rand_buf[SEED_SIZE];
         int i;
diff --git a/openbsd-compat/bsd-cray.c b/openbsd-compat/bsd-cray.c
index f630366be..d1f1c059c 100644
--- a/openbsd-compat/bsd-cray.c
+++ b/openbsd-compat/bsd-cray.c
@@ -1,5 +1,5 @@
 /* 
- * $Id: bsd-cray.c,v 1.13 2004/01/30 03:34:22 dtucker Exp $
+ * $Id: bsd-cray.c,v 1.14 2005/02/02 06:10:11 dtucker Exp $
  *
  * bsd-cray.c
  *
@@ -171,7 +171,7 @@ cray_access_denied(char *username)
  * record_failed_login: generic "login failed" interface function
  */
 void
-record_failed_login(const char *user, const char *ttyname)
+record_failed_login(const char *user, const char *hostname, const char *ttyname)
 {
         cray_login_failure((char *)user, IA_UDBERR);
 }
diff --git a/openbsd-compat/bsd-cray.h b/openbsd-compat/bsd-cray.h
index de6ba1a8d..774eceb5a 100644
--- a/openbsd-compat/bsd-cray.h
+++ b/openbsd-compat/bsd-cray.h
@@ -1,4 +1,4 @@
-/* $Id: bsd-cray.h,v 1.11 2004/01/30 03:34:22 dtucker Exp $ */
+/* $Id: bsd-cray.h,v 1.12 2005/02/02 06:10:11 dtucker Exp $ */
 
 /*
  * Copyright (c) 2002, Cray Inc.  (Wendy Palm <wendyp@cray.com>)
@@ -42,10 +42,10 @@ void cray_init_job(struct passwd *);
 void cray_job_termination_handler(int);
 void cray_login_failure(char *, int );
 int cray_access_denied(char *);
-#define CUSTOM_FAILED_LOGIN 1
-void record_failed_login(const char *, const char *);
 extern char cray_tmpdir[];
 
+#define CUSTOM_FAILED_LOGIN 1
+
 #ifndef IA_SSHD
 # define IA_SSHD IA_LOGIN
 #endif
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index 92cdba6e0..f53abb6e2 100644
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -29,7 +29,7 @@
 
 #include "includes.h"
 
-RCSID("$Id: bsd-cygwin_util.c,v 1.12 2004/04/18 11:15:45 djm Exp $");
+RCSID("$Id: bsd-cygwin_util.c,v 1.13 2004/08/30 10:42:08 dtucker Exp $");
 
 #ifdef HAVE_CYGWIN
 
@@ -38,6 +38,7 @@ RCSID("$Id: bsd-cygwin_util.c,v 1.12 2004/04/18 11:15:45 djm Exp $");
 #include <sys/utsname.h>
 #include <sys/vfs.h>
 #include <windows.h>
+#include "xmalloc.h"
 #define is_winnt       (GetVersion() < 0x80000000)
 
 #define ntsec_on(c)     ((c) && strstr((c),"ntsec") && !strstr((c),"nontsec"))
@@ -96,7 +97,6 @@ has_capability(int what)
          */
         if (!inited) {
                 struct utsname uts;
-                char *c;
                 
                 if (!uname(&uts)) {
                         int major_high = 0, major_low = 0, minor = 0;
@@ -236,4 +236,54 @@ register_9x_service(void)
         RegisterServiceProcess(0, 1);
 }
 
+#define NL(x) x, (sizeof (x) - 1)
+#define WENV_SIZ (sizeof (wenv_arr) / sizeof (wenv_arr[0]))
+
+static struct wenv {
+        const char *name;
+        size_t namelen;
+} wenv_arr[] = {
+        { NL("ALLUSERSPROFILE=") },
+        { NL("COMMONPROGRAMFILES=") },
+        { NL("COMPUTERNAME=") },
+        { NL("COMSPEC=") },
+        { NL("NUMBER_OF_PROCESSORS=") },
+        { NL("OS=") },
+        { NL("PATH=") },
+        { NL("PATHEXT=") },
+        { NL("PROCESSOR_ARCHITECTURE=") },
+        { NL("PROCESSOR_IDENTIFIER=") },
+        { NL("PROCESSOR_LEVEL=") },
+        { NL("PROCESSOR_REVISION=") },
+        { NL("PROGRAMFILES=") },
+        { NL("SYSTEMDRIVE=") },
+        { NL("SYSTEMROOT=") },
+        { NL("TMP=") },
+        { NL("TEMP=") },
+        { NL("WINDIR=") },
+};
+
+char **
+fetch_windows_environment(void)
+{
+        char **e, **p;
+        int i, idx = 0;
+
+        p = xmalloc(WENV_SIZ * sizeof(char *));
+        for (e = environ; *e != NULL; ++e) {
+                for (i = 0; i < WENV_SIZ; ++i) {
+                        if (!strncmp(*e, wenv_arr[i].name, wenv_arr[i].namelen))
+                                p[idx++] = *e;
+                }
+        }
+        p[idx] = NULL;
+        return p;
+}
+
+void
+free_windows_environment(char **p)
+{
+        xfree(p);
+}
+
 #endif /* HAVE_CYGWIN */
diff --git a/openbsd-compat/bsd-cygwin_util.h b/openbsd-compat/bsd-cygwin_util.h
index 5ccb0fba2..6719b8a49 100644
--- a/openbsd-compat/bsd-cygwin_util.h
+++ b/openbsd-compat/bsd-cygwin_util.h
@@ -1,4 +1,4 @@
-/* $Id: bsd-cygwin_util.h,v 1.10 2003/08/07 06:28:16 dtucker Exp $ */
+/* $Id: bsd-cygwin_util.h,v 1.11 2004/08/30 10:42:08 dtucker Exp $ */
 
 /*
  * Copyright (c) 2000, 2001, Corinna Vinschen <vinschen@cygnus.com>
@@ -46,6 +46,8 @@ int binary_pipe(int fd[2]);
 int check_nt_auth(int, struct passwd *);
 int check_ntsec(const char *);
 void register_9x_service(void);
+char **fetch_windows_environment(void);
+void free_windows_environment(char **);
 
 #define open binary_open
 #define pipe binary_pipe
diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c
index 1b276b4f4..41f92cce9 100644
--- a/openbsd-compat/bsd-misc.c
+++ b/openbsd-compat/bsd-misc.c
@@ -18,7 +18,7 @@
 #include "includes.h"
 #include "xmalloc.h"
 
-RCSID("$Id: bsd-misc.c,v 1.25 2004/08/15 08:41:00 djm Exp $");
+RCSID("$Id: bsd-misc.c,v 1.26 2005/02/25 23:07:38 dtucker Exp $");
 
 #ifndef HAVE___PROGNAME
 char *__progname;
@@ -122,17 +122,6 @@ int truncate(const char *path, off_t length)
 }
 #endif /* HAVE_TRUNCATE */
 
-#if !defined(HAVE_SETGROUPS) && defined(SETGROUPS_NOOP)
-/*
- * Cygwin setgroups should be a noop.
- */
-int
-setgroups(size_t size, const gid_t *list)
-{
-        return (0);
-}
-#endif 
-
 #if !defined(HAVE_NANOSLEEP) && !defined(HAVE_NSLEEP)
 int nanosleep(const struct timespec *req, struct timespec *rem)
 {
diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h
index 33a1d707f..b61ec4244 100644
--- a/openbsd-compat/bsd-misc.h
+++ b/openbsd-compat/bsd-misc.h
@@ -1,4 +1,4 @@
-/* $Id: bsd-misc.h,v 1.17 2004/08/15 08:41:00 djm Exp $ */
+/* $Id: bsd-misc.h,v 1.18 2005/02/25 23:07:38 dtucker Exp $ */
 
 /*
  * Copyright (c) 1999-2004 Damien Miller <djm@mindrot.org>
@@ -67,10 +67,6 @@ int utimes(char *, struct timeval *);
 int truncate (const char *, off_t);
 #endif /* HAVE_TRUNCATE */
 
-#if !defined(HAVE_SETGROUPS) && defined(SETGROUPS_NOOP)
-int setgroups(size_t, const gid_t *);
-#endif
-
 #if !defined(HAVE_NANOSLEEP) && !defined(HAVE_NSLEEP)
 #ifndef HAVE_STRUCT_TIMESPEC
 struct timespec {
diff --git a/openbsd-compat/bsd-openpty.c b/openbsd-compat/bsd-openpty.c
index daf5f8b81..8eb62b7a8 100644
--- a/openbsd-compat/bsd-openpty.c
+++ b/openbsd-compat/bsd-openpty.c
@@ -102,7 +102,6 @@ openpty(int *amaster, int *aslave, char *name, struct termios *termp,
                 return (-1);
         }
 
-#ifndef HAVE_CYGWIN
         /*
          * Try to push the appropriate streams modules, as described 
          * in Solaris pts(7).
@@ -112,7 +111,6 @@ openpty(int *amaster, int *aslave, char *name, struct termios *termp,
 # ifndef __hpux
         ioctl(*aslave, I_PUSH, "ttcompat");
 # endif /* __hpux */
-#endif /* HAVE_CYGWIN */
 
         return (0);
 
diff --git a/openbsd-compat/bsd-snprintf.c b/openbsd-compat/bsd-snprintf.c
index e4d8a439a..b5a7ef7a0 100644
--- a/openbsd-compat/bsd-snprintf.c
+++ b/openbsd-compat/bsd-snprintf.c
@@ -58,7 +58,7 @@
 
 #include "includes.h"
 
-RCSID("$Id: bsd-snprintf.c,v 1.7 2003/05/18 14:13:39 djm Exp $");
+RCSID("$Id: bsd-snprintf.c,v 1.9 2004/09/23 11:35:09 dtucker Exp $");
 
 #if defined(BROKEN_SNPRINTF)            /* For those with broken snprintf() */
 # undef HAVE_SNPRINTF
@@ -369,7 +369,7 @@ fmtstr(char *buffer, size_t *currlen, size_t maxlen,
         if (value == 0) 
                 value = "<NULL>";
 
-        for (strln = 0; value[strln]; ++strln); /* strlen */
+        for (strln = 0; strln < max && value[strln]; ++strln); /* strlen */
         padlen = min - strln;
         if (padlen < 0) 
                 padlen = 0;
diff --git a/openbsd-compat/fake-rfc2553.h b/openbsd-compat/fake-rfc2553.h
index baea07038..636792ed7 100644
--- a/openbsd-compat/fake-rfc2553.h
+++ b/openbsd-compat/fake-rfc2553.h
@@ -1,4 +1,4 @@
-/* $Id: fake-rfc2553.h,v 1.9 2004/03/10 10:06:33 dtucker Exp $ */
+/* $Id: fake-rfc2553.h,v 1.10 2005/02/11 07:32:13 dtucker Exp $ */
 
 /*
  * Copyright (C) 2000-2003 Damien Miller.  All rights reserved.
@@ -117,6 +117,7 @@ struct sockaddr_in6 {
 # define EAI_NODATA     1
 # define EAI_MEMORY     2
 # define EAI_NONAME     3
+# define EAI_SYSTEM     4
 #endif
 
 #ifndef HAVE_STRUCT_ADDRINFO
diff --git a/openbsd-compat/getrrsetbyname.c b/openbsd-compat/getrrsetbyname.c
index 660427c1f..4e869c4df 100644
--- a/openbsd-compat/getrrsetbyname.c
+++ b/openbsd-compat/getrrsetbyname.c
@@ -277,7 +277,7 @@ getrrsetbyname(const char *hostname, unsigned int rdclass,
 
         /* allocate memory for signatures */
         rrset->rri_sigs = calloc(rrset->rri_nsigs, sizeof(struct rdatainfo));
-        if (rrset->rri_sigs == NULL) {
+        if (rrset->rri_nsigs > 0 && rrset->rri_sigs == NULL) {
                 result = ERRSET_NOMEMORY;
                 goto fail;
         }
diff --git a/openbsd-compat/inet_ntop.c b/openbsd-compat/inet_ntop.c
index 7031625b4..47796c370 100644
--- a/openbsd-compat/inet_ntop.c
+++ b/openbsd-compat/inet_ntop.c
@@ -35,9 +35,7 @@ static char rcsid[] = "$OpenBSD: inet_ntop.c,v 1.5 2002/08/23 16:27:31 itojun Ex
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
-#ifndef HAVE_CYGWIN
 #include <arpa/nameser.h>
-#endif
 #include <string.h>
 #include <errno.h>
 #include <stdio.h>
diff --git a/openbsd-compat/mktemp.c b/openbsd-compat/mktemp.c
index aff8d2005..969f69580 100644
--- a/openbsd-compat/mktemp.c
+++ b/openbsd-compat/mktemp.c
@@ -40,11 +40,6 @@
 static char rcsid[] = "$OpenBSD: mktemp.c,v 1.17 2003/06/02 20:18:37 millert Exp $";
 #endif /* LIBC_SCCS and not lint */
 
-#ifdef HAVE_CYGWIN
-#define open binary_open
-extern int binary_open();
-#endif
-
 static int _gettemp(char *, int *, int, int);
 
 int
diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c
index 78f4faea3..fa6a4ff7b 100644
--- a/openbsd-compat/port-aix.c
+++ b/openbsd-compat/port-aix.c
@@ -1,6 +1,7 @@
 /*
  *
  * Copyright (c) 2001 Gert Doering.  All rights reserved.
+ * Copyright (c) 2003,2004 Darren Tucker.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -27,19 +28,15 @@
 #include "auth.h"
 #include "ssh.h"
 #include "log.h"
-#include "servconf.h"
-#include "canohost.h"
 #include "xmalloc.h"
 #include "buffer.h"
 
 #ifdef _AIX
 
 #include <uinfo.h>
+#include <sys/socket.h>
 #include "port-aix.h"
 
-extern ServerOptions options;
-extern Buffer loginmsg;
-
 # ifdef HAVE_SETAUTHDB
 static char old_registry[REGISTRY_SIZE] = "";
 # endif
@@ -51,6 +48,8 @@ static char old_registry[REGISTRY_SIZE] = "";
  * NOTE: TTY= should be set, but since no one uses it and it's hard to
  * acquire due to privsep code.  We will just drop support.
  */
+
+
 void
 aix_usrinfo(struct passwd *pw)
 {
@@ -92,6 +91,59 @@ aix_remove_embedded_newlines(char *p)
 }
 
 /*
+ * Test specifically for the case where SYSTEM == NONE and AUTH1 contains
+ * anything other than NONE or SYSTEM, which indicates that the admin has
+ * configured the account for purely AUTH1-type authentication.
+ *
+ * Since authenticate() doesn't check AUTH1, and sshd can't sanely support
+ * AUTH1 itself, in such a case authenticate() will allow access without
+ * authentation, which is almost certainly not what the admin intends.
+ *
+ * (The native tools, eg login, will process the AUTH1 list in addition to
+ * the SYSTEM list by using ckuserID(), however ckuserID() and AUTH1 methods
+ * have been deprecated since AIX 4.2.x and would be very difficult for sshd
+ * to support.
+ *
+ * Returns 0 if an unsupportable combination is found, 1 otherwise.
+ */
+static int
+aix_valid_authentications(const char *user)
+{
+        char *auth1, *sys, *p;
+        int valid = 1;
+
+        if (getuserattr((char *)user, S_AUTHSYSTEM, &sys, SEC_CHAR) != 0) {
+                logit("Can't retrieve attribute SYSTEM for %s: %.100s",
+                    user, strerror(errno));
+                return 0;
+        }
+
+        debug3("AIX SYSTEM attribute %s", sys);
+        if (strcmp(sys, "NONE") != 0)
+                return 1;       /* not "NONE", so is OK */
+
+        if (getuserattr((char *)user, S_AUTH1, &auth1, SEC_LIST) != 0) {
+                logit("Can't retrieve attribute auth1 for %s: %.100s",
+                    user, strerror(errno));
+                return 0;
+        }
+
+        p = auth1;
+        /* A SEC_LIST is concatenated strings, ending with two NULs. */
+        while (p[0] != '\0' && p[1] != '\0') {
+                debug3("AIX auth1 attribute list member %s", p);
+                if (strcmp(p, "NONE") != 0 && strcmp(p, "SYSTEM")) {
+                        logit("Account %s has unsupported auth1 value '%s'",
+                            user, p);
+                        valid = 0;
+                }
+                p += strlen(p) + 1;
+        }
+
+        return (valid);
+}
+
+/*
  * Do authentication via AIX's authenticate routine.  We loop until the
  * reenter parameter is 0, but normally authenticate is called only once.
  *
@@ -99,7 +151,7 @@ aix_remove_embedded_newlines(char *p)
  * returns 0.
  */
 int
-sys_auth_passwd(Authctxt *ctxt, const char *password)
+sys_auth_passwd(Authctxt *ctxt, const char *password, Buffer *loginmsg)
 {
         char *authmsg = NULL, *msg, *name = ctxt->pw->pw_name;
         int authsuccess = 0, expired, reenter, result;
@@ -112,6 +164,9 @@ sys_auth_passwd(Authctxt *ctxt, const char *password)
                     authmsg);
         } while (reenter);
 
+        if (!aix_valid_authentications(name))
+                result = -1;
+
         if (result == 0) {
                 authsuccess = 1;
 
@@ -126,7 +181,7 @@ sys_auth_passwd(Authctxt *ctxt, const char *password)
                  */
                 expired = passwdexpired(name, &msg);
                 if (msg && *msg) {
-                        buffer_append(&loginmsg, msg, strlen(msg));
+                        buffer_append(loginmsg, msg, strlen(msg));
                         aix_remove_embedded_newlines(msg);
                 }
                 debug3("AIX/passwdexpired returned %d msg %.100s", expired, msg);
@@ -136,7 +191,6 @@ sys_auth_passwd(Authctxt *ctxt, const char *password)
                         break;
                 case 1: /* expired, password change required */
                         ctxt->force_pwchange = 1;
-                        disable_forwarding();
                         break;
                 default: /* user can't change(2) or other error (-1) */
                         logit("Password can't be changed for user %s: %.100s",
@@ -160,7 +214,7 @@ sys_auth_passwd(Authctxt *ctxt, const char *password)
  * Returns 1 if login is allowed, 0 if not allowed.
  */
 int
-sys_auth_allowed_user(struct passwd *pw)
+sys_auth_allowed_user(struct passwd *pw, Buffer *loginmsg)
 {
         char *msg = NULL;
         int result, permitted = 0;
@@ -187,7 +241,7 @@ sys_auth_allowed_user(struct passwd *pw)
         if (result == -1 && errno == EPERM && stat(_PATH_NOLOGIN, &st) == 0)
                 permitted = 1;
         else if (msg != NULL)
-                buffer_append(&loginmsg, msg, strlen(msg));
+                buffer_append(loginmsg, msg, strlen(msg));
         if (msg == NULL)
                 msg = xstrdup("(none)");
         aix_remove_embedded_newlines(msg);
@@ -200,17 +254,18 @@ sys_auth_allowed_user(struct passwd *pw)
 }
 
 int
-sys_auth_record_login(const char *user, const char *host, const char *ttynm)
+sys_auth_record_login(const char *user, const char *host, const char *ttynm,
+    Buffer *loginmsg)
 {
         char *msg;
         int success = 0;
 
         aix_setauthdb(user);
-        if (loginsuccess((char *)user, host, ttynm, &msg) == 0) {
+        if (loginsuccess((char *)user, (char *)host, (char *)ttynm, &msg) == 0) {
                 success = 1;
                 if (msg != NULL) {
-                        debug("AIX/loginsuccess: msg %s", __func__, msg);
-                        buffer_append(&loginmsg, msg, strlen(msg));
+                        debug("AIX/loginsuccess: msg %s", msg);
+                        buffer_append(loginmsg, msg, strlen(msg));
                         xfree(msg);
                 }
         }
@@ -223,18 +278,17 @@ sys_auth_record_login(const char *user, const char *host, const char *ttynm)
  * record_failed_login: generic "login failed" interface function
  */
 void
-record_failed_login(const char *user, const char *ttyname)
+record_failed_login(const char *user, const char *hostname, const char *ttyname)
 {
-        char *hostname = (char *)get_canonical_hostname(options.use_dns);
-
         if (geteuid() != 0)
                 return;
 
         aix_setauthdb(user);
 #   ifdef AIX_LOGINFAILED_4ARG
-        loginfailed((char *)user, hostname, (char *)ttyname, AUDIT_FAIL_AUTH);
+        loginfailed((char *)user, (char *)hostname, (char *)ttyname,
+            AUDIT_FAIL_AUTH);
 #   else
-        loginfailed((char *)user, hostname, (char *)ttyname);
+        loginfailed((char *)user, (char *)hostname, (char *)ttyname);
 #   endif
         aix_restoreauthdb();
 }
@@ -291,4 +345,33 @@ aix_restoreauthdb(void)
 
 # endif /* WITH_AIXAUTHENTICATE */
 
+# if defined(AIX_GETNAMEINFO_HACK) && !defined(BROKEN_ADDRINFO)
+# undef getnameinfo
+/*
+ * For some reason, AIX's getnameinfo will refuse to resolve the all-zeros
+ * IPv6 address into its textual representation ("::"), so we wrap it
+ * with a function that will.
+ */
+int
+sshaix_getnameinfo(const struct sockaddr *sa, size_t salen, char *host,
+    size_t hostlen, char *serv, size_t servlen, int flags)
+{
+        struct sockaddr_in6 *sa6;
+        u_int32_t *a6;
+
+        if (flags & (NI_NUMERICHOST|NI_NUMERICSERV) &&
+            sa->sa_family == AF_INET6) {
+                sa6 = (struct sockaddr_in6 *)sa;
+                a6 = sa6->sin6_addr.u6_addr.u6_addr32;
+
+                if (a6[0] == 0 && a6[1] == 0 && a6[2] == 0 && a6[3] == 0) {
+                        strlcpy(host, "::", hostlen);
+                        snprintf(serv, servlen, "%d", sa6->sin6_port);
+                        return 0;
+                }
+        }
+        return getnameinfo(sa, salen, host, hostlen, serv, servlen, flags);
+}
+# endif /* AIX_GETNAMEINFO_HACK */
+
 #endif /* _AIX */
diff --git a/openbsd-compat/port-aix.h b/openbsd-compat/port-aix.h
index 29e9751ce..a05ce9703 100644
--- a/openbsd-compat/port-aix.h
+++ b/openbsd-compat/port-aix.h
@@ -1,4 +1,4 @@
-/* $Id: port-aix.h,v 1.21 2004/08/14 14:09:12 dtucker Exp $ */
+/* $Id: port-aix.h,v 1.24 2005/02/16 11:49:31 dtucker Exp $ */
 
 /*
  *
@@ -27,6 +27,13 @@
 
 #ifdef _AIX
 
+#ifdef HAVE_SYS_SOCKET_H
+# include <sys/socket.h>
+#endif
+#ifdef HAVE_UNISTD_H
+# include <unistd.h>    /* for seteuid() */
+#endif
+
 #ifdef WITH_AIXAUTHENTICATE
 # include <login.h>
 # include <userpw.h>
@@ -36,6 +43,28 @@
 # include <usersec.h>
 #endif
 
+#include "buffer.h"
+
+/* These should be in the system headers but are not. */
+int usrinfo(int, char *, int);
+int setauthdb(const char *, char *);
+/* these may or may not be in the headers depending on the version */
+#if (HAVE_DECL_AUTHENTICATE == 0)
+int authenticate(char *, char *, int *, char **);
+#endif
+#if (HAVE_DECL_LOGINFAILED == 0)
+int loginfailed(char *, char *, char *);
+#endif
+#if (HAVE_DECL_LOGINRESTRICTIONS == 0)
+int loginrestrictions(char *, int, char *, char **);
+#endif
+#if (HAVE_DECL_LOGINSUCCESS == 0)
+int loginsuccess(char *, char *, char *, char **);
+#endif
+#if (HAVE_DECL_PASSWDEXPIRED == 0)
+int passwdexpired(char *, char **);
+#endif
+
 /* Some versions define r_type in the above headers, which causes a conflict */
 #ifdef r_type
 # undef r_type
@@ -64,14 +93,23 @@ void aix_usrinfo(struct passwd *);
 #ifdef WITH_AIXAUTHENTICATE
 # define CUSTOM_SYS_AUTH_PASSWD 1
 # define CUSTOM_SYS_AUTH_ALLOWED_USER 1
-int sys_auth_allowed_user(struct passwd *);
+int sys_auth_allowed_user(struct passwd *, Buffer *);
 # define CUSTOM_SYS_AUTH_RECORD_LOGIN 1
-int sys_auth_record_login(const char *, const char *, const char *);
+int sys_auth_record_login(const char *, const char *, const char *, Buffer *);
 # define CUSTOM_FAILED_LOGIN 1
-void record_failed_login(const char *, const char *);
 #endif
 
 void aix_setauthdb(const char *);
 void aix_restoreauthdb(void);
 void aix_remove_embedded_newlines(char *);
+
+#if defined(AIX_GETNAMEINFO_HACK) && !defined(BROKEN_GETADDRINFO)
+# ifdef getnameinfo
+#  undef getnameinfo
+# endif
+int sshaix_getnameinfo(const struct sockaddr *, size_t, char *, size_t,
+    char *, size_t, int);
+# define getnameinfo(a,b,c,d,e,f,g) (sshaix_getnameinfo(a,b,c,d,e,f,g))
+#endif
+
 #endif /* _AIX */
diff --git a/openbsd-compat/realpath.c b/openbsd-compat/realpath.c
index 218fbecb2..7f73bd998 100644
--- a/openbsd-compat/realpath.c
+++ b/openbsd-compat/realpath.c
@@ -37,7 +37,7 @@
 #if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH)
 
 #if defined(LIBC_SCCS) && !defined(lint)
-static char *rcsid = "$OpenBSD: realpath.c,v 1.10 2003/08/01 21:04:59 millert Exp $";
+static char *rcsid = "$OpenBSD: realpath.c,v 1.11 2004/11/30 15:12:59 millert Exp $";
 #endif /* LIBC_SCCS and not lint */
 
 #include <sys/param.h>
@@ -67,17 +67,25 @@ char *
 realpath(const char *path, char *resolved)
 {
         struct stat sb;
-        int fd, n, needslash, serrno = 0;
-        char *p, *q, wbuf[MAXPATHLEN], start[MAXPATHLEN];
+        int fd, n, needslash, serrno;
+        char *p, *q, wbuf[MAXPATHLEN];
         int symlinks = 0;
 
         /* Save the starting point. */
-        getcwd(start,MAXPATHLEN);       
+#ifndef HAVE_FCHDIR
+        char start[MAXPATHLEN];
+        /* this is potentially racy but without fchdir we have no option */
+        if (getcwd(start, sizeof(start)) == NULL) {
+                resolved[0] = '.';
+                resolved[1] = '\0';
+                return (NULL);
+        }
+#endif
         if ((fd = open(".", O_RDONLY)) < 0) {
-                (void)strlcpy(resolved, ".", MAXPATHLEN);
+                resolved[0] = '.';
+                resolved[1] = '\0';
                 return (NULL);
         }
-        close(fd);
 
         /* Convert "." -> "" to optimize away a needless lstat() and chdir() */
         if (path[0] == '.' && path[1] == '\0')
@@ -91,7 +99,10 @@ realpath(const char *path, char *resolved)
          *     if it is a directory, then change to that directory.
          * get the current directory name and append the basename.
          */
-        strlcpy(resolved, path, MAXPATHLEN);
+        if (strlcpy(resolved, path, MAXPATHLEN) >= MAXPATHLEN) {
+                serrno = ENAMETOOLONG;
+                goto err2;
+        }
 loop:
         q = strrchr(resolved, '/');
         if (q != NULL) {
@@ -114,11 +125,10 @@ loop:
         if (*p != '\0' && lstat(p, &sb) == 0) {
                 if (S_ISLNK(sb.st_mode)) {
                         if (++symlinks > MAXSYMLINKS) {
-                                serrno = ELOOP;
+                                errno = ELOOP;
                                 goto err1;
                         }
-                        n = readlink(p, resolved, MAXPATHLEN-1);
-                        if (n < 0)
+                        if ((n = readlink(p, resolved, MAXPATHLEN-1)) < 0)
                                 goto err1;
                         resolved[n] = '\0';
                         goto loop;
@@ -134,8 +144,11 @@ loop:
          * Save the last component name and get the full pathname of
          * the current directory.
          */
-        (void)strlcpy(wbuf, p, sizeof wbuf);
-        if (getcwd(resolved, MAXPATHLEN) == 0)
+        if (strlcpy(wbuf, p, sizeof(wbuf)) >= sizeof(wbuf)) {
+                errno = ENAMETOOLONG;
+                goto err1;
+        }
+        if (getcwd(resolved, MAXPATHLEN) == NULL)
                 goto err1;
 
         /*
@@ -149,23 +162,43 @@ loop:
 
         if (*wbuf) {
                 if (strlen(resolved) + strlen(wbuf) + needslash >= MAXPATHLEN) {
-                        serrno = ENAMETOOLONG;
+                        errno = ENAMETOOLONG;
+                        goto err1;
+                }
+                if (needslash) {
+                        if (strlcat(resolved, "/", MAXPATHLEN) >= MAXPATHLEN) {
+                                errno = ENAMETOOLONG;
+                                goto err1;
+                        }
+                }
+                if (strlcat(resolved, wbuf, MAXPATHLEN) >= MAXPATHLEN) {
+                        errno = ENAMETOOLONG;
                         goto err1;
                 }
-                if (needslash)
-                        strlcat(resolved, "/", MAXPATHLEN);
-                strlcat(resolved, wbuf, MAXPATHLEN);
         }
 
         /* Go back to where we came from. */
+#ifdef HAVE_FCHDIR
+        if (fchdir(fd) < 0) {
+#else
         if (chdir(start) < 0) {
+#endif
                 serrno = errno;
                 goto err2;
         }
+
+        /* It's okay if the close fails, what's an fd more or less? */
+        (void)close(fd);
         return (resolved);
 
-err1:   chdir(start);
-err2:   errno = serrno;
+err1:   serrno = errno;
+#ifdef HAVE_FCHDIR
+        (void)fchdir(fd);
+#else
+        chdir(start);
+#endif
+err2:   (void)close(fd);
+        errno = serrno;
         return (NULL);
 }
 #endif /* !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH) */
diff --git a/openbsd-compat/xmmap.c b/openbsd-compat/xmmap.c
index c8d59dee0..74e8a8b13 100644
--- a/openbsd-compat/xmmap.c
+++ b/openbsd-compat/xmmap.c
@@ -23,7 +23,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-/* $Id: xmmap.c,v 1.5 2004/08/14 13:55:38 dtucker Exp $ */
+/* $Id: xmmap.c,v 1.6 2004/10/06 13:15:44 dtucker Exp $ */
 
 #include "includes.h"
 
@@ -47,7 +47,7 @@ void *xmmap(size_t size)
 # endif
 
 #define MM_SWAP_TEMPLATE "/var/run/sshd.mm.XXXXXXXX"
-        if (address == MAP_FAILED) {
+        if (address == (void *)MAP_FAILED) {
                 char tmpname[sizeof(MM_SWAP_TEMPLATE)] = MM_SWAP_TEMPLATE;
                 int tmpfd;
                 mode_t old_umask;