23 files changed, 177 insertions, 33 deletions

diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in
index 8e3b42991..2fd9b952b 100644
--- a/openbsd-compat/Makefile.in
+++ b/openbsd-compat/Makefile.in
@@ -68,6 +68,7 @@ COMPAT=	arc4random.o \
         bsd-cygwin_util.o \
         bsd-err.o \
         bsd-flock.o \
+        bsd-getline.o \
         bsd-getpagesize.o \
         bsd-getpeereid.o \
         bsd-malloc.o \
diff --git a/openbsd-compat/arc4random.c b/openbsd-compat/arc4random.c
index b6256b4f8..578f69f4f 100644
--- a/openbsd-compat/arc4random.c
+++ b/openbsd-compat/arc4random.c
@@ -33,6 +33,10 @@
 #include <string.h>
 #include <unistd.h>
 
+#ifdef HAVE_SYS_RANDOM_H
+# include <sys/random.h>
+#endif
+
 #ifndef HAVE_ARC4RANDOM
 
 #ifdef WITH_OPENSSL
@@ -78,8 +82,9 @@ _rs_init(u_char *buf, size_t n)
 }
 
 #ifndef WITH_OPENSSL
-#define SSH_RANDOM_DEV "/dev/urandom"
-/* XXX use getrandom() if supported on Linux */
+# ifndef SSH_RANDOM_DEV
+#  define SSH_RANDOM_DEV "/dev/urandom"
+# endif /* SSH_RANDOM_DEV */
 static void
 getrnd(u_char *s, size_t len)
 {
@@ -87,6 +92,11 @@ getrnd(u_char *s, size_t len)
         ssize_t r;
         size_t o = 0;
 
+#ifdef HAVE_GETRANDOM
+        if ((r = getrandom(s, len, 0)) > 0 && (size_t)r == len)
+                return;
+#endif /* HAVE_GETRANDOM */
+
         if ((fd = open(SSH_RANDOM_DEV, O_RDONLY)) == -1)
                 fatal("Couldn't open %s: %s", SSH_RANDOM_DEV, strerror(errno));
         while (o < len) {
@@ -101,7 +111,7 @@ getrnd(u_char *s, size_t len)
         }
         close(fd);
 }
-#endif
+#endif /* WITH_OPENSSL */
 
 static void
 _rs_stir(void)
diff --git a/openbsd-compat/bcrypt_pbkdf.c b/openbsd-compat/bcrypt_pbkdf.c
index 0a07f9a0f..785234563 100644
--- a/openbsd-compat/bcrypt_pbkdf.c
+++ b/openbsd-compat/bcrypt_pbkdf.c
@@ -46,7 +46,7 @@
  * function with the following modifications:
  * 1. The input password and salt are preprocessed with SHA512.
  * 2. The output length is expanded to 256 bits.
- * 3. Subsequently the magic string to be encrypted is lengthened and modifed
+ * 3. Subsequently the magic string to be encrypted is lengthened and modified
  *    to "OxychromaticBlowfishSwatDynamite"
  * 4. The hash function is defined to perform 64 rounds of initial state
  *    expansion. (More rounds are performed by iterating the hash.)
diff --git a/openbsd-compat/bsd-closefrom.c b/openbsd-compat/bsd-closefrom.c
index 9380b33a7..b56476a2d 100644
--- a/openbsd-compat/bsd-closefrom.c
+++ b/openbsd-compat/bsd-closefrom.c
@@ -77,7 +77,7 @@ closefrom(int lowfd)
 
     /* Check for a /proc/$$/fd directory. */
     len = snprintf(fdpath, sizeof(fdpath), "/proc/%ld/fd", (long)getpid());
-    if (len > 0 && (size_t)len <= sizeof(fdpath) && (dirp = opendir(fdpath))) {
+    if (len > 0 && (size_t)len < sizeof(fdpath) && (dirp = opendir(fdpath))) {
         while ((dent = readdir(dirp)) != NULL) {
             fd = strtol(dent->d_name, &endp, 10);
             if (dent->d_name != endp && *endp == '\0' &&
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index 398a5f617..fb49e30f5 100644
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -36,6 +36,7 @@
 #include <fcntl.h>
 #include <string.h>
 #include <unistd.h>
+#include <stdarg.h>
 
 #include "xmalloc.h"
 
diff --git a/openbsd-compat/bsd-cygwin_util.h b/openbsd-compat/bsd-cygwin_util.h
index 9cef694b9..202c055db 100644
--- a/openbsd-compat/bsd-cygwin_util.h
+++ b/openbsd-compat/bsd-cygwin_util.h
@@ -41,7 +41,7 @@ typedef void *HANDLE;
 #define UNLEN 256
 
 /* Cygwin functions for which declarations are only available when including
-   windows headers, so we have to define them here explicitely. */
+   windows headers, so we have to define them here explicitly. */
 extern HANDLE cygwin_logon_user (const struct passwd *, const char *);
 extern void cygwin_set_impersonation_token (const HANDLE);
 
diff --git a/openbsd-compat/bsd-getline.c b/openbsd-compat/bsd-getline.c
new file mode 100644
index 000000000..d676f4cef
--- /dev/null
+++ b/openbsd-compat/bsd-getline.c
@@ -0,0 +1,113 @@
+/*      $NetBSD: getline.c,v 1.1.1.6 2015/01/02 20:34:27 christos Exp $ */
+
+/*      NetBSD: getline.c,v 1.2 2014/09/16 17:23:50 christos Exp        */
+
+/*-
+ * Copyright (c) 2011 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* NETBSD ORIGINAL: external/bsd/file/dist/src/getline.c */
+
+#include "includes.h"
+
+#if 0
+#include "file.h"
+#endif
+
+#if !HAVE_GETLINE
+#include <stdlib.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <errno.h>
+#include <string.h>
+
+static ssize_t
+getdelim(char **buf, size_t *bufsiz, int delimiter, FILE *fp)
+{
+        char *ptr, *eptr;
+
+
+        if (*buf == NULL || *bufsiz == 0) {
+                if ((*buf = malloc(BUFSIZ)) == NULL)
+                        return -1;
+                *bufsiz = BUFSIZ;
+        }
+
+        for (ptr = *buf, eptr = *buf + *bufsiz;;) {
+                int c = fgetc(fp);
+                if (c == -1) {
+                        if (feof(fp)) {
+                                ssize_t diff = (ssize_t)(ptr - *buf);
+                                if (diff != 0) {
+                                        *ptr = '\0';
+                                        return diff;
+                                }
+                        }
+                        return -1;
+                }
+                *ptr++ = c;
+                if (c == delimiter) {
+                        *ptr = '\0';
+                        return ptr - *buf;
+                }
+                if (ptr + 2 >= eptr) {
+                        char *nbuf;
+                        size_t nbufsiz = *bufsiz * 2;
+                        ssize_t d = ptr - *buf;
+                        if ((nbuf = realloc(*buf, nbufsiz)) == NULL)
+                                return -1;
+                        *buf = nbuf;
+                        *bufsiz = nbufsiz;
+                        eptr = nbuf + nbufsiz;
+                        ptr = nbuf + d;
+                }
+        }
+}
+
+ssize_t
+getline(char **buf, size_t *bufsiz, FILE *fp)
+{
+        return getdelim(buf, bufsiz, '\n', fp);
+}
+
+#endif
+
+#ifdef TEST
+int
+main(int argc, char *argv[])
+{
+        char *p = NULL;
+        ssize_t len;
+        size_t n = 0;
+
+        while ((len = getline(&p, &n, stdin)) != -1)
+                (void)printf("%" SIZE_T_FORMAT "d %s", len, p);
+        free(p);
+        return 0;
+}
+#endif
diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c
index 3daf61071..b6893e171 100644
--- a/openbsd-compat/bsd-misc.c
+++ b/openbsd-compat/bsd-misc.c
@@ -28,6 +28,7 @@
 #include <string.h>
 #include <signal.h>
 #include <stdlib.h>
+#include <stdio.h>
 #include <time.h>
 #include <unistd.h>
 
diff --git a/openbsd-compat/bsd-nextstep.h b/openbsd-compat/bsd-nextstep.h
index 610f9e381..4a45b15af 100644
--- a/openbsd-compat/bsd-nextstep.h
+++ b/openbsd-compat/bsd-nextstep.h
@@ -36,7 +36,7 @@
 /* NeXT's readdir() is BSD (struct direct) not POSIX (struct dirent) */
 #define dirent direct
 
-/* Swap out NeXT's BSD wait() for a more POSIX complient one */
+/* Swap out NeXT's BSD wait() for a more POSIX compliant one */
 pid_t posix_wait(int *);
 #define wait(a) posix_wait(a)
 
diff --git a/openbsd-compat/bsd-snprintf.c b/openbsd-compat/bsd-snprintf.c
index d95b6a401..f27b9d808 100644
--- a/openbsd-compat/bsd-snprintf.c
+++ b/openbsd-compat/bsd-snprintf.c
@@ -30,7 +30,7 @@
  *    probably requires libm on most operating systems.  Don't yet
  *    support the exponent (e,E) and sigfig (g,G).  Also, fmtint()
  *    was pretty badly broken, it just wasn't being exercised in ways
- *    which showed it, so that's been fixed.  Also, formated the code
+ *    which showed it, so that's been fixed.  Also, formatted the code
  *    to mutt conventions, and removed dead code left over from the
  *    original.  Also, there is now a builtin-test, just compile with:
  *           gcc -DTEST_SNPRINTF -o snprintf snprintf.c -lm
diff --git a/openbsd-compat/bsd-waitpid.h b/openbsd-compat/bsd-waitpid.h
index 5ce3ee4b5..b551268ab 100644
--- a/openbsd-compat/bsd-waitpid.h
+++ b/openbsd-compat/bsd-waitpid.h
@@ -27,7 +27,7 @@
 #define _BSD_WAITPID_H
 
 #ifndef HAVE_WAITPID
-/* Clean out any potental issues */
+/* Clean out any potential issues */
 #undef WIFEXITED
 #undef WIFSTOPPED
 #undef WIFSIGNALED
diff --git a/openbsd-compat/explicit_bzero.c b/openbsd-compat/explicit_bzero.c
index 53a003472..6ef9825a9 100644
--- a/openbsd-compat/explicit_bzero.c
+++ b/openbsd-compat/explicit_bzero.c
@@ -41,7 +41,7 @@ explicit_bzero(void *p, size_t n)
         /*
          * clang -fsanitize=memory needs to intercept memset-like functions
          * to correctly detect memory initialisation. Make sure one is called
-         * directly since our indirection trick above sucessfully confuses it.
+         * directly since our indirection trick above successfully confuses it.
          */
 #if defined(__has_feature)
 # if __has_feature(memory_sanitizer)
diff --git a/openbsd-compat/fmt_scaled.c b/openbsd-compat/fmt_scaled.c
index 7c5193e26..2f76ef931 100644
--- a/openbsd-compat/fmt_scaled.c
+++ b/openbsd-compat/fmt_scaled.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: fmt_scaled.c,v 1.16 2017/03/16 02:40:46 dtucker Exp $ */
+/*      $OpenBSD: fmt_scaled.c,v 1.17 2018/05/14 04:39:04 djm Exp $     */
 
 /*
  * Copyright (c) 2001, 2002, 2003 Ian F. Darwin.  All rights reserved.
@@ -188,7 +188,7 @@ scan_scaled(char *scaled, long long *result)
                         /* scale whole part */
                         whole *= scale_fact;
 
-                        /* truncate fpart so it does't overflow.
+                        /* truncate fpart so it doesn't overflow.
                          * then scale fractional part.
                          */
                         while (fpart >= LLONG_MAX / scale_fact) {
@@ -246,12 +246,15 @@ fmt_scaled(long long number, char *result)
 
         fract = (10 * fract + 512) / 1024;
         /* if the result would be >= 10, round main number */
-        if (fract == 10) {
+        if (fract >= 10) {
                 if (number >= 0)
                         number++;
                 else
                         number--;
                 fract = 0;
+        } else if (fract < 0) {
+                /* shouldn't happen */
+                fract = 0;
         }
 
         if (number == 0)
diff --git a/openbsd-compat/freezero.c b/openbsd-compat/freezero.c
index 90b9d3813..bad018ff0 100644
--- a/openbsd-compat/freezero.c
+++ b/openbsd-compat/freezero.c
@@ -16,6 +16,7 @@
 
 #include "includes.h"
 
+#include <stdlib.h>
 #include <string.h>
 
 #ifndef HAVE_FREEZERO
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index b48fb9342..f5c833bf2 100644
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -60,6 +60,10 @@ int bindresvport_sa(int sd, struct sockaddr *sa);
 void closefrom(int);
 #endif
 
+#ifndef HAVE_GETLINE
+ssize_t getline(char **, size_t *, FILE *);
+#endif
+
 #ifndef HAVE_GETPAGESIZE
 int getpagesize(void);
 #endif
diff --git a/openbsd-compat/port-aix.c b/openbsd-compat/port-aix.c
index 79c868966..943177c70 100644
--- a/openbsd-compat/port-aix.c
+++ b/openbsd-compat/port-aix.c
@@ -27,8 +27,9 @@
 #include "includes.h"
 
 #include "xmalloc.h"
-#include "buffer.h"
-#include "key.h"
+#include "sshbuf.h"
+#include "ssherr.h"
+#include "sshkey.h"
 #include "hostfile.h"
 #include "auth.h"
 #include "ssh.h"
@@ -176,7 +177,7 @@ sys_auth_passwd(struct ssh *ssh, const char *password)
 {
         Authctxt *ctxt = ssh->authctxt;
         char *authmsg = NULL, *msg = NULL, *name = ctxt->pw->pw_name;
-        int authsuccess = 0, expired, reenter, result;
+        int r, authsuccess = 0, expired, reenter, result;
 
         do {
                 result = authenticate((char *)name, (char *)password, &reenter,
@@ -203,7 +204,10 @@ sys_auth_passwd(struct ssh *ssh, const char *password)
                  */
                 expired = passwdexpired(name, &msg);
                 if (msg && *msg) {
-                        buffer_append(ctxt->loginmsg, msg, strlen(msg));
+                        if ((r = sshbuf_put(ctxt->loginmsg,
+                            msg, strlen(msg))) != 0)
+                                fatal("%s: buffer error: %s",
+                                    __func__, ssh_err(r));
                         aix_remove_embedded_newlines(msg);
                 }
                 debug3("AIX/passwdexpired returned %d msg %.100s", expired, msg);
@@ -234,10 +238,10 @@ sys_auth_passwd(struct ssh *ssh, const char *password)
  * Returns 1 if login is allowed, 0 if not allowed.
  */
 int
-sys_auth_allowed_user(struct passwd *pw, Buffer *loginmsg)
+sys_auth_allowed_user(struct passwd *pw, struct sshbuf *loginmsg)
 {
         char *msg = NULL;
-        int result, permitted = 0;
+        int r, result, permitted = 0;
         struct stat st;
 
         /*
@@ -260,8 +264,10 @@ sys_auth_allowed_user(struct passwd *pw, Buffer *loginmsg)
          */
         if (result == -1 && errno == EPERM && stat(_PATH_NOLOGIN, &st) == 0)
                 permitted = 1;
-        else if (msg != NULL)
-                buffer_append(loginmsg, msg, strlen(msg));
+        else if (msg != NULL) {
+                if ((r = sshbuf_put(loginmsg, msg, strlen(msg))) != 0)
+                        fatal("%s: buffer error: %s", __func__, ssh_err(r));
+        }
         if (msg == NULL)
                 msg = xstrdup("(none)");
         aix_remove_embedded_newlines(msg);
@@ -275,7 +281,7 @@ sys_auth_allowed_user(struct passwd *pw, Buffer *loginmsg)
 
 int
 sys_auth_record_login(const char *user, const char *host, const char *ttynm,
-    Buffer *loginmsg)
+    struct sshbuf *loginmsg)
 {
         char *msg = NULL;
         int success = 0;
diff --git a/openbsd-compat/port-aix.h b/openbsd-compat/port-aix.h
index 9c0a4dd3e..748c0e4e3 100644
--- a/openbsd-compat/port-aix.h
+++ b/openbsd-compat/port-aix.h
@@ -30,7 +30,7 @@
 # include <sys/socket.h>
 #endif
 
-#include "buffer.h"
+struct sshbuf;
 
 /* These should be in the system headers but are not. */
 int usrinfo(int, char *, int);
@@ -87,9 +87,10 @@ void aix_usrinfo(struct passwd *);
 #ifdef WITH_AIXAUTHENTICATE
 # define CUSTOM_SYS_AUTH_PASSWD 1
 # define CUSTOM_SYS_AUTH_ALLOWED_USER 1
-int sys_auth_allowed_user(struct passwd *, Buffer *);
+int sys_auth_allowed_user(struct passwd *, struct sshbuf *);
 # define CUSTOM_SYS_AUTH_RECORD_LOGIN 1
-int sys_auth_record_login(const char *, const char *, const char *, Buffer *);
+int sys_auth_record_login(const char *, const char *,
+    const char *, struct sshbuf *);
 # define CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG
 char *sys_auth_get_lastlogin_msg(const char *, uid_t);
 # define CUSTOM_FAILED_LOGIN 1
diff --git a/openbsd-compat/port-net.c b/openbsd-compat/port-net.c
index 7050629c3..bb535626f 100644
--- a/openbsd-compat/port-net.c
+++ b/openbsd-compat/port-net.c
@@ -185,7 +185,7 @@ sys_tun_open(int tun, int mode, char **ifname)
         else
                 debug("%s: %s mode %d fd %d", __func__, ifr.ifr_name, mode, fd);
 
-        if (ifname != NULL && (*ifname = strdup(ifr.ifr_name)))
+        if (ifname != NULL && (*ifname = strdup(ifr.ifr_name)) == NULL)
                 goto failed;
 
         return (fd);
@@ -272,7 +272,7 @@ sys_tun_open(int tun, int mode, char **ifname)
                         goto failed;
         }
 
-        if (ifname != NULL && (*ifname = strdup(ifr.ifr_name)))
+        if (ifname != NULL && (*ifname = strdup(ifr.ifr_name)) == NULL)
                 goto failed;
 
         close(sock);
diff --git a/openbsd-compat/port-uw.c b/openbsd-compat/port-uw.c
index 014cac264..9edb1b481 100644
--- a/openbsd-compat/port-uw.c
+++ b/openbsd-compat/port-uw.c
@@ -38,8 +38,6 @@
 
 #include "xmalloc.h"
 #include "packet.h"
-#include "buffer.h"
-#include "key.h"
 #include "auth-options.h"
 #include "log.h"
 #include "misc.h"       /* servconf.h needs misc.h for struct ForwardOptions */
@@ -99,7 +97,7 @@ nischeck(char *namep)
 
         if ((fd = fopen (password_file, "r")) == NULL) {
                 /*
-                 * If the passwd file has dissapeared we are in a bad state.
+                 * If the passwd file has disappeared we are in a bad state.
                  * However, returning 0 will send us back through the
                  * authentication scheme that has checked the ia database for
                  * passwords earlier.
diff --git a/openbsd-compat/sha2.c b/openbsd-compat/sha2.c
index a22099bbe..b55ea30ac 100644
--- a/openbsd-compat/sha2.c
+++ b/openbsd-compat/sha2.c
@@ -72,7 +72,7 @@
  * Please make sure that your system defines BYTE_ORDER.  If your
  * architecture is little-endian, make sure it also defines
  * LITTLE_ENDIAN and that the two (BYTE_ORDER and LITTLE_ENDIAN) are
- * equivilent.
+ * equivalent.
  *
  * If your system does not define the above, then you can do so by
  * hand like this:
diff --git a/openbsd-compat/strndup.c b/openbsd-compat/strndup.c
index ebb4eccfb..30ac6f046 100644
--- a/openbsd-compat/strndup.c
+++ b/openbsd-compat/strndup.c
@@ -16,7 +16,7 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-#include "config.h"
+#include "includes.h"
 #if !defined(HAVE_STRNDUP) || defined(BROKEN_STRNDUP)
 #include <sys/types.h>
 
diff --git a/openbsd-compat/strnlen.c b/openbsd-compat/strnlen.c
index 8cc6b96b5..7ad3573a6 100644
--- a/openbsd-compat/strnlen.c
+++ b/openbsd-compat/strnlen.c
@@ -18,7 +18,7 @@
 
 /* OPENBSD ORIGINAL: lib/libc/string/strnlen.c */
 
-#include "config.h"
+#include "includes.h"
 #if !defined(HAVE_STRNLEN) || defined(BROKEN_STRNLEN)
 #include <sys/types.h>
 
diff --git a/openbsd-compat/sys-queue.h b/openbsd-compat/sys-queue.h
index 28aaaa37a..af93d6814 100644
--- a/openbsd-compat/sys-queue.h
+++ b/openbsd-compat/sys-queue.h
@@ -45,6 +45,7 @@
 #undef SLIST_HEAD_INITIALIZER
 #undef SLIST_ENTRY
 #undef SLIST_FOREACH_PREVPTR
+#undef SLIST_FOREACH_SAFE
 #undef SLIST_FIRST
 #undef SLIST_END
 #undef SLIST_EMPTY
@@ -54,6 +55,7 @@
 #undef SLIST_INSERT_AFTER
 #undef SLIST_INSERT_HEAD
 #undef SLIST_REMOVE_HEAD
+#undef SLIST_REMOVE_AFTER
 #undef SLIST_REMOVE
 #undef SLIST_REMOVE_NEXT
 #undef LIST_HEAD
@@ -64,6 +66,7 @@
 #undef LIST_EMPTY
 #undef LIST_NEXT
 #undef LIST_FOREACH
+#undef LIST_FOREACH_SAFE
 #undef LIST_INIT
 #undef LIST_INSERT_AFTER
 #undef LIST_INSERT_BEFORE
@@ -94,6 +97,8 @@
 #undef TAILQ_EMPTY
 #undef TAILQ_FOREACH
 #undef TAILQ_FOREACH_REVERSE
+#undef TAILQ_FOREACH_SAFE
+#undef TAILQ_FOREACH_REVERSE_SAFE
 #undef TAILQ_INIT
 #undef TAILQ_INSERT_HEAD
 #undef TAILQ_INSERT_TAIL