(bal/tim) [acconfig.h configure.ac monitor_mm.c servconf.c

openbsd-compat/Makefile.in] support compression on platforms that
  have no/broken MAP_ANON. Moved code to openbsd-compat/xmmap.c
  Based on patch from nalin@redhat.com of code extracted from Owl's package

ChangeLog

@@ -1,5 +1,9 @@
 20020714
  - (tim) [Makefile.in] replace "id sshd" with "sshd -t"
+ - (bal/tim) [acconfig.h configure.ac monitor_mm.c servconf.c
+   openbsd-compat/Makefile.in] support compression on platforms that
+   have no/broken MAP_ANON. Moved code to openbsd-compat/xmmap.c
+   Based on patch from nalin@redhat.com of code extracted from Owl's package
 
 20020712
  - (tim) [Makefile.in] quiet down install-files: and check-user:
@@ -1352,4 +1356,4 @@
  - (stevesk) entropy.c: typo in debug message
  - (djm) ssh-keygen -i needs seeded RNG; report from markus@
 
-$Id: ChangeLog,v 1.2362 2002/07/14 17:02:20 tim Exp $
+$Id: ChangeLog,v 1.2363 2002/07/14 20:36:49 tim Exp $

acconfig.h

@@ -1,4 +1,4 @@
-/* $Id: acconfig.h,v 1.143 2002/07/09 14:06:40 mouring Exp $ */
+/* $Id: acconfig.h,v 1.144 2002/07/14 20:36:50 tim Exp $ */
 
 #ifndef _CONFIG_H
 #define _CONFIG_H
@@ -358,9 +358,6 @@
 /* Path that unprivileged child will chroot() to in privep mode */
 #undef PRIVSEP_PATH
 
-/* Define if you have the `mmap' function that supports MAP_ANON|SHARED */
-#undef HAVE_MMAP_ANON_SHARED
-
 /* Define if your platform needs to skip post auth file descriptor passing */
 #undef DISABLE_FD_PASSING
 

configure.ac

@@ -1,4 +1,4 @@
-# $Id: configure.ac,v 1.78 2002/07/13 01:11:25 tim Exp $
+# $Id: configure.ac,v 1.79 2002/07/14 20:36:50 tim Exp $
 
 AC_INIT
 AC_CONFIG_SRCDIR([ssh.c])
@@ -583,31 +583,6 @@ AC_CHECK_FUNCS(arc4random b64_ntop bcopy bindresvport_sa \
 	socketpair strerror strlcat strlcpy strmode strsep sysconf tcgetpgrp \
 	truncate utimes vhangup vsnprintf waitpid __b64_ntop _getpty)
 
-if test $ac_cv_func_mmap = yes ; then
-AC_MSG_CHECKING([for mmap anon shared])
-AC_TRY_RUN(
-	[
-#include <stdio.h>
-#include <sys/types.h>
-#include <sys/mman.h>
-#if !defined(MAP_ANON) && defined(MAP_ANONYMOUS)
-#define MAP_ANON MAP_ANONYMOUS
-#endif
-main() { char *p;
-p = (char *) mmap(NULL, 10, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED, -1, 0);
-if (p == (char *)-1)
-	exit(1);
-exit(0);
-}
-	],
-	[
-		AC_MSG_RESULT(yes)
-		AC_DEFINE(HAVE_MMAP_ANON_SHARED)
-	],
-	[ AC_MSG_RESULT(no) ] 
-)
-fi
-
 dnl IRIX and Solaris 2.5.1 have dirname() in libgen
 AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
 	AC_CHECK_LIB(gen, dirname,[

monitor_mm.c

@@ -91,15 +91,9 @@ mm_create(struct mm_master *mmalloc, size_t size)
 	 */
 	mm->mmalloc = mmalloc;
 
-#ifdef HAVE_MMAP_ANON_SHARED
+	address = xmmap(size);
-	address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED,
-	    -1, 0);
 	if (address == MAP_FAILED)
 		fatal("mmap(%lu): %s", (u_long)size, strerror(errno));
-#else
-	fatal("%s: UsePrivilegeSeparation=yes and Compression=yes not supported",
-	    __func__);
-#endif
 
 	mm->address = address;
 	mm->size = size;
@@ -137,7 +131,7 @@ mm_destroy(struct mm_master *mm)
 	mm_freelist(mm->mmalloc, &mm->rb_free);
 	mm_freelist(mm->mmalloc, &mm->rb_allocated);
 
-#ifdef HAVE_MMAP_ANON_SHARED
+#ifdef HAVE_MMAP
 	if (munmap(mm->address, mm->size) == -1)
 		fatal("munmap(%p, %lu): %s", mm->address, (u_long)mm->size,
 		    strerror(errno));

openbsd-compat/Makefile.in

@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.21 2002/02/19 20:27:57 mouring Exp $
+# $Id: Makefile.in,v 1.22 2002/07/14 20:36:51 tim Exp $
 
 sysconfdir=@sysconfdir@
 piddir=@piddir@
@@ -18,7 +18,7 @@ LDFLAGS=-L. @LDFLAGS@
 
 OPENBSD=base64.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o
 
-COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-misc.o bsd-nextstep.o bsd-snprintf.o bsd-waitpid.o fake-getaddrinfo.o fake-getnameinfo.o
+COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-misc.o bsd-nextstep.o bsd-snprintf.o bsd-waitpid.o fake-getaddrinfo.o fake-getnameinfo.o xmmap.o
 
 PORTS=port-irix.o port-aix.o
 

openbsd-compat/xmmap.c

@@ -0,0 +1,65 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "includes.h"
+
+#ifdef HAVE_SYS_MMAN_H
+#include <sys/mman.h>
+#endif
+
+void *xmmap(size_t size)
+{
+	void *address;
+
+#ifdef HAVE_MMAP
+# ifdef MAP_ANON
+	address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED,
+	    -1, 0);
+# else
+	address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_SHARED,
+	    open("/dev/zero", O_RDWR), 0);
+# endif
+
+#define MM_SWAP_TEMPLATE "/var/run/sshd.mm.XXXXXXXX"
+	if (address == MAP_FAILED) {
+		char tmpname[sizeof(MM_SWAP_TEMPLATE)] = MM_SWAP_TEMPLATE;
+		int tmpfd;
+
+		tmpfd = mkstemp(tmpname);
+		if (tmpfd == -1)
+			fatal("mkstemp(\"%s\"): %s",
+			    MM_SWAP_TEMPLATE, strerror(errno));
+		unlink(tmpname);
+		ftruncate(tmpfd, size);
+		address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_SHARED,
+		    tmpfd, 0);
+		close(tmpfd);
+	}
+
+	return (address);
+#else
+	fatal("%s: UsePrivilegeSeparation=yes and Compression=yes not supported",
+	    __func__);
+#endif /* HAVE_MMAP */
+
+}
+

servconf.c

@@ -257,7 +257,7 @@ fill_default_server_options(ServerOptions *options)
 	if (use_privsep == -1)
 		use_privsep = 1;
 
-#if !defined(HAVE_MMAP_ANON_SHARED)
+#ifndef HAVE_MMAP
 	if (use_privsep && options->compression == 1) {
 		error("This platform does not support both privilege "
 		    "separation and compression");