fix issues with fortify-headers and the way openssh handles the needed
BSD compatible realpath(3)

diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index 1ff7114..e552a10 100644
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -70,12 +70,8 @@ void *reallocarray(void *, size_t, size_t);
 #endif
 
 #if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH)
-/*
- * glibc's FORTIFY_SOURCE can redefine this and prevent us picking up the
- * compat version.
- */
-# ifdef BROKEN_REALPATH
-#  define realpath(x, y) _ssh_compat_realpath(x, y)
+# if !defined(BROKEN_REALPATH)
+#  define ssh_realpath(x, y) realpath(x, y)
 # endif
 
 char *realpath(const char *path, char *resolved);
diff --git a/openbsd-compat/realpath.c b/openbsd-compat/realpath.c
index ba4cea9..1e67ebc 100644
--- a/openbsd-compat/realpath.c
+++ b/openbsd-compat/realpath.c
@@ -51,7 +51,7 @@
  * in which case the path which caused trouble is left in (resolved).
  */
 char *
-realpath(const char *path, char resolved[PATH_MAX])
+ssh_realpath(const char *path, char resolved[PATH_MAX])
 {
 	struct stat sb;
 	char *p, *q, *s;
diff --git a/sftp-server.c b/sftp-server.c
index eac11d7..ac51ca3 100644
--- a/sftp-server.c
+++ b/sftp-server.c
@@ -1162,7 +1162,7 @@ process_realpath(u_int32_t id)
 	}
 	debug3("request %u: realpath", id);
 	verbose("realpath \"%s\"", path);
-	if (realpath(path, resolvedname) == NULL) {
+	if (ssh_realpath(path, resolvedname) == NULL) {
 		send_status(id, errno_to_portable(errno));
 	} else {
 		Stat s;