fix issues with fortify-headers and the way openssh handles the needed
BSD compatible realpath(3).

unconditionally use the provided realpath() as otherwise cross-builds
would try to use musl realpath() which is posix compliant and not
working to openssh expectations.

diff -ru openssh-7.2p2.orig/openbsd-compat/openbsd-compat.h openssh-7.2p2/openbsd-compat/openbsd-compat.h
--- openssh-7.2p2.orig/openbsd-compat/openbsd-compat.h	2016-03-09 20:04:48.000000000 +0200
+++ openssh-7.2p2/openbsd-compat/openbsd-compat.h	2016-07-18 13:33:16.260357745 +0300
@@ -68,17 +68,7 @@
 void *reallocarray(void *, size_t, size_t);
 #endif
 
-#if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH)
-/*
- * glibc's FORTIFY_SOURCE can redefine this and prevent us picking up the
- * compat version.
- */
-# ifdef BROKEN_REALPATH
-#  define realpath(x, y) _ssh_compat_realpath(x, y)
-# endif
-
-char *realpath(const char *path, char *resolved);
-#endif
+char *ssh_realpath(const char *path, char *resolved);
 
 #ifndef HAVE_RRESVPORT_AF
 int rresvport_af(int *alport, sa_family_t af);
diff -ru openssh-7.2p2.orig/openbsd-compat/realpath.c openssh-7.2p2/openbsd-compat/realpath.c
--- openssh-7.2p2.orig/openbsd-compat/realpath.c	2016-03-09 20:04:48.000000000 +0200
+++ openssh-7.2p2/openbsd-compat/realpath.c	2016-07-18 13:33:45.420721690 +0300
@@ -31,7 +31,7 @@
 
 #include "includes.h"
 
-#if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH)
+#if 1
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -58,7 +58,7 @@
  * in which case the path which caused trouble is left in (resolved).
  */
 char *
-realpath(const char *path, char *resolved)
+ssh_realpath(const char *path, char *resolved)
 {
 	struct stat sb;
 	char *p, *q, *s;
diff -ru openssh-7.2p2.orig/sftp-server.c openssh-7.2p2/sftp-server.c
--- openssh-7.2p2.orig/sftp-server.c	2016-03-09 20:04:48.000000000 +0200
+++ openssh-7.2p2/sftp-server.c	2016-07-18 13:34:29.131267241 +0300
@@ -1162,7 +1162,7 @@
 	}
 	debug3("request %u: realpath", id);
 	verbose("realpath \"%s\"", path);
-	if (realpath(path, resolvedname) == NULL) {
+	if (ssh_realpath(path, resolvedname) == NULL) {
 		send_status(id, errno_to_portable(errno));
 	} else {
 		Stat s;