- merge patch from openssh-portable

  to initialize resolver libary before
  chroot to /var/empty if UsePrivilegeSeparation=yes

2 files changed, 33 insertions, 3 deletions

diff --git a/security/openssh/Makefile b/security/openssh/Makefile
index b5c2966790d4..2c2157a80621 100644
--- a/security/openssh/Makefile
+++ b/security/openssh/Makefile
@@ -7,6 +7,7 @@
 
 PORTNAME=	openssh
 PORTVERSION=	3.5
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/ \
 		ftp://ftp.usa.openbsd.org/pub/OpenBSD/OpenSSH/ \
diff --git a/security/openssh/files/patch-sshd.c b/security/openssh/files/patch-sshd.c
index e5f14e469d89..ab218ae9c4ca 100644
--- a/security/openssh/files/patch-sshd.c
+++ b/security/openssh/files/patch-sshd.c
@@ -1,6 +1,17 @@
---- /home/bright/ssh/ssh/sshd.c	Thu Aug 17 13:06:34 2000
-+++ sshd.c	Fri Feb  9 11:19:08 2001
-@@ -49,6 +49,12 @@
+--- sshd.c.orig	Mon Mar 24 05:01:09 2003
++++ sshd.c	Mon Mar 24 05:01:36 2003
+@@ -49,6 +49,10 @@
+ #include <openssl/md5.h>
+ #include <openssl/rand.h>
+ 
++#ifdef __FreeBSD__
++#include <resolv.h>
++#endif
++
+ #include "ssh.h"
+ #include "ssh1.h"
+ #include "ssh2.h"
+@@ -88,6 +92,12 @@
  int deny_severity = LOG_WARNING;
  #endif /* LIBWRAP */
  
@@ -13,3 +24,21 @@
  #ifndef O_NOCTTY
  #define O_NOCTTY	0
  #endif
+@@ -1365,6 +1375,17 @@
+ 	    setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on,
+ 	    sizeof(on)) < 0)
+ 		error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));
++
++#ifdef __FreeBSD__
++	/*
++	 * Initialize the resolver.  This may not happen automatically
++	 * before privsep chroot().                                   
++	 */
++	if ((_res.options & RES_INIT) == 0) {
++		debug("res_init()");         
++		res_init();         
++	}
++#endif
+ 
+ 	/*
+ 	 * Register our connection.  This turns encryption off because we do