From owner-freebsd-security Wed Jul 24 21:55:55 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DCE2C37B400; Wed, 24 Jul 2002 21:55:52 -0700 (PDT) Received: from net2.dinoex.sub.org (net2.dinoex.de [212.184.201.182]) by mx1.FreeBSD.org (Postfix) with ESMTP id C956343E91; Wed, 24 Jul 2002 21:55:50 -0700 (PDT) (envelope-from dirk.meyer@dinoex.sub.org) Received: from net2.dinoex.sub.org (dinoex@net2.dinoex.sub.org [127.0.0.1]) by net2.dinoex.sub.org (8.12.5/8.12.5) with ESMTP id g6P4oFmE005572; Thu, 25 Jul 2002 06:50:17 +0200 (CEST) (envelope-from dirk.meyer@dinoex.sub.org) Received: from gate.dinoex.sub.org (dinoex@localhost) by net2.dinoex.sub.org (8.12.5/8.12.5/Submit) with BSMTP id g6P4oAmU005397; Thu, 25 Jul 2002 06:50:10 +0200 (CEST) (envelope-from dirk.meyer@dinoex.sub.org) To: FreeBSD-gnats-submit@FreeBSD.ORG, jestrix@jestrix.net, freebsd-security@FreeBSD.ORG, des@FreeBSD.ORG, dot@dotat.at, sheldonh@starjuice.net Message-ID: From: dirk.meyer@dinoex.sub.org (Dirk Meyer) Organization: privat Subject: Re: ports/39953: Resolve failure in OpenSSH 3.4p1 when using PrivilegeSeperation Date: Thu, 25 Jul 2002 06:41:45 +0200 X-Mailer: Dinoex 1.79 X-Gateway: ZCONNECT gate.dinoex.sub.org [UNIX/Connect 0.94] X-PGP-Fingerprint: 44 16 EC 0A D3 3A 4F 28 8A 8A 47 93 F1 CF 2F 12 X-ZC-TELEFON: V+49-5606-6512Q F+49-5606-55023 X-Copyright: (C) Copyright 2001 by Dirk Meyer -- All rights reserved. X-ZC-POST: Im Grund 4;34317 Habichtswald;Germany X-PGP-Key-Avail: mailto:pgp-public-keys@keys.de.pgp.net Subject:GET 0x331CDA5D X-ZC-VIA: 20020725000000S+2@dinoex.sub.org Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I still can't repoduce the problem as described, but this patch should fix it. Please check if this solves the problem. kind regards Dirk - Dirk Meyer, Im Grund 4, 34317 Habichtswald, Germany - [dirk.meyer@dinoex.sub.org],[dirk.meyer@guug.de],[dinoex@FreeBSD.org] --- sshd.c.orig Wed Jun 26 01:24:19 2002 +++ sshd.c Thu Jul 25 06:32:37 2002 @@ -53,6 +53,10 @@ #include #endif +#ifdef __FreeBSD__ +#include +#endif + #include "ssh.h" #include "ssh1.h" #include "ssh2.h" @@ -1409,6 +1413,17 @@ setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) < 0) error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno)); + +#ifdef __FreeBSD__ + /* + * Initialize the resolver. This may not happen automatically + * before privsep chroot(). + */ + if ((_res.options & RES_INIT) == 0) { + debug("res_init()"); + res_init(); + } +#endif /* * Register our connection. This turns encryption off because we do To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message