int use_dns;
int client_alive_interval; /*
* poke the client this often to
---- openssh-4.0p1/session.c.orig 2005-03-06 12:38:52.000000000 +0100
-+++ openssh-4.0p1/session.c 2005-03-10 15:14:04.000000000 +0100
-@@ -1258,6 +1258,10 @@
- void
+--- ./session.c.org 2008-05-05 16:22:11.935003283 +0200
++++ ./session.c 2008-05-05 16:32:50.025507650 +0200
+@@ -1345,6 +1345,10 @@ void
do_setusercontext(struct passwd *pw)
{
+ char *chroot_path, *tmp;
+#ifdef CHROOT
+ char *user_dir;
+ char *new_root;
+#endif /* CHROOT */
- #ifndef HAVE_CYGWIN
- if (getuid() == 0 || geteuid() == 0)
- #endif /* HAVE_CYGWIN */
-@@ -1315,6 +1319,26 @@
- restore_uid();
- }
- #endif
+
+ #ifdef WITH_SELINUX
+ /* Cache selinux status for later use */
+@@ -1425,8 +1429,28 @@ do_setusercontext(struct passwd *pw)
+ safely_chroot(chroot_path, pw->pw_uid);
+ free(tmp);
+ free(chroot_path);
+#ifdef CHROOT
-+ if (options.use_chroot) {
++ } else if (options.use_chroot) {
+ user_dir = xstrdup(pw->pw_dir);
+ new_root = user_dir + 1;
+
+
+ if(chroot(user_dir) != 0)
+ fatal("Couldn't chroot to user directory %s", user_dir);
-+ pw->pw_dir = new_root;
-+ break;
-+ }
-+ new_root += 2;
++ pw->pw_dir = new_root;
++ break;
++ }
++ new_root += 2;
+ }
-+ }
+#endif /* CHROOT */
- # ifdef USE_PAM
- /*
- * PAM credentials may take the form of supplementary groups.
+ }
+
++
+ #ifdef HAVE_LOGIN_CAP
+ if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUSER) < 0) {
+ perror("unable to set user context (setuser)");
--- openssh-3.7.1p2/sshd_config 2003-09-02 14:51:18.000000000 +0200
+++ openssh-3.7.1p2.pius/sshd_config 2003-10-07 20:49:08.000000000 +0200
-@@ -71,6 +71,10 @@
- # bypass the setting of 'PasswordAuthentication'
- #UsePAM yes
+@@ -91,6 +91,10 @@
+ # and ChallengeResponseAuthentication to 'no'.
+ UsePAM yes
+# Set this to 'yes' to enable support for chrooted user environment.
-+# You must create such environment before you can use this feature.
++# You must create such environment before you can use this feature.
+#UseChroot yes
+
- #AllowTcpForwarding yes
- #GatewayPorts no
- #X11Forwarding no
+ #AllowAgentForwarding yes
+ # Security advisory:
+ # http://securitytracker.com/alerts/2004/Sep/1011143.html
--- openssh-4.4p1/sshd_config.0.orig 2006-09-26 13:03:48.000000000 +0200
+++ openssh-4.4p1/sshd_config.0 2006-10-05 10:11:41.615971000 +0200
@@ -451,6 +451,16 @@