summaryrefslogtreecommitdiff
path: root/security/openssh
diff options
context:
space:
mode:
Diffstat (limited to 'security/openssh')
-rw-r--r--security/openssh/Makefile6
-rw-r--r--security/openssh/distinfo20
-rw-r--r--security/openssh/patches/patch-aa21
-rw-r--r--security/openssh/patches/patch-ab18
-rw-r--r--security/openssh/patches/patch-ad31
-rw-r--r--security/openssh/patches/patch-ae21
-rw-r--r--security/openssh/patches/patch-af17
-rw-r--r--security/openssh/patches/patch-ag14
-rw-r--r--security/openssh/patches/patch-ai19
-rw-r--r--security/openssh/patches/patch-aj42
-rw-r--r--security/openssh/patches/patch-ak36
-rw-r--r--security/openssh/patches/patch-al19
-rw-r--r--security/openssh/patches/patch-am13
-rw-r--r--security/openssh/patches/patch-an52
-rw-r--r--security/openssh/patches/patch-ao31
-rw-r--r--security/openssh/patches/patch-ap18
-rw-r--r--security/openssh/patches/patch-aq13
17 files changed, 372 insertions, 19 deletions
diff --git a/security/openssh/Makefile b/security/openssh/Makefile
index 94cca0c5d2c..eb43051cc98 100644
--- a/security/openssh/Makefile
+++ b/security/openssh/Makefile
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.140 2004/07/25 12:36:03 grant Exp $
+# $NetBSD: Makefile,v 1.141 2004/08/04 06:43:52 minskim Exp $
DISTNAME= openssh-3.8.1p1
PKGNAME= openssh-3.8.1.1
@@ -73,6 +73,10 @@ MESSAGE_SRC+= ${.CURDIR}/MESSAGE.pam
#
CONFIGURE_ENV+= LD=${CC:Q}
+.if ${OPSYS} == "Interix"
+CONFIGURE_ENV+= ac_cv_type_struct_timespec=yes
+.endif
+
# Enable S/Key support on NetBSD, Darwin, and Solaris.
.if (${OPSYS} == "NetBSD") || (${OPSYS} == "Darwin") || (${OPSYS} == "SunOS")
. include "../../security/skey/buildlink3.mk"
diff --git a/security/openssh/distinfo b/security/openssh/distinfo
index 976ff38f80a..f641638d841 100644
--- a/security/openssh/distinfo
+++ b/security/openssh/distinfo
@@ -1,9 +1,21 @@
-$NetBSD: distinfo,v 1.33 2004/05/10 18:12:23 wiz Exp $
+$NetBSD: distinfo,v 1.34 2004/08/04 06:43:52 minskim Exp $
SHA1 (openssh-3.8.1p1.tar.gz) = 772c3a69014a8a7bf8c1bde8ab6770f9c91049e4
Size (openssh-3.8.1p1.tar.gz) = 817932 bytes
-SHA1 (patch-aa) = 37c5f14230f97f895fb8ad9de627dca00e39762c
-SHA1 (patch-ab) = e4ee4fa13fee7cf962f6c8d894a417bf2c977faa
+SHA1 (patch-aa) = 171d144d781b28a6665e022ffbb449888f6302e3
+SHA1 (patch-ab) = 8c1b1d92cf45ea921db650e2eb50fcafbdd83407
SHA1 (patch-ac) = 2652a918c43bb780c8b0e5e3691d2a1ffba74700
-SHA1 (patch-ad) = 644e2fe1f2967fe97c51a7cc61cad557bc42ed6a
+SHA1 (patch-ad) = 15627b65ea3607bf5a66d0def463b05f57ed303d
+SHA1 (patch-ae) = fece020b1c2432f4ac5b62104be808aa3f70ea22
+SHA1 (patch-af) = 444fadaafdb45adc1008cbf106cd28c075700616
+SHA1 (patch-ag) = 873d2b8c3293a3a9c4da7581da574e22bddca15e
SHA1 (patch-ah) = 8f1fa190e4fb115bb5311b4ccd839a649e1b09e5
+SHA1 (patch-ai) = da31e53b3ccbef24abc6418ee466f1e43fdd7447
+SHA1 (patch-aj) = 677e614947c884c4208a6ca76fc9c6237d7aa6f7
+SHA1 (patch-ak) = 97bc28537830eaa889bd807cd9b3f2c20dc938a2
+SHA1 (patch-al) = 958c5516996e4040ac779bf1f53c486253c40cfb
+SHA1 (patch-am) = a88eb34b83789453b8e212b14f33d8e98d153667
+SHA1 (patch-an) = e92a4e3b3bc07eda155a17009743c110d88c8c22
+SHA1 (patch-ao) = 00750c5f80bced34c54558cbd5ad3b96384e0d00
+SHA1 (patch-ap) = c2182328f9f108df14ce379c8dfa50fd53815a4a
+SHA1 (patch-aq) = 009f4696f32f0addde1c953aaab759f920816692
diff --git a/security/openssh/patches/patch-aa b/security/openssh/patches/patch-aa
index 3a2ba88403f..7c8ad0c95c3 100644
--- a/security/openssh/patches/patch-aa
+++ b/security/openssh/patches/patch-aa
@@ -1,9 +1,18 @@
-$NetBSD: patch-aa,v 1.34 2004/05/10 18:12:24 wiz Exp $
+$NetBSD: patch-aa,v 1.35 2004/08/04 06:43:52 minskim Exp $
---- configure.orig 2004-04-18 14:51:57.000000000 +0200
+--- configure.orig Sun Apr 18 07:51:57 2004
+++ configure
-@@ -4816,6 +4816,9 @@ EOF
+@@ -4814,8 +4814,18 @@ EOF
+ EOF
+
;;
++
++*-*-interix3)
++ cat >>confdefs.h <<\EOF
++#define MISSING_HOWMANY 1
++EOF
++
++ ;;
esac
+# pkgsrc handles any rpath settings this package needs
@@ -12,7 +21,7 @@ $NetBSD: patch-aa,v 1.34 2004/05/10 18:12:24 wiz Exp $
# Allow user to specify flags
# Check whether --with-cflags or --without-cflags was given.
-@@ -17263,12 +17266,20 @@ fi
+@@ -17263,12 +17273,20 @@ fi
rm -f conftest.$ac_objext conftest.$ac_ext
if test -z "$conf_utmpx_location"; then
if test x"$system_utmpx_path" = x"no" ; then
@@ -35,7 +44,7 @@ $NetBSD: patch-aa,v 1.34 2004/05/10 18:12:24 wiz Exp $
cat >>confdefs.h <<EOF
#define CONF_UTMPX_FILE "$conf_utmpx_location"
EOF
-@@ -17323,12 +17334,20 @@ fi
+@@ -17323,12 +17341,20 @@ fi
rm -f conftest.$ac_objext conftest.$ac_ext
if test -z "$conf_wtmpx_location"; then
if test x"$system_wtmpx_path" = x"no" ; then
@@ -58,7 +67,7 @@ $NetBSD: patch-aa,v 1.34 2004/05/10 18:12:24 wiz Exp $
cat >>confdefs.h <<EOF
#define CONF_WTMPX_FILE "$conf_wtmpx_location"
EOF
-@@ -18237,7 +18256,7 @@ echo "OpenSSH has been configured with t
+@@ -18237,7 +18263,7 @@ echo "OpenSSH has been configured with t
echo " User binaries: $B"
echo " System binaries: $C"
echo " Configuration files: $D"
diff --git a/security/openssh/patches/patch-ab b/security/openssh/patches/patch-ab
index 1469871ff21..200f37c7216 100644
--- a/security/openssh/patches/patch-ab
+++ b/security/openssh/patches/patch-ab
@@ -1,9 +1,15 @@
-$NetBSD: patch-ab,v 1.17 2004/05/10 18:12:24 wiz Exp $
+$NetBSD: patch-ab,v 1.18 2004/08/04 06:43:52 minskim Exp $
---- configure.ac.orig 2004-04-17 05:03:07.000000000 +0200
+--- configure.ac.orig Fri Apr 16 22:03:07 2004
+++ configure.ac
-@@ -456,6 +456,9 @@ mips-sony-bsd|mips-sony-newsos4)
+@@ -454,8 +454,15 @@ mips-sony-bsd|mips-sony-newsos4)
+ AC_DEFINE(MISSING_HOWMANY)
+ AC_DEFINE(MISSING_FD_MASK)
;;
++
++*-*-interix3)
++ AC_DEFINE(MISSING_HOWMANY)
++ ;;
esac
+# pkgsrc handles any rpath settings this package needs
@@ -12,7 +18,7 @@ $NetBSD: patch-ab,v 1.17 2004/05/10 18:12:24 wiz Exp $
# Allow user to specify flags
AC_ARG_WITH(cflags,
[ --with-cflags Specify additional flags to pass to compiler],
-@@ -2824,9 +2827,17 @@ AC_TRY_COMPILE([
+@@ -2824,9 +2831,17 @@ AC_TRY_COMPILE([
)
if test -z "$conf_utmpx_location"; then
if test x"$system_utmpx_path" = x"no" ; then
@@ -32,7 +38,7 @@ $NetBSD: patch-ab,v 1.17 2004/05/10 18:12:24 wiz Exp $
AC_DEFINE_UNQUOTED(CONF_UTMPX_FILE, "$conf_utmpx_location")
fi
-@@ -2849,9 +2860,17 @@ AC_TRY_COMPILE([
+@@ -2849,9 +2864,17 @@ AC_TRY_COMPILE([
)
if test -z "$conf_wtmpx_location"; then
if test x"$system_wtmpx_path" = x"no" ; then
@@ -52,7 +58,7 @@ $NetBSD: patch-ab,v 1.17 2004/05/10 18:12:24 wiz Exp $
AC_DEFINE_UNQUOTED(CONF_WTMPX_FILE, "$conf_wtmpx_location")
fi
-@@ -2892,7 +2911,7 @@ echo "OpenSSH has been configured with t
+@@ -2892,7 +2915,7 @@ echo "OpenSSH has been configured with t
echo " User binaries: $B"
echo " System binaries: $C"
echo " Configuration files: $D"
diff --git a/security/openssh/patches/patch-ad b/security/openssh/patches/patch-ad
index 094a675707c..ad7ffa1f40a 100644
--- a/security/openssh/patches/patch-ad
+++ b/security/openssh/patches/patch-ad
@@ -1,7 +1,25 @@
-$NetBSD: patch-ad,v 1.6 2004/04/27 12:30:23 markd Exp $
+$NetBSD: patch-ad,v 1.7 2004/08/04 06:43:52 minskim Exp $
---- loginrec.c.orig 2004-02-10 18:49:35.000000000 +1300
+--- loginrec.c.orig Thu Apr 8 01:16:06 2004
+++ loginrec.c
+@@ -415,7 +415,7 @@ login_write (struct logininfo *li)
+
+ /* set the timestamp */
+ login_set_current_time(li);
+-#ifdef USE_LOGIN
++#if defined(USE_LOGIN) && (HAVE_UMTP_H)
+ syslogin_write_entry(li);
+ #endif
+ #ifdef USE_LASTLOG
+@@ -584,7 +584,7 @@ line_abbrevname(char *dst, const char *s
+ ** into account.
+ **/
+
+-#if defined(USE_UTMP) || defined (USE_WTMP) || defined (USE_LOGIN)
++#if defined(USE_UTMP) || defined (USE_WTMP) || (defined (USE_LOGIN) && defined (HAVE_UTMP_H))
+
+ /* build the utmp structure */
+ void
@@ -720,8 +720,6 @@ construct_utmpx(struct logininfo *li, st
line_stripname(utx->ut_line, li->line, sizeof(utx->ut_line));
set_utmpx_time(li, utx);
@@ -20,3 +38,12 @@ $NetBSD: patch-ad,v 1.6 2004/04/27 12:30:23 markd Exp $
# ifdef HAVE_HOST_IN_UTMPX
strncpy(utx->ut_host, li->hostname, MIN_SIZEOF(utx->ut_host, li->hostname));
# endif
+@@ -1333,7 +1333,7 @@ wtmpx_get_entry(struct logininfo *li)
+ ** Low-level libutil login() functions
+ **/
+
+-#ifdef USE_LOGIN
++#if defined(USE_LOGIN) && defined(HAVE_UTMP_H)
+ static int
+ syslogin_perform_login(struct logininfo *li)
+ {
diff --git a/security/openssh/patches/patch-ae b/security/openssh/patches/patch-ae
new file mode 100644
index 00000000000..b21e674e7f9
--- /dev/null
+++ b/security/openssh/patches/patch-ae
@@ -0,0 +1,21 @@
+$NetBSD: patch-ae,v 1.8 2004/08/04 06:43:52 minskim Exp $
+
+--- openbsd-compat/getrrsetbyname.h.orig Mon Jan 26 23:40:35 2004
++++ openbsd-compat/getrrsetbyname.h
+@@ -50,7 +50,7 @@
+
+ #include "includes.h"
+
+-#ifndef HAVE_GETRRSETBYNAME
++#if !defined(HAVE_GETRRSETBYNAME) && !defined(__INTERIX)
+
+ #include <sys/types.h>
+ #include <netinet/in.h>
+@@ -105,6 +105,6 @@ struct rrsetinfo {
+ int getrrsetbyname(const char *, unsigned int, unsigned int, unsigned int, struct rrsetinfo **);
+ void freerrset(struct rrsetinfo *);
+
+-#endif /* !defined(HAVE_GETRRSETBYNAME) */
++#endif /* !defined(HAVE_GETRRSETBYNAME) && !defined(__INTERIX) */
+
+ #endif /* _GETRRSETBYNAME_H */
diff --git a/security/openssh/patches/patch-af b/security/openssh/patches/patch-af
new file mode 100644
index 00000000000..40ea1821521
--- /dev/null
+++ b/security/openssh/patches/patch-af
@@ -0,0 +1,17 @@
+$NetBSD: patch-af,v 1.6 2004/08/04 06:43:52 minskim Exp $
+
+--- dns.c.orig Fri Nov 21 06:48:55 2003
++++ dns.c
+@@ -28,6 +28,7 @@
+
+ #include "includes.h"
+
++#ifndef __INTERIX
+ #include <openssl/bn.h>
+ #ifdef LWRES
+ #include <lwres/netdb.h>
+@@ -273,3 +274,4 @@ export_dns_rr(const char *hostname, cons
+
+ return success;
+ }
++#endif /* __INTERIX */
diff --git a/security/openssh/patches/patch-ag b/security/openssh/patches/patch-ag
new file mode 100644
index 00000000000..0a7b4c454d6
--- /dev/null
+++ b/security/openssh/patches/patch-ag
@@ -0,0 +1,14 @@
+$NetBSD: patch-ag,v 1.4 2004/08/04 06:43:52 minskim Exp $
+
+--- readconf.c.orig Mon Mar 8 06:12:36 2004
++++ readconf.c
+@@ -186,7 +186,9 @@ static struct {
+ #endif
+ { "clearallforwardings", oClearAllForwardings },
+ { "enablesshkeysign", oEnableSSHKeysign },
++#ifndef __INTERIX
+ { "verifyhostkeydns", oVerifyHostKeyDNS },
++#endif /* __INTERIX */
+ { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },
+ { "rekeylimit", oRekeyLimit },
+ { "connecttimeout", oConnectTimeout },
diff --git a/security/openssh/patches/patch-ai b/security/openssh/patches/patch-ai
new file mode 100644
index 00000000000..0134551e3d1
--- /dev/null
+++ b/security/openssh/patches/patch-ai
@@ -0,0 +1,19 @@
+$NetBSD: patch-ai,v 1.6 2004/08/04 06:43:52 minskim Exp $
+
+--- dns.h.orig Mon Nov 17 04:19:29 2003
++++ dns.h
+@@ -31,6 +31,7 @@
+ #ifndef DNS_H
+ #define DNS_H
+
++#ifndef __INTERIX
+ enum sshfp_types {
+ SSHFP_KEY_RESERVED,
+ SSHFP_KEY_RSA,
+@@ -52,5 +53,6 @@ enum sshfp_hashes {
+
+ int verify_host_key_dns(const char *, struct sockaddr *, const Key *, int *);
+ int export_dns_rr(const char *, const Key *, FILE *, int);
++#endif /* __INTERIX */
+
+ #endif /* DNS_H */
diff --git a/security/openssh/patches/patch-aj b/security/openssh/patches/patch-aj
new file mode 100644
index 00000000000..f1f182cc02a
--- /dev/null
+++ b/security/openssh/patches/patch-aj
@@ -0,0 +1,42 @@
+$NetBSD: patch-aj,v 1.4 2004/08/04 06:43:52 minskim Exp $
+
+--- ssh-keygen.c.orig Tue Dec 30 18:34:52 2003
++++ ssh-keygen.c
+@@ -623,6 +623,7 @@ do_change_passphrase(struct passwd *pw)
+ exit(0);
+ }
+
++#ifndef __INTERIX
+ /*
+ * Print the SSHFP RR.
+ */
+@@ -652,6 +653,7 @@ do_print_resource_record(struct passwd *
+ printf("failed to read v2 public key from %s.\n", identity_file);
+ exit(1);
+ }
++#endif /* __INTERIX */
+
+ /*
+ * Change the comment of a private key file.
+@@ -770,7 +772,9 @@ usage(void)
+ fprintf(stderr, " -C comment Provide new comment.\n");
+ fprintf(stderr, " -N phrase Provide new passphrase.\n");
+ fprintf(stderr, " -P phrase Provide old passphrase.\n");
++#ifndef __INTERIX
+ fprintf(stderr, " -r hostname Print DNS resource record.\n");
++#endif /* __INTERIX */
+ #ifdef SMARTCARD
+ fprintf(stderr, " -D reader Download public key from smartcard.\n");
+ fprintf(stderr, " -U reader Upload private key to smartcard.\n");
+@@ -967,7 +971,11 @@ main(int ac, char **av)
+ if (print_public)
+ do_print_public(pw);
+ if (resource_record_hostname != NULL) {
++#ifndef __INTERIX
+ do_print_resource_record(pw, resource_record_hostname);
++#else /* __INTERIX */
++ fatal("no support for DNS.");
++#endif /* __INTERIX */
+ }
+ if (reader_id != NULL) {
+ #ifdef SMARTCARD
diff --git a/security/openssh/patches/patch-ak b/security/openssh/patches/patch-ak
new file mode 100644
index 00000000000..cdab031bc25
--- /dev/null
+++ b/security/openssh/patches/patch-ak
@@ -0,0 +1,36 @@
+$NetBSD: patch-ak,v 1.4 2004/08/04 06:43:52 minskim Exp $
+
+--- sshconnect.c.orig Tue Jan 27 04:21:27 2004
++++ sshconnect.c
+@@ -728,6 +728,7 @@ check_host_key(char *host, struct sockad
+ /* The default */
+ fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
+ msg2[0] = '\0';
++#ifndef __INTERIX
+ if (options.verify_host_key_dns) {
+ if (matching_host_key_dns)
+ snprintf(msg2, sizeof(msg2),
+@@ -738,6 +739,7 @@ check_host_key(char *host, struct sockad
+ "No matching host key fingerprint"
+ " found in DNS.\n");
+ }
++#endif /* __INTERIX */
+ snprintf(msg, sizeof(msg),
+ "The authenticity of host '%.200s (%s)' can't be "
+ "established%s\n"
+@@ -895,6 +897,7 @@ verify_host_key(char *host, struct socka
+ struct stat st;
+ int flags = 0;
+
++#ifndef __INTERIX
+ if (options.verify_host_key_dns &&
+ verify_host_key_dns(host, hostaddr, host_key, &flags) == 0) {
+
+@@ -914,6 +917,7 @@ verify_host_key(char *host, struct socka
+ }
+ }
+ }
++#endif /* !defined(__INTERIX) */
+
+ /* return ok if the key can be found in an old keyfile */
+ if (stat(options.system_hostfile2, &st) == 0 ||
diff --git a/security/openssh/patches/patch-al b/security/openssh/patches/patch-al
new file mode 100644
index 00000000000..fbd2034cb9d
--- /dev/null
+++ b/security/openssh/patches/patch-al
@@ -0,0 +1,19 @@
+$NetBSD: patch-al,v 1.3 2004/08/04 06:43:52 minskim Exp $
+
+--- openbsd-compat/getrrsetbyname.c.orig Mon Feb 23 22:51:07 2004
++++ openbsd-compat/getrrsetbyname.c
+@@ -47,7 +47,7 @@
+
+ #include "includes.h"
+
+-#ifndef HAVE_GETRRSETBYNAME
++#if !defined(HAVE_GETRRSETBYNAME) && !defined(__INTERIX)
+
+ #include "getrrsetbyname.h"
+
+@@ -574,4 +574,4 @@ count_dns_rr(struct dns_rr *p, u_int16_t
+ return (n);
+ }
+
+-#endif /* !defined(HAVE_GETRRSETBYNAME) */
++#endif /* !defined(HAVE_GETRRSETBYNAME) && !defined(__INTERIX) */
diff --git a/security/openssh/patches/patch-am b/security/openssh/patches/patch-am
new file mode 100644
index 00000000000..f2e658719df
--- /dev/null
+++ b/security/openssh/patches/patch-am
@@ -0,0 +1,13 @@
+$NetBSD: patch-am,v 1.3 2004/08/04 06:43:52 minskim Exp $
+
+--- openbsd-compat/inet_ntop.c.orig Sun Nov 23 20:33:34 2003
++++ openbsd-compat/inet_ntop.c
+@@ -35,7 +35,7 @@ static char rcsid[] = "$OpenBSD: inet_nt
+ #include <sys/socket.h>
+ #include <netinet/in.h>
+ #include <arpa/inet.h>
+-#ifndef HAVE_CYGWIN
++#if !defined(HAVE_CYGWIN) && !defined(__INTERIX)
+ #include <arpa/nameser.h>
+ #endif
+ #include <string.h>
diff --git a/security/openssh/patches/patch-an b/security/openssh/patches/patch-an
new file mode 100644
index 00000000000..1f9b109f877
--- /dev/null
+++ b/security/openssh/patches/patch-an
@@ -0,0 +1,52 @@
+$NetBSD: patch-an,v 1.3 2004/08/04 06:43:52 minskim Exp $
+
+--- sshd.c.orig Sun Mar 21 16:36:01 2004
++++ sshd.c
+@@ -52,6 +52,9 @@ RCSID("$OpenBSD: sshd.c,v 1.290 2004/03/
+ #include <sys/security.h>
+ #include <prot.h>
+ #endif
++#ifdef __INTERIX
++#include <interix/security.h>
++#endif /* __INTERIX */
+
+ #include "ssh.h"
+ #include "ssh1.h"
+@@ -570,10 +573,15 @@ privsep_preauth_child(void)
+ /* XXX not ready, too heavy after chroot */
+ do_setusercontext(pw);
+ #else
++#ifdef __INTERIX
++ if (setuser(SSH_PRIVSEP_USER, NULL, SU_COMPLETE) != 0)
++ fatal("setuser: %s, %.100s", SSH_PRIVSEP_USER, strerror(errno));
++#else /* __INTERIX */
+ gidset[0] = pw->pw_gid;
+ if (setgroups(1, gidset) < 0)
+ fatal("setgroups: %.100s", strerror(errno));
+ permanently_set_uid(pw);
++#endif /* __INTERIX */
+ #endif
+ }
+
+@@ -817,8 +825,10 @@ main(int ac, char **av)
+ av = saved_argv;
+ #endif
+
++#ifndef __INTERIX
+ if (geteuid() == 0 && setgroups(0, NULL) == -1)
+ debug("setgroups(): %.200s", strerror(errno));
++#endif
+
+ /* Initialize configuration options to their default values. */
+ initialize_server_options(&options);
+@@ -1062,8 +1072,10 @@ main(int ac, char **av)
+ * to create a file, and we can't control the code in every
+ * module which might be used).
+ */
++#ifndef __INTERIX
+ if (setgroups(0, NULL) < 0)
+ debug("setgroups() failed: %.200s", strerror(errno));
++#endif /* __INTERIX */
+
+ /* Initialize the log (it is reinitialized below in case we forked). */
+ if (debug_flag && !inetd_flag)
diff --git a/security/openssh/patches/patch-ao b/security/openssh/patches/patch-ao
new file mode 100644
index 00000000000..b2f1b372821
--- /dev/null
+++ b/security/openssh/patches/patch-ao
@@ -0,0 +1,31 @@
+$NetBSD: patch-ao,v 1.5 2004/08/04 06:43:53 minskim Exp $
+
+--- uidswap.c.orig Mon Feb 23 20:17:30 2004
++++ uidswap.c
+@@ -83,6 +83,7 @@ temporarily_use_uid(struct passwd *pw)
+ xfree(saved_egroups);
+ }
+
++#ifndef __INTERIX
+ /* set and save the user's groups */
+ if (user_groupslen == -1) {
+ if (initgroups(pw->pw_name, pw->pw_gid) < 0)
+@@ -105,6 +106,7 @@ temporarily_use_uid(struct passwd *pw)
+ /* Set the effective uid to the given (unprivileged) uid. */
+ if (setgroups(user_groupslen, user_groups) < 0)
+ fatal("setgroups: %.100s", strerror(errno));
++#endif /* __INTERIX */
+ #ifndef SAVED_IDS_WORK_WITH_SETEUID
+ /* Propagate the privileged gid to all of our gids. */
+ if (setgid(getegid()) < 0)
+@@ -152,8 +154,10 @@ restore_uid(void)
+ setgid(getgid());
+ #endif /* SAVED_IDS_WORK_WITH_SETEUID */
+
++#ifndef __INTERIX
+ if (setgroups(saved_egroupslen, saved_egroups) < 0)
+ fatal("setgroups: %.100s", strerror(errno));
++#endif /* __INTERIX */
+ temporarily_use_uid_effective = 0;
+ }
+
diff --git a/security/openssh/patches/patch-ap b/security/openssh/patches/patch-ap
new file mode 100644
index 00000000000..9ff6c1fdc65
--- /dev/null
+++ b/security/openssh/patches/patch-ap
@@ -0,0 +1,18 @@
+$NetBSD: patch-ap,v 1.3 2004/08/04 06:43:53 minskim Exp $
+
+--- session.c.orig Fri Apr 16 07:47:55 2004
++++ session.c
+@@ -1272,11 +1272,13 @@ do_setusercontext(struct passwd *pw)
+ perror("setgid");
+ exit(1);
+ }
++#ifndef __INTERIX
+ /* Initialize the group list. */
+ if (initgroups(pw->pw_name, pw->pw_gid) < 0) {
+ perror("initgroups");
+ exit(1);
+ }
++#endif /* __INTERIX */
+ endgrent();
+ # ifdef USE_PAM
+ /*
diff --git a/security/openssh/patches/patch-aq b/security/openssh/patches/patch-aq
new file mode 100644
index 00000000000..923c7c3d17e
--- /dev/null
+++ b/security/openssh/patches/patch-aq
@@ -0,0 +1,13 @@
+$NetBSD: patch-aq,v 1.3 2004/08/04 06:43:53 minskim Exp $
+
+--- packet.c.orig Fri Nov 21 22:02:42 2003
++++ packet.c
+@@ -1406,7 +1406,7 @@ packet_not_very_much_data_to_write(void)
+ static void
+ packet_set_tos(int interactive)
+ {
+-#if defined(IP_TOS) && !defined(IP_TOS_IS_BROKEN)
++#if defined(IP_TOS) && !defined(IP_TOS_IS_BROKEN) && !defined(__INTERIX)
+ int tos = interactive ? IPTOS_LOWDELAY : IPTOS_THROUGHPUT;
+
+ if (!packet_connection_is_on_socket() ||