From df51273aa9fb416de461f6a9508fe0a0b61dc46e Mon Sep 17 00:00:00 2001
From: des <des@FreeBSD.org>
Date: Wed, 29 May 2013 00:19:58 +0000
Subject: Revert a local change that sets the default for
 UsePrivilegeSeparation to "sandbox" instead of "yes".  In sandbox mode, the
 privsep child is unable to load additional libraries and will therefore crash
 when trying to take advantage of crypto offloading on CPUs that support it.

---
 crypto/openssh/servconf.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'crypto/openssh/servconf.c')

diff --git a/crypto/openssh/servconf.c b/crypto/openssh/servconf.c
index ace75d3..a6aeea3 100644
--- a/crypto/openssh/servconf.c
+++ b/crypto/openssh/servconf.c
@@ -298,7 +298,7 @@ fill_default_server_options(ServerOptions *options)
 		options->version_addendum = xstrdup(SSH_VERSION_FREEBSD);
 	/* Turn privilege separation on by default */
 	if (use_privsep == -1)
-		use_privsep = PRIVSEP_ON;
+		use_privsep = PRIVSEP_NOSANDBOX;
 
 #ifndef HAVE_MMAP
 	if (use_privsep && options->compression == 1) {
-- 
cgit v1.1