*** ssh/session.c.orig	Mon Aug  1 19:50:13 2005
--- ssh/session.c	Wed Nov 30 17:24:06 2005
***************
*** 67,72 ****
--- 67,74 ----
  #include "ssh-gss.h"
  #endif
  
+ #define CHROOT
+ 
  /* func */
  
  Session *session_new(void);
***************
*** 997,1003 ****
--- 999,1032 ----
  void
  do_setusercontext(struct passwd *pw)
  {
+ #ifdef CHROOT
+         char           *user_dir;
+         char           *new_root;
+ #endif                          /* CHROOT */
+ 
  	if (getuid() == 0 || geteuid() == 0) {
+ 
+ #ifdef CHROOT
+                 debug("CHROOT: Enter in chroot patch");
+ 
+                 user_dir = xstrdup(pw->pw_dir);
+                 new_root = user_dir + 1;
+ 
+                 while ((new_root = strchr(new_root, '.')) != NULL) {
+                         new_root--;
+                         if (strncmp(new_root, "/./", 3) == 0) {
+                                 *new_root = '\0';
+                                 new_root += 2;
+                                 debug("CHROOT: Do chroot on %s", user_dir);
+                                 if (chroot(user_dir) != 0)
+                                         fatal("Couldn't chroot to user's directory %s", user_dir);
+                                 pw->pw_dir = new_root;
+                                 break;
+                         }
+                         new_root += 2;
+                 }
+ #endif                          /* CHROOT */
+ 
  #ifdef HAVE_LOGIN_CAP
  		if (setusercontext(lc, pw, pw->pw_uid,
  		    (LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) {