From e581facf025826edacf17c56a90b3dcde9d749b2 Mon Sep 17 00:00:00 2001
From: beck <>
Date: Tue, 1 Dec 2015 01:24:47 +0000
Subject: pledge dns so openssl can use dns.. noticed and fix by todd@ ok jcs@
 deraadt@ theo@

---
 src/usr.bin/openssl/openssl.c  | 4 ++--
 src/usr.bin/openssl/s_client.c | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/usr.bin/openssl/openssl.c b/src/usr.bin/openssl/openssl.c
index e8c75daf0a..08a5929611 100644
--- a/src/usr.bin/openssl/openssl.c
+++ b/src/usr.bin/openssl/openssl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: openssl.c,v 1.21 2015/11/21 16:04:20 jca Exp $ */
+/* $OpenBSD: openssl.c,v 1.22 2015/12/01 01:24:47 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -438,7 +438,7 @@ main(int argc, char **argv)
 	arg.data = NULL;
 	arg.count = 0;
 
-	if (pledge("stdio inet dns rpath wpath cpath proc flock tty", NULL) == -1) {
+	if (pledge("stdio inet dns rpath wpath cpath proc flock tty dns", NULL) == -1) {
 		fprintf(stderr, "openssl: pledge: %s\n", strerror(errno));
 		exit(1);
 	}
diff --git a/src/usr.bin/openssl/s_client.c b/src/usr.bin/openssl/s_client.c
index 21454c5bf3..ae86a7c85e 100644
--- a/src/usr.bin/openssl/s_client.c
+++ b/src/usr.bin/openssl/s_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_client.c,v 1.25 2015/11/21 16:04:20 jca Exp $ */
+/* $OpenBSD: s_client.c,v 1.26 2015/12/01 01:24:47 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -365,7 +365,7 @@ s_client_main(int argc, char **argv)
 	long socket_mtu = 0;
 
 	if (single_execution) {
-		if (pledge("stdio inet dns rpath wpath cpath tty", NULL) == -1) {
+		if (pledge("stdio inet dns rpath wpath cpath tty dns", NULL) == -1) {
 			perror("pledge");
 			exit(1);
 		}
-- 
cgit v1.2.3-55-g6feb