/[pkgs]/devel/openssh/openssh-5.2p1-sesftp.patch
ViewVC logotype

Contents of /devel/openssh/openssh-5.2p1-sesftp.patch

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.7 - (show annotations) (download) (as text)
Mon Aug 31 12:38:20 2009 UTC (2 months, 3 weeks ago) by jfch2222
Branch: MAIN
CVS Tags: openssh-5_2p1-28_fc12, F-12-split, openssh-5_2p1-24_fc12, openssh-5_2p1-27_fc12, openssh-5_2p1-26_fc12, openssh-5_2p1-23_fc12, openssh-5_2p1-22_fc12, openssh-5_3p1-2_fc13, openssh-5_3p1-8_fc13, openssh-5_2p1-21_fc12, openssh-5_3p1-10_fc13, openssh-5_2p1-25_fc12, openssh-5_3p1-9_fc13, openssh-5_3p1-7_fc13, openssh-5_3p1-1_fc13, openssh-5_3p1-3_fc13, openssh-5_3p1-4_fc13, openssh-5_3p1-5_fc13, openssh-5_3p1-6_fc13, openssh-5_2p1-29_fc13, HEAD
Changes since 1.6: +55 -58 lines
File MIME type: text/x-patch 
Upstream convergence
1 diff -up openssh-5.2p1/openbsd-compat/port-linux.c.sesftp openssh-5.2p1/openbsd-compat/port-linux.c
2 --- openssh-5.2p1/openbsd-compat/port-linux.c.sesftp 2009-08-12 00:29:37.712368892 +0200
3 +++ openssh-5.2p1/openbsd-compat/port-linux.c 2009-08-12 00:29:37.732544890 +0200
4 @@ -469,4 +469,36 @@ ssh_selinux_setup_pty(char *pwname, cons
5 freecon(user_ctx);
6 debug3("%s: done", __func__);
7 }
8 +
9 +void
10 +ssh_selinux_change_context(const char *newname)
11 +{
12 + int len, newlen;
13 + char *oldctx, *newctx, *cx;
14 +
15 + if (!ssh_selinux_enabled())
16 + return;
17 +
18 + if (getcon((security_context_t *)&oldctx) < 0) {
19 + logit("%s: getcon failed with %s", __func__, strerror (errno));
20 + return;
21 + }
22 + if ((cx = index(oldctx, ':')) == NULL || (cx = index(cx + 1, ':')) == NULL) {
23 + logit ("%s: unparseable context %s", __func__, oldctx);
24 + return;
25 + }
26 +
27 + newlen = strlen(oldctx) + strlen(newname) + 1;
28 + newctx = xmalloc(newlen);
29 + len = cx - oldctx + 1;
30 + memcpy(newctx, oldctx, len);
31 + strlcpy(newctx + len, newname, newlen - len);
32 + if ((cx = index(cx + 1, ':')))
33 + strlcat(newctx, cx, newlen);
34 + debug3("%s: setting context from '%s' to '%s'", __func__, oldctx, newctx);
35 + if (setcon(newctx) < 0)
36 + logit("%s: setcon failed with %s", __func__, strerror (errno));
37 + xfree(oldctx);
38 + xfree(newctx);
39 +}
40 #endif /* WITH_SELINUX */
41 diff -up openssh-5.2p1/openbsd-compat/port-linux.h.sesftp openssh-5.2p1/openbsd-compat/port-linux.h
42 --- openssh-5.2p1/openbsd-compat/port-linux.h.sesftp 2008-03-26 21:27:21.000000000 +0100
43 +++ openssh-5.2p1/openbsd-compat/port-linux.h 2009-08-12 00:29:37.733388083 +0200
44 @@ -23,6 +23,7 @@
45 int ssh_selinux_enabled(void);
46 void ssh_selinux_setup_pty(char *, const char *);
47 void ssh_selinux_setup_exec_context(char *);
48 +void ssh_selinux_change_context(const char *);
49 #endif
50
51 #endif /* ! _PORT_LINUX_H */
52 diff -up openssh-5.2p1/session.c.sesftp openssh-5.2p1/session.c
53 --- openssh-5.2p1/session.c.sesftp 2009-08-12 00:29:37.659250161 +0200
54 +++ openssh-5.2p1/session.c 2009-08-12 00:29:37.729578695 +0200
55 @@ -1798,6 +1798,9 @@ do_child(Session *s, const char *command
56 argv[i] = NULL;
57 optind = optreset = 1;
58 __progname = argv[0];
59 +#ifdef WITH_SELINUX
60 + ssh_selinux_change_context("sftpd_t");
61 +#endif
62 exit(sftp_server_main(i, argv, s->pw));
63 }
64
admin@fedoraproject.org
 ViewVC Help
Powered by ViewVC 1.1.2