summaryrefslogtreecommitdiff
path: root/debian/patches
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2011-01-25 01:51:25 +0000
committerColin Watson <cjwatson@debian.org>2011-01-25 01:51:25 +0000
commit5e750371bb19c8cc58b5faea70278d857acdae0a (patch)
treefa223746d886bda4acb9e242675bbcc4ddba4efb /debian/patches
parent26883397c648afa38ed502e68652945a794b0cd3 (diff)
Backport SELinux build fix from CVS.
Diffstat (limited to 'debian/patches')
-rw-r--r--debian/patches/selinux-build-failure.patch236
-rw-r--r--debian/patches/series3
2 files changed, 239 insertions, 0 deletions
diff --git a/debian/patches/selinux-build-failure.patch b/debian/patches/selinux-build-failure.patch
new file mode 100644
index 000000000..47c953009
--- /dev/null
+++ b/debian/patches/selinux-build-failure.patch
@@ -0,0 +1,236 @@
1Description: Fix SELinux build failure
2Origin: backport, http://bazaar.launchpad.net/~vcs-imports/openssh/main/revision/6317
3Author: Damien Miller <djm@mindrot.org>
4Last-Update: 2011-01-25
5
6Index: b/Makefile.in
7===================================================================
8--- a/Makefile.in
9+++ b/Makefile.in
10@@ -48,6 +48,7 @@
11 CFLAGS=@CFLAGS@
12 CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
13 LIBS=@LIBS@
14+SSHLIBS=@SSHLIBS@
15 SSHDLIBS=@SSHDLIBS@
16 LIBEDIT=@LIBEDIT@
17 AR=@AR@
18@@ -144,7 +145,7 @@
19 $(RANLIB) $@
20
21 ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS)
22- $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
23+ $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHLIBS) $(LIBS)
24
25 sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)
26 $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS)
27Index: b/configure.ac
28===================================================================
29--- a/configure.ac
30+++ b/configure.ac
31@@ -761,7 +761,6 @@
32 [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1,
33 [Define if you have Solaris process contracts])
34 SSHDLIBS="$SSHDLIBS -lcontract"
35- AC_SUBST(SSHDLIBS)
36 SPC_MSG="yes" ], )
37 ],
38 )
39@@ -772,7 +771,6 @@
40 [ AC_DEFINE(USE_SOLARIS_PROJECTS, 1,
41 [Define if you have Solaris projects])
42 SSHDLIBS="$SSHDLIBS -lproject"
43- AC_SUBST(SSHDLIBS)
44 SP_MSG="yes" ], )
45 ],
46 )
47@@ -3539,11 +3537,14 @@
48 LIBS="$LIBS -lselinux"
49 ],
50 AC_MSG_ERROR(SELinux support requires libselinux library))
51+ SSHLIBS="$SSHLIBS $LIBSELINUX"
52 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
53 AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
54 LIBS="$save_LIBS"
55 fi ]
56 )
57+AC_SUBST(SSHLIBS)
58+AC_SUBST(SSHDLIBS)
59
60 # Check whether user wants Kerberos 5 support
61 KRB5_MSG="no"
62@@ -4365,6 +4366,9 @@
63 if test ! -z "${SSHDLIBS}"; then
64 echo " +for sshd: ${SSHDLIBS}"
65 fi
66+if test ! -z "${SSHLIBS}"; then
67+echo " +for ssh: ${SSHLIBS}"
68+fi
69
70 echo ""
71
72Index: b/configure
73===================================================================
74--- a/configure
75+++ b/configure
76@@ -696,7 +696,6 @@
77 LOGIN_PROGRAM_FALLBACK
78 PATH_PASSWD_PROG
79 LD
80-SSHDLIBS
81 PKGCONFIG
82 LIBEDIT
83 TEST_SSH_SHA256
84@@ -721,6 +720,8 @@
85 PROG_IPCS
86 PROG_TAIL
87 INSTALL_SSH_PRNG_CMDS
88+SSHLIBS
89+SSHDLIBS
90 KRB5CONF
91 PRIVSEP_PATH
92 xauth_path
93@@ -9047,7 +9159,6 @@
94 _ACEOF
95
96 SSHDLIBS="$SSHDLIBS -lcontract"
97-
98 SPC_MSG="yes"
99 fi
100
101@@ -9126,7 +9237,6 @@
102 _ACEOF
103
104 SSHDLIBS="$SSHDLIBS -lproject"
105-
106 SP_MSG="yes"
107 fi
108
109@@ -27806,6 +27916,7 @@
110 { (exit 1); exit 1; }; }
111 fi
112
113+ SSHLIBS="$SSHLIBS $LIBSELINUX"
114 SSHDLIBS="$SSHDLIBS $LIBSELINUX"
115
116
117@@ -27908,6 +28019,8 @@
118 fi
119
120
121+
122+
123 # Check whether user wants Kerberos 5 support
124 KRB5_MSG="no"
125
126@@ -31416,7 +31529,6 @@
127 LOGIN_PROGRAM_FALLBACK!$LOGIN_PROGRAM_FALLBACK$ac_delim
128 PATH_PASSWD_PROG!$PATH_PASSWD_PROG$ac_delim
129 LD!$LD$ac_delim
130-SSHDLIBS!$SSHDLIBS$ac_delim
131 PKGCONFIG!$PKGCONFIG$ac_delim
132 LIBEDIT!$LIBEDIT$ac_delim
133 TEST_SSH_SHA256!$TEST_SSH_SHA256$ac_delim
134@@ -31433,6 +31545,7 @@
135 PROG_SAR!$PROG_SAR$ac_delim
136 PROG_W!$PROG_W$ac_delim
137 PROG_WHO!$PROG_WHO$ac_delim
138+PROG_LAST!$PROG_LAST$ac_delim
139 _ACEOF
140
141 if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then
142@@ -31474,7 +31587,6 @@
143 ac_delim='%!_!# '
144 for ac_last_try in false false false false false :; do
145 cat >conf$$subs.sed <<_ACEOF
146-PROG_LAST!$PROG_LAST$ac_delim
147 PROG_LASTLOG!$PROG_LASTLOG$ac_delim
148 PROG_DF!$PROG_DF$ac_delim
149 PROG_VMSTAT!$PROG_VMSTAT$ac_delim
150@@ -31482,6 +31594,8 @@
151 PROG_IPCS!$PROG_IPCS$ac_delim
152 PROG_TAIL!$PROG_TAIL$ac_delim
153 INSTALL_SSH_PRNG_CMDS!$INSTALL_SSH_PRNG_CMDS$ac_delim
154+SSHLIBS!$SSHLIBS$ac_delim
155+SSHDLIBS!$SSHDLIBS$ac_delim
156 KRB5CONF!$KRB5CONF$ac_delim
157 PRIVSEP_PATH!$PRIVSEP_PATH$ac_delim
158 xauth_path!$xauth_path$ac_delim
159@@ -31496,7 +31610,7 @@
160 LTLIBOBJS!$LTLIBOBJS$ac_delim
161 _ACEOF
162
163- if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 20; then
164+ if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 21; then
165 break
166 elif $ac_last_try; then
167 { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
168@@ -31993,6 +32107,9 @@
169 if test ! -z "${SSHDLIBS}"; then
170 echo " +for sshd: ${SSHDLIBS}"
171 fi
172+if test ! -z "${SSHLIBS}"; then
173+echo " +for ssh: ${SSHLIBS}"
174+fi
175
176 echo ""
177
178Index: b/openbsd-compat/port-linux.c
179===================================================================
180--- a/openbsd-compat/port-linux.c
181+++ b/openbsd-compat/port-linux.c
182@@ -222,6 +222,20 @@
183 xfree(oldctx);
184 xfree(newctx);
185 }
186+
187+void
188+ssh_selinux_setfscreatecon(const char *path)
189+{
190+ security_context_t context;
191+
192+ if (path == NULL) {
193+ setfscreatecon(NULL);
194+ return;
195+ }
196+ matchpathcon(path, 0700, &context);
197+ setfscreatecon(context);
198+}
199+
200 #endif /* WITH_SELINUX */
201
202 #ifdef LINUX_OOM_ADJUST
203Index: b/openbsd-compat/port-linux.h
204===================================================================
205--- a/openbsd-compat/port-linux.h
206+++ b/openbsd-compat/port-linux.h
207@@ -24,6 +24,7 @@
208 void ssh_selinux_setup_pty(char *, const char *);
209 void ssh_selinux_setup_exec_context(char *);
210 void ssh_selinux_change_context(const char *);
211+void ssh_selinux_setfscreatecon(const char *);
212 #endif
213
214 #ifdef LINUX_OOM_ADJUST
215Index: b/ssh.c
216===================================================================
217--- a/ssh.c
218+++ b/ssh.c
219@@ -852,15 +852,12 @@
220 strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR);
221 if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) {
222 #ifdef WITH_SELINUX
223- char *scon;
224-
225- matchpathcon(buf, 0700, &scon);
226- setfscreatecon(scon);
227+ ssh_selinux_setfscreatecon(buf);
228 #endif
229 if (mkdir(buf, 0700) < 0)
230 error("Could not create directory '%.200s'.", buf);
231 #ifdef WITH_SELINUX
232- setfscreatecon(NULL);
233+ ssh_selinux_setfscreatecon(NULL);
234 #endif
235 }
236 /* load options.identity_files */
diff --git a/debian/patches/series b/debian/patches/series
index 751a9868c..a3431201e 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -36,6 +36,9 @@ openbsd-docs.patch
36ssh-argv0.patch 36ssh-argv0.patch
37doc-hash-tab-completion.patch 37doc-hash-tab-completion.patch
38 38
39# Upstream backports
40selinux-build-failure.patch
41
39# Debian-specific configuration 42# Debian-specific configuration
40gnome-ssh-askpass2-icon.patch 43gnome-ssh-askpass2-icon.patch
41debian-config.patch 44debian-config.patch