summaryrefslogtreecommitdiff
path: root/openbsd-compat/port-linux.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2011-09-06 14:56:29 +0100
committerColin Watson <cjwatson@debian.org>2011-09-06 14:56:29 +0100
commit978e62d6f14c60747bddef2cc72d66a9c8b83b54 (patch)
tree89400a44e42d84937deba7864e4964d6c7734da5 /openbsd-compat/port-linux.c
parent87c685b8c6a49814fd782288097b3093f975aa72 (diff)
parent3a7e89697ca363de0f64e0d5704c57219294e41c (diff)
* New upstream release (http://www.openssh.org/txt/release-5.9).
- Introduce sandboxing of the pre-auth privsep child using an optional sshd_config(5) "UsePrivilegeSeparation=sandbox" mode that enables mandatory restrictions on the syscalls the privsep child can perform. - Add new SHA256-based HMAC transport integrity modes from http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt. - The pre-authentication sshd(8) privilege separation slave process now logs via a socket shared with the master process, avoiding the need to maintain /dev/log inside the chroot (closes: #75043, #429243, #599240). - ssh(1) now warns when a server refuses X11 forwarding (closes: #504757). - sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths, separated by whitespace (closes: #76312). The authorized_keys2 fallback is deprecated but documented (closes: #560156). - ssh(1) and sshd(8): set IPv6 traffic class from IPQoS, as well as IPv4 ToS/DSCP (closes: #498297). - ssh-add(1) now accepts keys piped from standard input. E.g. "ssh-add - < /path/to/key" (closes: #229124). - Clean up lost-passphrase text in ssh-keygen(1) (closes: #444691). - Say "required" rather than "recommended" in unprotected-private-key warning (LP: #663455).
Diffstat (limited to 'openbsd-compat/port-linux.c')
-rw-r--r--openbsd-compat/port-linux.c24
1 files changed, 19 insertions, 5 deletions
diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c
index dc8b1fa55..ef91e4446 100644
--- a/openbsd-compat/port-linux.c
+++ b/openbsd-compat/port-linux.c
@@ -1,4 +1,4 @@
1/* $Id: port-linux.c,v 1.11.4.2 2011/02/04 00:43:08 djm Exp $ */ 1/* $Id: port-linux.c,v 1.16 2011/08/29 06:09:57 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com> 4 * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com>
@@ -44,6 +44,10 @@
44#include <selinux/flask.h> 44#include <selinux/flask.h>
45#include <selinux/get_context_list.h> 45#include <selinux/get_context_list.h>
46 46
47#ifndef SSH_SELINUX_UNCONFINED_TYPE
48# define SSH_SELINUX_UNCONFINED_TYPE ":unconfined_t:"
49#endif
50
47/* Wrapper around is_selinux_enabled() to log its return value once only */ 51/* Wrapper around is_selinux_enabled() to log its return value once only */
48int 52int
49ssh_selinux_enabled(void) 53ssh_selinux_enabled(void)
@@ -190,12 +194,13 @@ ssh_selinux_change_context(const char *newname)
190{ 194{
191 int len, newlen; 195 int len, newlen;
192 char *oldctx, *newctx, *cx; 196 char *oldctx, *newctx, *cx;
197 void (*switchlog) (const char *fmt,...) = logit;
193 198
194 if (!ssh_selinux_enabled()) 199 if (!ssh_selinux_enabled())
195 return; 200 return;
196 201
197 if (getcon((security_context_t *)&oldctx) < 0) { 202 if (getcon((security_context_t *)&oldctx) < 0) {
198 logit("%s: getcon failed with %s", __func__, strerror (errno)); 203 logit("%s: getcon failed with %s", __func__, strerror(errno));
199 return; 204 return;
200 } 205 }
201 if ((cx = index(oldctx, ':')) == NULL || (cx = index(cx + 1, ':')) == 206 if ((cx = index(oldctx, ':')) == NULL || (cx = index(cx + 1, ':')) ==
@@ -204,6 +209,14 @@ ssh_selinux_change_context(const char *newname)
204 return; 209 return;
205 } 210 }
206 211
212 /*
213 * Check whether we are attempting to switch away from an unconfined
214 * security context.
215 */
216 if (strncmp(cx, SSH_SELINUX_UNCONFINED_TYPE,
217 sizeof(SSH_SELINUX_UNCONFINED_TYPE) - 1) == 0)
218 switchlog = debug3;
219
207 newlen = strlen(oldctx) + strlen(newname) + 1; 220 newlen = strlen(oldctx) + strlen(newname) + 1;
208 newctx = xmalloc(newlen); 221 newctx = xmalloc(newlen);
209 len = cx - oldctx + 1; 222 len = cx - oldctx + 1;
@@ -211,10 +224,11 @@ ssh_selinux_change_context(const char *newname)
211 strlcpy(newctx + len, newname, newlen - len); 224 strlcpy(newctx + len, newname, newlen - len);
212 if ((cx = index(cx + 1, ':'))) 225 if ((cx = index(cx + 1, ':')))
213 strlcat(newctx, cx, newlen); 226 strlcat(newctx, cx, newlen);
214 debug3("%s: setting context from '%s' to '%s'", __func__, oldctx, 227 debug3("%s: setting context from '%s' to '%s'", __func__,
215 newctx); 228 oldctx, newctx);
216 if (setcon(newctx) < 0) 229 if (setcon(newctx) < 0)
217 logit("%s: setcon failed with %s", __func__, strerror (errno)); 230 switchlog("%s: setcon %s from %s failed with %s", __func__,
231 newctx, oldctx, strerror(errno));
218 xfree(oldctx); 232 xfree(oldctx);
219 xfree(newctx); 233 xfree(newctx);
220} 234}