diff options
author | Colin Watson <cjwatson@debian.org> | 2011-09-06 09:45:52 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2011-09-06 09:45:52 +0100 |
commit | f38224d546cdde55f45c13d3d8225d273a3f920e (patch) | |
tree | a91a26b88ac90dc72d0ea3767feabb341eaa50a8 /openbsd-compat | |
parent | 338146a3fc257e216fe5c10fe40e6896b40d7739 (diff) | |
parent | e90790abaf031e037f444a6658e136e48577ea49 (diff) |
merge 5.9p1
Diffstat (limited to 'openbsd-compat')
-rw-r--r-- | openbsd-compat/bsd-cygwin_util.c | 17 | ||||
-rw-r--r-- | openbsd-compat/bsd-cygwin_util.h | 6 | ||||
-rw-r--r-- | openbsd-compat/openssl-compat.c | 6 | ||||
-rw-r--r-- | openbsd-compat/openssl-compat.h | 10 | ||||
-rw-r--r-- | openbsd-compat/port-linux.c | 26 | ||||
-rw-r--r-- | openbsd-compat/port-linux.h | 2 | ||||
-rw-r--r-- | openbsd-compat/regress/closefromtest.c | 2 |
7 files changed, 34 insertions, 35 deletions
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c index e9fa3a0e2..9eedc88d2 100644 --- a/openbsd-compat/bsd-cygwin_util.c +++ b/openbsd-compat/bsd-cygwin_util.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (c) 2000, 2001, Corinna Vinschen <vinschen@cygnus.com> | 2 | * Copyright (c) 2000, 2001, 2011 Corinna Vinschen <vinschen@redhat.com> |
3 | * | 3 | * |
4 | * Redistribution and use in source and binary forms, with or without | 4 | * Redistribution and use in source and binary forms, with or without |
5 | * modification, are permitted provided that the following conditions | 5 | * modification, are permitted provided that the following conditions |
@@ -34,9 +34,6 @@ | |||
34 | #if defined(open) && open == binary_open | 34 | #if defined(open) && open == binary_open |
35 | # undef open | 35 | # undef open |
36 | #endif | 36 | #endif |
37 | #if defined(pipe) && open == binary_pipe | ||
38 | # undef pipe | ||
39 | #endif | ||
40 | 37 | ||
41 | #include <sys/types.h> | 38 | #include <sys/types.h> |
42 | 39 | ||
@@ -59,18 +56,6 @@ binary_open(const char *filename, int flags, ...) | |||
59 | return (open(filename, flags | O_BINARY, mode)); | 56 | return (open(filename, flags | O_BINARY, mode)); |
60 | } | 57 | } |
61 | 58 | ||
62 | int | ||
63 | binary_pipe(int fd[2]) | ||
64 | { | ||
65 | int ret = pipe(fd); | ||
66 | |||
67 | if (!ret) { | ||
68 | setmode(fd[0], O_BINARY); | ||
69 | setmode(fd[1], O_BINARY); | ||
70 | } | ||
71 | return (ret); | ||
72 | } | ||
73 | |||
74 | int | 59 | int |
75 | check_ntsec(const char *filename) | 60 | check_ntsec(const char *filename) |
76 | { | 61 | { |
diff --git a/openbsd-compat/bsd-cygwin_util.h b/openbsd-compat/bsd-cygwin_util.h index 39b8eb788..48f64b740 100644 --- a/openbsd-compat/bsd-cygwin_util.h +++ b/openbsd-compat/bsd-cygwin_util.h | |||
@@ -1,7 +1,7 @@ | |||
1 | /* $Id: bsd-cygwin_util.h,v 1.12 2009/03/08 00:40:28 dtucker Exp $ */ | 1 | /* $Id: bsd-cygwin_util.h,v 1.13 2011/08/17 01:31:09 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001, Corinna Vinschen <vinschen@cygnus.com> | 4 | * Copyright (c) 2000, 2001, 2011 Corinna Vinschen <vinschen@redhat.com> |
5 | * | 5 | * |
6 | * Redistribution and use in source and binary forms, with or without | 6 | * Redistribution and use in source and binary forms, with or without |
7 | * modification, are permitted provided that the following conditions | 7 | * modification, are permitted provided that the following conditions |
@@ -41,13 +41,11 @@ | |||
41 | #include <io.h> | 41 | #include <io.h> |
42 | 42 | ||
43 | int binary_open(const char *, int , ...); | 43 | int binary_open(const char *, int , ...); |
44 | int binary_pipe(int fd[2]); | ||
45 | int check_ntsec(const char *); | 44 | int check_ntsec(const char *); |
46 | char **fetch_windows_environment(void); | 45 | char **fetch_windows_environment(void); |
47 | void free_windows_environment(char **); | 46 | void free_windows_environment(char **); |
48 | 47 | ||
49 | #define open binary_open | 48 | #define open binary_open |
50 | #define pipe binary_pipe | ||
51 | 49 | ||
52 | #endif /* HAVE_CYGWIN */ | 50 | #endif /* HAVE_CYGWIN */ |
53 | 51 | ||
diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c index b617fdf19..5189cab61 100644 --- a/openbsd-compat/openssl-compat.c +++ b/openbsd-compat/openssl-compat.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: openssl-compat.c,v 1.13 2011/01/21 22:37:06 dtucker Exp $ */ | 1 | /* $Id: openssl-compat.c,v 1.14 2011/05/10 01:13:38 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> | 4 | * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> |
@@ -134,9 +134,9 @@ RSA_get_default_method(void) | |||
134 | 134 | ||
135 | #ifdef USE_OPENSSL_ENGINE | 135 | #ifdef USE_OPENSSL_ENGINE |
136 | void | 136 | void |
137 | ssh_SSLeay_add_all_algorithms(void) | 137 | ssh_OpenSSL_add_all_algorithms(void) |
138 | { | 138 | { |
139 | SSLeay_add_all_algorithms(); | 139 | OpenSSL_add_all_algorithms(); |
140 | 140 | ||
141 | /* Enable use of crypto hardware */ | 141 | /* Enable use of crypto hardware */ |
142 | ENGINE_load_builtin_engines(); | 142 | ENGINE_load_builtin_engines(); |
diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h index 6d4f3f215..c5fc24eb4 100644 --- a/openbsd-compat/openssl-compat.h +++ b/openbsd-compat/openssl-compat.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: openssl-compat.h,v 1.18 2011/01/21 22:37:06 dtucker Exp $ */ | 1 | /* $Id: openssl-compat.h,v 1.19 2011/05/10 01:13:38 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> | 4 | * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> |
@@ -106,10 +106,10 @@ RSA_METHOD *RSA_get_default_method(void); | |||
106 | # endif | 106 | # endif |
107 | 107 | ||
108 | # ifdef USE_OPENSSL_ENGINE | 108 | # ifdef USE_OPENSSL_ENGINE |
109 | # ifdef SSLeay_add_all_algorithms | 109 | # ifdef OpenSSL_add_all_algorithms |
110 | # undef SSLeay_add_all_algorithms | 110 | # undef OpenSSL_add_all_algorithms |
111 | # endif | 111 | # endif |
112 | # define SSLeay_add_all_algorithms() ssh_SSLeay_add_all_algorithms() | 112 | # define OpenSSL_add_all_algorithms() ssh_OpenSSL_add_all_algorithms() |
113 | # endif | 113 | # endif |
114 | 114 | ||
115 | # ifndef HAVE_BN_IS_PRIME_EX | 115 | # ifndef HAVE_BN_IS_PRIME_EX |
@@ -129,6 +129,6 @@ int ssh_EVP_CipherInit(EVP_CIPHER_CTX *, const EVP_CIPHER *, unsigned char *, | |||
129 | unsigned char *, int); | 129 | unsigned char *, int); |
130 | int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int); | 130 | int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int); |
131 | int ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *); | 131 | int ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *); |
132 | void ssh_SSLeay_add_all_algorithms(void); | 132 | void ssh_OpenSSL_add_all_algorithms(void); |
133 | #endif /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */ | 133 | #endif /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */ |
134 | 134 | ||
diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c index ede533fdd..ea8dff40f 100644 --- a/openbsd-compat/port-linux.c +++ b/openbsd-compat/port-linux.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: port-linux.c,v 1.11.4.2 2011/02/04 00:43:08 djm Exp $ */ | 1 | /* $Id: port-linux.c,v 1.16 2011/08/29 06:09:57 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com> | 4 | * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com> |
@@ -38,6 +38,10 @@ | |||
38 | #include <selinux/flask.h> | 38 | #include <selinux/flask.h> |
39 | #include <selinux/get_context_list.h> | 39 | #include <selinux/get_context_list.h> |
40 | 40 | ||
41 | #ifndef SSH_SELINUX_UNCONFINED_TYPE | ||
42 | # define SSH_SELINUX_UNCONFINED_TYPE ":unconfined_t:" | ||
43 | #endif | ||
44 | |||
41 | /* Wrapper around is_selinux_enabled() to log its return value once only */ | 45 | /* Wrapper around is_selinux_enabled() to log its return value once only */ |
42 | int | 46 | int |
43 | ssh_selinux_enabled(void) | 47 | ssh_selinux_enabled(void) |
@@ -177,12 +181,13 @@ ssh_selinux_change_context(const char *newname) | |||
177 | { | 181 | { |
178 | int len, newlen; | 182 | int len, newlen; |
179 | char *oldctx, *newctx, *cx; | 183 | char *oldctx, *newctx, *cx; |
184 | void (*switchlog) (const char *fmt,...) = logit; | ||
180 | 185 | ||
181 | if (!ssh_selinux_enabled()) | 186 | if (!ssh_selinux_enabled()) |
182 | return; | 187 | return; |
183 | 188 | ||
184 | if (getcon((security_context_t *)&oldctx) < 0) { | 189 | if (getcon((security_context_t *)&oldctx) < 0) { |
185 | logit("%s: getcon failed with %s", __func__, strerror (errno)); | 190 | logit("%s: getcon failed with %s", __func__, strerror(errno)); |
186 | return; | 191 | return; |
187 | } | 192 | } |
188 | if ((cx = index(oldctx, ':')) == NULL || (cx = index(cx + 1, ':')) == | 193 | if ((cx = index(oldctx, ':')) == NULL || (cx = index(cx + 1, ':')) == |
@@ -191,6 +196,14 @@ ssh_selinux_change_context(const char *newname) | |||
191 | return; | 196 | return; |
192 | } | 197 | } |
193 | 198 | ||
199 | /* | ||
200 | * Check whether we are attempting to switch away from an unconfined | ||
201 | * security context. | ||
202 | */ | ||
203 | if (strncmp(cx, SSH_SELINUX_UNCONFINED_TYPE, | ||
204 | sizeof(SSH_SELINUX_UNCONFINED_TYPE) - 1) == 0) | ||
205 | switchlog = debug3; | ||
206 | |||
194 | newlen = strlen(oldctx) + strlen(newname) + 1; | 207 | newlen = strlen(oldctx) + strlen(newname) + 1; |
195 | newctx = xmalloc(newlen); | 208 | newctx = xmalloc(newlen); |
196 | len = cx - oldctx + 1; | 209 | len = cx - oldctx + 1; |
@@ -198,10 +211,11 @@ ssh_selinux_change_context(const char *newname) | |||
198 | strlcpy(newctx + len, newname, newlen - len); | 211 | strlcpy(newctx + len, newname, newlen - len); |
199 | if ((cx = index(cx + 1, ':'))) | 212 | if ((cx = index(cx + 1, ':'))) |
200 | strlcat(newctx, cx, newlen); | 213 | strlcat(newctx, cx, newlen); |
201 | debug3("%s: setting context from '%s' to '%s'", __func__, oldctx, | 214 | debug3("%s: setting context from '%s' to '%s'", __func__, |
202 | newctx); | 215 | oldctx, newctx); |
203 | if (setcon(newctx) < 0) | 216 | if (setcon(newctx) < 0) |
204 | logit("%s: setcon failed with %s", __func__, strerror (errno)); | 217 | switchlog("%s: setcon %s from %s failed with %s", __func__, |
218 | newctx, oldctx, strerror(errno)); | ||
205 | xfree(oldctx); | 219 | xfree(oldctx); |
206 | xfree(newctx); | 220 | xfree(newctx); |
207 | } | 221 | } |
@@ -213,7 +227,7 @@ ssh_selinux_setfscreatecon(const char *path) | |||
213 | 227 | ||
214 | if (!ssh_selinux_enabled()) | 228 | if (!ssh_selinux_enabled()) |
215 | return; | 229 | return; |
216 | if (path == NULL) | 230 | if (path == NULL) { |
217 | setfscreatecon(NULL); | 231 | setfscreatecon(NULL); |
218 | return; | 232 | return; |
219 | } | 233 | } |
diff --git a/openbsd-compat/port-linux.h b/openbsd-compat/port-linux.h index c2f618400..e3d1004aa 100644 --- a/openbsd-compat/port-linux.h +++ b/openbsd-compat/port-linux.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: port-linux.h,v 1.4.10.1 2011/02/04 00:42:21 djm Exp $ */ | 1 | /* $Id: port-linux.h,v 1.5 2011/01/25 01:16:18 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2006 Damien Miller <djm@openbsd.org> | 4 | * Copyright (c) 2006 Damien Miller <djm@openbsd.org> |
diff --git a/openbsd-compat/regress/closefromtest.c b/openbsd-compat/regress/closefromtest.c index 145b09d7b..82ffeb9a7 100644 --- a/openbsd-compat/regress/closefromtest.c +++ b/openbsd-compat/regress/closefromtest.c | |||
@@ -24,6 +24,8 @@ | |||
24 | 24 | ||
25 | #define NUM_OPENS 10 | 25 | #define NUM_OPENS 10 |
26 | 26 | ||
27 | int closefrom(int); | ||
28 | |||
27 | void | 29 | void |
28 | fail(char *msg) | 30 | fail(char *msg) |
29 | { | 31 | { |