summaryrefslogtreecommitdiff
path: root/openbsd-compat
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2011-09-06 09:45:52 +0100
committerColin Watson <cjwatson@debian.org>2011-09-06 09:45:52 +0100
commitf38224d546cdde55f45c13d3d8225d273a3f920e (patch)
treea91a26b88ac90dc72d0ea3767feabb341eaa50a8 /openbsd-compat
parent338146a3fc257e216fe5c10fe40e6896b40d7739 (diff)
parente90790abaf031e037f444a6658e136e48577ea49 (diff)
merge 5.9p1
Diffstat (limited to 'openbsd-compat')
-rw-r--r--openbsd-compat/bsd-cygwin_util.c17
-rw-r--r--openbsd-compat/bsd-cygwin_util.h6
-rw-r--r--openbsd-compat/openssl-compat.c6
-rw-r--r--openbsd-compat/openssl-compat.h10
-rw-r--r--openbsd-compat/port-linux.c26
-rw-r--r--openbsd-compat/port-linux.h2
-rw-r--r--openbsd-compat/regress/closefromtest.c2
7 files changed, 34 insertions, 35 deletions
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c
index e9fa3a0e2..9eedc88d2 100644
--- a/openbsd-compat/bsd-cygwin_util.c
+++ b/openbsd-compat/bsd-cygwin_util.c
@@ -1,5 +1,5 @@
1/* 1/*
2 * Copyright (c) 2000, 2001, Corinna Vinschen <vinschen@cygnus.com> 2 * Copyright (c) 2000, 2001, 2011 Corinna Vinschen <vinschen@redhat.com>
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
@@ -34,9 +34,6 @@
34#if defined(open) && open == binary_open 34#if defined(open) && open == binary_open
35# undef open 35# undef open
36#endif 36#endif
37#if defined(pipe) && open == binary_pipe
38# undef pipe
39#endif
40 37
41#include <sys/types.h> 38#include <sys/types.h>
42 39
@@ -59,18 +56,6 @@ binary_open(const char *filename, int flags, ...)
59 return (open(filename, flags | O_BINARY, mode)); 56 return (open(filename, flags | O_BINARY, mode));
60} 57}
61 58
62int
63binary_pipe(int fd[2])
64{
65 int ret = pipe(fd);
66
67 if (!ret) {
68 setmode(fd[0], O_BINARY);
69 setmode(fd[1], O_BINARY);
70 }
71 return (ret);
72}
73
74int 59int
75check_ntsec(const char *filename) 60check_ntsec(const char *filename)
76{ 61{
diff --git a/openbsd-compat/bsd-cygwin_util.h b/openbsd-compat/bsd-cygwin_util.h
index 39b8eb788..48f64b740 100644
--- a/openbsd-compat/bsd-cygwin_util.h
+++ b/openbsd-compat/bsd-cygwin_util.h
@@ -1,7 +1,7 @@
1/* $Id: bsd-cygwin_util.h,v 1.12 2009/03/08 00:40:28 dtucker Exp $ */ 1/* $Id: bsd-cygwin_util.h,v 1.13 2011/08/17 01:31:09 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001, Corinna Vinschen <vinschen@cygnus.com> 4 * Copyright (c) 2000, 2001, 2011 Corinna Vinschen <vinschen@redhat.com>
5 * 5 *
6 * Redistribution and use in source and binary forms, with or without 6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions 7 * modification, are permitted provided that the following conditions
@@ -41,13 +41,11 @@
41#include <io.h> 41#include <io.h>
42 42
43int binary_open(const char *, int , ...); 43int binary_open(const char *, int , ...);
44int binary_pipe(int fd[2]);
45int check_ntsec(const char *); 44int check_ntsec(const char *);
46char **fetch_windows_environment(void); 45char **fetch_windows_environment(void);
47void free_windows_environment(char **); 46void free_windows_environment(char **);
48 47
49#define open binary_open 48#define open binary_open
50#define pipe binary_pipe
51 49
52#endif /* HAVE_CYGWIN */ 50#endif /* HAVE_CYGWIN */
53 51
diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c
index b617fdf19..5189cab61 100644
--- a/openbsd-compat/openssl-compat.c
+++ b/openbsd-compat/openssl-compat.c
@@ -1,4 +1,4 @@
1/* $Id: openssl-compat.c,v 1.13 2011/01/21 22:37:06 dtucker Exp $ */ 1/* $Id: openssl-compat.c,v 1.14 2011/05/10 01:13:38 dtucker Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> 4 * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@@ -134,9 +134,9 @@ RSA_get_default_method(void)
134 134
135#ifdef USE_OPENSSL_ENGINE 135#ifdef USE_OPENSSL_ENGINE
136void 136void
137ssh_SSLeay_add_all_algorithms(void) 137ssh_OpenSSL_add_all_algorithms(void)
138{ 138{
139 SSLeay_add_all_algorithms(); 139 OpenSSL_add_all_algorithms();
140 140
141 /* Enable use of crypto hardware */ 141 /* Enable use of crypto hardware */
142 ENGINE_load_builtin_engines(); 142 ENGINE_load_builtin_engines();
diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h
index 6d4f3f215..c5fc24eb4 100644
--- a/openbsd-compat/openssl-compat.h
+++ b/openbsd-compat/openssl-compat.h
@@ -1,4 +1,4 @@
1/* $Id: openssl-compat.h,v 1.18 2011/01/21 22:37:06 dtucker Exp $ */ 1/* $Id: openssl-compat.h,v 1.19 2011/05/10 01:13:38 dtucker Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> 4 * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@@ -106,10 +106,10 @@ RSA_METHOD *RSA_get_default_method(void);
106# endif 106# endif
107 107
108# ifdef USE_OPENSSL_ENGINE 108# ifdef USE_OPENSSL_ENGINE
109# ifdef SSLeay_add_all_algorithms 109# ifdef OpenSSL_add_all_algorithms
110# undef SSLeay_add_all_algorithms 110# undef OpenSSL_add_all_algorithms
111# endif 111# endif
112# define SSLeay_add_all_algorithms() ssh_SSLeay_add_all_algorithms() 112# define OpenSSL_add_all_algorithms() ssh_OpenSSL_add_all_algorithms()
113# endif 113# endif
114 114
115# ifndef HAVE_BN_IS_PRIME_EX 115# ifndef HAVE_BN_IS_PRIME_EX
@@ -129,6 +129,6 @@ int ssh_EVP_CipherInit(EVP_CIPHER_CTX *, const EVP_CIPHER *, unsigned char *,
129 unsigned char *, int); 129 unsigned char *, int);
130int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int); 130int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int);
131int ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *); 131int ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *);
132void ssh_SSLeay_add_all_algorithms(void); 132void ssh_OpenSSL_add_all_algorithms(void);
133#endif /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */ 133#endif /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */
134 134
diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c
index ede533fdd..ea8dff40f 100644
--- a/openbsd-compat/port-linux.c
+++ b/openbsd-compat/port-linux.c
@@ -1,4 +1,4 @@
1/* $Id: port-linux.c,v 1.11.4.2 2011/02/04 00:43:08 djm Exp $ */ 1/* $Id: port-linux.c,v 1.16 2011/08/29 06:09:57 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com> 4 * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com>
@@ -38,6 +38,10 @@
38#include <selinux/flask.h> 38#include <selinux/flask.h>
39#include <selinux/get_context_list.h> 39#include <selinux/get_context_list.h>
40 40
41#ifndef SSH_SELINUX_UNCONFINED_TYPE
42# define SSH_SELINUX_UNCONFINED_TYPE ":unconfined_t:"
43#endif
44
41/* Wrapper around is_selinux_enabled() to log its return value once only */ 45/* Wrapper around is_selinux_enabled() to log its return value once only */
42int 46int
43ssh_selinux_enabled(void) 47ssh_selinux_enabled(void)
@@ -177,12 +181,13 @@ ssh_selinux_change_context(const char *newname)
177{ 181{
178 int len, newlen; 182 int len, newlen;
179 char *oldctx, *newctx, *cx; 183 char *oldctx, *newctx, *cx;
184 void (*switchlog) (const char *fmt,...) = logit;
180 185
181 if (!ssh_selinux_enabled()) 186 if (!ssh_selinux_enabled())
182 return; 187 return;
183 188
184 if (getcon((security_context_t *)&oldctx) < 0) { 189 if (getcon((security_context_t *)&oldctx) < 0) {
185 logit("%s: getcon failed with %s", __func__, strerror (errno)); 190 logit("%s: getcon failed with %s", __func__, strerror(errno));
186 return; 191 return;
187 } 192 }
188 if ((cx = index(oldctx, ':')) == NULL || (cx = index(cx + 1, ':')) == 193 if ((cx = index(oldctx, ':')) == NULL || (cx = index(cx + 1, ':')) ==
@@ -191,6 +196,14 @@ ssh_selinux_change_context(const char *newname)
191 return; 196 return;
192 } 197 }
193 198
199 /*
200 * Check whether we are attempting to switch away from an unconfined
201 * security context.
202 */
203 if (strncmp(cx, SSH_SELINUX_UNCONFINED_TYPE,
204 sizeof(SSH_SELINUX_UNCONFINED_TYPE) - 1) == 0)
205 switchlog = debug3;
206
194 newlen = strlen(oldctx) + strlen(newname) + 1; 207 newlen = strlen(oldctx) + strlen(newname) + 1;
195 newctx = xmalloc(newlen); 208 newctx = xmalloc(newlen);
196 len = cx - oldctx + 1; 209 len = cx - oldctx + 1;
@@ -198,10 +211,11 @@ ssh_selinux_change_context(const char *newname)
198 strlcpy(newctx + len, newname, newlen - len); 211 strlcpy(newctx + len, newname, newlen - len);
199 if ((cx = index(cx + 1, ':'))) 212 if ((cx = index(cx + 1, ':')))
200 strlcat(newctx, cx, newlen); 213 strlcat(newctx, cx, newlen);
201 debug3("%s: setting context from '%s' to '%s'", __func__, oldctx, 214 debug3("%s: setting context from '%s' to '%s'", __func__,
202 newctx); 215 oldctx, newctx);
203 if (setcon(newctx) < 0) 216 if (setcon(newctx) < 0)
204 logit("%s: setcon failed with %s", __func__, strerror (errno)); 217 switchlog("%s: setcon %s from %s failed with %s", __func__,
218 newctx, oldctx, strerror(errno));
205 xfree(oldctx); 219 xfree(oldctx);
206 xfree(newctx); 220 xfree(newctx);
207} 221}
@@ -213,7 +227,7 @@ ssh_selinux_setfscreatecon(const char *path)
213 227
214 if (!ssh_selinux_enabled()) 228 if (!ssh_selinux_enabled())
215 return; 229 return;
216 if (path == NULL) 230 if (path == NULL) {
217 setfscreatecon(NULL); 231 setfscreatecon(NULL);
218 return; 232 return;
219 } 233 }
diff --git a/openbsd-compat/port-linux.h b/openbsd-compat/port-linux.h
index c2f618400..e3d1004aa 100644
--- a/openbsd-compat/port-linux.h
+++ b/openbsd-compat/port-linux.h
@@ -1,4 +1,4 @@
1/* $Id: port-linux.h,v 1.4.10.1 2011/02/04 00:42:21 djm Exp $ */ 1/* $Id: port-linux.h,v 1.5 2011/01/25 01:16:18 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2006 Damien Miller <djm@openbsd.org> 4 * Copyright (c) 2006 Damien Miller <djm@openbsd.org>
diff --git a/openbsd-compat/regress/closefromtest.c b/openbsd-compat/regress/closefromtest.c
index 145b09d7b..82ffeb9a7 100644
--- a/openbsd-compat/regress/closefromtest.c
+++ b/openbsd-compat/regress/closefromtest.c
@@ -24,6 +24,8 @@
24 24
25#define NUM_OPENS 10 25#define NUM_OPENS 10
26 26
27int closefrom(int);
28
27void 29void
28fail(char *msg) 30fail(char *msg)
29{ 31{