summaryrefslogtreecommitdiff
path: root/debian/patches/selinux-role.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/selinux-role.patch')
-rw-r--r--debian/patches/selinux-role.patch34
1 files changed, 17 insertions, 17 deletions
diff --git a/debian/patches/selinux-role.patch b/debian/patches/selinux-role.patch
index b0088c104..3161999a9 100644
--- a/debian/patches/selinux-role.patch
+++ b/debian/patches/selinux-role.patch
@@ -1,4 +1,4 @@
1From 8641a3f57e67e087b4500beb9916e06c4d0ba94c Mon Sep 17 00:00:00 2001 1From c574865182e2c5dfa183b577f49ac602d16df5c0 Mon Sep 17 00:00:00 2001
2From: Manoj Srivastava <srivasta@debian.org> 2From: Manoj Srivastava <srivasta@debian.org>
3Date: Sun, 9 Feb 2014 16:09:49 +0000 3Date: Sun, 9 Feb 2014 16:09:49 +0000
4Subject: Handle SELinux authorisation roles 4Subject: Handle SELinux authorisation roles
@@ -9,7 +9,7 @@ SELinux maintainer, so we'll keep it until we have something better.
9 9
10Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641 10Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641
11Bug-Debian: http://bugs.debian.org/394795 11Bug-Debian: http://bugs.debian.org/394795
12Last-Update: 2020-02-21 12Last-Update: 2020-10-18
13 13
14Patch-Name: selinux-role.patch 14Patch-Name: selinux-role.patch
15--- 15---
@@ -43,7 +43,7 @@ index becc672b5..5da9fe75f 100644
43 /* Method lists for multiple authentication */ 43 /* Method lists for multiple authentication */
44 char **auth_methods; /* modified from server config */ 44 char **auth_methods; /* modified from server config */
45diff --git a/auth2.c b/auth2.c 45diff --git a/auth2.c b/auth2.c
46index a4a5e0069..05d6c2447 100644 46index 9fa1404b3..d8363bdba 100644
47--- a/auth2.c 47--- a/auth2.c
48+++ b/auth2.c 48+++ b/auth2.c
49@@ -265,7 +265,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh) 49@@ -265,7 +265,7 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
@@ -81,7 +81,7 @@ index a4a5e0069..05d6c2447 100644
81 if (auth2_setup_methods_lists(authctxt) != 0) 81 if (auth2_setup_methods_lists(authctxt) != 0)
82 ssh_packet_disconnect(ssh, 82 ssh_packet_disconnect(ssh,
83diff --git a/monitor.c b/monitor.c 83diff --git a/monitor.c b/monitor.c
84index 5347e900d..8002aca86 100644 84index 11868952b..98362948f 100644
85--- a/monitor.c 85--- a/monitor.c
86+++ b/monitor.c 86+++ b/monitor.c
87@@ -118,6 +118,7 @@ int mm_answer_sign(struct ssh *, int, struct sshbuf *); 87@@ -118,6 +118,7 @@ int mm_answer_sign(struct ssh *, int, struct sshbuf *);
@@ -154,7 +154,7 @@ index 5347e900d..8002aca86 100644
154 return (0); 154 return (0);
155 } 155 }
156 156
157@@ -1553,7 +1582,7 @@ mm_answer_pty(struct ssh *ssh, int sock, struct sshbuf *m) 157@@ -1566,7 +1595,7 @@ mm_answer_pty(struct ssh *ssh, int sock, struct sshbuf *m)
158 res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty)); 158 res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty));
159 if (res == 0) 159 if (res == 0)
160 goto error; 160 goto error;
@@ -177,7 +177,7 @@ index 2b1a2d590..4d87284aa 100644
177 177
178 struct ssh; 178 struct ssh;
179diff --git a/monitor_wrap.c b/monitor_wrap.c 179diff --git a/monitor_wrap.c b/monitor_wrap.c
180index 6edb509a3..b49c268d3 100644 180index 0e78cd006..d41d3949d 100644
181--- a/monitor_wrap.c 181--- a/monitor_wrap.c
182+++ b/monitor_wrap.c 182+++ b/monitor_wrap.c
183@@ -364,10 +364,10 @@ mm_auth2_read_banner(void) 183@@ -364,10 +364,10 @@ mm_auth2_read_banner(void)
@@ -231,13 +231,13 @@ index 6edb509a3..b49c268d3 100644
231 int 231 int
232 mm_auth_password(struct ssh *ssh, char *password) 232 mm_auth_password(struct ssh *ssh, char *password)
233diff --git a/monitor_wrap.h b/monitor_wrap.h 233diff --git a/monitor_wrap.h b/monitor_wrap.h
234index 485590c18..370b08e17 100644 234index 75aef1c74..c39e5dd8b 100644
235--- a/monitor_wrap.h 235--- a/monitor_wrap.h
236+++ b/monitor_wrap.h 236+++ b/monitor_wrap.h
237@@ -47,7 +47,8 @@ DH *mm_choose_dh(int, int, int); 237@@ -48,7 +48,8 @@ DH *mm_choose_dh(int, int, int);
238 #endif
239 int mm_sshkey_sign(struct ssh *, struct sshkey *, u_char **, size_t *, 238 int mm_sshkey_sign(struct ssh *, struct sshkey *, u_char **, size_t *,
240 const u_char *, size_t, const char *, const char *, u_int compat); 239 const u_char *, size_t, const char *, const char *,
240 const char *, u_int compat);
241-void mm_inform_authserv(char *, char *); 241-void mm_inform_authserv(char *, char *);
242+void mm_inform_authserv(char *, char *, char *); 242+void mm_inform_authserv(char *, char *, char *);
243+void mm_inform_authrole(char *); 243+void mm_inform_authrole(char *);
@@ -363,10 +363,10 @@ index ea4f9c584..60d72ffe7 100644
363 char *platform_krb5_get_principal_name(const char *); 363 char *platform_krb5_get_principal_name(const char *);
364 int platform_sys_dir_uid(uid_t); 364 int platform_sys_dir_uid(uid_t);
365diff --git a/session.c b/session.c 365diff --git a/session.c b/session.c
366index f9c2c866e..837a8bacf 100644 366index 857f17b3c..b1796a803 100644
367--- a/session.c 367--- a/session.c
368+++ b/session.c 368+++ b/session.c
369@@ -1360,7 +1360,7 @@ safely_chroot(const char *path, uid_t uid) 369@@ -1364,7 +1364,7 @@ safely_chroot(const char *path, uid_t uid)
370 370
371 /* Set login name, uid, gid, and groups. */ 371 /* Set login name, uid, gid, and groups. */
372 void 372 void
@@ -375,7 +375,7 @@ index f9c2c866e..837a8bacf 100644
375 { 375 {
376 char uidstr[32], *chroot_path, *tmp; 376 char uidstr[32], *chroot_path, *tmp;
377 377
378@@ -1388,7 +1388,7 @@ do_setusercontext(struct passwd *pw) 378@@ -1392,7 +1392,7 @@ do_setusercontext(struct passwd *pw)
379 endgrent(); 379 endgrent();
380 #endif 380 #endif
381 381
@@ -384,7 +384,7 @@ index f9c2c866e..837a8bacf 100644
384 384
385 if (!in_chroot && options.chroot_directory != NULL && 385 if (!in_chroot && options.chroot_directory != NULL &&
386 strcasecmp(options.chroot_directory, "none") != 0) { 386 strcasecmp(options.chroot_directory, "none") != 0) {
387@@ -1529,7 +1529,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) 387@@ -1536,7 +1536,7 @@ do_child(struct ssh *ssh, Session *s, const char *command)
388 388
389 /* Force a password change */ 389 /* Force a password change */
390 if (s->authctxt->force_pwchange) { 390 if (s->authctxt->force_pwchange) {
@@ -393,7 +393,7 @@ index f9c2c866e..837a8bacf 100644
393 child_close_fds(ssh); 393 child_close_fds(ssh);
394 do_pwchange(s); 394 do_pwchange(s);
395 exit(1); 395 exit(1);
396@@ -1547,7 +1547,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) 396@@ -1554,7 +1554,7 @@ do_child(struct ssh *ssh, Session *s, const char *command)
397 /* When PAM is enabled we rely on it to do the nologin check */ 397 /* When PAM is enabled we rely on it to do the nologin check */
398 if (!options.use_pam) 398 if (!options.use_pam)
399 do_nologin(pw); 399 do_nologin(pw);
@@ -402,7 +402,7 @@ index f9c2c866e..837a8bacf 100644
402 /* 402 /*
403 * PAM session modules in do_setusercontext may have 403 * PAM session modules in do_setusercontext may have
404 * generated messages, so if this in an interactive 404 * generated messages, so if this in an interactive
405@@ -1946,7 +1946,7 @@ session_pty_req(struct ssh *ssh, Session *s) 405@@ -1953,7 +1953,7 @@ session_pty_req(struct ssh *ssh, Session *s)
406 sshpkt_fatal(ssh, r, "%s: parse packet", __func__); 406 sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
407 407
408 if (!use_privsep) 408 if (!use_privsep)
@@ -425,7 +425,7 @@ index ce59dabd9..675c91146 100644
425 const char *session_get_remote_name_or_ip(struct ssh *, u_int, int); 425 const char *session_get_remote_name_or_ip(struct ssh *, u_int, int);
426 426
427diff --git a/sshd.c b/sshd.c 427diff --git a/sshd.c b/sshd.c
428index e96d90809..e8b332ca4 100644 428index a50ec3584..38d281ab4 100644
429--- a/sshd.c 429--- a/sshd.c
430+++ b/sshd.c 430+++ b/sshd.c
431@@ -594,7 +594,7 @@ privsep_postauth(struct ssh *ssh, Authctxt *authctxt) 431@@ -594,7 +594,7 @@ privsep_postauth(struct ssh *ssh, Authctxt *authctxt)
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-19 20:29:13 +0000