Make the code build without SELinux and without Audit

This commit is contained in:
Jakub Jelen 2016-09-15 16:36:04 +02:00
parent 0a605f4d31
commit 739842b137
3 changed files with 11 additions and 5 deletions

View File

@ -131,7 +131,7 @@ diff -up openssh/auth2-hostbased.c.role-mls openssh/auth2-hostbased.c
diff -up openssh/auth2-pubkey.c.role-mls openssh/auth2-pubkey.c
--- openssh/auth2-pubkey.c.role-mls 2016-07-24 13:50:13.000000000 +0200
+++ openssh/auth2-pubkey.c 2016-07-26 12:37:48.794593332 +0200
@@ -151,9 +151,11 @@ userauth_pubkey(Authctxt *authctxt)
@@ -151,9 +151,15 @@ userauth_pubkey(Authctxt *authctxt)
}
/* reconstruct packet */
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
@ -140,8 +140,12 @@ diff -up openssh/auth2-pubkey.c.role-mls openssh/auth2-pubkey.c
authctxt->style ? ":" : "",
- authctxt->style ? authctxt->style : "");
+ authctxt->style ? authctxt->style : "",
+#ifdef WITH_SELINUX
+ authctxt->role ? "/" : "",
+ authctxt->role ? authctxt->role : "");
+#else
+ "", "");
+#endif
buffer_put_cstring(&b, userstyle);
free(userstyle);
buffer_put_cstring(&b,

View File

@ -1285,7 +1285,7 @@ diff -up openssh-7.3p1/monitor.c.audit openssh-7.3p1/monitor.c
while (waitpid(pmonitor->m_pid, &status, 0) == -1)
if (errno != EINTR)
exit(1);
@@ -1908,11 +1956,43 @@ mm_answer_audit_command(int socket, Buff
@@ -1908,11 +1956,45 @@ mm_answer_audit_command(int socket, Buff
{
u_int len;
char *cmd;
@ -1300,7 +1300,9 @@ diff -up openssh-7.3p1/monitor.c.audit openssh-7.3p1/monitor.c
+ if (s == NULL)
+ fatal("%s: error allocating a session", __func__);
+ s->command = cmd;
+#ifdef SSH_AUDIT_EVENTS
+ s->command_handle = audit_run_command(cmd);
+#endif
+
+ buffer_clear(m);
+ buffer_put_int(m, s->self);
@ -1875,11 +1877,13 @@ diff -up openssh-7.3p1/session.c.audit openssh-7.3p1/session.c
/* Force a password change */
if (s->authctxt->force_pwchange) {
@@ -1986,6 +2001,7 @@ session_unused(int id)
@@ -1986,6 +2001,9 @@ session_unused(int id)
sessions[id].ttyfd = -1;
sessions[id].ptymaster = -1;
sessions[id].x11_chanids = NULL;
+#ifdef SSH_AUDIT_EVENTS
+ sessions[id].command_handle = -1;
+#endif
sessions[id].next_unused = sessions_first_unused;
sessions_first_unused = id;
}

View File

@ -404,10 +404,8 @@ rm -f $(cat %{SOURCE5})
popd
%endif
%if %{WITH_SELINUX}
%patch400 -p1 -b .role-mls
%patch404 -p1 -b .privsep-selinux
%endif
%if %{ldap}
%patch501 -p1 -b .ldap