From 739842b1370ed2914fbbd5039e09eae76d4092b4 Mon Sep 17 00:00:00 2001 From: Jakub Jelen Date: Thu, 15 Sep 2016 16:36:04 +0200 Subject: [PATCH] Make the code build without SELinux and without Audit --- openssh-6.6p1-role-mls.patch | 6 +++++- openssh-7.2p1-audit.patch | 8 ++++++-- openssh.spec | 2 -- 3 files changed, 11 insertions(+), 5 deletions(-) diff --git a/openssh-6.6p1-role-mls.patch b/openssh-6.6p1-role-mls.patch index 8c9485e..76e6721 100644 --- a/openssh-6.6p1-role-mls.patch +++ b/openssh-6.6p1-role-mls.patch @@ -131,7 +131,7 @@ diff -up openssh/auth2-hostbased.c.role-mls openssh/auth2-hostbased.c diff -up openssh/auth2-pubkey.c.role-mls openssh/auth2-pubkey.c --- openssh/auth2-pubkey.c.role-mls 2016-07-24 13:50:13.000000000 +0200 +++ openssh/auth2-pubkey.c 2016-07-26 12:37:48.794593332 +0200 -@@ -151,9 +151,11 @@ userauth_pubkey(Authctxt *authctxt) +@@ -151,9 +151,15 @@ userauth_pubkey(Authctxt *authctxt) } /* reconstruct packet */ buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); @@ -140,8 +140,12 @@ diff -up openssh/auth2-pubkey.c.role-mls openssh/auth2-pubkey.c authctxt->style ? ":" : "", - authctxt->style ? authctxt->style : ""); + authctxt->style ? authctxt->style : "", ++#ifdef WITH_SELINUX + authctxt->role ? "/" : "", + authctxt->role ? authctxt->role : ""); ++#else ++ "", ""); ++#endif buffer_put_cstring(&b, userstyle); free(userstyle); buffer_put_cstring(&b, diff --git a/openssh-7.2p1-audit.patch b/openssh-7.2p1-audit.patch index 081671d..8654e95 100644 --- a/openssh-7.2p1-audit.patch +++ b/openssh-7.2p1-audit.patch @@ -1285,7 +1285,7 @@ diff -up openssh-7.3p1/monitor.c.audit openssh-7.3p1/monitor.c while (waitpid(pmonitor->m_pid, &status, 0) == -1) if (errno != EINTR) exit(1); -@@ -1908,11 +1956,43 @@ mm_answer_audit_command(int socket, Buff +@@ -1908,11 +1956,45 @@ mm_answer_audit_command(int socket, Buff { u_int len; char *cmd; @@ -1300,7 +1300,9 @@ diff -up openssh-7.3p1/monitor.c.audit openssh-7.3p1/monitor.c + if (s == NULL) + fatal("%s: error allocating a session", __func__); + s->command = cmd; ++#ifdef SSH_AUDIT_EVENTS + s->command_handle = audit_run_command(cmd); ++#endif + + buffer_clear(m); + buffer_put_int(m, s->self); @@ -1875,11 +1877,13 @@ diff -up openssh-7.3p1/session.c.audit openssh-7.3p1/session.c /* Force a password change */ if (s->authctxt->force_pwchange) { -@@ -1986,6 +2001,7 @@ session_unused(int id) +@@ -1986,6 +2001,9 @@ session_unused(int id) sessions[id].ttyfd = -1; sessions[id].ptymaster = -1; sessions[id].x11_chanids = NULL; ++#ifdef SSH_AUDIT_EVENTS + sessions[id].command_handle = -1; ++#endif sessions[id].next_unused = sessions_first_unused; sessions_first_unused = id; } diff --git a/openssh.spec b/openssh.spec index 2f74995..9401abe 100644 --- a/openssh.spec +++ b/openssh.spec @@ -404,10 +404,8 @@ rm -f $(cat %{SOURCE5}) popd %endif -%if %{WITH_SELINUX} %patch400 -p1 -b .role-mls %patch404 -p1 -b .privsep-selinux -%endif %if %{ldap} %patch501 -p1 -b .ldap