rpms/openssh
7
0
Fork 1
Code Issues Pull Requests Releases Activity

Make the code build without SELinux and without Audit

Browse Source
This commit is contained in:
Jakub Jelen 2016-09-15 16:36:04 +02:00
parent 0a605f4d31
commit 739842b137
3 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
openssh-6.6p1-role-mls.patch
View File

@ -131,7 +131,7 @@ diff -up openssh/auth2-hostbased.c.role-mls openssh/auth2-hostbased.c
diff -up openssh/auth2-pubkey.c.role-mls openssh/auth2-pubkey.c diff -up openssh/auth2-pubkey.c.role-mls openssh/auth2-pubkey.c
--- openssh/auth2-pubkey.c.role-mls 2016-07-24 13:50:13.000000000 +0200 --- openssh/auth2-pubkey.c.role-mls 2016-07-24 13:50:13.000000000 +0200
+++ openssh/auth2-pubkey.c 2016-07-26 12:37:48.794593332 +0200 +++ openssh/auth2-pubkey.c 2016-07-26 12:37:48.794593332 +0200
@@ -151,9 +151,11 @@ userauth_pubkey(Authctxt *authctxt) @@ -151,9 +151,15 @@ userauth_pubkey(Authctxt *authctxt)
} }
/* reconstruct packet */ /* reconstruct packet */
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
@ -140,8 +140,12 @@ diff -up openssh/auth2-pubkey.c.role-mls openssh/auth2-pubkey.c
authctxt->style ? ":" : "", authctxt->style ? ":" : "",
- authctxt->style ? authctxt->style : ""); - authctxt->style ? authctxt->style : "");
+ authctxt->style ? authctxt->style : "", + authctxt->style ? authctxt->style : "",
+#ifdef WITH_SELINUX
+ authctxt->role ? "/" : "", + authctxt->role ? "/" : "",
+ authctxt->role ? authctxt->role : ""); + authctxt->role ? authctxt->role : "");
+#else
+ "", "");
+#endif
buffer_put_cstring(&b, userstyle); buffer_put_cstring(&b, userstyle);
free(userstyle); free(userstyle);
buffer_put_cstring(&b, buffer_put_cstring(&b,

8
openssh-7.2p1-audit.patch
View File

@ -1285,7 +1285,7 @@ diff -up openssh-7.3p1/monitor.c.audit openssh-7.3p1/monitor.c
while (waitpid(pmonitor->m_pid, &status, 0) == -1) while (waitpid(pmonitor->m_pid, &status, 0) == -1)
if (errno != EINTR) if (errno != EINTR)
exit(1); exit(1);
@@ -1908,11 +1956,43 @@ mm_answer_audit_command(int socket, Buff @@ -1908,11 +1956,45 @@ mm_answer_audit_command(int socket, Buff
{ {
u_int len; u_int len;
char *cmd; char *cmd;
@ -1300,7 +1300,9 @@ diff -up openssh-7.3p1/monitor.c.audit openssh-7.3p1/monitor.c
+ if (s == NULL) + if (s == NULL)
+ fatal("%s: error allocating a session", __func__); + fatal("%s: error allocating a session", __func__);
+ s->command = cmd; + s->command = cmd;
+#ifdef SSH_AUDIT_EVENTS
+ s->command_handle = audit_run_command(cmd); + s->command_handle = audit_run_command(cmd);
+#endif
+ +
+ buffer_clear(m); + buffer_clear(m);
+ buffer_put_int(m, s->self); + buffer_put_int(m, s->self);
@ -1875,11 +1877,13 @@ diff -up openssh-7.3p1/session.c.audit openssh-7.3p1/session.c
/* Force a password change */ /* Force a password change */
if (s->authctxt->force_pwchange) { if (s->authctxt->force_pwchange) {
@@ -1986,6 +2001,7 @@ session_unused(int id) @@ -1986,6 +2001,9 @@ session_unused(int id)
sessions[id].ttyfd = -1; sessions[id].ttyfd = -1;
sessions[id].ptymaster = -1; sessions[id].ptymaster = -1;
sessions[id].x11_chanids = NULL; sessions[id].x11_chanids = NULL;
+#ifdef SSH_AUDIT_EVENTS
+ sessions[id].command_handle = -1; + sessions[id].command_handle = -1;
+#endif
sessions[id].next_unused = sessions_first_unused; sessions[id].next_unused = sessions_first_unused;
sessions_first_unused = id; sessions_first_unused = id;
} }

2
openssh.spec
View File

@ -404,10 +404,8 @@ rm -f $(cat %{SOURCE5})
popd popd
%endif %endif
%if %{WITH_SELINUX}
%patch400 -p1 -b .role-mls %patch400 -p1 -b .role-mls
%patch404 -p1 -b .privsep-selinux %patch404 -p1 -b .privsep-selinux
%endif
%if %{ldap} %if %{ldap}
%patch501 -p1 -b .ldap %patch501 -p1 -b .ldap