tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,222 Commits 6 Branches 20 Tags 98 MiB
Commit Graph

26 Commits

Author SHA1 Message Date
Damien Miller 8c7203bcee
replace deprecate selinux matchpathcon function 
This function is apparently deprecated. Documentation on what is the
supposed replacement is is non-existent, so this follows the approach
glibc used https://sourceware.org/git/?p=glibc.git;a=patch;h=f278835f59

ok dtucker@
 2023-07-12 11:41:19 +10:00
Damien Miller e51dc7fab6 SELinux has deprecated security_context_t 
(it was only ever a char* anyway)
 2020-11-13 13:46:28 +11:00
Damien Miller f9ea651520 logging is now macros, remove function pointers 2020-10-17 11:51:20 +11:00
Damien Miller def31bc542 spelling mistakes 
from https://fossies.org/linux/misc/openssh-8.2p1.tar.gz/codespell.html
 2020-03-13 14:23:07 +11:00
Darren Tucker ea9c06e11d Include stdlib.h. 
Patch from jjelen at redhat via bz#2687.
 2018-09-07 14:01:39 +10:00
Damien Miller bda709b8e1 avoid inclusion of deprecated selinux/flask.h 
Use string_to_security_class() instead.
 2018-02-26 12:17:22 +11:00
Darren Tucker 1e8013a17f Remove obsolete CVS $Id from source files. 
Since -portable switched to git the CVS $Id tags are no longer being
updated and are becoming increasingly misleading.  Remove them.
 2016-08-17 14:08:42 +10:00
Damien Miller 0c30ba91f8 downgrade OOM adjustment logging: verbose -> debug 2015-07-30 12:32:42 +10:00
Darren Tucker f60845fde2 - (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c cipher-ctr.c 
groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c
   sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c
   openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c
   openbsd-compat/port-linux.c] Replace portable-specific instances of xfree
   with the equivalent calls to free.
 2013-06-02 08:07:31 +10:00
Damien Miller 7bf7b889b3 - (djm) [openbsd-compat/port-linux.c] bz#1960: fix crash on SELinux 
systems where sshd is run in te wrong context. Patch from Sven
   Vermeulen; ok dtucker@
 2012-03-09 10:25:16 +11:00
Damien Miller 58ac11a2bd - (djm) [openbsd-compat/port-linux.c] Suppress logging when attempting 
to switch SELinux context away from unconfined_t, based on patch from
   Jan Chadima; bz#1919 ok dtucker@
 2011-08-29 16:09:52 +10:00
Darren Tucker 4d47ec9c89 - (dtucker) [openbsd-compat/port-linux.c] Bug 1924: Improve selinux context 
change error by reporting old and new context names  Patch from
   jchadima at redhat.
 2011-08-12 10:12:53 +10:00
Darren Tucker 3b9617ecbd - (dtucker) [openbsd-compat/port-linux.c] Bug #1851: fix syntax error in 
selinux code.  Patch from Leonardo Chiquitto.
 2011-02-06 13:24:35 +11:00
Damien Miller d4a5504cb1 - (djm) [openbsd-compat/port-linux.c] Check whether SELinux is enabled 
before attempting setfscreatecon(). Check whether matchpathcon()
   succeeded before using its result. Patch from cjwatson AT debian.org;
   bz#1851
 2011-01-28 10:30:18 +11:00
Damien Miller 71adf127e8 - (djm) [configure.ac Makefile.in ssh.c openbsd-compat/port-linux.c 
openbsd-compat/port-linux.h] Move SELinux-specific code from ssh.c to
   port-linux.c to avoid compilation errors. Add -lselinux to ssh when
   building with SELinux support to avoid linking failure; report from
   amk AT spamfence.net; ok dtucker
 2011-01-25 12:16:15 +11:00
Darren Tucker 263d43d2a5 - (dtucker) [openbsd-compat/port-linux.c] Fix minor bug caught by -Werror on 
the tinderbox.
 2011-01-17 18:50:22 +11:00
Darren Tucker 0c93adc7c1 - (dtucker) [openbsd-compat/port-linux.c] Bug #1838: Add support for the new 
Linux OOM-killer magic values that changed in 2.6.36 kernels, with fallback
   to the old values.  Feedback from vapier at gentoo org and djm, ok djm.
 2011-01-17 11:55:59 +11:00
Darren Tucker 50e3bab242 - (dtucker) [openbsd-compat/port-linux.c] Check is_selinux_enabled for exact 
return code since it can apparently return -1 under some conditions.  From
   openssh bugs werbittewas de, ok djm@
 2010-09-10 10:30:25 +10:00
Darren Tucker 9af0cb9acc - (dtucker) [openbsd-compat/port-linux.c] Make failure to write to the OOM 
adjust log at verbose only, since according to cjwatson in bug #1470
   some virtualization platforms don't allow writes.
 2010-03-01 15:52:49 +11:00
Darren Tucker c8802aac28 - (dtucker) Bug #1470: Disable OOM-killing of the listening sshd on Linux, 
based on a patch from Vaclav Ovsik and Colin Watson.  ok djm.
 2009-12-08 13:39:48 +11:00
Darren Tucker 4d6656b103 - (dtucker) [session.c openbsd-compat/port-linux.{c,h}] Bug #1637: if selinux 
is enabled set the security context to "sftpd_t" before running the
   internal sftp server   Based on a patch from jchadima at redhat.
 2009-10-24 15:04:12 +11:00
Darren Tucker b8eb586412 - (dtucker) Cache selinux status earlier so we know if it's enabled after a 
chroot.  Allows ChrootDirectory to work with selinux support compiled in
   but not enabled.  Using it with selinux enabled will require some selinux
   support inside the chroot.  "looks sane" djm@
 2008-03-27 07:27:20 +11:00
Damien Miller 0d7b93473c - (djm) bz#1325: Fix SELinux in permissive mode where it would 
incorrectly fatal() on errors. patch from cjwatson AT debian.org;
   ok dtucker
 2007-06-28 08:48:02 +10:00
Damien Miller ded319cca2 - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c] 
[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
   [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
   [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
   [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
   [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
   [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
   [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
   [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
   [sshconnect1.c sshconnect2.c sshd.c rc4.diff]
   [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
   [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
   [openbsd-compat/port-uw.c]
   Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
   compile problems reported by rac AT tenzing.org
 2006-09-01 15:38:36 +10:00
Damien Miller b8fe89c4d9 - (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c] 
[canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c]
   [gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c]
   [servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c]
   [ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c]
   [openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c]
   [openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c]
   [openbsd-compat/mktemp.c openbsd-compat/port-linux.c]
   [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c]
   [openbsd-compat/setproctitle.c openbsd-compat/xmmap.c]
   make the portable tree compile again - sprinkle unistd.h and string.h
   back in. Don't redefine __unused, as it turned out to be used in
   headers on Linux, and replace its use in auth-pam.c with ARGSUSED
 2006-07-24 14:51:00 +10:00
Damien Miller 73b42d2bb0 - (djm) [Makefile.in configure.ac session.c sshpty.c] 
[contrib/redhat/sshd.init openbsd-compat/Makefile.in]
   [openbsd-compat/openbsd-compat.h openbsd-compat/port-linux.c]
   [openbsd-compat/port-linux.h] Add support for SELinux, setting
   the execution and TTY contexts. based on patch from Daniel Walsh,
   bz #880; ok dtucker@
 2006-04-22 21:26:08 +10:00