teknoraver / rpms / rpm

Forked from rpms/rpm 5 months ago
Clone

Blame rpm-4.4.2-matchpathcon.patch

Paul Nasrat 307184
--- rpm-4.4.2/python/Makefile.am.matchpathcon	2005-02-16 19:18:37.000000000 -0500
Paul Nasrat 307184
+++ rpm-4.4.2/python/Makefile.am	2005-07-21 16:59:25.000000000 -0400
Paul Nasrat 307184
@@ -34,7 +34,8 @@
Paul Nasrat 307184
 	$(top_builddir)/rpmdb/librpmdb.la \
Paul Nasrat 307184
 	$(top_builddir)/rpmio/librpmio.la \
Paul Nasrat 307184
 	@WITH_POPT_LIB@ \
Paul Nasrat 307184
-	@WITH_LIBELF_LIB@
Paul Nasrat 307184
+	@WITH_LIBELF_LIB@ \
Paul Nasrat 307184
+	@WITH_SELINUX_LIB@
Paul Nasrat 307184
 
Paul Nasrat 307184
 LDADD =
Paul Nasrat 307184
 
Paul Nasrat 307184
--- rpm-4.4.2/python/rpmts-py.c.matchpathcon	2005-02-12 22:12:07.000000000 -0500
Paul Nasrat 307184
+++ rpm-4.4.2/python/rpmts-py.c	2005-07-21 16:47:11.000000000 -0400
Paul Nasrat 307184
@@ -1182,16 +1182,11 @@
Paul Nasrat 307184
 
Paul Nasrat 307184
     /* Initialize security context patterns (if not already done). */
Paul Nasrat 307184
     if (!(s->ts->transFlags & RPMTRANS_FLAG_NOCONTEXTS)) {
Paul Nasrat 307184
-	rpmsx sx = rpmtsREContext(s->ts);
Paul Nasrat 307184
-	if (sx == NULL) {
Paul Nasrat 307184
-	    const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
Paul Nasrat 307184
-	    if (fn != NULL && *fn != '\0') {
Paul Nasrat 307184
-		sx = rpmsxNew(fn);
Paul Nasrat 307184
-		(void) rpmtsSetREContext(s->ts, sx);
Paul Nasrat 307184
-	    }
Paul Nasrat 307184
-	    fn = _free(fn);
Paul Nasrat 307184
+	const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
Paul Nasrat 307184
+	if (fn != NULL && *fn != '\0') {
Paul Nasrat 307184
+                matchpathcon_init(fn);
Paul Nasrat 307184
 	}
Paul Nasrat 307184
-	sx = rpmsxFree(sx);
Paul Nasrat 307184
+	fn = _free(fn);
Paul Nasrat 307184
     } 
Paul Nasrat 307184
 
Paul Nasrat 307184
 if (_rpmts_debug)
Paul Nasrat 307184
--- rpm-4.4.2/lib/rpminstall.c.matchpathcon	2005-07-21 16:47:11.000000000 -0400
Paul Nasrat 307184
+++ rpm-4.4.2/lib/rpminstall.c	2005-07-21 16:47:11.000000000 -0400
Paul Nasrat 307184
@@ -310,16 +310,10 @@
Paul Nasrat 307184
 
Paul Nasrat 307184
     /* Initialize security context patterns (if not already done). */
Paul Nasrat 307184
     if (!(ia->transFlags & RPMTRANS_FLAG_NOCONTEXTS)) {
Paul Nasrat 307184
-	rpmsx sx = rpmtsREContext(ts);
Paul Nasrat 307184
-	if (sx == NULL) {
Paul Nasrat 307184
-	    const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
Paul Nasrat 307184
-	    if (fn != NULL && *fn != '\0') {
Paul Nasrat 307184
-		sx = rpmsxNew(fn);
Paul Nasrat 307184
-		(void) rpmtsSetREContext(ts, sx);
Paul Nasrat 307184
-	    }
Paul Nasrat 307184
-	    fn = _free(fn);
Paul Nasrat 307184
-	}
Paul Nasrat 307184
-	sx = rpmsxFree(sx);
Paul Nasrat 307184
+            const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
Paul Nasrat 307184
+            if (fn != NULL && *fn != '\0') {
Paul Nasrat 307184
+                    matchpathcon_init(fn);
Paul Nasrat 307184
+            }
Paul Nasrat 307184
     }
Paul Nasrat 307184
     (void) rpmtsSetFlags(ts, ia->transFlags);
Paul Nasrat 307184
 
Paul Nasrat 307184
--- rpm-4.4.2/lib/verify.c.matchpathcon	2004-10-24 15:36:30.000000000 -0400
Paul Nasrat 307184
+++ rpm-4.4.2/lib/verify.c	2005-07-21 16:47:11.000000000 -0400
Paul Nasrat 307184
@@ -128,20 +128,19 @@
Paul Nasrat 307184
 	if (rc == -1)
Paul Nasrat 307184
 	    *res |= (RPMVERIFY_LGETFILECONFAIL|RPMVERIFY_CONTEXTS);
Paul Nasrat 307184
 	else {
Paul Nasrat 307184
-	    rpmsx sx = rpmtsREContext(ts);
Paul Nasrat 307184
-	    const char * fcontext;
Paul Nasrat 307184
-
Paul Nasrat 307184
-	    if (sx != NULL) {
Paul Nasrat 307184
-		/* Get file security context from patterns. */
Paul Nasrat 307184
-		fcontext = rpmsxFContext(sx, fn, fmode);
Paul Nasrat 307184
-		sx = rpmsxFree(sx);
Paul Nasrat 307184
-	    } else {
Paul Nasrat 307184
+	    security_context_t fcontext;
Paul Nasrat 307184
+             
Paul Nasrat 307184
+	    /* Get file security context from patterns. */
Paul Nasrat 307184
+	    if (matchpathcon(fn,fmode,&fcontext) != 0)  {
Paul Nasrat 307184
 		/* Get file security context from package. */
Paul Nasrat 307184
 		fcontext = rpmfiFContext(fi);
Paul Nasrat 307184
 	    }
Paul Nasrat 307184
+
Paul Nasrat 307184
 	    if (fcontext == NULL || strcmp(fcontext, con))
Paul Nasrat 307184
 		*res |= RPMVERIFY_CONTEXTS;
Paul Nasrat 307184
 	    freecon(con);
Paul Nasrat 307184
+            freecon(fcontext); 
Paul Nasrat 307184
+
Paul Nasrat 307184
 	}
Paul Nasrat 307184
     }
Paul Nasrat 307184
 /*@=branchstate@*/
Paul Nasrat 307184
@@ -524,16 +523,11 @@
Paul Nasrat 307184
 
Paul Nasrat 307184
     /* Initialize security context patterns (if not already done). */
Paul Nasrat 307184
     if (qva->qva_flags & VERIFY_CONTEXTS) {
Paul Nasrat 307184
-	rpmsx sx = rpmtsREContext(ts);
Paul Nasrat 307184
-	if (sx == NULL) {
Paul Nasrat 307184
-	    arg = rpmGetPath("%{?_verify_file_context_path}", NULL);
Paul Nasrat 307184
-	    if (arg != NULL && *arg != '\0') {
Paul Nasrat 307184
-		sx = rpmsxNew(arg);
Paul Nasrat 307184
-		(void) rpmtsSetREContext(ts, sx);
Paul Nasrat 307184
-	    }
Paul Nasrat 307184
-	    arg = _free(arg);
Paul Nasrat 307184
-	}
Paul Nasrat 307184
-	sx = rpmsxFree(sx);
Paul Nasrat 307184
+	arg = rpmGetPath("%{?_verify_file_context_path}", NULL);
Paul Nasrat 307184
+	if (arg != NULL && *arg != '\0') {
Paul Nasrat 307184
+           matchpathcon_init(arg);	
Paul Nasrat 307184
+	   }
Paul Nasrat 307184
+	arg = _free(arg);
Paul Nasrat 307184
     }
Paul Nasrat 307184
 
Paul Nasrat 307184
     ovsflags = rpmtsSetVSFlags(ts, vsflags);
Paul Nasrat 307184
--- rpm-4.4.2/lib/rpmfi.c.matchpathcon	2005-02-10 03:30:28.000000000 -0500
Paul Nasrat 307184
+++ rpm-4.4.2/lib/rpmfi.c	2005-07-21 16:47:11.000000000 -0400
Paul Nasrat 307184
@@ -16,7 +16,7 @@
Paul Nasrat 307184
 #define	_RPMFI_INTERNAL
Paul Nasrat 307184
 #include "rpmfi.h"
Paul Nasrat 307184
 
Paul Nasrat 307184
-#include "rpmsx.h"
Paul Nasrat 307184
+#include <selinux/selinux.h>
Paul Nasrat 307184
 
Paul Nasrat 307184
 #define	_RPMTE_INTERNAL	/* relocations */
Paul Nasrat 307184
 #include "rpmte.h"
Paul Nasrat 307184
@@ -1645,8 +1645,8 @@
Paul Nasrat 307184
 {
Paul Nasrat 307184
     int scareMem = 0;
Paul Nasrat 307184
     rpmfi fi = rpmfiNew(NULL, h, RPMTAG_BASENAMES, scareMem);
Paul Nasrat 307184
-    rpmsx sx = NULL;
Paul Nasrat 307184
     const char ** av = NULL;
Paul Nasrat 307184
+    const char * myfn = rpmGetPath("%{?__file_context_path}", NULL);
Paul Nasrat 307184
     int ac;
Paul Nasrat 307184
     size_t nb;
Paul Nasrat 307184
     char * t;
Paul Nasrat 307184
@@ -1660,7 +1660,7 @@
Paul Nasrat 307184
     }
Paul Nasrat 307184
 
Paul Nasrat 307184
     /* Read security context patterns. */
Paul Nasrat 307184
-    sx = rpmsxNew(NULL);
Paul Nasrat 307184
+    matchpathcon_init(myfn);
Paul Nasrat 307184
 
Paul Nasrat 307184
     /* Compute size of argv array blob, concatenating file contexts. */
Paul Nasrat 307184
     nb = ac * sizeof(*fcnb);
Paul Nasrat 307184
@@ -1671,10 +1671,9 @@
Paul Nasrat 307184
     while (rpmfiNext(fi) >= 0) {
Paul Nasrat 307184
 	const char * fn = rpmfiFN(fi);
Paul Nasrat 307184
 	mode_t fmode = rpmfiFMode(fi);
Paul Nasrat 307184
-	const char * scon;
Paul Nasrat 307184
+	security_context_t scon;
Paul Nasrat 307184
 
Paul Nasrat 307184
-	scon = rpmsxFContext(sx, fn, fmode);
Paul Nasrat 307184
-	if (scon != NULL) {
Paul Nasrat 307184
+	if (matchpathcon(fn, fmode, &scon) == 0) {
Paul Nasrat 307184
 	    fcnb[ac] = strlen(scon) + 1;
Paul Nasrat 307184
 /*@-branchstate@*/
Paul Nasrat 307184
 	    if (fcnb[ac] > 0) {
Paul Nasrat 307184
@@ -1682,6 +1681,7 @@
Paul Nasrat 307184
 		memcpy(fctxt+fctxtlen, scon, fcnb[ac]);
Paul Nasrat 307184
 		fctxtlen += fcnb[ac];
Paul Nasrat 307184
 	    }
Paul Nasrat 307184
+            freecon(scon); 
Paul Nasrat 307184
 /*@=branchstate@*/
Paul Nasrat 307184
 	}
Paul Nasrat 307184
 	ac++;
Paul Nasrat 307184
@@ -1707,7 +1707,6 @@
Paul Nasrat 307184
 
Paul Nasrat 307184
 exit:
Paul Nasrat 307184
     fi = rpmfiFree(fi);
Paul Nasrat 307184
-    sx = rpmsxFree(sx);
Paul Nasrat 307184
     /*@-branchstate@*/
Paul Nasrat 307184
     if (fcontextp)
Paul Nasrat 307184
 	*fcontextp = av;
Paul Nasrat 307184
--- rpm-4.4.2/lib/fsm.c.matchpathcon	2004-10-09 15:40:09.000000000 -0400
Paul Nasrat 307184
+++ rpm-4.4.2/lib/fsm.c	2005-07-21 16:47:11.000000000 -0400
Paul Nasrat 307184
@@ -634,12 +634,11 @@
Paul Nasrat 307184
     if (ts != NULL && rpmtsSELinuxEnabled(ts) == 1 &&
Paul Nasrat 307184
 	!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS))
Paul Nasrat 307184
     {
Paul Nasrat 307184
-	rpmsx sx = rpmtsREContext(ts);
Paul Nasrat 307184
+	security_context_t scon = NULL;
Paul Nasrat 307184
 
Paul Nasrat 307184
-	if (sx != NULL) {
Paul Nasrat 307184
+	if ( matchpathcon(fsm->path, st->st_mode, &scon) == 0 && scon != NULL) {
Paul Nasrat 307184
 	    /* Get file security context from patterns. */
Paul Nasrat 307184
-	    fsm->fcontext = rpmsxFContext(sx, fsm->path, st->st_mode);
Paul Nasrat 307184
-	    sx = rpmsxFree(sx);
Paul Nasrat 307184
+	    fsm->fcontext = scon;
Paul Nasrat 307184
 	} else {
Paul Nasrat 307184
 	    int i = fsm->ix;
Paul Nasrat 307184
 
Paul Nasrat 307184
--- rpm-4.4.2/build/Makefile.am.matchpathcon	2005-03-14 05:03:48.000000000 -0500
Paul Nasrat 307184
+++ rpm-4.4.2/build/Makefile.am	2005-07-21 16:47:11.000000000 -0400
Paul Nasrat 307184
@@ -35,6 +35,7 @@
Paul Nasrat 307184
 	$(top_builddir)/lib/librpm.la \
Paul Nasrat 307184
 	$(top_builddir)/rpmdb/librpmdb.la \
Paul Nasrat 307184
 	$(top_builddir)/rpmio/librpmio.la \
Paul Nasrat 307184
+	@WITH_SELINUX_LIB@ \
Paul Nasrat 307184
 	@WITH_LIBELF_LIB@
Paul Nasrat 307184
 
Paul Nasrat 307184
 rpmfile.h:
Paul Nasrat 307184
--- rpm-4.4.2/build/files.c.matchpathcon	2005-07-13 05:58:55.000000000 -0400
Paul Nasrat 307184
+++ rpm-4.4.2/build/files.c	2005-07-21 16:47:11.000000000 -0400
Paul Nasrat 307184
@@ -23,7 +23,7 @@
Paul Nasrat 307184
 #define	_RPMFI_INTERNAL
Paul Nasrat 307184
 #include "rpmfi.h"
Paul Nasrat 307184
 
Paul Nasrat 307184
-#include "rpmsx.h"
Paul Nasrat 307184
+#include <selinux/selinux.h>
Paul Nasrat 307184
 
Paul Nasrat 307184
 #define	_RPMTE_INTERNAL
Paul Nasrat 307184
 #include "rpmte.h"
Paul Nasrat 307184
@@ -1122,7 +1122,7 @@
Paul Nasrat 307184
     int apathlen = 0;
Paul Nasrat 307184
     int dpathlen = 0;
Paul Nasrat 307184
     int skipLen = 0;
Paul Nasrat 307184
-    rpmsx sx = NULL;
Paul Nasrat 307184
+    security_context_t scon = NULL;
Paul Nasrat 307184
     const char * sxfn;
Paul Nasrat 307184
     size_t fnlen;
Paul Nasrat 307184
     FileListRec flp;
Paul Nasrat 307184
@@ -1142,7 +1142,7 @@
Paul Nasrat 307184
 
Paul Nasrat 307184
     sxfn = rpmGetPath("%{?_build_file_context_path}", NULL);
Paul Nasrat 307184
     if (sxfn != NULL && *sxfn != '\0')
Paul Nasrat 307184
-   	sx = rpmsxNew(sxfn);
Paul Nasrat 307184
+   	matchpathcon_init(sxfn);
Paul Nasrat 307184
 
Paul Nasrat 307184
     for (i = 0, flp = fl->fileList; i < fl->fileListRecsUsed; i++, flp++) {
Paul Nasrat 307184
 	const char *s;
Paul Nasrat 307184
@@ -1324,18 +1324,19 @@
Paul Nasrat 307184
 			       &(flp->flags), 1);
Paul Nasrat 307184
 
Paul Nasrat 307184
 	/* Add file security context to package. */
Paul Nasrat 307184
-/*@-branchstate@*/
Paul Nasrat 307184
-	if (sx != NULL) {
Paul Nasrat 307184
-	    mode_t fmode = (uint_16)flp->fl_mode;
Paul Nasrat 307184
-	    s = rpmsxFContext(sx, flp->fileURL, fmode);
Paul Nasrat 307184
-	    if (s == NULL) s = "";
Paul Nasrat 307184
-	    (void) headerAddOrAppendEntry(h, RPMTAG_FILECONTEXTS, RPM_STRING_ARRAY_TYPE,
Paul Nasrat 307184
-			       &s, 1);
Paul Nasrat 307184
-	}
Paul Nasrat 307184
-/*@=branchstate@*/
Paul Nasrat 307184
+	mode_t fmode = (uint_16)flp->fl_mode;
Paul Nasrat 307184
+	int rc = matchpathcon(flp->fileURL, fmode, &scon);
Paul Nasrat 307184
+        if ( rc == 0 && scon != NULL) {
Paul Nasrat 307184
+	    (void) headerAddOrAppendEntry(h, RPMTAG_FILECONTEXTS, RPM_STRING_ARRAY_TYPE, &scon, 1);
Paul Nasrat 307184
+	    freecon(scon);
Paul Nasrat 307184
+        }
Paul Nasrat 307184
+        else  {
Paul Nasrat 307184
+            const char *nocon = "";
Paul Nasrat 307184
+	    (void) headerAddOrAppendEntry(h, RPMTAG_FILECONTEXTS, RPM_STRING_ARRAY_TYPE, &nocon, 1);
Paul Nasrat 307184
+        }
Paul Nasrat 307184
+
Paul Nasrat 307184
 
Paul Nasrat 307184
     }
Paul Nasrat 307184
-    sx = rpmsxFree(sx);
Paul Nasrat 307184
     sxfn = _free(sxfn);
Paul Nasrat 307184
 
Paul Nasrat 307184
     (void) headerAddEntry(h, RPMTAG_SIZE, RPM_INT32_TYPE,