|
Jan F. Chadima |
3d6b00 |
diff -up openssh-5.2p1/session.c.sesftp openssh-5.2p1/session.c
|
|
Jan F. Chadima |
a827fe |
--- openssh-5.2p1/session.c.sesftp 2009-07-22 15:18:17.156499945 +0200
|
|
Jan F. Chadima |
a827fe |
+++ openssh-5.2p1/session.c 2009-07-22 15:20:09.950319644 +0200
|
|
Jan F. Chadima |
3d6b00 |
@@ -58,6 +58,7 @@
|
|
Jan F. Chadima |
3d6b00 |
#include <stdlib.h>
|
|
Jan F. Chadima |
3d6b00 |
#include <string.h>
|
|
Jan F. Chadima |
3d6b00 |
#include <unistd.h>
|
|
Jan F. Chadima |
3d6b00 |
+#include <selinux/selinux.h>
|
|
Jan F. Chadima |
3d6b00 |
|
|
Jan F. Chadima |
3d6b00 |
#include "openbsd-compat/sys-queue.h"
|
|
Jan F. Chadima |
3d6b00 |
#include "xmalloc.h"
|
|
Jan F. Chadima |
a827fe |
@@ -1805,8 +1806,8 @@ do_child(Session *s, const char *command
|
|
Jan F. Chadima |
a827fe |
|
|
Jan F. Chadima |
a827fe |
if (s->is_subsystem == SUBSYSTEM_INT_SFTP) {
|
|
Jan F. Chadima |
a827fe |
extern int optind, optreset;
|
|
Jan F. Chadima |
a827fe |
- int i;
|
|
Jan F. Chadima |
a827fe |
- char *p, *args;
|
|
Jan F. Chadima |
a827fe |
+ int i, l;
|
|
Jan F. Chadima |
a827fe |
+ char *p, *args, *c1, *c2, *cx;
|
|
Jan F. Chadima |
a827fe |
|
|
Jan F. Chadima |
a827fe |
setproctitle("%s@internal-sftp-server", s->pw->pw_name);
|
|
Jan F. Chadima |
a827fe |
args = xstrdup(command ? command : "sftp-server");
|
|
Jan F. Chadima |
a827fe |
@@ -1816,6 +1817,27 @@ do_child(Session *s, const char *command
|
|
Jan F. Chadima |
3d6b00 |
argv[i] = NULL;
|
|
Jan F. Chadima |
3d6b00 |
optind = optreset = 1;
|
|
Jan F. Chadima |
3d6b00 |
__progname = argv[0];
|
|
Jan F. Chadima |
a827fe |
+ if (getcon (&c1) < 0) {
|
|
Jan F. Chadima |
a827fe |
+ logit("do_child: getcon failed witch %s", strerror (errno));
|
|
Jan F. Chadima |
a827fe |
+ } else {
|
|
Jan F. Chadima |
a827fe |
+ c2 = xmalloc (strlen (c1) + 8);
|
|
Jan F. Chadima |
a827fe |
+ if (!(cx = index (c1, ':')))
|
|
Jan F. Chadima |
a827fe |
+ goto badcontext;
|
|
Jan F. Chadima |
a827fe |
+ if (!(cx = index (cx + 1, ':'))) {
|
|
Jan F. Chadima |
a827fe |
+badcontext:
|
|
Jan F. Chadima |
a827fe |
+ logit ("do_child: unparseable context %s", c1);
|
|
Jan F. Chadima |
a827fe |
+ } else {
|
|
Jan F. Chadima |
a827fe |
+ l = cx - c1 + 1;
|
|
Jan F. Chadima |
a827fe |
+ memcpy (c2, c1, l);
|
|
Jan F. Chadima |
a827fe |
+ strcpy (c2 + l, "sftpd_t");
|
|
Jan F. Chadima |
a827fe |
+ if ((cx = index (cx + 1, ':')))
|
|
Jan F. Chadima |
a827fe |
+ strcat (c2, cx);
|
|
Jan F. Chadima |
a827fe |
+logit ("<= %s", c1); logit ("=> %s", c2); if (setcon ("system_u:system_r:sftpd_t:s0-s0:c0.c1023") < 0)
|
|
Jan F. Chadima |
a827fe |
+ logit("do_child: setcon failed witch %s", strerror (errno));
|
|
Jan F. Chadima |
a827fe |
+
|
|
Jan F. Chadima |
a827fe |
+ }
|
|
Jan F. Chadima |
a827fe |
+ }
|
|
Jan F. Chadima |
f35d4a |
+
|
|
Jan F. Chadima |
3d6b00 |
exit(sftp_server_main(i, argv, s->pw));
|
|
Jan F. Chadima |
3d6b00 |
}
|
|
Jan F. Chadima |
3d6b00 |
|