|
Lines 58-63
Link Here
|
| 58 |
#include <stdlib.h> |
58 |
#include <stdlib.h> |
| 59 |
#include <string.h> |
59 |
#include <string.h> |
| 60 |
#include <unistd.h> |
60 |
#include <unistd.h> |
|
|
61 |
#ifdef WITH_SELINUX |
| 62 |
#include <selinux/selinux.h> |
| 63 |
#endif |
| 61 |
|
64 |
|
| 62 |
#include "openbsd-compat/sys-queue.h" |
65 |
#include "openbsd-compat/sys-queue.h" |
| 63 |
#include "xmalloc.h" |
66 |
#include "xmalloc.h" |
|
Lines 101-106
Link Here
|
| 101 |
c[sizeof(INTERNAL_SFTP_NAME) - 1] == ' ' || \ |
104 |
c[sizeof(INTERNAL_SFTP_NAME) - 1] == ' ' || \ |
| 102 |
c[sizeof(INTERNAL_SFTP_NAME) - 1] == '\t')) |
105 |
c[sizeof(INTERNAL_SFTP_NAME) - 1] == '\t')) |
| 103 |
|
106 |
|
|
|
107 |
#ifdef WITH_SELINUX |
| 108 |
#define SFTPD_T "sftpd_t" |
| 109 |
#endif |
| 104 |
/* func */ |
110 |
/* func */ |
| 105 |
|
111 |
|
| 106 |
Session *session_new(void); |
112 |
Session *session_new(void); |
|
Lines 1789-1794
do_child(Session *s, const char *command
Link Here
|
| 1789 |
extern int optind, optreset; |
1795 |
extern int optind, optreset; |
| 1790 |
int i; |
1796 |
int i; |
| 1791 |
char *p, *args; |
1797 |
char *p, *args; |
|
|
1798 |
#ifdef WITH_SELINUX |
| 1799 |
int L1, L2; |
| 1800 |
char *c1, *c2, *cx; |
| 1801 |
#endif |
| 1792 |
|
1802 |
|
| 1793 |
setproctitle("%s@internal-sftp-server", s->pw->pw_name); |
1803 |
setproctitle("%s@internal-sftp-server", s->pw->pw_name); |
| 1794 |
args = xstrdup(command ? command : "sftp-server"); |
1804 |
args = xstrdup(command ? command : "sftp-server"); |
|
Lines 1798-1803
do_child(Session *s, const char *command
Link Here
|
| 1798 |
argv[i] = NULL; |
1808 |
argv[i] = NULL; |
| 1799 |
optind = optreset = 1; |
1809 |
optind = optreset = 1; |
| 1800 |
__progname = argv[0]; |
1810 |
__progname = argv[0]; |
|
|
1811 |
#ifdef WITH_SELINUX |
| 1812 |
if (getcon ((security_context_t *) &c1) < 0) { |
| 1813 |
logit("do_child: getcon failed with %s", strerror (errno)); |
| 1814 |
} else { |
| 1815 |
L1 = strlen (c1) + sizeof (SFTPD_T); |
| 1816 |
c2 = xmalloc (L1); |
| 1817 |
if (!(cx = index (c1, ':'))) |
| 1818 |
goto badcontext; |
| 1819 |
if (!(cx = index (cx + 1, ':'))) { |
| 1820 |
badcontext: |
| 1821 |
logit ("do_child: unparseable context %s", c1); |
| 1822 |
} else { |
| 1823 |
L2 = cx - c1 + 1; |
| 1824 |
memcpy (c2, c1, L2); |
| 1825 |
strlcpy (c2 + L2, SFTPD_T, L1); |
| 1826 |
if ((cx = index (cx + 1, ':'))) |
| 1827 |
strlcat (c2, cx, L1); |
| 1828 |
if (setcon (c2) < 0) |
| 1829 |
logit("do_child: setcon failed with %s", strerror (errno)); |
| 1830 |
|
| 1831 |
} |
| 1832 |
xfree (c1); |
| 1833 |
xfree (c2); |
| 1834 |
} |
| 1835 |
#endif |
| 1836 |
|
| 1801 |
exit(sftp_server_main(i, argv, s->pw)); |
1837 |
exit(sftp_server_main(i, argv, s->pw)); |
| 1802 |
} |
1838 |
} |
| 1803 |
|
1839 |
|