commit 342fd9455ef1e692b56354c77f14a719fbf88c3f
Author: Jakub Bogusz <[email protected]>
Date: Tue Jul 17 18:08:13 2018 +0200
- saving setools 3.x parts discontinued in setools 4.x as setools3
- enhanced sepol patch to cover libsepol 2.8 (changes taken from setools
4.x libqpol code)
- release 6
setools-sepol.patch | 475 ++++++++++++++++++++++++++++++++++++++++++
setools.spec => setools3.spec | 74 +++----
2 files changed, 513 insertions(+), 36 deletions(-)
---
diff --git a/setools.spec b/setools3.spec
similarity index 92%
rename from setools.spec
rename to setools3.spec
index a984201..97dba7d 100644
--- a/setools.spec
+++ b/setools3.spec
@@ -5,25 +5,25 @@
#
Summary: Policy analysis tools for SELinux
Summary(pl.UTF-8): Narzędzia do analizy polityk SELinuksa
-Name: setools
+Name: setools3
Version: 3.3.8
-Release: 5
+Release: 6
License: GPL v2+ (tools), LGPL v2.1+ (libraries)
Group: Applications/System
#Source0Download: https://github.com/TresysTechnology/setools3/wiki/Download
-Source0:
https://raw.githubusercontent.com/wiki/TresysTechnology/setools3/files/dists/%{name}-%{version}/%{name}-%{version}.tar.bz2
+Source0:
https://raw.githubusercontent.com/wiki/TresysTechnology/setools3/files/dists/setools-%{version}/setools-%{version}.tar.bz2
# Source0-md5: d68d0d4e4da0f01da0f208782ff04b91
Source1: seaudit.pamd
-Patch0: %{name}-swig.patch
-Patch1: %{name}-sh.patch
-Patch2: %{name}-tcl.patch
-Patch3: %{name}-format.patch
-Patch4: %{name}-swig-part2.patch
-Patch5: %{name}-link.patch
-Patch6: %{name}-x32.patch
-Patch7: %{name}-swig-version.patch
-Patch8: %{name}-sepol.patch
-Patch9: %{name}-selinux.patch
+Patch0: setools-swig.patch
+Patch1: setools-sh.patch
+Patch2: setools-tcl.patch
+Patch3: setools-format.patch
+Patch4: setools-swig-part2.patch
+Patch5: setools-link.patch
+Patch6: setools-x32.patch
+Patch7: setools-swig-version.patch
+Patch8: setools-sepol.patch
+Patch9: setools-selinux.patch
Patch10: python-prefix.patch
URL: https://github.com/TresysTechnology/setools3/wiki
BuildRequires: autoconf >= 2.59
@@ -36,8 +36,8 @@ BuildRequires: gtk+2-devel >= 2:2.8
%{?with_java:BuildRequires: jdk >= 1.2}
BuildRequires: libglade2-devel >= 2.0
BuildRequires: libselinux-devel >= 1.30
-BuildRequires: libsepol-devel >= 2.4
-BuildRequires: libsepol-static >= 2.4
+BuildRequires: libsepol-devel >= 2.8
+BuildRequires: libsepol-static >= 2.8
BuildRequires: libstdc++-devel
BuildRequires: libtool
BuildRequires: libxml2-devel >= 2
@@ -53,9 +53,10 @@ BuildRequires: tcl-devel >= 8.4
BuildRequires: tk-devel >= 8.4
Requires: %{name}-libs = %{version}-%{release}
Suggests: policy-sources
+Obsoletes: setools < 4
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
-%define pkgdatadir %{_datadir}/%{name}-3.3
+%define pkgdatadir %{_datadir}/setools-3.3
# python modules use Py* symbols, some of .so files are versioned
%define skip_post_check_so .*%{py_sitedir}/setools/.*
@@ -91,6 +92,7 @@ Requires: %{name} = %{version}-%{release}
Requires: gtk+2 >= 2:2.8
Requires: tk >= 8.4
Requires: tk-BWidget >= 1.8
+Obsoletes: setools-gui < 4
%description gui
SETools is a collection of graphical tools, command-line tools, and
@@ -116,8 +118,9 @@ Summary(pl.UTF-8): Biblioteki wspierające analizę polityk
SELinuksa
License: LGPL v2.1+
Group: Libraries
Requires: libselinux >= 2.4
-Requires: libsepol >= 2.4
+Requires: libsepol >= 2.8
Requires: sqlite3 >= 3.2.0
+Obsoletes: setools-libs < 4
%description libs
SETools is a collection of graphical tools, command-line tools, and
@@ -148,6 +151,7 @@ Summary(pl.UTF-8): Pliki nagłówkowe bibliotek SETools
License: LGPL v2.1+
Group: Development/Libraries
Requires: %{name}-libs = %{version}-%{release}
+Obsoletes: setools-devel < 4
%description devel
Header files for SETools libraries: libapol, libpoldiff, libqpol,
@@ -163,6 +167,7 @@ Summary(pl.UTF-8): Statyczne biblioteki SETools
License: LGPL v2.1+
Group: Development/Libraries
Requires: %{name}-devel = %{version}-%{release}
+Obsoletes: setools-static < 4
%description static
Static SETools libraries.
@@ -201,14 +206,16 @@ Ten pakiet zawiera wiązania Javy do bibliotek
uruchomieniowych:
z plików logów
- libsefs - kontekstów plików SELinuksa
-%package -n python-setools
+%package -n python-setools3
Summary: Python bindings for SELinux policy analysis libraries
Summary(pl.UTF-8): Wiązania Pythona do bibliotek analizy polityk SELinuksa
License: LGPL v2.1+ (core modules), GPL v2+ (seinfo and sesearch)
Group: Libraries/Python
Requires: %{name}-libs = %{version}-%{release}
+Requires: python-setools >= 4
+Obsoletes: python-setools < 4
-%description -n python-setools
+%description -n python-setools3
SETools is a collection of graphical tools, command-line tools, and
libraries designed to facilitate SELinux policy analysis.
@@ -219,7 +226,7 @@ This package includes Python bindings for the following
libraries:
- libseaudit: parse and filter SELinux audit messages in log files
- libsefs: SELinux file contexts library
-%description -n python-setools -l pl.UTF-8
+%description -n python-setools3 -l pl.UTF-8
SETools to zbiór narzędzi graficznych, narzędzi linii poleceń oraz
bibliotek mających na celu ułatwienie analizy polityk SELinuksa.
@@ -263,7 +270,7 @@ Ten pakiet zawiera wiązania Tcl-a do bibliotek
uruchomieniowych:
- libsefs - kontekstów plików SELinuksa
%prep
-%setup -q
+%setup -q -n setools-%{version}
%patch0 -p1
%patch1 -p1
%patch2 -p1
@@ -301,9 +308,16 @@ install -d
$RPM_BUILD_ROOT{%{_desktopdir},%{_pixmapsdir},/etc/pam.d}
%{__make} install \
DESTDIR=$RPM_BUILD_ROOT
+# continued in setools 4.x
+%{__rm} $RPM_BUILD_ROOT%{_bindir}/{apol,sediff,seinfo,sesearch}
+%{__rm} $RPM_BUILD_ROOT%{_mandir}/man1/{apol,sediff,seinfo,sesearch}.1
+%if %{with python}
+%{__rm} $RPM_BUILD_ROOT%{py_sitedir}/setools/{_qpol.so*,qpol.py}
+%endif
+
cp -p %{SOURCE1} $RPM_BUILD_ROOT/etc/pam.d/seaudit
-cp -p packages/rpm/*.desktop $RPM_BUILD_ROOT%{_desktopdir}
-cp -p apol/apol.png seaudit/seaudit.png sediff/sediffx.png
$RPM_BUILD_ROOT%{_pixmapsdir}
+cp -p packages/rpm/{seaudit,sediffx}.desktop $RPM_BUILD_ROOT%{_desktopdir}
+cp -p seaudit/seaudit.png sediff/sediffx.png $RPM_BUILD_ROOT%{_pixmapsdir}
# let rpm autodetect dependencies
chmod 755 $RPM_BUILD_ROOT%{_libdir}/lib*.so* \
@@ -336,9 +350,6 @@ rm -rf $RPM_BUILD_ROOT
%attr(755,root,root) %{_bindir}/replcon
%attr(755,root,root) %{_bindir}/seaudit-report
%attr(755,root,root) %{_bindir}/sechecker
-%attr(755,root,root) %{_bindir}/sediff
-%attr(755,root,root) %{_bindir}/seinfo
-%attr(755,root,root) %{_bindir}/sesearch
%dir %{pkgdatadir}
%{pkgdatadir}/sechecker-profiles
%{pkgdatadir}/sechecker_help.txt
@@ -349,14 +360,10 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man1/indexcon.1*
%{_mandir}/man1/replcon.1*
%{_mandir}/man1/sechecker.1*
-%{_mandir}/man1/sediff.1*
-%{_mandir}/man1/seinfo.1*
-%{_mandir}/man1/sesearch.1*
%{_mandir}/man8/seaudit-report.8*
%files gui
%defattr(644,root,root,755)
-%attr(755,root,root) %{_bindir}/apol
%attr(755,root,root) %{_bindir}/sediffx
%attr(755,root,root) %{_sbindir}/seaudit
%dir %{_libdir}/setools/apol_tcl
@@ -375,13 +382,10 @@ rm -rf $RPM_BUILD_ROOT
%{pkgdatadir}/*.glade
%{pkgdatadir}/*.png
%config(noreplace) %verify(not md5 mtime size) /etc/pam.d/seaudit
-%{_desktopdir}/apol.desktop
%{_desktopdir}/seaudit.desktop
%{_desktopdir}/sediffx.desktop
-%{_pixmapsdir}/apol.png
%{_pixmapsdir}/seaudit.png
%{_pixmapsdir}/sediffx.png
-%{_mandir}/man1/apol.1*
%{_mandir}/man1/sediffx.1*
%{_mandir}/man8/seaudit.8*
@@ -451,12 +455,11 @@ rm -rf $RPM_BUILD_ROOT
%endif
%if %{with python}
-%files -n python-setools
+%files -n python-setools3
%defattr(644,root,root,755)
%dir %{py_sitedir}/setools
%attr(755,root,root) %{py_sitedir}/setools/_apol.so*
%attr(755,root,root) %{py_sitedir}/setools/_poldiff.so*
-%attr(755,root,root) %{py_sitedir}/setools/_qpol.so*
%attr(755,root,root) %{py_sitedir}/setools/_seaudit.so*
%attr(755,root,root) %{py_sitedir}/setools/_sefs.so*
%attr(755,root,root) %{py_sitedir}/setools/_seinfo.so
@@ -464,7 +467,6 @@ rm -rf $RPM_BUILD_ROOT
%{py_sitedir}/setools/__init__.py[co]
%{py_sitedir}/setools/apol.py[co]
%{py_sitedir}/setools/poldiff.py[co]
-%{py_sitedir}/setools/qpol.py[co]
%{py_sitedir}/setools/seaudit.py[co]
%{py_sitedir}/setools/sefs.py[co]
%{py_sitedir}/setools-1.0-py*.egg-info
diff --git a/setools-sepol.patch b/setools-sepol.patch
index e39bd5f..93a3d27 100644
--- a/setools-sepol.patch
+++ b/setools-sepol.patch
@@ -62,3 +62,478 @@
if (tmp) {
tmp++; /* remove prepended space */
for (cur = 0; cur < perm_list_sz; cur++)
+--- setools-3.3.8/libqpol/src/mlsrule_query.c 2013-01-16 17:36:24.000000000
+0100
++++ setools-4.1.1/libqpol/mlsrule_query.c 2017-08-05 22:07:48.000000000
+0200
+@@ -36,7 +36,8 @@
+
+ typedef struct range_trans_state
+ {
+- range_trans_t *head;
++ unsigned int bucket;
++ hashtab_ptr_t cur_item;
+ range_trans_t *cur;
+ } range_trans_state_t;
+
+@@ -55,8 +56,9 @@
+ static void *range_trans_state_get_cur(const qpol_iterator_t * iter)
+ {
+ range_trans_state_t *rs = NULL;
++ const policydb_t *db = NULL;
+
+- if (!iter || !(rs = qpol_iterator_state(iter))) {
++ if (!iter || !(rs = qpol_iterator_state(iter)) || !(db =
qpol_iterator_policy(iter))) {
+ errno = EINVAL;
+ return NULL;
+ }
+@@ -67,8 +69,9 @@
+ static int range_trans_state_next(qpol_iterator_t * iter)
+ {
+ range_trans_state_t *rs = NULL;
++ const policydb_t *db = NULL;
+
+- if (!iter || !(rs = qpol_iterator_state(iter))) {
++ if (!iter || !(rs = qpol_iterator_state(iter)) || !(db =
qpol_iterator_policy(iter))) {
+ errno = EINVAL;
+ return STATUS_ERR;
+ }
+@@ -78,7 +81,21 @@
+ return STATUS_ERR;
+ }
+
+- rs->cur = rs->cur->next;
++ rs->cur_item = rs->cur_item->next;
++ while (rs->cur_item == NULL) {
++ rs->bucket++;
++ if (rs->bucket >= db->range_tr->size) {
++ break;
++ }
++
++ rs->cur_item = db->range_tr->htable[rs->bucket];
++ }
++
++ if (rs->cur_item == NULL) {
++ rs->cur = NULL;
++ } else {
++ rs->cur = (range_trans_t*)rs->cur_item->key;
++ }
+
+ return STATUS_SUCCESS;
+ }
+@@ -86,16 +103,23 @@
+ static size_t range_trans_state_size(const qpol_iterator_t * iter)
+ {
+ range_trans_state_t *rs = NULL;
++ const policydb_t *db = NULL;
+ size_t count = 0;
+- range_trans_t *tmp = NULL;
++ unsigned int i = 0;
+
+- if (!iter || !(rs = qpol_iterator_state(iter))) {
++ if (!iter || !(rs = qpol_iterator_state(iter)) || !(db =
qpol_iterator_policy(iter))) {
+ errno = EINVAL;
+ return 0;
+ }
+
+- for (tmp = rs->head; tmp; tmp = tmp->next)
+- count++;
++ hashtab_ptr_t cur = NULL;
++ for (i = 0; i < db->range_tr->size; i++) {
++ cur = db->range_tr->htable[i];
++ while (cur != NULL) {
++ count++;
++ cur = cur->next;
++ }
++ }
+
+ return count;
+ }
+@@ -133,7 +157,24 @@
+ return STATUS_ERR;
+ }
+
+- rs->head = rs->cur = db->range_tr;
++ rs->bucket = 0;
++ rs->cur_item = db->range_tr->htable[0];
++ rs->cur = NULL;
++
++ rs->cur_item = db->range_tr->htable[rs->bucket];
++ while (rs->cur_item == NULL) {
++ rs->bucket++;
++ if (rs->bucket >= db->range_tr->size) {
++ break;
++ }
++
++ rs->cur_item = db->range_tr->htable[rs->bucket];
++ }
++
++ if (rs->cur_item != NULL) {
++ rs->cur = (range_trans_t*)rs->cur_item->key;
++ }
++
+ return STATUS_SUCCESS;
+ }
+
+@@ -208,7 +249,6 @@
+
+ int qpol_range_trans_get_range(const qpol_policy_t * policy, const
qpol_range_trans_t * rule, const qpol_mls_range_t ** range)
+ {
+- policydb_t *db = NULL;
+ range_trans_t *rt = NULL;
+
+ if (range) {
+@@ -221,10 +261,16 @@
+ return STATUS_ERR;
+ }
+
+- db = &policy->p->p;
++ policydb_t *db = &policy->p->p;
+ rt = (range_trans_t *) rule;
++ mls_range_t *target_range = NULL;
++
++ target_range = hashtab_search(db->range_tr, (hashtab_key_t)rt);
++ if (target_range == NULL) {
++ return STATUS_ERR;
++ }
+
+- *range = (qpol_mls_range_t *) & rt->target_range;
++ *range = (qpol_mls_range_t *)target_range;
+
+ return STATUS_SUCCESS;
+ }
+--- setools-3.3.8/libqpol/src/policy_define.c.orig 2018-07-17
17:29:40.264481696 +0200
++++ setools-3.3.8/libqpol/src/policy_define.c 2018-07-17 17:53:07.581132295
+0200
+@@ -45,8 +45,14 @@
+ #include <string.h>
+ #include <sys/socket.h>
+ #include <netinet/in.h>
++#ifndef IPPROTO_DCCP
++#define IPPROTO_DCCP 33
++#endif
+ #include <arpa/inet.h>
+ #include <stdlib.h>
++#include <limits.h>
++#include <inttypes.h>
++#include <ctype.h>
+
+ #include <sepol/policydb/expand.h>
+ #include <sepol/policydb/policydb.h>
+@@ -54,18 +60,14 @@
+ #include <sepol/policydb/conditional.h>
+ #include <sepol/policydb/flask.h>
+ #include <sepol/policydb/hierarchy.h>
+-#ifdef HAVE_SEPOL_POLICYCAPS
+ #include <sepol/policydb/polcaps.h>
+-#endif
+-#ifdef HAVE_SEPOL_ERRCODES
+-#include <sepol/errcodes.h>
+-#endif
+-
+ #include "queue.h"
+-#include <qpol/policy.h>
+ #include "module_compiler.h"
+ #include "policy_define.h"
+
++/* Required for SETools libqpol - Removed #include "checkpolicy.h"*/
++#include <qpol/policy.h>
++
+ policydb_t *policydbp;
+ queue_t id_queue = 0;
+ unsigned int pass;
+@@ -78,8 +80,8 @@
+ extern unsigned long source_lineno;
+ extern unsigned int policydb_errors;
+
+-extern int yywarn(char *msg);
+-extern int yyerror(char *msg);
++extern int yywarn(const char *msg);
++extern int yyerror(const char *msg);
+
+ #define ERRORMSG_LEN 255
+ static char errormsg[ERRORMSG_LEN + 1] = { 0 };
+@@ -98,6 +100,7 @@
+ num_rules = 0;
+ }
+
++__attribute__ ((format(printf, 1, 2)))
+ void yyerror2(char *fmt, ...)
+ {
+ va_list ap;
+@@ -107,6 +110,7 @@
+ va_end(ap);
+ }
+
++/* Required for SETools libqpol */
+ int define_mls(void)
+ {
+ mlspol = 1;
+@@ -2243,12 +2247,13 @@
+ ebitmap_t e_tclasses;
+ ebitmap_node_t *snode, *tnode, *cnode;
+ filename_trans_t *ft;
++ filename_trans_datum_t *ftdatum;
+ filename_trans_rule_t *ftr;
+ class_datum_t *cladatum;
+ type_datum_t *typdatum;
+ uint32_t otype;
+ unsigned int c, s, t;
+- int add;
++ int add, rc;
+
+ if (pass == 1) {
+ /* stype */
+@@ -2347,40 +2352,46 @@
+ ebitmap_for_each_bit(&e_ttypes, tnode, t) {
+ if (!ebitmap_node_get_bit(tnode, t))
+ continue;
+-
+- for (ft = policydbp->filename_trans; ft; ft =
ft->next) {
+- if (ft->stype == (s + 1) &&
+- ft->ttype == (t + 1) &&
+- ft->tclass == (c + 1) &&
+- !strcmp(ft->name, name)) {
+- yyerror2("duplicate filename
transition for: filename_trans %s %s %s:%s",
+- name,
+-
policydbp->p_type_val_to_name[s],
+-
policydbp->p_type_val_to_name[t],
+-
policydbp->p_class_val_to_name[c]);
+- goto bad;
+- }
+- }
+-
+- ft = malloc(sizeof(*ft));
++
++ ft = calloc(1, sizeof(*ft));
+ if (!ft) {
+ yyerror("out of memory");
+ goto bad;
+ }
+- memset(ft, 0, sizeof(*ft));
+-
+- ft->next = policydbp->filename_trans;
+- policydbp->filename_trans = ft;
+-
++ ft->stype = s + 1;
++ ft->ttype = t + 1;
++ ft->tclass = c + 1;
+ ft->name = strdup(name);
+ if (!ft->name) {
+ yyerror("out of memory");
+ goto bad;
+ }
+- ft->stype = s + 1;
+- ft->ttype = t + 1;
+- ft->tclass = c + 1;
+- ft->otype = otype;
++
++ ftdatum =
hashtab_search(policydbp->filename_trans,
++ (hashtab_key_t)ft);
++ if (ftdatum) {
++ yyerror2("duplicate filename transition
for: filename_trans %s %s %s:%s",
++ name,
++
policydbp->p_type_val_to_name[s],
++
policydbp->p_type_val_to_name[t],
++
policydbp->p_class_val_to_name[c]);
++ goto bad;
++ }
++
++ ftdatum = calloc(1, sizeof(*ftdatum));
++ if (!ftdatum) {
++ yyerror("out of memory");
++ goto bad;
++ }
++ ftdatum->otype = otype;
++
++ rc = hashtab_insert(policydbp->filename_trans,
++ (hashtab_key_t)ft,
++ ftdatum);
++ if (rc) {
++ yyerror("out of memory");
++ goto bad;
++ }
+ }
+ }
+
+@@ -2394,8 +2405,14 @@
+ append_filename_trans(ftr);
+
+ ftr->name = strdup(name);
+- ftr->stypes = stypes;
+- ftr->ttypes = ttypes;
++ if (type_set_cpy(&ftr->stypes, &stypes)) {
++ yyerror("out of memory");
++ goto bad;
++ }
++ if (type_set_cpy(&ftr->ttypes, &ttypes)) {
++ yyerror("out of memory");
++ goto bad;
++ }
+ ftr->tclass = c + 1;
+ ftr->otype = otype;
+ }
+@@ -3703,7 +3720,7 @@
+ newc->u.iomem.high_iomem = high;
+
+ if (low > high) {
+- yyerror2("low memory 0x%x exceeds high memory 0x%x", low, high);
++ yyerror2("low memory 0x%lx exceeds high memory 0x%lx", low,
high);
+ free(newc);
+ return -1;
+ }
+@@ -3715,12 +3732,14 @@
+
+ head = policydbp->ocontexts[OCON_XEN_IOMEM];
+ for (l = NULL, c = head; c; l = c, c = c->next) {
+- unsigned int low2, high2;
++ unsigned long low2, high2;
+
+ low2 = c->u.iomem.low_iomem;
+ high2 = c->u.iomem.high_iomem;
+ if (low <= high2 && low2 <= high) {
+- yyerror2("iomemcon entry for 0x%x-0x%x overlaps with "
"earlier entry 0x%x-0x%x", low, high, low2, high2);
++ yyerror2("iomemcon entry for 0x%lx-0x%lx overlaps with "
++ "earlier entry 0x%lx-0x%lx", low, high,
++ low2, high2);
+ goto bad;
+ }
+ }
+@@ -3770,7 +3789,7 @@
+ newc->u.ioport.high_ioport = high;
+
+ if (low > high) {
+- yyerror2("low ioport 0x%x exceeds high ioport 0x%x", low, high);
++ yyerror2("low ioport 0x%lx exceeds high ioport 0x%lx", low,
high);
+ free(newc);
+ return -1;
+ }
+@@ -3787,7 +3806,9 @@
+ low2 = c->u.ioport.low_ioport;
+ high2 = c->u.ioport.high_ioport;
+ if (low <= high2 && low2 <= high) {
+- yyerror2("ioportcon entry for 0x%x-0x%x overlaps with"
"earlier entry 0x%x-0x%x", low, high, low2, high2);
++ yyerror2("ioportcon entry for 0x%lx-0x%lx overlaps with"
++ "earlier entry 0x%x-0x%x", low, high,
++ low2, high2);
+ goto bad;
+ }
+ }
+@@ -3846,7 +3867,8 @@
+
+ device2 = c->u.device;
+ if (device == device2) {
+- yyerror2("duplicate pcidevicecon entry for 0x%x ",
device);
++ yyerror2("duplicate pcidevicecon entry for 0x%lx",
++ device);
+ goto bad;
+ }
+ }
+--- setools-3.3.8/libqpol/src/ftrule_query.c 2013-01-16 17:36:24.000000000
+0100
++++ setools-4.1.1/libqpol/ftrule_query.c 2017-08-05 22:07:48.000000000
+0200
+@@ -29,10 +29,12 @@
+ #include "iterator_internal.h"
+ #include "qpol_internal.h"
+ #include <sepol/policydb/policydb.h>
++#include <sepol/policydb/hashtab.h>
+
+ typedef struct filename_trans_state
+ {
+- filename_trans_t *head;
++ unsigned int bucket;
++ hashtab_ptr_t cur_item;
+ filename_trans_t *cur;
+ } filename_trans_state_t;
+
+@@ -76,7 +78,21 @@
+ return STATUS_ERR;
+ }
+
+- fts->cur = fts->cur->next;
++ fts->cur_item = fts->cur_item->next;
++ while (fts->cur_item == NULL) {
++ fts->bucket++;
++ if (fts->bucket >= db->filename_trans->size) {
++ break;
++ }
++
++ fts->cur_item = db->filename_trans->htable[fts->bucket];
++ }
++
++ if (fts->cur_item == NULL) {
++ fts->cur = NULL;
++ } else {
++ fts->cur = (filename_trans_t*)fts->cur_item->key;
++ }
+
+ return STATUS_SUCCESS;
+ }
+@@ -85,16 +101,22 @@
+ {
+ filename_trans_state_t *fts = NULL;
+ const policydb_t *db = NULL;
+- filename_trans_t *tmp = NULL;
+ size_t count = 0;
++ unsigned int i = 0;
+
+ if (!iter || !(fts = qpol_iterator_state(iter)) || !(db =
qpol_iterator_policy(iter))) {
+ errno = EINVAL;
+- return STATUS_ERR;
++ return 0;
+ }
+
+- for (tmp = fts->head; tmp; tmp = tmp->next)
+- count++;
++ hashtab_ptr_t cur = NULL;
++ for (i = 0; i < db->filename_trans->size; i++) {
++ cur = db->filename_trans->htable[i];
++ while (cur != NULL) {
++ count++;
++ cur = cur->next;
++ }
++ }
+
+ return count;
+ }
+@@ -122,8 +144,25 @@
+ ERR(policy, "%s", strerror(errno));
+ return STATUS_ERR;
+ }
+- fts->head = fts->cur = db->filename_trans;
+
++ fts->bucket = 0;
++ fts->cur_item = db->filename_trans->htable[0];
++ fts->cur = NULL;
++
++ fts->cur_item = db->filename_trans->htable[fts->bucket];
++ while (fts->cur_item == NULL) {
++ fts->bucket++;
++ if (fts->bucket >= db->filename_trans->size) {
++ break;
++ }
++
++ fts->cur_item = db->filename_trans->htable[fts->bucket];
++ }
++
++ if (fts->cur_item != NULL) {
++ fts->cur = (filename_trans_t*)fts->cur_item->key;
++ }
++
+ if (qpol_iterator_create
+ (policy, (void *)fts, filename_trans_state_get_cur,
filename_trans_state_next, filename_trans_state_end, filename_trans_state_size,
+ free, iter)) {
+@@ -224,7 +263,16 @@
+ db = &policy->p->p;
+ ft = (filename_trans_t *) rule;
+
+- *dflt = (qpol_type_t *) db->type_val_to_struct[ft->otype - 1];
++ /* Since the filename_trans rules were converted to being stored in a
hashtab, otype was moved to the datum of the hashtab.
++ * So we just look it up here.
++ */
++ filename_trans_datum_t *datum = hashtab_search(db->filename_trans,
(hashtab_key_t)ft);
++
++ if (datum == NULL) {
++ return STATUS_ERR;
++ }
++
++ *dflt = (qpol_type_t *) db->type_val_to_struct[datum->otype - 1];
+
+ return STATUS_SUCCESS;
+ }
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/setools3.git/commitdiff/342fd9455ef1e692b56354c77f14a719fbf88c3f
_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
