rpms
/
mcstrans
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Port to new PCRE2 from end-of-life PCRE

This commit is contained in:
Petr Lautrbach 2021-12-10 14:42:45 +01:00
parent 0a457d8a7d
commit bbc75fbd05
3 changed files with 697 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

343
0005-mcstrans-avoid-missing-prototypes.patch Normal file
View File

@ -0,0 +1,343 @@
From aed6280eea9258e6ed9bd20952f5a9bf8fe376d0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Fri, 12 Nov 2021 16:41:58 +0100
Subject: [PATCH] mcstrans: avoid missing prototypes
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Mark local functions static.
Export functions of mcscolor.c in mcscolor.h and avoid bare extern
function declarations.
Drop unused function emit_whitespace().
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
mcstrans/src/mcscolor.c | 2 ++
mcstrans/src/mcscolor.h | 8 ++++++
mcstrans/src/mcstrans.c | 57 ++++++++++++++++++----------------------
mcstrans/src/mcstrans.h | 1 -
mcstrans/src/mcstransd.c | 13 +++------
5 files changed, 38 insertions(+), 43 deletions(-)
create mode 100644 mcstrans/src/mcscolor.h
diff --git a/mcstrans/src/mcscolor.c b/mcstrans/src/mcscolor.c
index 94421a58dee4..275a99b7b12a 100644
--- a/mcstrans/src/mcscolor.c
+++ b/mcstrans/src/mcscolor.c
@@ -11,6 +11,8 @@
#include <syslog.h>
#include <selinux/selinux.h>
#include <selinux/context.h>
+
+#include "mcscolor.h"
#include "mcstrans.h"
/* Define data structures */
diff --git a/mcstrans/src/mcscolor.h b/mcstrans/src/mcscolor.h
new file mode 100644
index 000000000000..c37fe6ed5197
--- /dev/null
+++ b/mcstrans/src/mcscolor.h
@@ -0,0 +1,8 @@
+#ifndef __mcscolor_h__
+#define __mcscolor_h__
+
+extern void finish_context_colors(void);
+extern int init_colors(void);
+extern int raw_color(const char *raw, char **color_str);
+
+#endif
diff --git a/mcstrans/src/mcstrans.c b/mcstrans/src/mcstrans.c
index 4e110e02f73a..ba8b79a4b360 100644
--- a/mcstrans/src/mcstrans.c
+++ b/mcstrans/src/mcstrans.c
@@ -136,7 +136,7 @@ typedef struct cat_constraint {
static cat_constraint_t *cat_constraints;
-unsigned int
+static unsigned int
hash(const char *str) {
unsigned int hash = 5381;
int c;
@@ -213,7 +213,7 @@ parse_category(ebitmap_t *e, const char *raw, int allowinverse)
return 0;
}
-int
+static int
parse_ebitmap(ebitmap_t *e, ebitmap_t *def, const char *raw) {
int rc = ebitmap_cpy(e, def);
if (rc < 0)
@@ -224,7 +224,7 @@ parse_ebitmap(ebitmap_t *e, ebitmap_t *def, const char *raw) {
return 0;
}
-mls_level_t *
+static mls_level_t *
parse_raw(const char *raw) {
mls_level_t *mls = calloc(1, sizeof(mls_level_t));
if (!mls)
@@ -248,7 +248,7 @@ err:
return NULL;
}
-void
+static void
destroy_word(word_t **list, word_t *word) {
if (!word) {
return;
@@ -267,7 +267,7 @@ destroy_word(word_t **list, word_t *word) {
free(word);
}
-word_t *
+static word_t *
create_word(word_t **list, const char *text) {
word_t *w = calloc(1, sizeof(word_t));
if (!w) {
@@ -291,7 +291,7 @@ err:
return NULL;
}
-void
+static void
destroy_group(word_group_t **list, word_group_t *group) {
for (; list && *list; list = &(*list)->next) {
if (*list == group) {
@@ -324,7 +324,7 @@ destroy_group(word_group_t **list, word_group_t *group) {
free(group);
}
-word_group_t *
+static word_group_t *
create_group(word_group_t **list, const char *name) {
word_group_t *group = calloc(1, sizeof(word_group_t));
if (!group)
@@ -357,7 +357,7 @@ err:
return NULL;
}
-void
+static void
destroy_domain(domain_t *domain) {
int i;
unsigned int rt = 0, tr = 0;
@@ -401,7 +401,7 @@ destroy_domain(domain_t *domain) {
syslog(LOG_INFO, "cache sizes: tr = %u, rt = %u", tr, rt);
}
-domain_t *
+static domain_t *
create_domain(const char *name) {
domain_t *domain = calloc(1, sizeof(domain_t));
if (!domain) {
@@ -425,7 +425,7 @@ err:
return NULL;
}
-int
+static int
add_word(word_group_t *group, char *raw, char *trans) {
if (strchr(trans,'-')) {
log_error("'%s'is invalid because '-' is illegal in modifiers.\n", trans);
@@ -451,7 +451,7 @@ add_word(word_group_t *group, char *raw, char *trans) {
return 0;
}
-int
+static int
add_constraint(char op, char *raw, char *tok) {
log_debug("%s\n", "add_constraint");
ebitmap_t empty;
@@ -521,7 +521,7 @@ add_constraint(char op, char *raw, char *tok) {
return 0;
}
-int
+static int
violates_constraints(mls_level_t *l) {
int nbits;
sens_constraint_t *s;
@@ -563,7 +563,7 @@ violates_constraints(mls_level_t *l) {
return 0;
}
-void
+static void
destroy_sens_constraint(sens_constraint_t **list, sens_constraint_t *constraint) {
if (!constraint) {
return;
@@ -580,7 +580,7 @@ destroy_sens_constraint(sens_constraint_t **list, sens_constraint_t *constraint)
free(constraint);
}
-void
+static void
destroy_cat_constraint(cat_constraint_t **list, cat_constraint_t *constraint) {
if (!constraint) {
return;
@@ -670,7 +670,7 @@ find_in_table(context_map_node_t **table, const char *key) {
return NULL;
}
-char *
+static char *
trim(char *str, const char *whitespace) {
char *p = str + strlen(str);
@@ -679,7 +679,7 @@ trim(char *str, const char *whitespace) {
return str;
}
-char *
+static char *
triml(char *str, const char *whitespace) {
char *p = str;
@@ -688,7 +688,7 @@ triml(char *str, const char *whitespace) {
return p;
}
-int
+static int
update(char **p, char *const val) {
free (*p);
*p = strdup(val);
@@ -699,7 +699,7 @@ update(char **p, char *const val) {
return 0;
}
-int
+static int
append(affix_t **affixes, const char *val) {
affix_t *affix = calloc(1, sizeof(affix_t));
if (!affix) {
@@ -894,7 +894,7 @@ init_translations(void) {
return(read_translations(selinux_translations_path()));
}
-char *
+static char *
extract_range(const char *incon) {
context_t con = context_new(incon);
if (!con) {
@@ -917,7 +917,7 @@ extract_range(const char *incon) {
return r;
}
-char *
+static char *
new_context_str(const char *incon, const char *range) {
char *rcon = NULL;
context_t con = context_new(incon);
@@ -938,7 +938,7 @@ exit:
return NULL;
}
-char *
+static char *
find_in_hashtable(const char *range, domain_t *domain, context_map_node_t **table) {
char *trans = NULL;
context_map_t *map = find_in_table(table, range);
@@ -953,13 +953,6 @@ find_in_hashtable(const char *range, domain_t *domain, context_map_node_t **tabl
return trans;
}
-void
-emit_whitespace(char*buffer, char *whitespace) {
- strcat(buffer, "[");
- strcat(buffer, whitespace);
- strcat(buffer, "]");
-}
-
static int
string_size(const void *p1, const void *p2) {
return strlen(*(char **)p2) - strlen(*(char **)p1);
@@ -976,7 +969,7 @@ word_size(const void *p1, const void *p2) {
return (w2_len - w1_len);
}
-void
+static void
build_regexp(pcre **r, char *buffer) {
const char *error;
int error_offset;
@@ -989,7 +982,7 @@ build_regexp(pcre **r, char *buffer) {
buffer[0] = '\0';
}
-int
+static int
build_regexps(domain_t *domain) {
char buffer[1024 * 128];
buffer[0] = '\0';
@@ -1093,7 +1086,7 @@ build_regexps(domain_t *domain) {
return 0;
}
-char *
+static char *
compute_raw_from_trans(const char *level, domain_t *domain) {
#ifdef DEBUG
@@ -1285,7 +1278,7 @@ err:
return NULL;
}
-char *
+static char *
compute_trans_from_raw(const char *level, domain_t *domain) {
#ifdef DEBUG
diff --git a/mcstrans/src/mcstrans.h b/mcstrans/src/mcstrans.h
index e5cda93b8a4b..0addb325e569 100644
--- a/mcstrans/src/mcstrans.h
+++ b/mcstrans/src/mcstrans.h
@@ -6,4 +6,3 @@ extern int init_translations(void);
extern void finish_context_translations(void);
extern int trans_context(const char *, char **);
extern int untrans_context(const char *, char **);
-
diff --git a/mcstrans/src/mcstransd.c b/mcstrans/src/mcstransd.c
index 5191fc98ef06..42262e580386 100644
--- a/mcstrans/src/mcstransd.c
+++ b/mcstrans/src/mcstransd.c
@@ -16,6 +16,8 @@
#include <sys/types.h>
#include <sys/uio.h>
#include <sys/un.h>
+
+#include "mcscolor.h"
#include "mcstrans.h"
#ifdef UNUSED
@@ -43,15 +45,6 @@
#define log_debug(fmt, ...) do {} while (0)
#endif
-extern int init_translations(void);
-extern void finish_context_translations(void);
-extern int trans_context(const char *, char **);
-extern int untrans_context(const char *, char **);
-
-extern int init_colors(void);
-extern void finish_context_colors(void);
-extern int raw_color(const char *, char **);
-
#define SETRANSD_PATHNAME "/sbin/mcstransd"
/* name of program (for error messages) */
@@ -516,7 +509,7 @@ initialize(void)
}
-void dropprivs(void)
+static void dropprivs(void)
{
cap_t new_caps;
--
2.33.1

346
0006-mcstrans-port-to-new-PCRE2-from-end-of-life-PCRE.patch Normal file
View File

@ -0,0 +1,346 @@
From 9d3c598984d2b7b4deb4ba2e9c3d7d404a12fee1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Tue, 30 Nov 2021 12:04:25 +0100
Subject: [PATCH] mcstrans: port to new PCRE2 from end-of-life PCRE
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Quoting pcre.org:
There are two major versions of the PCRE library. The current
version, PCRE2, released in 2015, is now at version 10.39.
The older, but still widely deployed PCRE library, originally
released in 1997, is at version 8.45. This version of PCRE is now at
end of life, and is no longer being actively maintained. Version
8.45 is expected to be the final release of the older PCRE library,
and new projects should use PCRE2 instead.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: Petr Lautrbach <plautrba@redhat.com>
---
mcstrans/Makefile | 6 ++
mcstrans/src/Makefile | 4 +-
mcstrans/src/mcstrans.c | 131 ++++++++++++++++++++++++++++------------
mcstrans/utils/Makefile | 6 +-
4 files changed, 104 insertions(+), 43 deletions(-)
diff --git a/mcstrans/Makefile b/mcstrans/Makefile
index c993a9f52713..b20279ab984a 100644
--- a/mcstrans/Makefile
+++ b/mcstrans/Makefile
@@ -1,3 +1,9 @@
+PKG_CONFIG ?= pkg-config
+PCRE_MODULE := libpcre2-8
+PCRE_CFLAGS := $(shell $(PKG_CONFIG) --cflags $(PCRE_MODULE)) -DPCRE2_CODE_UNIT_WIDTH=8
+PCRE_LDLIBS := $(shell $(PKG_CONFIG) --libs $(PCRE_MODULE))
+export PCRE_MODULE PCRE_CFLAGS PCRE_LDLIBS
+
all:
$(MAKE) -C src
$(MAKE) -C utils
diff --git a/mcstrans/src/Makefile b/mcstrans/src/Makefile
index 76ef055714e9..ef518625cd3b 100644
--- a/mcstrans/src/Makefile
+++ b/mcstrans/src/Makefile
@@ -20,10 +20,10 @@ CFLAGS ?= -Wall -W -Wundef -Wmissing-noreturn -Wmissing-format-attribute
all: $(PROG)
$(PROG): $(PROG_OBJS) $(LIBSEPOLA)
- $(CC) $(LDFLAGS) -pie -o $@ $^ -lselinux -lcap -lpcre $(LDLIBS_LIBSEPOLA)
+ $(CC) $(LDFLAGS) -pie -o $@ $^ -lselinux -lcap $(PCRE_LDLIBS) $(LDLIBS_LIBSEPOLA)
%.o: %.c
- $(CC) $(CFLAGS) -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -fPIE -c -o $@ $<
+ $(CC) $(CFLAGS) $(PCRE_CFLAGS) -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -fPIE -c -o $@ $<
install: all
test -d $(DESTDIR)$(SBINDIR) || install -m 755 -d $(DESTDIR)$(SBINDIR)
diff --git a/mcstrans/src/mcstrans.c b/mcstrans/src/mcstrans.c
index ba8b79a4b360..af3f507ef718 100644
--- a/mcstrans/src/mcstrans.c
+++ b/mcstrans/src/mcstrans.c
@@ -26,7 +26,7 @@
#include <selinux/context.h>
#include <syslog.h>
#include <errno.h>
-#include <pcre.h>
+#include <pcre2.h>
#include <ctype.h>
#include <time.h>
#include <sys/time.h>
@@ -36,7 +36,6 @@
#include "mcstrans.h"
#define N_BUCKETS 1453
-#define OVECCOUNT (512*3)
#define log_error(fmt, ...) fprintf(stderr, fmt, __VA_ARGS__)
@@ -82,9 +81,9 @@ typedef struct word_group {
affix_t *suffixes;
word_t *words;
- pcre *prefix_regexp;
- pcre *word_regexp;
- pcre *suffix_regexp;
+ pcre2_code *prefix_regexp;
+ pcre2_code *word_regexp;
+ pcre2_code *suffix_regexp;
ebitmap_t def;
@@ -109,7 +108,7 @@ typedef struct domain {
base_classification_t *base_classifications;
word_group_t *groups;
- pcre *base_classification_regexp;
+ pcre2_code *base_classification_regexp;
struct domain *next;
} domain_t;
@@ -317,9 +316,9 @@ destroy_group(word_group_t **list, word_group_t *group) {
free(group->name);
free(group->sword);
free(group->join);
- pcre_free(group->prefix_regexp);
- pcre_free(group->word_regexp);
- pcre_free(group->suffix_regexp);
+ pcre2_code_free(group->prefix_regexp);
+ pcre2_code_free(group->word_regexp);
+ pcre2_code_free(group->suffix_regexp);
ebitmap_destroy(&group->def);
free(group);
}
@@ -392,7 +391,7 @@ destroy_domain(domain_t *domain) {
free(domain->base_classifications);
domain->base_classifications = next;
}
- pcre_free(domain->base_classification_regexp);
+ pcre2_code_free(domain->base_classification_regexp);
while (domain->groups)
destroy_group(&domain->groups, domain->groups);
free(domain->name);
@@ -970,14 +969,16 @@ word_size(const void *p1, const void *p2) {
}
static void
-build_regexp(pcre **r, char *buffer) {
- const char *error;
- int error_offset;
+build_regexp(pcre2_code **r, char *buffer) {
+ int error;
+ PCRE2_SIZE error_offset;
if (*r)
- pcre_free(*r);
- *r = pcre_compile(buffer, PCRE_CASELESS, &error, &error_offset, NULL);
- if (error) {
- log_error("pcre=%s, error=%s\n", buffer, error ? error: "none");
+ pcre2_code_free(*r);
+ *r = pcre2_compile((PCRE2_SPTR8) buffer, PCRE2_ZERO_TERMINATED, PCRE2_CASELESS, &error, &error_offset, NULL);
+ if (!*r) {
+ PCRE2_UCHAR errbuf[256];
+ pcre2_get_error_message(error, errbuf, sizeof(errbuf));
+ log_error("pcre compilation of '%s' failed at offset %zu: %s\n", buffer, error_offset, errbuf);
}
buffer[0] = '\0';
}
@@ -1095,12 +1096,12 @@ compute_raw_from_trans(const char *level, domain_t *domain) {
#endif
int rc = 0;
- int ovector[OVECCOUNT];
+ pcre2_match_data *match_data = NULL;
word_group_t *g = NULL;
char *work = NULL;
char *r = NULL;
- const char * match = NULL;
- int work_len;
+ char *match = NULL;
+ size_t work_len;
mls_level_t *mraw = NULL;
ebitmap_t set, clear, tmp;
@@ -1121,11 +1122,20 @@ compute_raw_from_trans(const char *level, domain_t *domain) {
if (!domain->base_classification_regexp)
goto err;
log_debug(" compute_raw_from_trans work = %s\n", work);
- rc = pcre_exec(domain->base_classification_regexp, 0, work, work_len, 0, PCRE_ANCHORED, ovector, OVECCOUNT);
+ match_data = pcre2_match_data_create_from_pattern(domain->base_classification_regexp, NULL);
+ if (!match_data) {
+ log_error("allocation error %s", strerror(errno));
+ goto err;
+ }
+ rc = pcre2_match(domain->base_classification_regexp, (PCRE2_SPTR8)work, work_len, 0, PCRE2_ANCHORED, match_data, NULL);
if (rc > 0) {
- match = NULL;
- pcre_get_substring(work, ovector, rc, 0, &match);
- log_debug(" compute_raw_from_trans match = %s len = %u\n", match, strlen(match));
+ const PCRE2_SIZE *ovector = pcre2_get_ovector_pointer(match_data);
+ match = strndup(work + ovector[0], ovector[1] - ovector[0]);
+ if (!match) {
+ log_error("allocation error %s", strerror(errno));
+ goto err;
+ }
+ log_debug(" compute_raw_from_trans match = %s len = %zu\n", match, strlen(match));
base_classification_t *bc;
for (bc = domain->base_classifications; bc; bc = bc->next) {
if (!strcmp(bc->trans, match)) {
@@ -1145,12 +1155,23 @@ compute_raw_from_trans(const char *level, domain_t *domain) {
char *p=work + ovector[0] + ovector[1];
while (*p && (strchr(" ", *p) != NULL))
*p++ = '#';
- pcre_free((char *)match);
+
+ free(match);
match = NULL;
} else {
- log_debug(" compute_raw_from_trans no base classification matched %s\n", level);
+ switch (rc) {
+ case PCRE2_ERROR_NOMATCH:
+ log_debug(" compute_raw_from_trans no base classification matched %s\n", level);
+ break;
+ default:
+ log_error("compute_raw_from_trans: base matching error for input '%s': %d\n", level, rc);
+ break;
+ }
}
+ pcre2_match_data_free(match_data);
+ match_data = NULL;
+
if (mraw == NULL) {
goto err;
}
@@ -1161,23 +1182,43 @@ compute_raw_from_trans(const char *level, domain_t *domain) {
change = 0;
for (g = domain->groups; g && !change && !complete; g = g->next) {
int prefix = 0, suffix = 0;
- int prefix_offset = 0, prefix_len = 0;
- int suffix_offset = 0, suffix_len = 0;
+ PCRE2_SIZE prefix_offset = 0, prefix_len = 0;
+ PCRE2_SIZE suffix_offset = 0, suffix_len = 0;
if (g->prefix_regexp) {
- rc = pcre_exec(g->prefix_regexp, 0, work, work_len, 0, 0, ovector, OVECCOUNT);
+ match_data = pcre2_match_data_create_from_pattern(g->prefix_regexp, NULL);
+ if (!match_data) {
+ log_error("allocation error %s", strerror(errno));
+ goto err;
+ }
+ rc = pcre2_match(g->prefix_regexp, (PCRE2_SPTR8)work, work_len, 0, 0, match_data, NULL);
if (rc > 0) {
+ const PCRE2_SIZE *ovector = pcre2_get_ovector_pointer(match_data);
prefix = 1;
prefix_offset = ovector[0];
prefix_len = ovector[1] - ovector[0];
+ } else if (rc != PCRE2_ERROR_NOMATCH) {
+ log_error("compute_raw_from_trans: prefix matching error for input '%s': %d\n", level, rc);
}
+ pcre2_match_data_free(match_data);
+ match_data = NULL;
}
if (g->suffix_regexp) {
- rc = pcre_exec(g->suffix_regexp, 0, work, work_len, 0, 0, ovector, OVECCOUNT);
+ match_data = pcre2_match_data_create_from_pattern(g->suffix_regexp, NULL);
+ if (!match_data) {
+ log_error("allocation error %s", strerror(errno));
+ goto err;
+ }
+ rc = pcre2_match(g->suffix_regexp, (PCRE2_SPTR8)work, work_len, 0, 0, match_data, NULL);
if (rc > 0) {
+ const PCRE2_SIZE *ovector = pcre2_get_ovector_pointer(match_data);
suffix = 1;
suffix_offset = ovector[0];
suffix_len = ovector[1] - ovector[0];
+ } else if (rc != PCRE2_ERROR_NOMATCH) {
+ log_error("compute_raw_from_trans: suffix matching error for input '%s': %d\n", level, rc);
}
+ pcre2_match_data_free(match_data);
+ match_data = NULL;
}
/* anchors prefix ^, suffix $ */
@@ -1186,14 +1227,23 @@ compute_raw_from_trans(const char *level, domain_t *domain) {
(g->suffixes && suffix)) &&
g->word_regexp) {
char *s = work + prefix_offset + prefix_len;
- int l = (suffix_len ? suffix_offset : work_len) - prefix_len - prefix_offset;
- rc = pcre_exec(g->word_regexp, 0, s, l, 0, 0, ovector, OVECCOUNT);
+ PCRE2_SIZE len = (suffix_len ? suffix_offset : work_len) - prefix_len - prefix_offset;
+ match_data = pcre2_match_data_create_from_pattern(g->word_regexp, NULL);
+ if (!match_data) {
+ log_error("allocation error %s", strerror(errno));
+ goto err;
+ }
+ rc = pcre2_match(g->word_regexp, (PCRE2_SPTR8)s, len, 0, 0, match_data, NULL);
if (rc > 0) {
- match = NULL;
- pcre_get_substring(s, ovector, rc, 0, &match);
- trim((char *)match, g->whitespace);
+ const PCRE2_SIZE *ovector = pcre2_get_ovector_pointer(match_data);
+ match = strndup(s + ovector[0], ovector[1] - ovector[0]);
+ if (!match) {
+ log_error("allocation error %s", strerror(errno));
+ goto err;
+ }
+ trim(match, g->whitespace);
if (*match) {
- char *p = triml((char *)match, g->whitespace);
+ char *p = triml(match, g->whitespace);
while (p && *p) {
int plen = strlen(p);
unsigned int i;
@@ -1230,9 +1280,13 @@ compute_raw_from_trans(const char *level, domain_t *domain) {
memset(work + suffix_offset, '#', suffix_len);
memset(s + ovector[0], '#', ovector[1] - ovector[0]);
}
- pcre_free((void *)match);
+ free(match);
match = NULL;
+ } else if (rc != PCRE2_ERROR_NOMATCH) {
+ log_error("compute_raw_from_trans: word matching error for input '%s' for substring '%s': %d\n", level, s, rc);
}
+ pcre2_match_data_free(match_data);
+ match_data = NULL;
}
/* YYY */
complete=1;
@@ -1271,10 +1325,11 @@ err:
mls_level_destroy(mraw);
free(mraw);
free(work);
- pcre_free((void *)match);
+ free(match);
ebitmap_destroy(&tmp);
ebitmap_destroy(&set);
ebitmap_destroy(&clear);
+ pcre2_match_data_free(match_data);
return NULL;
}
diff --git a/mcstrans/utils/Makefile b/mcstrans/utils/Makefile
index 9dfe772332b4..a48f4e72acc0 100644
--- a/mcstrans/utils/Makefile
+++ b/mcstrans/utils/Makefile
@@ -14,13 +14,13 @@ endif
all: $(TARGETS)
transcon: transcon.o ../src/mcstrans.o ../src/mls_level.o $(LIBSEPOLA)
- $(CC) $(LDFLAGS) -o $@ $^ -lpcre -lselinux $(LDLIBS_LIBSEPOLA)
+ $(CC) $(LDFLAGS) -o $@ $^ $(PCRE_LDLIBS) -lselinux $(LDLIBS_LIBSEPOLA)
untranscon: untranscon.o ../src/mcstrans.o ../src/mls_level.o $(LIBSEPOLA)
- $(CC) $(LDFLAGS) -o $@ $^ -lpcre -lselinux $(LDLIBS_LIBSEPOLA)
+ $(CC) $(LDFLAGS) -o $@ $^ $(PCRE_LDLIBS) -lselinux $(LDLIBS_LIBSEPOLA)
%.o: %.c
- $(CC) $(CFLAGS) -D_GNU_SOURCE -I../src -fPIE -c -o $@ $<
+ $(CC) $(CFLAGS) $(PCRE_CFLAGS) -D_GNU_SOURCE -I../src -fPIE -c -o $@ $<
install: all
-mkdir -p $(DESTDIR)$(SBINDIR)
--
2.33.1

11
mcstrans.spec
View File

@ -1,7 +1,7 @@
Summary: SELinux Translation Daemon
Name: mcstrans
Version: 3.3
Release: 1%{?dist}
Release: 2%{?dist}
License: GPL+
Url: https://github.com/SELinuxProject/selinux/wiki
Source: https://github.com/SELinuxProject/selinux/releases/download/3.3/mcstrans-3.3.tar.gz
@ -13,13 +13,15 @@ Patch0001: 0001-mcstrans-Fir-RESOURCE_LEAK-and-USE_AFTER_FREE-coveri.patch
Patch0002: 0002-mcstrans-Fix-USER_AFTER_FREE-problem.patch
Patch0003: 0003-mcstrans-Do-not-accept-incomplete-contexts.patch
Patch0004: 0004-mcstrans-fix-RESOURCE_LEAK-CWE-772.patch
Patch0005: 0005-mcstrans-avoid-missing-prototypes.patch
Patch0006: 0006-mcstrans-port-to-new-PCRE2-from-end-of-life-PCRE.patch
# Patch list end
BuildRequires: gcc
BuildRequires: make
BuildRequires: libselinux-devel >= %{version}
BuildRequires: libcap-devel pcre-devel libsepol-devel libsepol-static
BuildRequires: libcap-devel pcre2-devel libsepol-devel libsepol-static
BuildRequires: systemd
Requires: pcre
Requires: pcre2
%{?systemd_requires}
Provides: setransd
Provides: libsetrans
@ -95,6 +97,9 @@ install -m644 %{SOURCE2} %{buildroot}%{_mandir}/man8/
%{_usr}/share/mcstrans/util/*
%changelog
* Fri Dec 10 2021 Petr Lautrbach <plautrba@redhat.com> - 3.3-2
- Port to new PCRE2 from end-of-life PCRE
* Fri Oct 22 2021 Petr Lautrbach <plautrba@redhat.com> - 3.3-1
- SELinux userspace 3.3 release