diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/av_permissions.h libselinux-2.0.46/include/selinux/av_permissions.h --- nsalibselinux/include/selinux/av_permissions.h 2007-11-15 15:52:46.000000000 -0500 +++ libselinux-2.0.46/include/selinux/av_permissions.h 2008-01-11 10:51:06.000000000 -0500 @@ -900,6 +900,8 @@ #define PACKET__SEND 0x00000001UL #define PACKET__RECV 0x00000002UL #define PACKET__RELABELTO 0x00000004UL +#define PACKET__FLOW_IN 0x00000008UL +#define PACKET__FLOW_OUT 0x00000010UL #define KEY__VIEW 0x00000001UL #define KEY__READ 0x00000002UL #define KEY__WRITE 0x00000004UL diff --exclude-from=exclude -N -u -r nsalibselinux/src/audit2why.c libselinux-2.0.46/src/audit2why.c --- nsalibselinux/src/audit2why.c 1969-12-31 19:00:00.000000000 -0500 +++ libselinux-2.0.46/src/audit2why.c 2008-01-11 10:51:10.000000000 -0500 @@ -0,0 +1,460 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define UNKNOWN -1 +#define BADSCON -2 +#define BADTCON -3 +#define BADTCLASS -4 +#define BADPERM -5 +#define BADCOMPUTE -6 +#define NOPOLICY -7 +#define ALLOW 0 +#define DONTAUDIT 1 +#define TERULE 2 +#define BOOLEAN 3 +#define CONSTRAINT 4 +#define RBAC 5 + +struct boolean_t { + char *name; + int active; +}; + +static struct boolean_t **boollist = NULL; +static int boolcnt = 0; + +struct avc_t { + sepol_handle_t *handle; + policydb_t policydb; + sepol_security_id_t ssid; + sepol_security_id_t tsid; + sepol_security_class_t tclass; + sepol_access_vector_t av; +}; + +static struct avc_t *avc = NULL; + +static sidtab_t sidtab; + +static int load_booleans(const sepol_bool_t * boolean, + void *arg __attribute__ ((__unused__))) +{ + boollist[boolcnt] = + (struct boolean_t *)malloc(sizeof(struct boolean_t)); + boollist[boolcnt]->name = strdup(sepol_bool_get_name(boolean)); + boollist[boolcnt]->active = sepol_bool_get_value(boolean); + boolcnt++; + return 0; +} + +static int check_booleans(struct avc_t *avc, struct boolean_t ***bools) +{ + char errormsg[PATH_MAX]; + struct sepol_av_decision avd; + unsigned int reason; + int rc; + int i; + sepol_bool_key_t *key = NULL; + sepol_bool_t *boolean = NULL; + int fcnt = 0; + int *foundlist = calloc(boolcnt, sizeof(int)); + if (!foundlist) { + PyErr_SetString( PyExc_MemoryError, "Out of memory\n"); + return fcnt; + } + for (i = 0; i < boolcnt; i++) { + char *name = boollist[i]->name; + int active = boollist[i]->active; + rc = sepol_bool_key_create(avc->handle, name, &key); + if (rc < 0) { + PyErr_SetString( PyExc_RuntimeError, + "Could not create boolean key.\n"); + break; + } + rc = sepol_bool_query(avc->handle, + (sepol_policydb_t *) & avc->policydb, + key, &boolean); + + if (rc < 0) { + snprintf(errormsg, sizeof(errormsg), + "Could not find boolean %s.\n", name); + PyErr_SetString( PyExc_RuntimeError, errormsg); + break; + } + + sepol_bool_set_value(boolean, !active); + + rc = sepol_bool_set(avc->handle, + (sepol_policydb_t *) & avc->policydb, + key, boolean); + if (rc < 0) { + snprintf(errormsg, sizeof(errormsg), + "Could not set boolean data %s.\n", name); + PyErr_SetString( PyExc_RuntimeError, errormsg); + break; + } + + /* Reproduce the computation. */ + rc = sepol_compute_av_reason(avc->ssid, avc->tsid, avc->tclass, + avc->av, &avd, &reason); + if (rc < 0) { + snprintf(errormsg, sizeof(errormsg), + "Error during access vector computation, skipping..."); + PyErr_SetString( PyExc_RuntimeError, errormsg); + + sepol_bool_free(boolean); + break; + } else { + if (!reason) { + foundlist[fcnt] = i; + fcnt++; + } + sepol_bool_set_value((sepol_bool_t *) boolean, active); + rc = sepol_bool_set(avc->handle, + (sepol_policydb_t *) & avc-> + policydb, key, + (sepol_bool_t *) boolean); + if (rc < 0) { + snprintf(errormsg, sizeof(errormsg), + "Could not set boolean data %s.\n", + name); + + PyErr_SetString( PyExc_RuntimeError, errormsg); + break; + } + } + sepol_bool_free(boolean); + sepol_bool_key_free(key); + key = NULL; + boolean = NULL; + } + if (key) + sepol_bool_key_free(key); + + if (boolean) + sepol_bool_free(boolean); + + if (fcnt > 0) { + *bools = (struct boolean_t **) + calloc(sizeof(struct boolean_t), fcnt + 1); + struct boolean_t *b = (struct boolean_t *) *bools; + for (i = 0; i < fcnt; i++) { + int ctr = foundlist[i]; + b[i].name = strdup(boollist[ctr]->name); + b[i].active = !boollist[ctr]->active; + } + } + free(foundlist); + return fcnt; +} + +static PyObject *finish(PyObject *self __attribute__((unused)), PyObject *args) { + PyObject *result = 0; + + if (PyArg_ParseTuple(args,(char *)":finish")) { + int i = 0; + for (i = 0; i < boolcnt; i++) { + free(boollist[i]->name); + free(boollist[i]); + } + free(boollist); + sepol_sidtab_shutdown(&sidtab); + sepol_sidtab_destroy(&sidtab); + policydb_destroy(&avc->policydb); + sepol_handle_destroy(avc->handle); + free(avc); + avc = NULL; + boollist = NULL; + boolcnt = 0; + + /* Boilerplate to return "None" */ + Py_RETURN_NONE; + } + return result; +} + + +static int __policy_init(const char *init_path) +{ + FILE *fp; + int vers = 0; + char path[PATH_MAX]; + char errormsg[PATH_MAX]; + struct policy_file pf; + int rc; + unsigned int cnt; + + if (init_path) { + strncpy(path, init_path, PATH_MAX); + fp = fopen(path, "r"); + if (!fp) { + snprintf(errormsg, sizeof(errormsg), + "unable to open %s: %s\n", + path, strerror(errno)); + PyErr_SetString( PyExc_ValueError, errormsg); + return 0; // trigger exception + } + } else { + vers = security_policyvers(); + if (vers < 0) { + snprintf(errormsg, sizeof(errormsg), + "Could not get policy version: %s\n", + strerror(errno)); + PyErr_SetString( PyExc_ValueError, errormsg); + return 1; + } + snprintf(path, PATH_MAX, "%s.%d", + selinux_binary_policy_path(), vers); + fp = fopen(path, "r"); + while (!fp && errno == ENOENT && --vers) { + snprintf(path, PATH_MAX, "%s.%d", + selinux_binary_policy_path(), vers); + fp = fopen(path, "r"); + } + if (!fp) { + snprintf(errormsg, sizeof(errormsg), + "unable to open %s.%d: %s\n", + selinux_binary_policy_path(), + security_policyvers(), strerror(errno)); + PyErr_SetString( PyExc_ValueError, errormsg); + return 1; + } + } + + avc = calloc(sizeof(struct avc_t), 1); + if (!avc) { + PyErr_SetString( PyExc_MemoryError, "Out of memory\n"); + return 1; + } + + /* Set up a policydb directly so that we can mutate it later + for booleans and user settings. Otherwise we would just use + sepol_set_policydb_from_file() here. */ + pf.fp = fp; + pf.type = PF_USE_STDIO; + if (policydb_init(&avc->policydb)) { + snprintf(errormsg, sizeof(errormsg), + "policydb_init failed: %s\n", strerror(errno)); + PyErr_SetString( PyExc_RuntimeError, errormsg); + fclose(fp); + return 1; + } + if (policydb_read(&avc->policydb, &pf, 0)) { + snprintf(errormsg, sizeof(errormsg), + "invalid binary policy %s\n", path); + PyErr_SetString( PyExc_ValueError, errormsg); + fclose(fp); + return 1; + } + fclose(fp); + sepol_set_policydb(&avc->policydb); + if (!init_path) { + /* If they didn't specify a full path of a binary policy file, + then also try loading any boolean settings and user + definitions from the active locations. Otherwise, + they can use genpolbools and genpolusers to build a + binary policy file that includes any desired settings + and then apply audit2why -p to the resulting file. + Errors are non-fatal as such settings are optional. */ + sepol_debug(0); + (void)sepol_genbools_policydb(&avc->policydb, + selinux_booleans_path()); + (void)sepol_genusers_policydb(&avc->policydb, + selinux_users_path()); + } + avc->handle = sepol_handle_create(); + + rc = sepol_bool_count(avc->handle, + (sepol_policydb_t *) & avc->policydb, &cnt); + if (rc < 0) { + PyErr_SetString( PyExc_RuntimeError, "unable to get bool count\n"); + return 1; + } + + boollist = calloc(cnt, sizeof(struct boolean_t)); + if (!boollist) { + PyErr_SetString( PyExc_MemoryError, "Out of memory\n"); + return 1; + } + + sepol_bool_iterate(avc->handle, + (const sepol_policydb_t *)&avc->policydb, + load_booleans, (void *)NULL); + + /* Initialize the sidtab for subsequent use by sepol_context_to_sid + and sepol_compute_av_reason. */ + rc = sepol_sidtab_init(&sidtab); + if (rc < 0) { + PyErr_SetString( PyExc_RuntimeError, "unable to init sidtab\n"); + free(boollist); + return 1; + } + sepol_set_sidtab(&sidtab); + return 0; +} + +static PyObject *init(PyObject *self __attribute__((unused)), PyObject *args) { + int result; + char *init_path=NULL; + if (PyArg_ParseTuple(args,(char *)"|s:policy_init",&init_path)) + result = __policy_init(init_path); + return Py_BuildValue("i", result); +} + +#define RETURN(X) \ + PyTuple_SetItem(result, 0, Py_BuildValue("i", X)); \ + return result; + +static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args) { + security_context_t scon; + security_context_t tcon; + char *tclassstr; + PyObject *listObj; + PyObject *strObj; + int numlines; + struct boolean_t **bools; + unsigned int reason; + sepol_security_id_t ssid, tsid; + sepol_security_class_t tclass; + sepol_access_vector_t perm, av; + struct sepol_av_decision avd; + int rc; + int i=0; + PyObject *result = PyTuple_New(2); + if (!result) return NULL; + Py_INCREF(Py_None); + PyTuple_SetItem(result, 1, Py_None); + + if (!PyArg_ParseTuple(args,(char *)"sssO!:audit2why",&scon,&tcon,&tclassstr,&PyList_Type, &listObj)) + return NULL; + + /* get the number of lines passed to us */ + numlines = PyList_Size(listObj); + + /* should raise an error here. */ + if (numlines < 0) return NULL; /* Not a list */ + + if (!avc) { + RETURN(NOPOLICY) + } + + rc = sepol_context_to_sid(scon, strlen(scon) + 1, &ssid); + if (rc < 0) { + RETURN(BADSCON) + } + rc = sepol_context_to_sid(tcon, strlen(tcon) + 1, &tsid); + if (rc < 0) { + RETURN(BADTCON) + } + tclass = string_to_security_class(tclassstr); + if (!tclass) { + RETURN(BADTCLASS) + } + /* Convert the permission list to an AV. */ + av = 0; + + /* iterate over items of the list, grabbing strings, and parsing + for numbers */ + for (i=0; issid = ssid; + avc->tsid = tsid; + avc->tclass = tclass; + avc->av = av; + if (check_booleans(avc, &bools) == 0) { + if (av & ~avd.auditdeny) { + RETURN(DONTAUDIT) + } else { + RETURN(TERULE) + } + } else { + PyTuple_SetItem(result, 0, Py_BuildValue("i", BOOLEAN)); + struct boolean_t *b=(struct boolean_t *) bools; + int len=0; + while (b->name) { + len++; b++; + } + b = (struct boolean_t *) bools; + PyObject *boollist = PyTuple_New(len); + len=0; + while(b->name) { + PyObject *bool = Py_BuildValue("(si)", b->name, b->active); + PyTuple_SetItem(boollist, len++, bool); + b++; + } + free(bools); + PyTuple_SetItem(result, 1, boollist); + return result; + } + } + + if (reason & SEPOL_COMPUTEAV_CONS) { + RETURN(CONSTRAINT); + } + + if (reason & SEPOL_COMPUTEAV_RBAC) { + RETURN(RBAC) + } + RETURN(BADCOMPUTE) +} + +static PyMethodDef audit2whyMethods[] = { + {"init", init, METH_VARARGS, + "Initialize policy database."}, + {"analyze", analyze, METH_VARARGS, + "Analyze AVC."}, + {"finish", finish, METH_VARARGS, + "Finish using policy, free memory."}, + {NULL, NULL, 0, NULL} /* Sentinel */ +}; + +PyMODINIT_FUNC +initaudit2why(void) +{ + PyObject *m = Py_InitModule("audit2why", audit2whyMethods); + PyModule_AddIntConstant(m,"UNKNOWN", UNKNOWN); + PyModule_AddIntConstant(m,"BADSCON", BADSCON); + PyModule_AddIntConstant(m,"BADTCON", BADTCON); + PyModule_AddIntConstant(m,"BADTCLASS", BADTCLASS); + PyModule_AddIntConstant(m,"BADPERM", BADPERM); + PyModule_AddIntConstant(m,"BADCOMPUTE", BADCOMPUTE); + PyModule_AddIntConstant(m,"NOPOLICY", NOPOLICY); + PyModule_AddIntConstant(m,"ALLOW", ALLOW); + PyModule_AddIntConstant(m,"DONTAUDIT", DONTAUDIT); + PyModule_AddIntConstant(m,"TERULE", TERULE); + PyModule_AddIntConstant(m,"BOOLEAN", BOOLEAN); + PyModule_AddIntConstant(m,"CONSTRAINT", CONSTRAINT); + PyModule_AddIntConstant(m,"RBAC", RBAC); +} diff --exclude-from=exclude -N -u -r nsalibselinux/src/Makefile libselinux-2.0.46/src/Makefile --- nsalibselinux/src/Makefile 2007-09-26 19:37:45.000000000 -0400 +++ libselinux-2.0.46/src/Makefile 2008-01-11 10:51:06.000000000 -0500 @@ -18,6 +18,7 @@ SWIGSO=_selinux.so SWIGFILES=$(SWIGSO) selinux.py LIBSO=$(TARGET).$(LIBVERSION) +AUDIT2WHYSO=audit2why.so ifeq ($(DISABLE_AVC),y) UNUSED_SRCS+=avc.c avc_internal.c avc_sidtab.c mapping.c stringrep.c checkAccess.c @@ -28,7 +29,7 @@ ifeq ($(DISABLE_RPM),y) UNUSED_SRCS+=rpm.c endif -SRCS= $(filter-out $(UNUSED_SRCS), $(filter-out $(SWIGCOUT),$(wildcard *.c))) +SRCS= $(filter-out $(UNUSED_SRCS), $(filter-out audit2why.c $(SWIGCOUT),$(wildcard *.c))) OBJS= $(patsubst %.c,%.o,$(SRCS)) LOBJS= $(patsubst %.c,%.lo,$(SRCS)) @@ -47,7 +48,7 @@ all: $(LIBA) $(LIBSO) -pywrap: all $(SWIGSO) +pywrap: all $(SWIGSO) $(AUDIT2WHYSO) $(LIBA): $(OBJS) $(AR) rcs $@ $^ @@ -63,6 +64,12 @@ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -ldl -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro ln -sf $@ $(TARGET) +audit2why.lo: audit2why.c + $(CC) $(CFLAGS) -I$(PYINC) -fPIC -DSHARED -c -o $@ $< + +$(AUDIT2WHYSO): audit2why.lo + $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux ${LIBDIR}/libsepol.a -L$(LIBDIR) -Wl,-soname,$@ + %.o: %.c policy.h $(CC) $(CFLAGS) $(TLSFLAGS) -c -o $@ $< @@ -77,20 +84,21 @@ install: all test -d $(LIBDIR) || install -m 755 -d $(LIBDIR) - install -m 644 $(LIBA) $(LIBDIR) test -d $(SHLIBDIR) || install -m 755 -d $(SHLIBDIR) install -m 755 $(LIBSO) $(SHLIBDIR) cd $(LIBDIR) && ln -sf ../../`basename $(SHLIBDIR)`/$(LIBSO) $(TARGET) install-pywrap: pywrap - test -d $(PYTHONLIBDIR)/site-packages || install -m 755 -d $(PYTHONLIBDIR)/site-packages - install -m 755 $(SWIGFILES) $(PYTHONLIBDIR)/site-packages + test -d $(PYTHONLIBDIR)/site-packages || install -m 755 -d $(PYTHONLIBDIR)/site-packages/selinux + install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux + install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux + install -m 644 selinux.py $(PYTHONLIBDIR)/site-packages/selinux/__init__.py relabel: /sbin/restorecon $(SHLIBDIR)/$(LIBSO) clean: - -rm -f $(OBJS) $(LOBJS) $(LIBA) $(LIBSO) $(SWIGLOBJ) $(SWIGSO) $(TARGET) + -rm -f $(OBJS) $(LOBJS) $(LIBA) $(LIBSO) $(SWIGLOBJ) $(SWIGSO) $(TARGET) $(AUDIT2WHYSO) *.o *.lo *~ distclean: clean rm -f $(SWIGCOUT) $(SWIGFILES) diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.46/src/matchpathcon.c --- nsalibselinux/src/matchpathcon.c 2007-09-28 09:48:58.000000000 -0400 +++ libselinux-2.0.46/src/matchpathcon.c 2008-01-11 10:51:06.000000000 -0500 @@ -2,6 +2,7 @@ #include #include #include +#include #include "selinux_internal.h" #include "label_internal.h" #include "callbacks.h" @@ -57,7 +58,7 @@ { va_list ap; va_start(ap, fmt); - vfprintf(stderr, fmt, ap); + vsyslog(LOG_ERR, fmt, ap); va_end(ap); } diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux.py libselinux-2.0.46/src/selinux.py --- nsalibselinux/src/selinux.py 2007-10-05 13:09:54.000000000 -0400 +++ libselinux-2.0.46/src/selinux.py 2008-01-11 10:51:06.000000000 -0500 @@ -1,5 +1,5 @@ # This file was automatically generated by SWIG (http://www.swig.org). -# Version 1.3.31 +# Version 1.3.33 # # Don't modify this file, modify the SWIG interface instead. # This file is compatible with both classic and new-style classes. diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig.i libselinux-2.0.46/src/selinuxswig.i --- nsalibselinux/src/selinuxswig.i 2007-10-01 09:54:35.000000000 -0400 +++ libselinux-2.0.46/src/selinuxswig.i 2008-01-11 10:51:06.000000000 -0500 @@ -5,11 +5,16 @@ %module selinux %{ #include "selinux/selinux.h" + #include "../include/selinux/selinux.h" + #include "../include/selinux/get_default_type.h" + #include "../include/selinux/get_context_list.h" %} %apply int *OUTPUT { int *enforce }; %apply int *OUTPUT { size_t * }; %typedef unsigned mode_t; +%typedef unsigned pid_t; +%typedef char * security_contextx_t; %typemap(in, numinputs=0) (char ***names, int *len) (char **temp1, int temp2) { $1 = &temp1; diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_wrap.c libselinux-2.0.46/src/selinuxswig_wrap.c --- nsalibselinux/src/selinuxswig_wrap.c 2007-10-05 13:09:54.000000000 -0400 +++ libselinux-2.0.46/src/selinuxswig_wrap.c 2008-01-11 10:51:06.000000000 -0500 @@ -1,6 +1,6 @@ /* ---------------------------------------------------------------------------- * This file was automatically generated by SWIG (http://www.swig.org). - * Version 1.3.31 + * Version 1.3.33 * * This file is not intended to be easily readable and contains a number of * coding conventions designed to improve portability and efficiency. Do not make @@ -17,14 +17,14 @@ /* template workaround for compilers that cannot correctly implement the C++ standard */ #ifndef SWIGTEMPLATEDISAMBIGUATOR -# if defined(__SUNPRO_CC) -# if (__SUNPRO_CC <= 0x560) -# define SWIGTEMPLATEDISAMBIGUATOR template -# else -# define SWIGTEMPLATEDISAMBIGUATOR -# endif +# if defined(__SUNPRO_CC) && (__SUNPRO_CC <= 0x560) +# define SWIGTEMPLATEDISAMBIGUATOR template +# elif defined(__HP_aCC) +/* Needed even with `aCC -AA' when `aCC -V' reports HP ANSI C++ B3910B A.03.55 */ +/* If we find a maximum version that requires this, the test would be __HP_aCC <= 35500 for A.03.55 */ +# define SWIGTEMPLATEDISAMBIGUATOR template # else -# define SWIGTEMPLATEDISAMBIGUATOR +# define SWIGTEMPLATEDISAMBIGUATOR # endif #endif @@ -107,6 +107,12 @@ # define _CRT_SECURE_NO_DEPRECATE #endif +/* Deal with Microsoft's attempt at deprecating methods in the standard C++ library */ +#if !defined(SWIG_NO_SCL_SECURE_NO_DEPRECATE) && defined(_MSC_VER) && !defined(_SCL_SECURE_NO_DEPRECATE) +# define _SCL_SECURE_NO_DEPRECATE +#endif + + /* Python.h has to appear first */ #include @@ -343,7 +349,7 @@ while ((*f2 == ' ') && (f2 != l2)) ++f2; if (*f1 != *f2) return (*f1 > *f2) ? 1 : -1; } - return (l1 - f1) - (l2 - f2); + return (int)((l1 - f1) - (l2 - f2)); } /* @@ -1090,14 +1096,14 @@ /* Unpack the argument tuple */ SWIGINTERN int -SWIG_Python_UnpackTuple(PyObject *args, const char *name, int min, int max, PyObject **objs) +SWIG_Python_UnpackTuple(PyObject *args, const char *name, Py_ssize_t min, Py_ssize_t max, PyObject **objs) { if (!args) { if (!min && !max) { return 1; } else { PyErr_Format(PyExc_TypeError, "%s expected %s%d arguments, got none", - name, (min == max ? "" : "at least "), min); + name, (min == max ? "" : "at least "), (int)min); return 0; } } @@ -1105,14 +1111,14 @@ PyErr_SetString(PyExc_SystemError, "UnpackTuple() argument list is not a tuple"); return 0; } else { - register int l = PyTuple_GET_SIZE(args); + register Py_ssize_t l = PyTuple_GET_SIZE(args); if (l < min) { PyErr_Format(PyExc_TypeError, "%s expected %s%d arguments, got %d", - name, (min == max ? "" : "at least "), min, l); + name, (min == max ? "" : "at least "), (int)min, (int)l); return 0; } else if (l > max) { PyErr_Format(PyExc_TypeError, "%s expected %s%d arguments, got %d", - name, (min == max ? "" : "at most "), max, l); + name, (min == max ? "" : "at most "), (int)max, (int)l); return 0; } else { register int i; @@ -1591,9 +1597,11 @@ (unaryfunc)0, /*nb_float*/ (unaryfunc)PySwigObject_oct, /*nb_oct*/ (unaryfunc)PySwigObject_hex, /*nb_hex*/ -#if PY_VERSION_HEX >= 0x02020000 - 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 /* nb_inplace_add -> nb_inplace_true_divide */ -#elif PY_VERSION_HEX >= 0x02000000 +#if PY_VERSION_HEX >= 0x02050000 /* 2.5.0 */ + 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 /* nb_inplace_add -> nb_index */ +#elif PY_VERSION_HEX >= 0x02020000 /* 2.2.0 */ + 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 /* nb_inplace_add -> nb_inplace_true_divide */ +#elif PY_VERSION_HEX >= 0x02000000 /* 2.0.0 */ 0,0,0,0,0,0,0,0,0,0,0 /* nb_inplace_add -> nb_inplace_or */ #endif }; @@ -2458,14 +2466,13 @@ #define SWIGTYPE_p_int swig_types[7] #define SWIGTYPE_p_p_char swig_types[8] #define SWIGTYPE_p_p_p_char swig_types[9] -#define SWIGTYPE_p_pid_t swig_types[10] -#define SWIGTYPE_p_security_class_mapping swig_types[11] -#define SWIGTYPE_p_selinux_callback swig_types[12] -#define SWIGTYPE_p_selinux_opt swig_types[13] -#define SWIGTYPE_p_unsigned_int swig_types[14] -#define SWIGTYPE_p_unsigned_short swig_types[15] -static swig_type_info *swig_types[17]; -static swig_module_info swig_module = {swig_types, 16, 0, 0, 0, 0}; +#define SWIGTYPE_p_security_class_mapping swig_types[10] +#define SWIGTYPE_p_selinux_callback swig_types[11] +#define SWIGTYPE_p_selinux_opt swig_types[12] +#define SWIGTYPE_p_unsigned_int swig_types[13] +#define SWIGTYPE_p_unsigned_short swig_types[14] +static swig_type_info *swig_types[16]; +static swig_module_info swig_module = {swig_types, 15, 0, 0, 0, 0}; #define SWIG_TypeQuery(name) SWIG_TypeQueryModule(&swig_module, &swig_module, name) #define SWIG_MangledTypeQuery(name) SWIG_MangledTypeQueryModule(&swig_module, &swig_module, name) @@ -2484,7 +2491,7 @@ #define SWIG_name "_selinux" -#define SWIGVERSION 0x010331 +#define SWIGVERSION 0x010333 #define SWIG_VERSION SWIGVERSION @@ -2496,6 +2503,9 @@ #include "selinux/selinux.h" + #include "../include/selinux/selinux.h" + #include "../include/selinux/get_default_type.h" + #include "../include/selinux/get_context_list.h" #define SWIG_From_long PyInt_FromLong @@ -2577,14 +2587,12 @@ #include -#ifndef LLONG_MIN -# define LLONG_MIN LONG_LONG_MIN -#endif -#ifndef LLONG_MAX -# define LLONG_MAX LONG_LONG_MAX -#endif -#ifndef ULLONG_MAX -# define ULLONG_MAX ULONG_LONG_MAX +#if !defined(SWIG_NO_LLONG_MAX) +# if !defined(LLONG_MAX) && defined(__GNUC__) && defined (__LONG_LONG_MAX__) +# define LLONG_MAX __LONG_LONG_MAX__ +# define LLONG_MIN (-LLONG_MAX - 1LL) +# define ULLONG_MAX (LLONG_MAX * 2ULL + 1ULL) +# endif #endif @@ -2669,13 +2677,18 @@ SWIGINTERN int -SWIG_AsVal_long (PyObject *obj, long* val) +SWIG_AsVal_unsigned_SS_long (PyObject *obj, unsigned long *val) { if (PyInt_Check(obj)) { - if (val) *val = PyInt_AsLong(obj); - return SWIG_OK; + long v = PyInt_AsLong(obj); + if (v >= 0) { + if (val) *val = v; + return SWIG_OK; + } else { + return SWIG_OverflowError; + } } else if (PyLong_Check(obj)) { - long v = PyLong_AsLong(obj); + unsigned long v = PyLong_AsUnsignedLong(obj); if (!PyErr_Occurred()) { if (val) *val = v; return SWIG_OK; @@ -2686,7 +2699,7 @@ #ifdef SWIG_PYTHON_CAST_MODE { int dispatch = 0; - long v = PyInt_AsLong(obj); + unsigned long v = PyLong_AsUnsignedLong(obj); if (!PyErr_Occurred()) { if (val) *val = v; return SWIG_AddCast(SWIG_OK); @@ -2696,8 +2709,8 @@ if (!dispatch) { double d; int res = SWIG_AddCast(SWIG_AsVal_double (obj,&d)); - if (SWIG_IsOK(res) && SWIG_CanCastAsInteger(&d, LONG_MIN, LONG_MAX)) { - if (val) *val = (long)(d); + if (SWIG_IsOK(res) && SWIG_CanCastAsInteger(&d, 0, ULONG_MAX)) { + if (val) *val = (unsigned long)(d); return res; } } @@ -2708,15 +2721,15 @@ SWIGINTERN int -SWIG_AsVal_int (PyObject * obj, int *val) +SWIG_AsVal_unsigned_SS_int (PyObject * obj, unsigned int *val) { - long v; - int res = SWIG_AsVal_long (obj, &v); + unsigned long v; + int res = SWIG_AsVal_unsigned_SS_long (obj, &v); if (SWIG_IsOK(res)) { - if ((v < INT_MIN || v > INT_MAX)) { + if ((v > UINT_MAX)) { return SWIG_OverflowError; } else { - if (val) *val = (int)(v); + if (val) *val = (unsigned int)(v); } } return res; @@ -2724,18 +2737,13 @@ SWIGINTERN int -SWIG_AsVal_unsigned_SS_long (PyObject *obj, unsigned long *val) +SWIG_AsVal_long (PyObject *obj, long* val) { if (PyInt_Check(obj)) { - long v = PyInt_AsLong(obj); - if (v >= 0) { - if (val) *val = v; - return SWIG_OK; - } else { - return SWIG_OverflowError; - } + if (val) *val = PyInt_AsLong(obj); + return SWIG_OK; } else if (PyLong_Check(obj)) { - unsigned long v = PyLong_AsUnsignedLong(obj); + long v = PyLong_AsLong(obj); if (!PyErr_Occurred()) { if (val) *val = v; return SWIG_OK; @@ -2746,7 +2754,7 @@ #ifdef SWIG_PYTHON_CAST_MODE { int dispatch = 0; - unsigned long v = PyLong_AsUnsignedLong(obj); + long v = PyInt_AsLong(obj); if (!PyErr_Occurred()) { if (val) *val = v; return SWIG_AddCast(SWIG_OK); @@ -2756,8 +2764,8 @@ if (!dispatch) { double d; int res = SWIG_AddCast(SWIG_AsVal_double (obj,&d)); - if (SWIG_IsOK(res) && SWIG_CanCastAsInteger(&d, 0, ULONG_MAX)) { - if (val) *val = (unsigned long)(d); + if (SWIG_IsOK(res) && SWIG_CanCastAsInteger(&d, LONG_MIN, LONG_MAX)) { + if (val) *val = (long)(d); return res; } } @@ -2768,15 +2776,15 @@ SWIGINTERN int -SWIG_AsVal_unsigned_SS_int (PyObject * obj, unsigned int *val) +SWIG_AsVal_int (PyObject * obj, int *val) { - unsigned long v; - int res = SWIG_AsVal_unsigned_SS_long (obj, &v); + long v; + int res = SWIG_AsVal_long (obj, &v); if (SWIG_IsOK(res)) { - if ((v > UINT_MAX)) { + if ((v < INT_MIN || v > INT_MAX)) { return SWIG_OverflowError; } else { - if (val) *val = (unsigned int)(v); + if (val) *val = (int)(v); } } return res; @@ -2986,24 +2994,18 @@ pid_t arg1 ; security_context_t *arg2 = (security_context_t *) 0 ; int result; - void *argp1 ; - int res1 = 0 ; + unsigned int val1 ; + int ecode1 = 0 ; security_context_t temp2 = 0 ; PyObject * obj0 = 0 ; arg2 = &temp2; if (!PyArg_ParseTuple(args,(char *)"O:getpidcon",&obj0)) SWIG_fail; - { - res1 = SWIG_ConvertPtr(obj0, &argp1, SWIGTYPE_p_pid_t, 0 ); - if (!SWIG_IsOK(res1)) { - SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "getpidcon" "', argument " "1"" of type '" "pid_t""'"); - } - if (!argp1) { - SWIG_exception_fail(SWIG_ValueError, "invalid null reference " "in method '" "getpidcon" "', argument " "1"" of type '" "pid_t""'"); - } else { - arg1 = *((pid_t *)(argp1)); - } - } + ecode1 = SWIG_AsVal_unsigned_SS_int(obj0, &val1); + if (!SWIG_IsOK(ecode1)) { + SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "getpidcon" "', argument " "1"" of type '" "pid_t""'"); + } + arg1 = (pid_t)(val1); result = (int)getpidcon(arg1,arg2); resultobj = SWIG_From_int((int)(result)); if (*arg2) { @@ -3025,24 +3027,18 @@ pid_t arg1 ; security_context_t *arg2 = (security_context_t *) 0 ; int result; - void *argp1 ; - int res1 = 0 ; + unsigned int val1 ; + int ecode1 = 0 ; security_context_t temp2 = 0 ; PyObject * obj0 = 0 ; arg2 = &temp2; if (!PyArg_ParseTuple(args,(char *)"O:getpidcon_raw",&obj0)) SWIG_fail; - { - res1 = SWIG_ConvertPtr(obj0, &argp1, SWIGTYPE_p_pid_t, 0 ); - if (!SWIG_IsOK(res1)) { - SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "getpidcon_raw" "', argument " "1"" of type '" "pid_t""'"); - } - if (!argp1) { - SWIG_exception_fail(SWIG_ValueError, "invalid null reference " "in method '" "getpidcon_raw" "', argument " "1"" of type '" "pid_t""'"); - } else { - arg1 = *((pid_t *)(argp1)); - } - } + ecode1 = SWIG_AsVal_unsigned_SS_int(obj0, &val1); + if (!SWIG_IsOK(ecode1)) { + SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "getpidcon_raw" "', argument " "1"" of type '" "pid_t""'"); + } + arg1 = (pid_t)(val1); result = (int)getpidcon_raw(arg1,arg2); resultobj = SWIG_From_int((int)(result)); if (*arg2) { @@ -8149,7 +8145,7 @@ /* -------- TYPE CONVERSION AND EQUIVALENCE RULES (BEGIN) -------- */ static swig_type_info _swigt__p_SELboolean = {"_p_SELboolean", "SELboolean *", 0, 0, (void*)0, 0}; -static swig_type_info _swigt__p_av_decision = {"_p_av_decision", "struct av_decision *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_av_decision = {"_p_av_decision", "struct av_decision *|av_decision *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_char = {"_p_char", "char *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_f_int_p_q_const__char_v_______int = {"_p_f_int_p_q_const__char_v_______int", "int (*)(int,char const *,...)", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_f_p_p_char__int = {"_p_f_p_p_char__int", "int (*)(char **)|int (*)(security_context_t *)", 0, 0, (void*)0, 0}; @@ -8158,12 +8154,11 @@ static swig_type_info _swigt__p_int = {"_p_int", "int *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_p_char = {"_p_p_char", "char **|security_context_t *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_p_p_char = {"_p_p_p_char", "char ***|security_context_t **", 0, 0, (void*)0, 0}; -static swig_type_info _swigt__p_pid_t = {"_p_pid_t", "pid_t *", 0, 0, (void*)0, 0}; -static swig_type_info _swigt__p_security_class_mapping = {"_p_security_class_mapping", "struct security_class_mapping *", 0, 0, (void*)0, 0}; -static swig_type_info _swigt__p_selinux_callback = {"_p_selinux_callback", "union selinux_callback *", 0, 0, (void*)0, 0}; -static swig_type_info _swigt__p_selinux_opt = {"_p_selinux_opt", "selinux_opt *", 0, 0, (void*)0, 0}; -static swig_type_info _swigt__p_unsigned_int = {"_p_unsigned_int", "unsigned int *|access_vector_t *", 0, 0, (void*)0, 0}; -static swig_type_info _swigt__p_unsigned_short = {"_p_unsigned_short", "unsigned short *|security_class_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_security_class_mapping = {"_p_security_class_mapping", "struct security_class_mapping *|security_class_mapping *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_selinux_callback = {"_p_selinux_callback", "union selinux_callback *|selinux_callback *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_selinux_opt = {"_p_selinux_opt", "struct selinux_opt *|selinux_opt *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_unsigned_int = {"_p_unsigned_int", "unsigned int *|access_vector_t *|mode_t *|pid_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_unsigned_short = {"_p_unsigned_short", "security_class_t *|unsigned short *", 0, 0, (void*)0, 0}; static swig_type_info *swig_type_initial[] = { &_swigt__p_SELboolean, @@ -8176,7 +8171,6 @@ &_swigt__p_int, &_swigt__p_p_char, &_swigt__p_p_p_char, - &_swigt__p_pid_t, &_swigt__p_security_class_mapping, &_swigt__p_selinux_callback, &_swigt__p_selinux_opt, @@ -8194,7 +8188,6 @@ static swig_cast_info _swigc__p_int[] = { {&_swigt__p_int, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_p_char[] = { {&_swigt__p_p_char, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_p_p_char[] = { {&_swigt__p_p_p_char, 0, 0, 0},{0, 0, 0, 0}}; -static swig_cast_info _swigc__p_pid_t[] = { {&_swigt__p_pid_t, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_security_class_mapping[] = { {&_swigt__p_security_class_mapping, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_selinux_callback[] = { {&_swigt__p_selinux_callback, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_selinux_opt[] = { {&_swigt__p_selinux_opt, 0, 0, 0},{0, 0, 0, 0}}; @@ -8212,7 +8205,6 @@ _swigc__p_int, _swigc__p_p_char, _swigc__p_p_p_char, - _swigc__p_pid_t, _swigc__p_security_class_mapping, _swigc__p_selinux_callback, _swigc__p_selinux_opt,