Bug 193710 - [PATCH] audit patch for openssh missing #include "loginrec.h" in auth.c
[PATCH] audit patch for openssh missing #include "loginrec.h" in auth.c
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: openssh (Show other bugs)
4.0
All Linux
medium Severity low
: ---
: ---
Assigned To: Tomas Mraz
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-05-31 15:02 EDT by wingc
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version: RHSA-2007-0257
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-05-01 13:29:35 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
[PATCH] add #include "loginrec.h" to auth.c (333 bytes, patch)
2006-05-31 15:02 EDT, wingc
no flags Details | Diff

  None (edit)
Description wingc 2006-05-31 15:02:03 EDT
Description of problem:

The audit patch in recent RHEL4 OpenSSH needs to add:
    #include "loginrec.h"

to auth.c, so that it can pick up the prototype for linux_audit_record_event().

Version-Release number of selected component (if applicable):

openssh-3.9p1-8.RHEL4.12

How reproducible:

always

Steps to Reproduce:
1. rebuild openssh RPM from .src.rpm downloaded via RHN
  
Actual results:

The following warning is seen during build:

gcc -O2 -g -pipe -m64 -fpie -I/usr/include/gssapi -Wall
-Wpointer-arith-Wno-uninitialized -I. -I. -I/usr/include/gssapi
-DSSHDIR=\"/etc/ssh\" -D_PATH_SSH_PROGRAM=\"/usr/bin/ssh\"
-D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/libexec/openssh/ssh-askpass\"
-D_PATH_SFTP_SERVER=\"/usr/libexec/openssh/sftp-server\"
-D_PATH_SSH_KEY_SIGN=\"/usr/libexec/openssh/ssh-keysign\"
-D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty/sshd\"
-DSSH_RAND_HELPER=\"/usr/libexec/openssh/ssh-rand-helper\" -DHAVE_CONFIG_H -c auth.c
auth.c: In function `auth_log':
auth.c:248: warning: implicit declaration of function `linux_audit_record_event'

Expected results:

The audit patch should not introduce new compiler warnings to the build. 
Additionally, missing prototypes are dangerous especially on 64-bit systems like
x86_64, where pointer types and int are different length, and the calling
convention for:

    function(int x, void *y)
and
    function(int x, int y)

differs.  (Getting the wrong calling convention due to a missing prototype may
cause a crash)

Additional info:

Attached to this bugzilla entry is a patch that fixes the problem by including
the header with the prototype for linux_audit_record_event().
Comment 1 wingc 2006-05-31 15:02:03 EDT
Created attachment 130305 [details]
[PATCH] add #include "loginrec.h" to auth.c
Comment 2 Tomas Mraz 2006-06-01 05:40:14 EDT
The function is assumed vararg without a prototype so the problem is not so
serious. We will consider this for future errata.
Comment 4 RHEL Product and Program Management 2006-09-01 10:02:43 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 6 Tomas Mraz 2006-10-05 04:51:56 EDT
Fixed in openssh-3.9p1-8.RHEL4.18
Comment 10 Red Hat Bugzilla 2007-05-01 13:29:35 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2007-0257.html

Note You need to log in before you can comment on or make changes to this bug.