From 54b0f3bf7c87ccd8e9f7c74872371d571f0c118c Mon Sep 17 00:00:00 2001
From: si-gui <245140120@qq.com>
Date: Tue, 15 Sep 2020 19:57:58 +0800
Subject: [PATCH] fix libselinux deprecated

Signed-off-by: si-gui <245140120@qq.com>
---
 contrib/labeled-ipsec/getpeercon_server.c | 4 ++--
 programs/pluto/security_selinux.c         | 7 ++-----
 programs/pluto/security_selinux.h         | 2 +-
 3 files changed, 5 insertions(+), 8 deletions(-)

diff --git a/contrib/labeled-ipsec/getpeercon_server.c b/contrib/labeled-ipsec/getpeercon_server.c
index 57a24d0..aa2e2b4 100644
--- a/contrib/labeled-ipsec/getpeercon_server.c
+++ b/contrib/labeled-ipsec/getpeercon_server.c
@@ -64,7 +64,7 @@ int main(int argc, char *argv[])
 		srv_sock_path = argv[1];
 
 	{
-		security_context_t ctx;
+		char *ctx;
 		int rc = getcon(&ctx);
 
 		fprintf(stderr, "-> running as %s\n",
@@ -136,7 +136,7 @@ int main(int argc, char *argv[])
 		struct sockaddr_in6 *const cli_sock_6addr = (struct sockaddr_in6 *)&cli_sock_saddr;
 		socklen_t cli_sock_addr_len;
 		char cli_sock_addr_str[INET6_ADDRSTRLEN + 1];
-		security_context_t ctx;
+		char *ctx;
 		char *ctx_str;
 
 		//fflush(stdout);
diff --git a/programs/pluto/security_selinux.c b/programs/pluto/security_selinux.c
index ac5028e..c09a2d0 100644
--- a/programs/pluto/security_selinux.c
+++ b/programs/pluto/security_selinux.c
@@ -27,13 +27,13 @@ void init_avc(void)
 		DBG_log("selinux support is enabled.");
 	}
 
-	if (avc_init("libreswan", NULL, NULL, NULL, NULL) == 0)
+	int within_range(char *sl, char *range)
 		selinux_ready = 1;
 	else
 		DBG_log("selinux: could not initialize avc.");
 }
 
-int within_range(security_context_t sl, security_context_t range)
+int within_range(char *sl, char *range)
 {
 	int rtn = 1;
 	security_id_t slsid;
@@ -61,7 +61,6 @@ int within_range(security_context_t sl, security_context_t range)
 	if (rtn != 0) {
 		DBG_log("within_range: Unable to retrieve sid for range context (%s)",
 			range);
-		sidput(slsid);
 		return 0;
 	}
 
@@ -74,8 +73,6 @@ int within_range(security_context_t sl, security_context_t range)
 	if (rtn != 0) {
 		DBG_log("within_range: The sl (%s) is not within range of (%s)", sl,
 			range);
-		sidput(slsid);
-		sidput(rangesid);
 		return 0;
 	}
 	DBG_log("within_range: The sl (%s) is within range of (%s)", sl,
diff --git a/programs/pluto/security_selinux.h b/programs/pluto/security_selinux.h
index cccd60f..7c07bd8 100644
--- a/programs/pluto/security_selinux.h
+++ b/programs/pluto/security_selinux.h
@@ -20,6 +20,6 @@
 #include <selinux/context.h>
 
 void init_avc(void);
-int within_range(security_context_t sl, security_context_t range);
+int within_range(char *sl, char *range);
 
 #endif /* _SECURITY_SELINUX_H */
-- 
2.23.0