Date: Thu, 25 Jan 2007 15:12:42 GMT From: Todd Miller <millert@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 113509 for review Message-ID: <200701251512.l0PFCgYG054097@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=113509 Change 113509 by millert@millert_macbook on 2007/01/25 15:12:01 Update to checkpolicy-1.34.0 from the NSA web site. Affected files ... .. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/programs/checkpolicy/ChangeLog#5 edit .. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/programs/checkpolicy/VERSION#5 edit .. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/programs/checkpolicy/policy_parse.y#5 edit .. //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/programs/checkpolicy/policy_scan.l#3 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/programs/checkpolicy/ChangeLog#5 (text+ko) ==== @@ -1,3 +1,9 @@ +1.34.0 2007-01-18 + * Updated version for stable branch. + +1.33.1 2006-11-13 + * Collapse user identifiers and identifiers together. + 1.32 2006-10-17 * Updated version for release. ==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/programs/checkpolicy/VERSION#5 (text+ko) ==== @@ -1,1 +1,1 @@ -1.32 +1.34.0 ==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/programs/checkpolicy/policy_parse.y#5 (text+ko) ==== @@ -190,7 +190,6 @@ %token NOT AND OR XOR %token CTRUE CFALSE %token IDENTIFIER -%token USER_IDENTIFIER %token NUMBER %token EQUALS %token NOTEQUAL @@ -522,13 +521,13 @@ | T1 op T2 { $$ = define_cexpr(CEXPR_ATTR, CEXPR_TYPE, $2); if ($$ == 0) return -1; } - | U1 op { if (insert_separator(1)) return -1; } user_names_push + | U1 op { if (insert_separator(1)) return -1; } names_push { $$ = define_cexpr(CEXPR_NAMES, CEXPR_USER, $2); if ($$ == 0) return -1; } - | U2 op { if (insert_separator(1)) return -1; } user_names_push + | U2 op { if (insert_separator(1)) return -1; } names_push { $$ = define_cexpr(CEXPR_NAMES, (CEXPR_USER | CEXPR_TARGET), $2); if ($$ == 0) return -1; } - | U3 op { if (insert_separator(1)) return -1; } user_names_push + | U3 op { if (insert_separator(1)) return -1; } names_push { $$ = define_cexpr(CEXPR_NAMES, (CEXPR_USER | CEXPR_XTARGET), $2); if ($$ == 0) return -1; } | R1 op { if (insert_separator(1)) return -1; } names_push @@ -603,10 +602,7 @@ users : user_def | users user_def ; -user_id : identifier - | user_identifier - ; -user_def : USER user_id ROLES names opt_mls_user ';' +user_def : USER identifier ROLES names opt_mls_user ';' {if (define_user()) return -1;} ; opt_mls_user : LEVEL mls_level_def RANGE mls_range_def @@ -698,7 +694,7 @@ $$ = addr; } ; -security_context_def : user_id ':' identifier ':' identifier opt_mls_range_def +security_context_def : identifier ':' identifier ':' identifier opt_mls_range_def ; opt_mls_range_def : ':' mls_range_def | @@ -766,23 +762,6 @@ identifier : IDENTIFIER { if (insert_id(yytext,0)) return -1; } ; -user_identifier : USER_IDENTIFIER - { if (insert_id(yytext,0)) return -1; } - ; -user_identifier_push : USER_IDENTIFIER - { if (insert_id(yytext, 1)) return -1; } - ; -user_identifier_list_push : user_identifier_push - | identifier_list_push user_identifier_push - | user_identifier_list_push identifier_push - | user_identifier_list_push user_identifier_push - ; -user_names_push : names_push - | user_identifier_push - | '{' user_identifier_list_push '}' - | tilde_push user_identifier_push - | tilde_push '{' user_identifier_list_push '}' - ; path : PATH { if (insert_id(yytext,0)) return -1; } ; ==== //depot/projects/trustedbsd/sedarwin8/policies/sedarwin/programs/checkpolicy/policy_scan.l#3 (text+ko) ==== @@ -200,12 +200,11 @@ h2 | H2 { return(H2); } "/"({letter}|{digit}|_|"."|"-"|"/")* { return(PATH); } -{letter}({letter}|{digit}|_|".")* { if (is_valid_identifier(yytext)) +{letter}({letter}|{digit}|_|"."|"-")* { if (is_valid_identifier(yytext)) return(IDENTIFIER); else REJECT; } -{letter}({letter}|{digit}|_|"."|"-")* { return(USER_IDENTIFIER); } {digit}{digit}* { return(NUMBER); } {hexval}{0,4}":"{hexval}{0,4}":"({hexval}|":"|".")* { return(IPV6_ADDR); } {version}/([ \t\f]*;) { return(VERSION_IDENTIFIER); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200701251512.l0PFCgYG054097>