selinux: Add support for the SCTP portcon keyword Update libsepol, checkpolicy and the CIL compiler to support the SCTP portcon keyword. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>

commit: cf0ab12414360b7e00b2ace2f8a8beee1362e4c8 [log] [tgz]
author: Richard Haines via Selinux <selinux@tycho.nsa.gov> Sun Mar 11 16:22:55 2018 +0000
committer: James Carter <jwcart2@tycho.nsa.gov> Mon Mar 19 12:34:29 2018 -0400
tree: 8581bf07b90672165175ff1e37fa0311bd67d451
parent: 721ccb33181082f6bfee3bfb51c8541d8136b71e [diff] [blame]
diff --git a/checkpolicy/checkpolicy.c b/checkpolicy/checkpolicy.c
index 923b47c..fbda455 100644
--- a/checkpolicy/checkpolicy.c
+++ b/checkpolicy/checkpolicy.c

@@ -69,6 +69,9 @@
 #ifndef IPPROTO_DCCP
 #define IPPROTO_DCCP 33
 #endif
+#ifndef IPPROTO_SCTP
+#define IPPROTO_SCTP 132
+#endif
 #include <arpa/inet.h>
 #include <fcntl.h>
 #include <stdio.h>
@@ -944,6 +947,8 @@
 				protocol = IPPROTO_UDP;
 			else if (!strcmp(ans, "dccp") || !strcmp(ans, "DCCP"))
 				protocol = IPPROTO_DCCP;
+			else if (!strcmp(ans, "sctp") || !strcmp(ans, "SCTP"))
+				protocol = IPPROTO_SCTP;
 			else {
 				printf("unknown protocol\n");
 				break;
commit	cf0ab12414360b7e00b2ace2f8a8beee1362e4c8	[log] [tgz]
author	Richard Haines via Selinux <selinux@tycho.nsa.gov>	Sun Mar 11 16:22:55 2018 +0000
committer	James Carter <jwcart2@tycho.nsa.gov>	Mon Mar 19 12:34:29 2018 -0400
tree	8581bf07b90672165175ff1e37fa0311bd67d451
parent	721ccb33181082f6bfee3bfb51c8541d8136b71e [diff] [blame]