Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame] | 1 | Upstream-Status: Backport |
| 2 | |
| 3 | diff -ruN tcp_wrappers_7.6.orig/Makefile tcp_wrappers_7.6/Makefile |
| 4 | --- tcp_wrappers_7.6.orig/Makefile 2004-05-02 15:37:59.000000000 +0200 |
| 5 | +++ tcp_wrappers_7.6/Makefile 2004-05-02 15:31:09.000000000 +0200 |
| 6 | @@ -150,15 +150,15 @@ |
| 7 | |
| 8 | linux: |
| 9 | @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \ |
| 10 | - LIBS=-lnsl RANLIB=ranlib ARFLAGS=rv AUX_OBJ= \ |
| 11 | + LIBS=-lnsl RANLIB=ranlib ARFLAGS=rv AUX_OBJ=weak_symbols.o \ |
| 12 | NETGROUP="-DNETGROUP" TLI= VSYSLOG= BUGS= \ |
| 13 | - EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -DHAVE_STRERROR -DINET6=1 -Dss_family=__ss_family -Dss_len=__ss_len" all |
| 14 | + EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -DHAVE_STRERROR -DHAVE_WEAKSYMS -D_REENTRANT -DINET6=1 -Dss_family=__ss_family -Dss_len=__ss_len" all |
| 15 | |
| 16 | gnu: |
| 17 | @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \ |
| 18 | - LIBS=-lnsl RANLIB=ranlib ARFLAGS=rv AUX_OBJ= \ |
| 19 | + LIBS=-lnsl RANLIB=ranlib ARFLAGS=rv AUX_OBJ=weak_symbols.o \ |
| 20 | NETGROUP=-DNETGROUP TLI= VSYSLOG= BUGS= \ |
| 21 | - EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -DHAVE_STRERROR" all |
| 22 | + EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -DHAVE_STRERROR -DHAVE_WEAKSYMS -D_REENTRANT" all |
| 23 | |
| 24 | # This is good for many SYSV+BSD hybrids with NIS, probably also for HP-UX 7.x. |
| 25 | hpux hpux8 hpux9 hpux10: |
| 26 | @@ -713,7 +713,22 @@ |
| 27 | |
| 28 | LIB = libwrap.a |
| 29 | |
| 30 | -all other: config-check tcpd tcpdmatch try-from safe_finger tcpdchk |
| 31 | +shared/%.o: %.c |
| 32 | + $(CC) $(CFLAGS) $(SHCFLAGS) -c $< -o $@ |
| 33 | + |
| 34 | +SOMAJOR = 0 |
| 35 | +SOMINOR = 7.6 |
| 36 | + |
| 37 | +SHLIB = shared/libwrap.so.$(SOMAJOR).$(SOMINOR) |
| 38 | +SHLIBSOMAJ = shared/libwrap.so.$(SOMAJOR) |
| 39 | +SHLIBSO = shared/libwrap.so |
| 40 | +SHLIBFLAGS = -Lshared -lwrap |
| 41 | + |
| 42 | +SHLINKFLAGS = -shared -Xlinker -soname -Xlinker libwrap.so.$(SOMAJOR) -lc $(LIBS) |
| 43 | +SHCFLAGS = -fPIC -shared -D_REENTRANT |
| 44 | +SHLIB_OBJ= $(addprefix shared/, $(LIB_OBJ)); |
| 45 | + |
| 46 | +all other: config-check tcpd tcpdmatch try-from safe_finger tcpdchk $(LIB) |
| 47 | |
| 48 | # Invalidate all object files when the compiler options (CFLAGS) have changed. |
| 49 | |
| 50 | @@ -731,27 +746,33 @@ |
| 51 | $(AR) $(ARFLAGS) $(LIB) $(LIB_OBJ) |
| 52 | -$(RANLIB) $(LIB) |
| 53 | |
| 54 | -tcpd: tcpd.o $(LIB) |
| 55 | - $(CC) $(CFLAGS) -o $@ tcpd.o $(LIB) $(LIBS) |
| 56 | +$(SHLIB): $(SHLIB_OBJ) |
| 57 | + rm -f $(SHLIB) |
| 58 | + $(CC) -o $(SHLIB) $(SHLINKFLAGS) $(SHLIB_OBJ) |
| 59 | + ln -sf $(notdir $(SHLIB)) $(SHLIBSOMAJ) |
| 60 | + ln -sf $(notdir $(SHLIBSOMAJ)) $(SHLIBSO) |
| 61 | + |
| 62 | +tcpd: tcpd.o $(SHLIB) |
| 63 | + $(CC) $(CFLAGS) -o $@ tcpd.o $(SHLIBFLAGS) |
| 64 | |
| 65 | miscd: miscd.o $(LIB) |
| 66 | $(CC) $(CFLAGS) -o $@ miscd.o $(LIB) $(LIBS) |
| 67 | |
| 68 | -safe_finger: safe_finger.o $(LIB) |
| 69 | - $(CC) $(CFLAGS) -o $@ safe_finger.o $(LIB) $(LIBS) |
| 70 | +safe_finger: safe_finger.o $(SHLIB) |
| 71 | + $(CC) $(CFLAGS) -o $@ safe_finger.o $(SHLIBFLAGS) |
| 72 | |
| 73 | TCPDMATCH_OBJ = tcpdmatch.o fakelog.o inetcf.o scaffold.o |
| 74 | |
| 75 | -tcpdmatch: $(TCPDMATCH_OBJ) $(LIB) |
| 76 | - $(CC) $(CFLAGS) -o $@ $(TCPDMATCH_OBJ) $(LIB) $(LIBS) |
| 77 | +tcpdmatch: $(TCPDMATCH_OBJ) $(SHLIB) |
| 78 | + $(CC) $(CFLAGS) -o $@ $(TCPDMATCH_OBJ) $(SHLIBFLAGS) |
| 79 | |
| 80 | -try-from: try-from.o fakelog.o $(LIB) |
| 81 | - $(CC) $(CFLAGS) -o $@ try-from.o fakelog.o $(LIB) $(LIBS) |
| 82 | +try-from: try-from.o fakelog.o $(SHLIB) |
| 83 | + $(CC) $(CFLAGS) -o $@ try-from.o fakelog.o $(SHLIBFLAGS) |
| 84 | |
| 85 | TCPDCHK_OBJ = tcpdchk.o fakelog.o inetcf.o scaffold.o |
| 86 | |
| 87 | -tcpdchk: $(TCPDCHK_OBJ) $(LIB) |
| 88 | - $(CC) $(CFLAGS) -o $@ $(TCPDCHK_OBJ) $(LIB) $(LIBS) |
| 89 | +tcpdchk: $(TCPDCHK_OBJ) $(SHLIB) |
| 90 | + $(CC) $(CFLAGS) -o $@ $(TCPDCHK_OBJ) $(SHLIBFLAGS) |
| 91 | |
| 92 | shar: $(KIT) |
| 93 | @shar $(KIT) |
| 94 | @@ -767,7 +788,9 @@ |
| 95 | |
| 96 | clean: |
| 97 | rm -f tcpd miscd safe_finger tcpdmatch tcpdchk try-from *.[oa] core \ |
| 98 | + libwrap*.so* \ |
| 99 | cflags |
| 100 | + rm -rf shared/ |
| 101 | |
| 102 | tidy: clean |
| 103 | chmod -R a+r . |
| 104 | @@ -913,5 +936,6 @@ |
| 105 | update.o: mystdarg.h |
| 106 | update.o: tcpd.h |
| 107 | vfprintf.o: cflags |
| 108 | +weak_symbols.o: tcpd.h |
| 109 | workarounds.o: cflags |
| 110 | workarounds.o: tcpd.h |
| 111 | diff -ruN tcp_wrappers_7.6.orig/tcpd.h tcp_wrappers_7.6/tcpd.h |
| 112 | --- tcp_wrappers_7.6.orig/tcpd.h 2004-05-02 15:37:59.000000000 +0200 |
| 113 | +++ tcp_wrappers_7.6/tcpd.h 2004-05-02 15:37:49.000000000 +0200 |
| 114 | @@ -4,6 +4,15 @@ |
| 115 | * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. |
| 116 | */ |
| 117 | |
| 118 | +#ifndef _TCPWRAPPERS_TCPD_H |
| 119 | +#define _TCPWRAPPERS_TCPD_H |
| 120 | + |
| 121 | +/* Need definitions of struct sockaddr_in and FILE. */ |
| 122 | +#include <netinet/in.h> |
| 123 | +#include <stdio.h> |
| 124 | + |
| 125 | +__BEGIN_DECLS |
| 126 | + |
| 127 | /* Structure to describe one communications endpoint. */ |
| 128 | |
| 129 | #define STRING_LENGTH 128 /* hosts, users, processes */ |
| 130 | @@ -29,10 +38,10 @@ |
| 131 | char pid[10]; /* access via eval_pid(request) */ |
| 132 | struct host_info client[1]; /* client endpoint info */ |
| 133 | struct host_info server[1]; /* server endpoint info */ |
| 134 | - void (*sink) (); /* datagram sink function or 0 */ |
| 135 | - void (*hostname) (); /* address to printable hostname */ |
| 136 | - void (*hostaddr) (); /* address to printable address */ |
| 137 | - void (*cleanup) (); /* cleanup function or 0 */ |
| 138 | + void (*sink) (int); /* datagram sink function or 0 */ |
| 139 | + void (*hostname) (struct host_info *); /* address to printable hostname */ |
| 140 | + void (*hostaddr) (struct host_info *); /* address to printable address */ |
| 141 | + void (*cleanup) (struct request_info *); /* cleanup function or 0 */ |
| 142 | struct netconfig *config; /* netdir handle */ |
| 143 | }; |
| 144 | |
| 145 | @@ -70,20 +79,27 @@ |
| 146 | #define fromhost sock_host /* no TLI support needed */ |
| 147 | #endif |
| 148 | |
| 149 | -extern int hosts_access(); /* access control */ |
| 150 | -extern void shell_cmd(); /* execute shell command */ |
| 151 | -extern char *percent_x(); /* do %<char> expansion */ |
| 152 | -extern void rfc931(); /* client name from RFC 931 daemon */ |
| 153 | -extern void clean_exit(); /* clean up and exit */ |
| 154 | -extern void refuse(); /* clean up and exit */ |
| 155 | -extern char *xgets(); /* fgets() on steroids */ |
| 156 | -extern char *split_at(); /* strchr() and split */ |
| 157 | -extern unsigned long dot_quad_addr(); /* restricted inet_addr() */ |
| 158 | +extern int hosts_access(struct request_info *request); /* access control */ |
| 159 | +extern void shell_cmd(char *); /* execute shell command */ |
| 160 | +extern char *percent_x(char *, int, char *, struct request_info *); |
| 161 | + /* do %<char> expansion */ |
| 162 | +extern void rfc931(struct sockaddr *, struct sockaddr *, char *); |
| 163 | + /* client name from RFC 931 daemon */ |
| 164 | +extern void clean_exit(struct request_info *); /* clean up and exit */ |
| 165 | +extern void refuse(struct request_info *); /* clean up and exit */ |
| 166 | +extern char *xgets(char *, int, FILE *); /* fgets() on steroids */ |
| 167 | +extern char *split_at(char *, int); /* strchr() and split */ |
| 168 | +extern unsigned long dot_quad_addr(char *); /* restricted inet_addr() */ |
| 169 | |
| 170 | /* Global variables. */ |
| 171 | |
| 172 | +#ifdef HAVE_WEAKSYMS |
| 173 | +extern int allow_severity __attribute__ ((weak)); /* for connection logging */ |
| 174 | +extern int deny_severity __attribute__ ((weak)); /* for connection logging */ |
| 175 | +#else |
| 176 | extern int allow_severity; /* for connection logging */ |
| 177 | extern int deny_severity; /* for connection logging */ |
| 178 | +#endif |
| 179 | extern char *hosts_allow_table; /* for verification mode redirection */ |
| 180 | extern char *hosts_deny_table; /* for verification mode redirection */ |
| 181 | extern int hosts_access_verbose; /* for verbose matching mode */ |
| 182 | @@ -98,6 +114,8 @@ |
| 183 | #ifdef __STDC__ |
| 184 | extern struct request_info *request_init(struct request_info *,...); |
| 185 | extern struct request_info *request_set(struct request_info *,...); |
| 186 | +extern int hosts_ctl(char *daemon, char *client_name, char *client_addr, |
| 187 | + char *client_user); |
| 188 | #else |
| 189 | extern struct request_info *request_init(); /* initialize request */ |
| 190 | extern struct request_info *request_set(); /* update request structure */ |
| 191 | @@ -121,20 +139,23 @@ |
| 192 | * host_info structures serve as caches for the lookup results. |
| 193 | */ |
| 194 | |
| 195 | -extern char *eval_user(); /* client user */ |
| 196 | -extern char *eval_hostname(); /* printable hostname */ |
| 197 | -extern char *eval_hostaddr(); /* printable host address */ |
| 198 | -extern char *eval_hostinfo(); /* host name or address */ |
| 199 | -extern char *eval_client(); /* whatever is available */ |
| 200 | -extern char *eval_server(); /* whatever is available */ |
| 201 | +extern char *eval_user(struct request_info *); /* client user */ |
| 202 | +extern char *eval_hostname(struct host_info *); /* printable hostname */ |
| 203 | +extern char *eval_hostaddr(struct host_info *); /* printable host address */ |
| 204 | +extern char *eval_hostinfo(struct host_info *); /* host name or address */ |
| 205 | +extern char *eval_client(struct request_info *);/* whatever is available */ |
| 206 | +extern char *eval_server(struct request_info *);/* whatever is available */ |
| 207 | #define eval_daemon(r) ((r)->daemon) /* daemon process name */ |
| 208 | #define eval_pid(r) ((r)->pid) /* process id */ |
| 209 | |
| 210 | /* Socket-specific methods, including DNS hostname lookups. */ |
| 211 | |
| 212 | -extern void sock_host(); /* look up endpoint addresses */ |
| 213 | -extern void sock_hostname(); /* translate address to hostname */ |
| 214 | -extern void sock_hostaddr(); /* address to printable address */ |
| 215 | +/* look up endpoint addresses */ |
| 216 | +extern void sock_host(struct request_info *); |
| 217 | +/* translate address to hostname */ |
| 218 | +extern void sock_hostname(struct host_info *); |
| 219 | +/* address to printable address */ |
| 220 | +extern void sock_hostaddr(struct host_info *); |
| 221 | #define sock_methods(r) \ |
| 222 | { (r)->hostname = sock_hostname; (r)->hostaddr = sock_hostaddr; } |
| 223 | |
| 224 | @@ -182,7 +203,7 @@ |
| 225 | * behavior. |
| 226 | */ |
| 227 | |
| 228 | -extern void process_options(); /* execute options */ |
| 229 | +extern void process_options(char *, struct request_info *);/* execute options */ |
| 230 | extern int dry_run; /* verification flag */ |
| 231 | |
| 232 | /* Bug workarounds. */ |
| 233 | @@ -221,3 +242,7 @@ |
| 234 | #define strtok my_strtok |
| 235 | extern char *my_strtok(); |
| 236 | #endif |
| 237 | + |
| 238 | +__END_DECLS |
| 239 | + |
| 240 | +#endif |
| 241 | diff -ruN tcp_wrappers_7.6.orig/weak_symbols.c tcp_wrappers_7.6/weak_symbols.c |
| 242 | --- tcp_wrappers_7.6.orig/weak_symbols.c 1970-01-01 01:00:00.000000000 +0100 |
| 243 | +++ tcp_wrappers_7.6/weak_symbols.c 2004-05-02 15:31:09.000000000 +0200 |
| 244 | @@ -0,0 +1,11 @@ |
| 245 | + /* |
| 246 | + * @(#) weak_symbols.h 1.5 99/12/29 23:50 |
| 247 | + * |
| 248 | + * Author: Anthony Towns <ajt@debian.org> |
| 249 | + */ |
| 250 | + |
| 251 | +#ifdef HAVE_WEAKSYMS |
| 252 | +#include <syslog.h> |
| 253 | +int deny_severity = LOG_WARNING; |
| 254 | +int allow_severity = SEVERITY; |
| 255 | +#endif |