From owner-freebsd-bugs Wed Jun 9 7: 0:16 1999 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id B1E79154F7 for ; Wed, 9 Jun 1999 07:00:05 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id HAA34635; Wed, 9 Jun 1999 07:00:04 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Date: Wed, 9 Jun 1999 07:00:04 -0700 (PDT) Message-Id: <199906091400.HAA34635@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: Sheldon Hearn Subject: Re: bin/11960: inetd built in wrapping doesn't log like tcpd does. Reply-To: Sheldon Hearn Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The following reply was made to PR bin/11960; it has been noted by GNATS. From: Sheldon Hearn To: David Malone Cc: freebsd-gnats-submit@freebsd.org Subject: Re: bin/11960: inetd built in wrapping doesn't log like tcpd does. Date: Wed, 09 Jun 1999 15:53:57 +0200 Okay, could you do me a favour and see if you're happy with these diffs. They're a compromise, in that you still have to run inetd -l to log successful connections. You should apply them to clean inetd sources, not whatever we've got so far. :-) These incorporate your stuff and mine from PR 11651 . Ciao, Sheldon. Index: usr.sbin/inetd/Makefile =================================================================== RCS file: /home/ncvs/src/usr.sbin/inetd/Makefile,v retrieving revision 1.8 diff -u -d -r1.8 Makefile --- Makefile 1999/05/07 06:48:01 1.8 +++ Makefile 1999/05/22 13:32:00 @@ -5,7 +5,7 @@ MAN8= inetd.8 MLINKS= inetd.8 inetd.conf.5 -COPTS+= -Wall -DLOGIN_CAP -DLIBWRAP +COPTS+= -Wall -DLOGIN_CAP -DLIBWRAP -DLIBWRAP_INTERNAL #COPTS+= -DSANITY_CHECK DPADD+= ${LIBUTIL} ${LIBWRAP} Index: usr.sbin/inetd/inetd.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/inetd/inetd.c,v retrieving revision 1.49 diff -u -d -r1.49 inetd.c --- inetd.c 1999/05/11 12:50:14 1.49 +++ inetd.c 1999/06/09 13:43:55 @@ -146,8 +146,8 @@ #ifndef LIBWRAP_DENY_SEVERITY # define LIBWRAP_DENY_SEVERITY LOG_WARNING #endif -int allow_severity = LIBWRAP_ALLOW_FACILITY|LIBWRAP_ALLOW_SEVERITY; -int deny_severity = LIBWRAP_DENY_FACILITY|LIBWRAP_DENY_SEVERITY; +int allow_severity; +int deny_severity; #endif #ifdef LOGIN_CAP @@ -556,11 +556,7 @@ ctrl = sep->se_fd; (void) sigblock(SIGBLOCK); pid = 0; -#ifdef LIBWRAP_INTERNAL - dofork = 1; -#else dofork = (sep->se_bi == 0 || sep->se_bi->bi_fork); -#endif if (dofork) { if (sep->se_count++ == 0) (void)gettimeofday(&sep->se_time, (struct timezone *)NULL); @@ -624,21 +620,13 @@ #endif if (sep->se_accept && sep->se_socktype == SOCK_STREAM) { - request_init(&req, - RQ_DAEMON, sep->se_server_name ? - sep->se_server_name : sep->se_service, - RQ_FILE, ctrl, NULL); + service = sep->se_server_name ? + sep->se_server_name : sep->se_service; + request_init(&req, RQ_DAEMON, service, RQ_FILE, ctrl, NULL); fromhost(&req); + deny_severity = LIBWRAP_DENY_FACILITY|LIBWRAP_DENY_SEVERITY; + allow_severity = LIBWRAP_ALLOW_FACILITY|LIBWRAP_ALLOW_SEVERITY; denied = !hosts_access(&req); - if (denied || log) { - sp = getservbyport(sep->se_ctrladdr.sin_port, sep->se_proto); - if (sp == NULL) { - (void)snprintf(buf, sizeof buf, "%d", - ntohs(sep->se_ctrladdr.sin_port)); - service = buf; - } else - service = sp->s_name; - } if (denied) { syslog(deny_severity, "refused connection from %.500s, service %s (%s)", @@ -746,7 +734,8 @@ #endif if (sep->se_socktype != SOCK_STREAM) recv(0, buf, sizeof (buf), 0); - _exit(EX_OSERR); + if (dofork) + _exit(EX_OSERR); } } if (sep->se_accept && sep->se_socktype == SOCK_STREAM) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message