From owner-freebsd-bugs  Wed Jun  9  8:20: 6 1999
Delivered-To: freebsd-bugs@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
	by hub.freebsd.org (Postfix) with ESMTP id 1A6A81507E
	for <freebsd-bugs@FreeBSD.org>; Wed,  9 Jun 1999 08:20:01 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.9.3/8.9.2) id IAA43409;
	Wed, 9 Jun 1999 08:20:01 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Date: Wed, 9 Jun 1999 08:20:01 -0700 (PDT)
Message-Id: <199906091520.IAA43409@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
Cc: 
From: Sheldon Hearn <sheldonh@uunet.co.za>
Subject: Re: bin/11960: inetd built in wrapping doesn't log like tcpd does. 
Reply-To: Sheldon Hearn <sheldonh@uunet.co.za>
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

The following reply was made to PR bin/11960; it has been noted by GNATS.

From: Sheldon Hearn <sheldonh@uunet.co.za>
To: David Malone <dwmalone@maths.tcd.ie>
Cc: freebsd-gnats-submit@freebsd.org
Subject: Re: bin/11960: inetd built in wrapping doesn't log like tcpd does. 
Date: Wed, 09 Jun 1999 17:16:15 +0200

 On Wed, 09 Jun 1999 17:08:37 +0200, Sheldon Hearn wrote:
 
 > I suspect that the diff attached will make you _and_ non-wrapping users
 > happy.
 
 Bugger, it won't make the committers happy at all, since it spews
 warnings for the LIBWRAP case. *grumble*
 
 Sorry about that, corrected patch attached.
 
 Ciao,
 Sheldon.
 
 Index: usr.sbin/inetd/Makefile
 ===================================================================
 RCS file: /home/ncvs/src/usr.sbin/inetd/Makefile,v
 retrieving revision 1.8
 diff -u -d -r1.8 Makefile
 --- Makefile	1999/05/07 06:48:01	1.8
 +++ Makefile	1999/06/09 15:13:53
 @@ -5,7 +5,7 @@
  MAN8=	inetd.8
  MLINKS=	inetd.8 inetd.conf.5
  
 -COPTS+=	-Wall -DLOGIN_CAP -DLIBWRAP
 +COPTS+=	-Wall -DLOGIN_CAP -DLIBWRAP -DLIBWRAP_INTERNAL
  #COPTS+=	-DSANITY_CHECK
  
  DPADD+=	${LIBUTIL} ${LIBWRAP}
 Index: usr.sbin/inetd/inetd.c
 ===================================================================
 RCS file: /home/ncvs/src/usr.sbin/inetd/inetd.c,v
 retrieving revision 1.49
 diff -u -d -r1.49 inetd.c
 --- inetd.c	1999/05/11 12:50:14	1.49
 +++ inetd.c	1999/06/09 15:13:04
 @@ -146,8 +146,8 @@
  #ifndef LIBWRAP_DENY_SEVERITY
  # define LIBWRAP_DENY_SEVERITY LOG_WARNING
  #endif
 -int allow_severity = LIBWRAP_ALLOW_FACILITY|LIBWRAP_ALLOW_SEVERITY;
 -int deny_severity = LIBWRAP_DENY_FACILITY|LIBWRAP_DENY_SEVERITY;
 +int allow_severity;
 +int deny_severity;
  #endif
  
  #ifdef LOGIN_CAP
 @@ -344,8 +344,6 @@
  	int tmpint, ch, dofork;
  	pid_t pid;
  	char buf[50];
 -	struct  sockaddr_in peer;
 -	int i;
  #ifdef LOGIN_CAP
  	login_cap_t *lc = NULL;
  #endif
 @@ -353,6 +351,9 @@
  	struct request_info req;
  	int denied;
  	char *service = NULL;
 +#else
 +	struct  sockaddr_in peer;
 +	int i;
  #endif
  
  
 @@ -538,6 +539,7 @@
  				close(ctrl);
  				continue;
  			    }
 +#ifndef LIBWRAP
  			    if (log) {
  				i = sizeof peer;
  				if (getpeername(ctrl, (struct sockaddr *)
 @@ -552,15 +554,12 @@
  					sep->se_service,
  					inet_ntoa(peer.sin_addr));
  			    }
 +#endif
  		    } else
  			    ctrl = sep->se_fd;
  		    (void) sigblock(SIGBLOCK);
  		    pid = 0;
 -#ifdef LIBWRAP_INTERNAL
 -		    dofork = 1;
 -#else
  		    dofork = (sep->se_bi == 0 || sep->se_bi->bi_fork);
 -#endif
  		    if (dofork) {
  			    if (sep->se_count++ == 0)
  				(void)gettimeofday(&sep->se_time, (struct timezone *)NULL);
 @@ -624,21 +623,13 @@
  #endif
  			    if (sep->se_accept
  				&& sep->se_socktype == SOCK_STREAM) {
 -				request_init(&req,
 -				    RQ_DAEMON, sep->se_server_name ?
 -					sep->se_server_name : sep->se_service,
 -					RQ_FILE, ctrl, NULL);
 +				service = sep->se_server_name ?
 +				    sep->se_server_name : sep->se_service;
 +				request_init(&req, RQ_DAEMON, service, RQ_FILE, ctrl, NULL);
  				fromhost(&req);
 +				deny_severity = LIBWRAP_DENY_FACILITY|LIBWRAP_DENY_SEVERITY;
 +				allow_severity = LIBWRAP_ALLOW_FACILITY|LIBWRAP_ALLOW_SEVERITY;
  				denied = !hosts_access(&req);
 -				if (denied || log) {
 -				    sp = getservbyport(sep->se_ctrladdr.sin_port, sep->se_proto);
 -				    if (sp == NULL) {
 -					(void)snprintf(buf, sizeof buf, "%d",
 -					   ntohs(sep->se_ctrladdr.sin_port));
 -					service = buf;
 -				    } else
 -					service = sp->s_name;
 -				}
  				if (denied) {
  				    syslog(deny_severity,
  				        "refused connection from %.500s, service %s (%s)",
 @@ -746,7 +737,8 @@
  #endif
  				if (sep->se_socktype != SOCK_STREAM)
  					recv(0, buf, sizeof (buf), 0);
 -				_exit(EX_OSERR);
 +				if (dofork)
 +					_exit(EX_OSERR);
  			    }
  		    }
  		    if (sep->se_accept && sep->se_socktype == SOCK_STREAM)
 @@ -911,6 +903,7 @@
  			SWAP(sep->se_class, new->se_class);
  #endif
  			SWAP(sep->se_server, new->se_server);
 +			SWAP(sep->se_server_name, new->se_server_name);
  			for (i = 0; i < MAXARGV; i++)
  				SWAP(sep->se_argv[i], new->se_argv[i]);
  			sigsetmask(omask);
 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message