Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 9 Jan 2002 05:00:04 -0800 (PST)
From:      Valentin Nechayev <netch@netch.kiev.ua>
To:        freebsd-bugs@FreeBSD.org
Subject:   Re: bin/31034: regularly add original address logging for tcpwrappers a ddress mismatch diagnostics
Message-ID:  <200201091300.g09D04Y69763@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/31034; it has been noted by GNATS.

From: Valentin Nechayev <netch@netch.kiev.ua>
To: freebsd-gnats-submit@freebsd.org
Cc:  
Subject: Re: bin/31034: regularly add original address logging for tcpwrappers a ddress mismatch diagnostics
Date: Wed, 9 Jan 2002 14:59:15 +0200

 I want to update the patch from original report.
 Now it uses syslog(allow_severity,...) instead of tcpd_warn(), because
 tcpd_warn() uses LOG_ERR always, which is quite unreasonable fixed and too
 high for this problem.
 
 --- socket.c.0	Wed Jul 11 14:47:43 2001
 +++ socket.c	Wed Jan  9 12:38:59 2002
 @@ -224,9 +224,9 @@
  	hints.ai_flags = AI_PASSIVE | AI_CANONNAME | AI_NUMERICHOST;
  	if ((err = getaddrinfo(host->name, NULL, &hints, &res0)) == 0) {
  	    freeaddrinfo(res0);
 -	    tcpd_warn("host name/name mismatch: "
 -		      "reverse lookup results in non-FQDN %s",
 -		      host->name);
 +	    syslog(allow_severity, "host name/name mismatch: "
 +		      "reverse lookup for %s results in non-FQDN %s",
 +		      host->addr, host->name);
  	    strcpy(host->name, paranoid);	/* name is bad, clobber it */
  	}
  	err = !err;
 @@ -258,9 +258,11 @@
  	     * may be a transient problem or a botched name server setup.
  	     */
  
 -	    tcpd_warn("can't verify hostname: getaddrinfo(%s, %s) failed",
 +	    syslog(allow_severity,
 +		"can't verify hostname: getaddrinfo(%s, %s) failed for %s",
  		      host->name,
 -		      (sin->sa_family == AF_INET) ? "AF_INET" : "AF_INET6");
 +		      (sin->sa_family == AF_INET) ? "AF_INET" : "AF_INET6",
 +		      host->addr);
  
  	} else if ((res0->ai_canonname == NULL
  		    || STR_NE(host->name, res0->ai_canonname))
 @@ -272,9 +274,10 @@
  	     * problem. It could also be that someone is trying to spoof us.
  	     */
  
 -	    tcpd_warn("host name/name mismatch: %s != %.*s",
 +	    syslog(allow_severity, "host name/name mismatch: %s != %.*s, addr=%s",
  		      host->name, STRING_LENGTH,
 -		      (res0->ai_canonname == NULL) ? "" : res0->ai_canonname);
 +		      (res0->ai_canonname == NULL) ? "" : res0->ai_canonname,
 +		      host->addr);
  
  	} else {
  
 @@ -317,9 +320,11 @@
  
  	    getnameinfo(sin, salen, hname, sizeof(hname),
  			NULL, 0, NI_NUMERICHOST | NI_WITHSCOPEID);
 -	    tcpd_warn("host name/address mismatch: %s != %.*s",
 +	    syslog(allow_severity,
 +		"host name/address mismatch: %s != %.*s, origaddr=%s",
  		      hname, STRING_LENGTH,
 -		      (res0->ai_canonname == NULL) ? "" : res0->ai_canonname);
 +		      (res0->ai_canonname == NULL) ? "" : res0->ai_canonname,
 +		      host->addr);
  	}
  	strcpy(host->name, paranoid);		/* name is bad, clobber it */
  	if (res0)
 @@ -363,8 +368,9 @@
  	     * may be a transient problem or a botched name server setup.
  	     */
  
 -	    tcpd_warn("can't verify hostname: gethostbyname(%s) failed",
 -		      host->name);
 +	    syslog(allow_severity,
 +		"can't verify hostname: gethostbyname(%s) failed for origaddr %s",
 +		      host->name, host->addr);
  
  	} else if (STR_NE(host->name, hp->h_name)
  		   && STR_NE(host->name, "localhost")) {
 @@ -375,8 +381,8 @@
  	     * problem. It could also be that someone is trying to spoof us.
  	     */
  
 -	    tcpd_warn("host name/name mismatch: %s != %.*s",
 -		      host->name, STRING_LENGTH, hp->h_name);
 +	    syslog(allow_severity, "host name/name mismatch: %s != %.*s, addr=%s",
 +		      host->name, STRING_LENGTH, hp->h_name, host->addr);
  
  	} else {
  
 @@ -400,8 +406,10 @@
  	     * server.
  	     */
  
 -	    tcpd_warn("host name/address mismatch: %s != %.*s",
 -		      inet_ntoa(sin->sin_addr), STRING_LENGTH, hp->h_name);
 +	    syslog(allow_severity,
 +		"host name/address mismatch: %s != %.*s, origaddr=%s",
 +		      inet_ntoa(sin->sin_addr), STRING_LENGTH, hp->h_name,
 +		      host->addr);
  	}
  	strcpy(host->name, paranoid);		/* name is bad, clobber it */
      }

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201091300.g09D04Y69763>