Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 30 Mar 2002 18:26:01 -0800 (PST)
From:      Anatole Shaw <anatole@mindspring.com>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   misc/36556: patch: regular expressions for tcpwrappers
Message-ID:  <200203310226.g2V2Q1w46100@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help

>Number:         36556
>Category:       misc
>Synopsis:       patch: regular expressions for tcpwrappers
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Mar 30 18:30:01 PST 2002
>Closed-Date:
>Last-Modified:
>Originator:     Anatole Shaw
>Release:        RELENG_4
>Organization:
>Environment:
>Description:
This patch adds support to tcpwrappers for regex host patterns.  Specifically, host patterns with a tilde ('~') at position [0] are interpreted as regular expressions starting from position [1].
>How-To-Repeat:

>Fix:
--- contrib/tcp_wrappers/hosts_access.c.orig  Tue Jul 18 08:34:54 2000
+++ contrib/tcp_wrappers/hosts_access.c  Thu Mar 14 06:45:02 2002
@@ -41,6 +41,7 @@
 #include <errno.h>
 #include <setjmp.h>
 #include <string.h>
+#include <regex.h>
 #ifdef INET6
 #include <netdb.h>
 #endif
@@ -93,6 +94,7 @@
 static int host_match();
 static int string_match();
 static int masked_match();
+static int regex_match();
 #ifdef INET6
 static int masked_match4();
 static int masked_match6();
@@ -336,6 +338,8 @@
     if (tok[0] == '.') {                        /* suffix */
         n = strlen(string) - strlen(tok);
         return (n > 0 && STR_EQ(tok, string + n));
+    } else if (tok[0] == '~') {                 /* regex */
+        return (regex_match(tok+1, string));
     } else if (STR_EQ(tok, "ALL")) {            /* all: match any */
         return (YES);
     } else if (STR_EQ(tok, "KNOWN")) {          /* not unknown */
@@ -378,6 +382,45 @@
 #endif
         return (STR_EQ(tok, string));
     }
+}
+
+/* regex_match - match string against regular expression */
+
+static int regex_match(exp, string)
+char   *exp;
+char   *string;
+{
+    regex_t preg;
+    int errn;
+    char errstr[256];
+
+    if ( *exp == '\0' ) {
+        tcpd_warn("null regular expression");
+        return (NO);
+    }
+    errn = regcomp(&preg, exp, REG_EXTENDED | REG_ICASE | REG_NOSUB);
+    if ( errn != 0 ) {
+        regerror(errn, &preg, errstr, 256);
+        regfree(&preg);
+        tcpd_warn("error in regex: %s", errstr);
+        return (NO);
+    }
+    errn = regexec(&preg, string, 0, NULL, 0);
+    if ( errn == 0 ) {
+        regfree(&preg);
+        return (YES);
+    } else if ( errn == REG_NOMATCH ) {
+        regfree(&preg);
+        return (NO);
+    } else {
+        regerror(errn, &preg, errstr, 256);
+        regfree(&preg);
+        tcpd_warn("could not execute regex: %s", errstr);
+        return (NO);
+    }
+    /* unreached */
+    regfree(&preg);
+    return (NO);
 }

 /* masked_match - match address against netnumber/netmask */
--- contrib/tcp_wrappers/hosts_access.5.orig  Thu Feb  3 10:26:57 2000
+++ contrib/tcp_wrappers/hosts_access.5  Thu Mar 14 06:13:06 2002
@@ -103,6 +103,15 @@
 zero or more lines with zero or more host name or address patterns
 separated by whitespace.  A file name pattern can be used anywhere
 a host name or address pattern can be used.
+.IP \(bu
+A string that begins with a `~\' character.
+The address (and hostname, if available) are matched
+against the extended regular expression (see \fIre_format(7)\fR)
+which follows the `~\' character.
+For example, the pattern `~^nyc[0-9]+\\.example\\.com$\' matches the host name
+`nyc23.example.com\' but neither `nyc.example.com\' nor `nyc42.example.com.au\'.
+The comparison is not case-sensitive, and it is both impossible and useless
+for spaces to appear in the expression.
 .SH WILDCARDS
 The access control language supports explicit wildcards:
 .IP ALL

begin 600 tcpwrappers-regex-freebsd.patch.gz
M'XL(`"MSICP``[56?U/;1A#]V_H46]H&&]E&_@F8DH&"T]`2TX(S:0=3YRRM
M;17YI+D[Q="T?/;NW5FV[)`TZ4P]#)9N=]^^?;>WYTJE`G[,E0A'N\I/AG/!
MD@2%W)W&4LDA\WV4LNI78Q%."OT4X<<T@MH^>/N=1K/3:D+=\SS'==W/02GT
MIRF\8@)J3?#:G6:KX]4U0-TY/H9*LU9N@TO_]^#XV(&O0^Y':8#P'0K!X^KT
M>7Y-HOICEFPN$@$^T8ON:E'@!.\7CN,`QW#>Z_;;^3".*AA9#^1!.#9L#AJ:
MS4%SP48JID(?0JY`US2<,>5/BZ7#-8O-_[1MQN0=!BN;F[,9BKFP=:(?`6E^
M*D-;&W49C49;U]%H[)?W32'Z$XZAJ.*[&^\6CHY@N[I=@O>%0F%W!V0Z'H?W
ML+/K0('#D:XH0EZTA96@DBU0M,Y>$*A2P:'(X3EX\.P97/>OAMU?M+V\D`-<
MX"5=L,[\-V`D<9/`XXJ`D4+G-^[ZDZ7(BT2Q;BU+H,%A`SQ/8^ODXF*K9#)0
M`A9%'3`HP/B#K31+\5OW^M^P?NI=ONFMT'BL(.5W/)YS#644W]LWBN_7R\V6
M[63;5:L\'XJTJL%QZ<]Q,RELP22\_5Y(RB8LY-(T3AK1><+[1-`)"V/#POUH
M<Y'?,J/C^E,*!=BAU</5FS73PGN[!S9>`668+'91P^I#N7@UD?1.D3?U5OOV
M4#/(^LS`FUT>>-M`NJUVEB9%,)PSP8M;/(VB)ZK9ROHFWPB]RV4WV2]-A7J5
MPOUXEA2?::9E,+5>=7\8=G_M=WMGW3/XR[R>GYY<=Q?/O<OKU]]G:(:MP?KJ
MB)IYC:H608A8%+6]#%D*4W,9J.AUHI.Q0+1$\H9<P0:-A+3R=N!;N97A?6'-
M>(]^5K/=NS)X9>B]OKB@AP^+.WJJN*?YKI^+S0.\A+-*OCKIG[[\0N!<61;W
M_Y3<C],H,"=62Y8J_*_:T]E,N4#F3S%8CJHG&:Q!4#@X.C@_J)<GFP6!;OKE
MT:9+B:>S$8I=>M(1.E/ELV[KUN*VILOV!8X`&E#S.O5VI[7W);=U:^.VKC4Z
M7GMU6]<\<T'JKYH=<W^BB(&:>A8+A"CD*&$>JNGZNDX!G,U0KV0U)TPI%%S2
M=88)$TR1KJ,'F$]#A3)A/E8!3F`<1FA#%_[@,PXCA%22/PWS^10%.L`^F20?
M5'7<ZOG/,"B.4L<]R8:KFC)%'A/:!EL`@[>/@VTSYIA/&!36G^(2N,AX8%+J
MC&5]--@[%D9L%&$)&-5L-A@#Q\WV5E$TWBNZ%HCX$S.\*!%A,#X7.!S'@L*+
M>Z7!^(I&-DE"O3*.HRB>2X/S`;47L<9BLR0B,MHC*_SMX^_\P;_Q*@>W[F!0
M7?C0$TW-;PC$TK2H2P4=]RT%U1N9NW8FWU&J.Y3$00':8</,8[O<K.<-598.
MMA?BZ4G-1"BIVE":0^DSB16)7(8J?$?4M:JATM913)L0SI*8U"%1C86V+R*U
M')<$`M,C1#P&W<C,S%6K<29IU8'J]4MX<WYQ=GIR=7;M@-E!T^GV+,011(Q/
G4C9!^A64)+%04@-$H4\LYF$4^$P$LD-`U#+TD\+Y!QOX22T["P``

>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200203310226.g2V2Q1w46100>