rpms/tcp_wrappers/F-7 tcp_wrappers-7.6-196326.patch, NONE, 1.1 tcp_wrappers-7.6-220015.patch, 1.2, 1.3 tcp_wrappers.spec, 1.26, 1.27
Tomas Janousek (tjanouse)
fedora-extras-commits at redhat.com
Fri Jun 29 10:19:05 UTC 2007
Author: tjanouse
Update of /cvs/pkgs/rpms/tcp_wrappers/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5724
Modified Files:
tcp_wrappers-7.6-220015.patch tcp_wrappers.spec
Added Files:
tcp_wrappers-7.6-196326.patch
Log Message:
* Thu Jun 28 2007 Tomas Janousek <tjanouse at redhat.com> - 7.6-48
- dropped the hostname resolving patch
- resolve the address given to hosts_ctl to hostname, if hostname not given
- compare localhost and localhost.localdomain as the same
- fixed a few compile warnings
tcp_wrappers-7.6-196326.patch:
--- NEW FILE tcp_wrappers-7.6-196326.patch ---
--- tcp_wrappers_7.6/hosts_access.c.196326 2007-06-28 13:44:10.000000000 +0200
+++ tcp_wrappers_7.6/hosts_access.c 2007-06-28 15:33:45.000000000 +0200
@@ -346,6 +346,9 @@
return (STR_NE(string, unknown));
} else if (tok[(n = strlen(tok)) - 1] == '.') { /* prefix */
return (STRN_EQ(tok, string, n));
+ } else if ((STR_EQ(tok, "localhost") || STR_EQ(tok, "localhost.localdomain"))
+ && (STR_EQ(string, "localhost") || STR_EQ(string, "localhost.localdomain"))) {
+ return (YES); /* these localhosts are equivalent */
} else { /* exact match */
#ifdef INET6
struct addrinfo hints, *res;
tcp_wrappers-7.6-220015.patch:
Index: tcp_wrappers-7.6-220015.patch
===================================================================
RCS file: /cvs/pkgs/rpms/tcp_wrappers/F-7/tcp_wrappers-7.6-220015.patch,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- tcp_wrappers-7.6-220015.patch 6 Jun 2007 13:00:39 -0000 1.2
+++ tcp_wrappers-7.6-220015.patch 29 Jun 2007 10:18:30 -0000 1.3
@@ -1,90 +1,85 @@
---- tcp_wrappers_7.6/tcpd.h.220015 2007-06-06 14:46:32.000000000 +0200
-+++ tcp_wrappers_7.6/tcpd.h 2007-06-06 14:50:44.000000000 +0200
-@@ -171,6 +171,8 @@
+--- tcp_wrappers_7.6/tcpd.h.220015 2007-06-28 15:42:49.000000000 +0200
++++ tcp_wrappers_7.6/tcpd.h 2007-06-28 15:43:59.000000000 +0200
+@@ -167,6 +167,7 @@
+
+ /* look up endpoint addresses */
+ extern void sock_host __P((struct request_info *));
++extern void sock_hostnofd __P((struct request_info *));
+ /* translate address to hostname */
extern void sock_hostname __P((struct host_info *));
/* address to printable address */
- extern void sock_hostaddr __P((struct host_info *));
-+/* resolve hostname */
-+extern const char * sock_resolve __P((const char *hostname, int family));
+--- tcp_wrappers_7.6/hosts_ctl.c.220015 1994-12-28 17:42:28.000000000 +0100
++++ tcp_wrappers_7.6/hosts_ctl.c 2007-06-28 15:42:49.000000000 +0200
+@@ -29,10 +29,12 @@
+ {
+ struct request_info request;
- #define sock_methods(r) \
- { (r)->hostname = sock_hostname; (r)->hostaddr = sock_hostaddr; }
---- tcp_wrappers_7.6/hosts_access.c.220015 2007-06-06 14:46:32.000000000 +0200
-+++ tcp_wrappers_7.6/hosts_access.c 2007-06-06 14:46:32.000000000 +0200
-@@ -312,8 +312,28 @@
- } else if ((mask = split_at(tok, '/')) != 0) { /* net/mask */
- return (masked_match(tok, mask, eval_hostaddr(host)));
- } else { /* anything else */
-- return (string_match(tok, eval_hostaddr(host))
-- || (NOT_INADDR(tok) && string_match(tok, eval_hostname(host))));
-+ int ret;
-+ if ((ret = string_match(tok, eval_hostaddr(host))))
-+ return ret;
-+
-+ if (NOT_INADDR(tok)) {
-+ if ((ret = string_match(tok, eval_hostname(host))))
-+ return ret;
-+
-+ /* try to resolve the pattern and match the numeric
-+ * addresses */
-+ const char *tok_resolved = sock_resolve(tok, AF_INET);
-+ if (HOSTNAME_KNOWN(tok_resolved))
-+ if ((ret = string_match(tok_resolved, eval_hostaddr(host))))
-+ return ret;
-+
-+ tok_resolved = sock_resolve(tok, AF_INET6);
-+ if (HOSTNAME_KNOWN(tok_resolved))
-+ if ((ret = string_match(tok_resolved, eval_hostaddr(host))))
-+ return ret;
-+ }
+- return (hosts_access(request_init(&request,
+- RQ_DAEMON, daemon,
+- RQ_CLIENT_NAME, name,
+- RQ_CLIENT_ADDR, addr,
+- RQ_USER, user,
+- 0)));
++ request_init(&request, RQ_DAEMON, daemon,
++ RQ_CLIENT_NAME, name,
++ RQ_CLIENT_ADDR, addr,
++ RQ_USER, user,
++ 0);
++ sock_hostnofd(&request);
+
-+ return (NO);
- }
++ return (hosts_access(&request));
}
-
---- tcp_wrappers_7.6/socket.c.220015 2007-06-06 14:46:32.000000000 +0200
-+++ tcp_wrappers_7.6/socket.c 2007-06-06 14:46:32.000000000 +0200
-@@ -435,3 +435,43 @@
-
- (void) recvfrom(fd, buf, sizeof(buf), 0, (struct sockaddr *) & sin, &size);
+--- tcp_wrappers_7.6/socket.c.220015 2007-06-28 15:42:49.000000000 +0200
++++ tcp_wrappers_7.6/socket.c 2007-06-28 15:42:49.000000000 +0200
+@@ -147,6 +147,51 @@
+ #endif
}
+
++/* sock_hostnofd - look up endpoint addresses and install conversion methods */
+
-+/* sock_resolve - resolve the hostname to ip and return a string */
-+
-+const char * sock_resolve(hostname, family)
-+const char * hostname;
-+int family;
++void sock_hostnofd(request)
++struct request_info *request;
+{
-+ static struct host_info h;
-+
-+ memset(&h, 0, sizeof(h));
-+
-+ int ret;
++ static struct sockaddr_storage client;
+ struct addrinfo hints, *res;
++ int ret;
++ char *host;
++
++ /* If the address field is non-empty and non-unknown and if the hostname
++ * field is empty or unknown, use the address field to get the sockaddr
++ * and hostname. */
++ if (strlen(request->client->addr) &&
++ HOSTNAME_KNOWN(request->client->addr) &&
++ (!strlen(request->client->addr) ||
++ !HOSTNAME_KNOWN(request->client->name)))
++ host = request->client->addr;
++ else
++ return;
+
+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_family = family;
++ hints.ai_family = AF_INET6;
+ hints.ai_socktype = SOCK_STREAM;
-+ hints.ai_flags = AI_PASSIVE;
++ hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST;
+
-+ if ((ret = getaddrinfo(hostname, NULL, &hints, &res)) == 0) {
-+ h.sin = res->ai_addr;
-+ sock_hostaddr(&h);
-+ freeaddrinfo(res);
-+
-+ /* we have to add [] to the ipv6 address, as the string_match funtion
-+ * will do a more correct match then */
-+ if (family == AF_INET6) {
-+ int len = strlen(h.addr);
-+ memmove(h.addr + 1, h.addr, len + 1);
-+ h.addr[0] = '[';
-+ h.addr[len + 1] = ']';
-+ h.addr[len + 2] = 0;
-+ }
++ ret = getaddrinfo(host, NULL, &hints, &res);
++ if (ret != 0) {
++ hints.ai_family = AF_INET;
++ ret = getaddrinfo(host, NULL, &hints, &res);
++ }
+
-+ return h.addr;
++ if (ret != 0) {
++ tcpd_warn("can't resolve hostname (%s): %s", host, gai_strerror(ret));
+ } else {
-+ tcpd_warn("can't get pattern (%s) address: %s", hostname, gai_strerror(ret));
-+ return STRING_UNKNOWN;
++ sock_methods(request);
++
++ memcpy(&client, res->ai_addr, res->ai_addrlen);
++ request->client->sin = (struct sockaddr *)&client;
++ freeaddrinfo(res);
++
++ request->client->name[0] = 0;
+ }
+}
++
+ /* sock_hostaddr - map endpoint address to printable form */
+
+ void sock_hostaddr(host)
Index: tcp_wrappers.spec
===================================================================
RCS file: /cvs/pkgs/rpms/tcp_wrappers/F-7/tcp_wrappers.spec,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- tcp_wrappers.spec 6 Jun 2007 13:00:39 -0000 1.26
+++ tcp_wrappers.spec 29 Jun 2007 10:18:30 -0000 1.27
@@ -1,7 +1,7 @@
Summary: A security tool which acts as a wrapper for TCP daemons.
Name: tcp_wrappers
Version: 7.6
-Release: 47%{?dist}
+Release: 48%{?dist}
%define LIB_MAJOR 0
%define LIB_MINOR 7
@@ -31,6 +31,7 @@
Patch18: tcp_wrappers-7.6-restore_sigalarm.patch
Patch19: tcp_wrappers-7.6-siglongjmp.patch
Patch20: tcp_wrappers-7.6-sigchld.patch
+Patch21: tcp_wrappers-7.6-196326.patch
# required by sin_scope_id in ipv6 patch
BuildRequires: glibc-devel >= 2.2
BuildRoot: %{_tmppath}/%{name}-root
@@ -87,6 +88,7 @@
%patch18 -p1 -b .restore_sigalarm
%patch19 -p1 -b .siglongjmp
%patch20 -p1 -b .sigchld
+%patch21 -p1 -b .196326
%build
make RPM_OPT_FLAGS="$RPM_OPT_FLAGS -fPIC -DPIC -D_REENTRANT -DHAVE_STRERROR" LDFLAGS="-pie" MAJOR=%{LIB_MAJOR} MINOR=%{LIB_MINOR} REL=%{LIB_REL} linux
@@ -143,6 +145,12 @@
%{_mandir}/man3/*
%changelog
+* Thu Jun 28 2007 Tomas Janousek <tjanouse at redhat.com> - 7.6-48
+- dropped the hostname resolving patch
+- resolve the address given to hosts_ctl to hostname, if hostname not given
+- compare localhost and localhost.localdomain as the same
+- fixed a few compile warnings
+
* Wed Jun 06 2007 Tomas Janousek <tjanouse at redhat.com> - 7.6-47
- fix the hostname resolving patch for x86_64
More information about the fedora-extras-commits
mailing list