|
 |
23cc51 |
diff -up tcp_wrappers_7.6/hosts_access.c.patch12 tcp_wrappers_7.6/hosts_access.c
|
|
|
23cc51 |
--- tcp_wrappers_7.6/hosts_access.c.patch12 2008-08-29 09:45:12.000000000 +0200
|
|
|
23cc51 |
+++ tcp_wrappers_7.6/hosts_access.c 2008-08-29 09:45:12.000000000 +0200
|
|
|
23cc51 |
@@ -66,6 +66,7 @@ static char sep[] = ", \t\r\n";
|
|
|
23cc51 |
|
|
|
23cc51 |
#define YES 1
|
|
|
23cc51 |
#define NO 0
|
|
|
23cc51 |
+#define ERR -1
|
|
|
23cc51 |
|
|
|
23cc51 |
/*
|
|
|
23cc51 |
* These variables are globally visible so that they can be redirected in
|
|
|
23cc51 |
@@ -106,7 +107,6 @@ int hosts_access(request)
|
|
|
23cc51 |
struct request_info *request;
|
|
|
23cc51 |
{
|
|
|
23cc51 |
int verdict;
|
|
|
23cc51 |
-
|
|
|
23cc51 |
/*
|
|
|
23cc51 |
* If the (daemon, client) pair is matched by an entry in the file
|
|
|
23cc51 |
* /etc/hosts.allow, access is granted. Otherwise, if the (daemon,
|
|
|
23cc51 |
@@ -129,9 +129,9 @@ struct request_info *request;
|
|
|
23cc51 |
return (verdict == AC_PERMIT);
|
|
|
23cc51 |
if (table_match(hosts_allow_table, request))
|
|
|
23cc51 |
return (YES);
|
|
|
23cc51 |
- if (table_match(hosts_deny_table, request))
|
|
|
23cc51 |
- return (NO);
|
|
|
23cc51 |
- return (YES);
|
|
|
23cc51 |
+ if (table_match(hosts_deny_table, request) == NO)
|
|
|
23cc51 |
+ return (YES);
|
|
|
23cc51 |
+ return (NO);
|
|
|
23cc51 |
}
|
|
|
23cc51 |
|
|
|
23cc51 |
/* table_match - match table entries with (daemon, client) pair */
|
|
|
23cc51 |
@@ -175,6 +175,7 @@ struct request_info *request;
|
|
|
23cc51 |
(void) fclose(fp);
|
|
|
23cc51 |
} else if (errno != ENOENT) {
|
|
|
23cc51 |
tcpd_warn("cannot open %s: %m", table);
|
|
|
23cc51 |
+ match = ERR;
|
|
|
23cc51 |
}
|
|
|
23cc51 |
if (match) {
|
|
|
23cc51 |
if (hosts_access_verbose > 1)
|