|
 |
c863fc |
diff -up tcp_wrappers_7.6/fix_options.c.patch9 tcp_wrappers_7.6/fix_options.c
|
|
|
c863fc |
--- tcp_wrappers_7.6/fix_options.c.patch9 1997-04-08 02:29:19.000000000 +0200
|
|
|
c863fc |
+++ tcp_wrappers_7.6/fix_options.c 2008-08-29 09:45:12.000000000 +0200
|
|
|
c863fc |
@@ -11,6 +11,9 @@ static char sccsid[] = "@(#) fix_options
|
|
|
c863fc |
|
|
|
c863fc |
#include <sys/types.h>
|
|
|
c863fc |
#include <sys/param.h>
|
|
|
c863fc |
+#ifdef HAVE_IPV6
|
|
|
c863fc |
+#include <sys/socket.h>
|
|
|
c863fc |
+#endif
|
|
|
c863fc |
#include <netinet/in.h>
|
|
|
c863fc |
#include <netinet/in_systm.h>
|
|
|
c863fc |
#include <netinet/ip.h>
|
|
|
c863fc |
@@ -41,6 +44,22 @@ struct request_info *request;
|
|
|
c863fc |
unsigned int opt;
|
|
|
c863fc |
int optlen;
|
|
|
c863fc |
struct in_addr dummy;
|
|
|
c863fc |
+#ifdef HAVE_IPV6
|
|
|
c863fc |
+ struct sockaddr_storage ss;
|
|
|
c863fc |
+ int sslen;
|
|
|
c863fc |
+
|
|
|
c863fc |
+ /*
|
|
|
c863fc |
+ * check if this is AF_INET socket
|
|
|
c863fc |
+ * XXX IPv6 support?
|
|
|
c863fc |
+ */
|
|
|
c863fc |
+ sslen = sizeof(ss);
|
|
|
c863fc |
+ if (getsockname(fd, (struct sockaddr *)&ss, &sslen) < 0) {
|
|
|
c863fc |
+ syslog(LOG_ERR, "getpeername: %m");
|
|
|
c863fc |
+ clean_exit(request);
|
|
|
c863fc |
+ }
|
|
|
c863fc |
+ if (ss.ss_family != AF_INET)
|
|
|
c863fc |
+ return;
|
|
|
c863fc |
+#endif
|
|
|
c863fc |
|
|
|
c863fc |
if ((ip = getprotobyname("ip")) != 0)
|
|
|
c863fc |
ipproto = ip->p_proto;
|
|
|
c863fc |
diff -up tcp_wrappers_7.6/hosts_access.5.patch9 tcp_wrappers_7.6/hosts_access.5
|
|
|
c863fc |
--- tcp_wrappers_7.6/hosts_access.5.patch9 2008-08-29 09:45:12.000000000 +0200
|
|
|
c863fc |
+++ tcp_wrappers_7.6/hosts_access.5 2008-08-29 09:45:12.000000000 +0200
|
|
|
c863fc |
@@ -85,11 +85,18 @@ member of the specified netgroup. Netgro
|
|
|
c863fc |
for daemon process names or for client user names.
|
|
|
c863fc |
.IP \(bu
|
|
|
c863fc |
An expression of the form `n.n.n.n/m.m.m.m\' is interpreted as a
|
|
|
c863fc |
-`net/mask\' pair. A host address is matched if `net\' is equal to the
|
|
|
c863fc |
+`net/mask\' pair. An IPv4 host address is matched if `net\' is equal to the
|
|
|
c863fc |
bitwise AND of the address and the `mask\'. For example, the net/mask
|
|
|
c863fc |
pattern `131.155.72.0/255.255.254.0\' matches every address in the
|
|
|
c863fc |
range `131.155.72.0\' through `131.155.73.255\'.
|
|
|
c863fc |
.IP \(bu
|
|
|
c863fc |
+An expression of the form `[n:n:n:n:n:n:n:n/m]\' is interpreted as a
|
|
|
c863fc |
+`[net/prefixlen]\' pair. An IPv6 host address is matched if
|
|
|
c863fc |
+`prefixlen\' bits of `net\' is equal to the `prefixlen\' bits of the
|
|
|
c863fc |
+address. For example, the [net/prefixlen] pattern
|
|
|
c863fc |
+`[3ffe:505:2:1::/64]\' matches every address in the range
|
|
|
c863fc |
+`3ffe:505:2:1::\' through `3ffe:505:2:1:ffff:ffff:ffff:ffff\'.
|
|
|
c863fc |
+.IP \(bu
|
|
|
c863fc |
A string that begins with a `/\' character is treated as a file
|
|
|
c863fc |
name. A host name or address is matched if it matches any host name
|
|
|
c863fc |
or address pattern listed in the named file. The file format is
|
|
|
c863fc |
diff -up tcp_wrappers_7.6/inetcf.c.patch9 tcp_wrappers_7.6/inetcf.c
|
|
|
c863fc |
--- tcp_wrappers_7.6/inetcf.c.patch9 1997-02-12 02:13:24.000000000 +0100
|
|
|
c863fc |
+++ tcp_wrappers_7.6/inetcf.c 2008-08-29 09:45:12.000000000 +0200
|
|
|
c863fc |
@@ -26,6 +26,9 @@ extern void exit();
|
|
|
c863fc |
* guesses. Shorter names follow longer ones.
|
|
|
c863fc |
*/
|
|
|
c863fc |
char *inet_files[] = {
|
|
|
c863fc |
+#ifdef HAVE_IPV6
|
|
|
c863fc |
+ "/usr/local/v6/etc/inet6d.conf", /* KAME */
|
|
|
c863fc |
+#endif
|
|
|
c863fc |
"/private/etc/inetd.conf", /* NEXT */
|
|
|
c863fc |
"/etc/inet/inetd.conf", /* SYSV4 */
|
|
|
c863fc |
"/usr/etc/inetd.conf", /* IRIX?? */
|
|
|
c863fc |
diff -up tcp_wrappers_7.6/Makefile.patch9 tcp_wrappers_7.6/Makefile
|
|
|
c863fc |
--- tcp_wrappers_7.6/Makefile.patch9 2013-01-25 10:53:33.891349937 +0100
|
|
|
c863fc |
+++ tcp_wrappers_7.6/Makefile 2013-01-25 11:00:57.362801588 +0100
|
|
|
c863fc |
@@ -21,7 +21,7 @@ what:
|
|
|
c863fc |
@echo " dynix epix esix freebsd hpux irix4 irix5 irix6 isc iunix"
|
|
|
c863fc |
@echo " linux machten mips(untested) ncrsvr4 netbsd next osf power_unix_211"
|
|
|
c863fc |
@echo " ptx-2.x ptx-generic pyramid sco sco-nis sco-od2 sco-os5 sinix sunos4"
|
|
|
c863fc |
- @echo " sunos40 sunos5 sysv4 tandem ultrix unicos7 unicos8 unixware1 unixware2"
|
|
|
c863fc |
+ @echo " sunos40 sunos5 solaris8 sysv4 tandem ultrix unicos7 unicos8 unixware1 unixware2"
|
|
|
c863fc |
@echo " uts215 uxp"
|
|
|
c863fc |
@echo
|
|
|
c863fc |
@echo "If none of these match your environment, edit the system"
|
|
|
c863fc |
@@ -138,13 +138,25 @@ epix:
|
|
|
c863fc |
|
|
|
c863fc |
freebsd:
|
|
|
c863fc |
@make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
|
|
|
c863fc |
+ LIBS="-L/usr/local/v6/lib -linet6" \
|
|
|
c863fc |
LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ= NETGROUP= TLI= \
|
|
|
c863fc |
- EXTRA_CFLAGS=-DUSE_STRERROR VSYSLOG= all
|
|
|
c863fc |
+ EXTRA_CFLAGS="-DUSE_STRERROR -Dss_family=__ss_family -Dss_len=__ss_len" VSYSLOG= all
|
|
|
c863fc |
+
|
|
|
c863fc |
+netbsd:
|
|
|
c863fc |
+ @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
|
|
|
c863fc |
+ LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ= NETGROUP= TLI= \
|
|
|
c863fc |
+ EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -Dss_family=__ss_family -Dss_len=__ss_len" VSYSLOG= all
|
|
|
c863fc |
|
|
|
c863fc |
linux:
|
|
|
c863fc |
@make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
|
|
|
c863fc |
LIBS="-lnsl" RANLIB=ranlib ARFLAGS=rv AUX_OBJ= \
|
|
|
c863fc |
- NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DUSE_STRERROR -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all
|
|
|
c863fc |
+ NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DUSE_STRERROR -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER -Dss_family=__ss_family -Dss_len=__ss_len" all
|
|
|
c863fc |
+
|
|
|
c863fc |
+linux-old:
|
|
|
c863fc |
+ @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
|
|
|
c863fc |
+ LIBS="/usr/inet6/lib/libinet6.a -lresolv" \
|
|
|
c863fc |
+ RANLIB=ranlib ARFLAGS=rv AUX_OBJ=setenv.o NETGROUP= TLI= \
|
|
|
c863fc |
+ EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER -Dss_family=sin6_family -Dsockaddr_storage=sockaddr_in6 -I/usr/inet6/include" all
|
|
|
c863fc |
|
|
|
c863fc |
# This is good for many SYSV+BSD hybrids with NIS, probably also for HP-UX 7.x.
|
|
|
c863fc |
hpux hpux8 hpux9 hpux10:
|
|
|
c863fc |
@@ -197,6 +209,13 @@ sunos5:
|
|
|
c863fc |
BUGS="$(BUGS) -DSOLARIS_24_GETHOSTBYNAME_BUG" IPV6="$(IPV6)" \
|
|
|
c863fc |
EXTRA_CFLAGS=-DUSE_STRERROR all
|
|
|
c863fc |
|
|
|
c863fc |
+# SunOS 5.8 is another SYSV4 variant, but has IPv6 support
|
|
|
c863fc |
+solaris8:
|
|
|
c863fc |
+ @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
|
|
|
c863fc |
+ LIBS="-lsocket -lnsl" RANLIB=echo ARFLAGS=rv VSYSLOG= \
|
|
|
c863fc |
+ NETGROUP=-DNETGROUP AUX_OBJ=setenv.o TLI=-DTLI \
|
|
|
c863fc |
+ EXTRA_CFLAGS="-DNO_CLONE_DEVICE -DINT32_T" all
|
|
|
c863fc |
+
|
|
|
c863fc |
# Generic SYSV40
|
|
|
c863fc |
esix sysv4:
|
|
|
c863fc |
@make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
|
|
|
c863fc |
@@ -392,7 +411,7 @@ AR = ar
|
|
|
c863fc |
# the ones provided with this source distribution. The environ.c module
|
|
|
c863fc |
# implements setenv(), getenv(), and putenv().
|
|
|
c863fc |
|
|
|
c863fc |
-AUX_OBJ= setenv.o
|
|
|
c863fc |
+#AUX_OBJ= setenv.o
|
|
|
c863fc |
#AUX_OBJ= environ.o
|
|
|
c863fc |
#AUX_OBJ= environ.o strcasecmp.o
|
|
|
c863fc |
|
|
|
c863fc |
@@ -455,7 +474,7 @@ AUX_OBJ= setenv.o
|
|
|
c863fc |
# host name aliases. Compile with -DSOLARIS_24_GETHOSTBYNAME_BUG to work
|
|
|
c863fc |
# around this. The workaround does no harm on other Solaris versions.
|
|
|
c863fc |
|
|
|
c863fc |
-BUGS = -DGETPEERNAME_BUG -DBROKEN_FGETS -DLIBC_CALLS_STRTOK
|
|
|
c863fc |
+#BUGS = -DGETPEERNAME_BUG -DBROKEN_FGETS -DLIBC_CALLS_STRTOK
|
|
|
c863fc |
#BUGS = -DGETPEERNAME_BUG -DBROKEN_FGETS -DINET_ADDR_BUG
|
|
|
c863fc |
#BUGS = -DGETPEERNAME_BUG -DBROKEN_FGETS -DSOLARIS_24_GETHOSTBYNAME_BUG
|
|
|
c863fc |
|
|
|
c863fc |
@@ -473,7 +492,7 @@ BUGS = -DGETPEERNAME_BUG -DBROKEN_FGETS
|
|
|
c863fc |
# If your system supports vsyslog(), comment out the following definition.
|
|
|
c863fc |
# If in doubt leave it in, it won't harm.
|
|
|
c863fc |
|
|
|
c863fc |
-VSYSLOG = -Dvsyslog=myvsyslog
|
|
|
c863fc |
+#VSYSLOG = -Dvsyslog=myvsyslog
|
|
|
c863fc |
|
|
|
c863fc |
###############################################################
|
|
|
c863fc |
# System dependencies: whether or not your system has IPV6
|
|
|
c863fc |
@@ -485,7 +504,7 @@ VSYSLOG = -Dvsyslog=myvsyslog
|
|
|
c863fc |
|
|
|
c863fc |
# If your system does not have getipnodebyname() but uses the obsolete
|
|
|
c863fc |
# gethostbyname2() instead, use this (AIX)
|
|
|
c863fc |
-# IPV6 = -DHAVE_IPV6 -DUSE_GETHOSTBYNAME2
|
|
|
c863fc |
+IPV6 = -DHAVE_IPV6 -DUSE_GETHOSTBYNAME2
|
|
|
c863fc |
|
|
|
c863fc |
# End of the system dependencies.
|
|
|
c863fc |
#################################
|
|
|
c863fc |
diff -up tcp_wrappers_7.6/misc.c.patch9 tcp_wrappers_7.6/misc.c
|
|
|
c863fc |
--- tcp_wrappers_7.6/misc.c.patch9 1996-02-11 17:01:30.000000000 +0100
|
|
|
c863fc |
+++ tcp_wrappers_7.6/misc.c 2008-08-29 09:45:12.000000000 +0200
|
|
|
c863fc |
@@ -58,9 +58,31 @@ int delimiter;
|
|
|
c863fc |
{
|
|
|
c863fc |
char *cp;
|
|
|
c863fc |
|
|
|
c863fc |
+#ifdef HAVE_IPV6
|
|
|
c863fc |
+ int bracket = 0;
|
|
|
c863fc |
+
|
|
|
c863fc |
+ for (cp = string; cp && *cp; cp++) {
|
|
|
c863fc |
+ switch (*cp) {
|
|
|
c863fc |
+ case '[':
|
|
|
c863fc |
+ bracket++;
|
|
|
c863fc |
+ break;
|
|
|
c863fc |
+ case ']':
|
|
|
c863fc |
+ bracket--;
|
|
|
c863fc |
+ break;
|
|
|
c863fc |
+ default:
|
|
|
c863fc |
+ if (bracket == 0 && *cp == delimiter) {
|
|
|
c863fc |
+ *cp++ = 0;
|
|
|
c863fc |
+ return cp;
|
|
|
c863fc |
+ }
|
|
|
c863fc |
+ break;
|
|
|
c863fc |
+ }
|
|
|
c863fc |
+ }
|
|
|
c863fc |
+ return (NULL);
|
|
|
c863fc |
+#else
|
|
|
c863fc |
if ((cp = strchr(string, delimiter)) != 0)
|
|
|
c863fc |
*cp++ = 0;
|
|
|
c863fc |
return (cp);
|
|
|
c863fc |
+#endif
|
|
|
c863fc |
}
|
|
|
c863fc |
|
|
|
c863fc |
/* dot_quad_addr - convert dotted quad to internal form */
|
|
|
c863fc |
diff -up tcp_wrappers_7.6/refuse.c.patch9 tcp_wrappers_7.6/refuse.c
|
|
|
c863fc |
--- tcp_wrappers_7.6/refuse.c.patch9 1994-12-28 17:42:40.000000000 +0100
|
|
|
c863fc |
+++ tcp_wrappers_7.6/refuse.c 2008-08-29 09:45:12.000000000 +0200
|
|
|
c863fc |
@@ -25,7 +25,12 @@ static char sccsid[] = "@(#) refuse.c 1.
|
|
|
c863fc |
void refuse(request)
|
|
|
c863fc |
struct request_info *request;
|
|
|
c863fc |
{
|
|
|
c863fc |
+#ifdef HAVE_IPV6
|
|
|
c863fc |
+ syslog(deny_severity, "refused connect from %s (%s)",
|
|
|
c863fc |
+ eval_client(request), eval_hostaddr(request->client));
|
|
|
c863fc |
+#else
|
|
|
c863fc |
syslog(deny_severity, "refused connect from %s", eval_client(request));
|
|
|
c863fc |
+#endif
|
|
|
c863fc |
clean_exit(request);
|
|
|
c863fc |
/* NOTREACHED */
|
|
|
c863fc |
}
|
|
|
c863fc |
diff -up tcp_wrappers_7.6/rfc931.c.patch9 tcp_wrappers_7.6/rfc931.c
|
|
|
c863fc |
--- tcp_wrappers_7.6/rfc931.c.patch9 2004-05-04 16:01:01.000000000 +0200
|
|
|
c863fc |
+++ tcp_wrappers_7.6/rfc931.c 2013-01-25 11:08:26.690292897 +0100
|
|
|
c863fc |
@@ -94,6 +94,12 @@ char *dest;
|
|
|
c863fc |
* sockets.
|
|
|
c863fc |
*/
|
|
|
c863fc |
|
|
|
c863fc |
+ /* address family must be the same */
|
|
|
c863fc |
+ if (SGFAM(rmt_sin) != SGFAM(our_sin)) {
|
|
|
c863fc |
+ STRN_CPY(dest, result, STRING_LENGTH);
|
|
|
c863fc |
+ return;
|
|
|
c863fc |
+ }
|
|
|
c863fc |
+
|
|
|
c863fc |
if ((fp = fsocket(SGFAM(rmt_sin), SOCK_STREAM, 0)) != 0) {
|
|
|
c863fc |
setbuf(fp, (char *) 0);
|
|
|
c863fc |
|
|
|
c863fc |
diff -up tcp_wrappers_7.6/tcpd.c.patch9 tcp_wrappers_7.6/tcpd.c
|
|
|
c863fc |
--- tcp_wrappers_7.6/tcpd.c.patch9 2008-08-29 09:45:12.000000000 +0200
|
|
|
c863fc |
+++ tcp_wrappers_7.6/tcpd.c 2008-08-29 09:45:12.000000000 +0200
|
|
|
c863fc |
@@ -120,7 +120,12 @@ char **argv;
|
|
|
c863fc |
|
|
|
c863fc |
/* Report request and invoke the real daemon program. */
|
|
|
c863fc |
|
|
|
c863fc |
+#ifdef HAVE_IPV6
|
|
|
c863fc |
+ syslog(allow_severity, "connect from %s (%s)",
|
|
|
c863fc |
+ eval_client(&request), eval_hostaddr(request.client));
|
|
|
c863fc |
+#else
|
|
|
c863fc |
syslog(allow_severity, "connect from %s", eval_client(&request));
|
|
|
c863fc |
+#endif
|
|
|
c863fc |
closelog();
|
|
|
c863fc |
(void) execv(path, argv);
|
|
|
c863fc |
syslog(LOG_ERR, "error: cannot execute %s: %m", path);
|
|
|
c863fc |
diff -up tcp_wrappers_7.6/workarounds.c.patch9 tcp_wrappers_7.6/workarounds.c
|
|
|
c863fc |
--- tcp_wrappers_7.6/workarounds.c.patch9 1996-03-19 16:22:26.000000000 +0100
|
|
|
c863fc |
+++ tcp_wrappers_7.6/workarounds.c 2008-08-29 09:45:12.000000000 +0200
|
|
|
c863fc |
@@ -166,11 +166,22 @@ struct sockaddr *sa;
|
|
|
c863fc |
int *len;
|
|
|
c863fc |
{
|
|
|
c863fc |
int ret;
|
|
|
c863fc |
+#ifdef HAVE_IPV6
|
|
|
c863fc |
+ struct sockaddr *sin = sa;
|
|
|
c863fc |
+#else
|
|
|
c863fc |
struct sockaddr_in *sin = (struct sockaddr_in *) sa;
|
|
|
c863fc |
+#endif
|
|
|
c863fc |
|
|
|
c863fc |
if ((ret = getpeername(sock, sa, len)) >= 0
|
|
|
c863fc |
+#ifdef HAVE_IPV6
|
|
|
c863fc |
+ && ((sin->su_si.si_family == AF_INET6
|
|
|
c863fc |
+ && IN6_IS_ADDR_UNSPECIFIED(&sin->su_sin6.sin6_addr))
|
|
|
c863fc |
+ || (sin->su_si.si_family == AF_INET
|
|
|
c863fc |
+ && sin->su_sin.sin_addr.s_addr == 0))) {
|
|
|
c863fc |
+#else
|
|
|
c863fc |
&& sa->sa_family == AF_INET
|
|
|
c863fc |
&& sin->sin_addr.s_addr == 0) {
|
|
|
c863fc |
+#endif
|
|
|
c863fc |
errno = ENOTCONN;
|
|
|
c863fc |
return (-1);
|
|
|
c863fc |
} else {
|