1 diff -ruN tcp_wrappers_7.6.orig/Makefile tcp_wrappers_7.6/Makefile
2 --- tcp_wrappers_7.6.orig/Makefile 2004-05-02 15:37:59.000000000 +0200
3 +++ tcp_wrappers_7.6/Makefile 2004-05-02 15:31:09.000000000 +0200
7 @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
8 - LIBS=-lnsl RANLIB=ranlib ARFLAGS=rv AUX_OBJ= \
9 + LIBS=-lnsl RANLIB=ranlib ARFLAGS=rv AUX_OBJ=weak_symbols.o \
10 NETGROUP="-DNETGROUP" TLI= VSYSLOG= BUGS= \
11 - EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -DHAVE_STRERROR -DINET6=1 -Dss_family=__ss_family -Dss_len=__ss_len" all
12 + EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -DHAVE_STRERROR -DHAVE_WEAKSYMS -D_REENTRANT -DINET6=1 -Dss_family=__ss_family -Dss_len=__ss_len" all
15 @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
16 - LIBS=-lnsl RANLIB=ranlib ARFLAGS=rv AUX_OBJ= \
17 + LIBS=-lnsl RANLIB=ranlib ARFLAGS=rv AUX_OBJ=weak_symbols.o \
18 NETGROUP=-DNETGROUP TLI= VSYSLOG= BUGS= \
19 - EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -DHAVE_STRERROR" all
20 + EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -DHAVE_STRERROR -DHAVE_WEAKSYMS -D_REENTRANT" all
22 # This is good for many SYSV+BSD hybrids with NIS, probably also for HP-UX 7.x.
23 hpux hpux8 hpux9 hpux10:
28 -all other: config-check tcpd tcpdmatch try-from safe_finger tcpdchk
30 + $(CC) $(CFLAGS) $(SHCFLAGS) -c $< -o $@
35 +SHLIB = shared/libwrap.so.$(SOMAJOR).$(SOMINOR)
36 +SHLIBSOMAJ = shared/libwrap.so.$(SOMAJOR)
37 +SHLIBSO = shared/libwrap.so
38 +SHLIBFLAGS = -Lshared -lwrap
40 +SHLINKFLAGS = -shared -Xlinker -soname -Xlinker libwrap.so.$(SOMAJOR) -lc $(LIBS)
41 +SHCFLAGS = -fPIC -shared -D_REENTRANT
42 +SHLIB_OBJ= $(addprefix shared/, $(LIB_OBJ));
44 +all other: config-check tcpd tcpdmatch try-from safe_finger tcpdchk $(LIB)
46 # Invalidate all object files when the compiler options (CFLAGS) have changed.
49 $(AR) $(ARFLAGS) $(LIB) $(LIB_OBJ)
53 - $(CC) $(CFLAGS) -o $@ tcpd.o $(LIB) $(LIBS)
54 +$(SHLIB): $(SHLIB_OBJ)
56 + $(CC) -o $(SHLIB) $(SHLINKFLAGS) $(SHLIB_OBJ)
57 + ln -sf $(notdir $(SHLIB)) $(SHLIBSOMAJ)
58 + ln -sf $(notdir $(SHLIBSOMAJ)) $(SHLIBSO)
60 +tcpd: tcpd.o $(SHLIB)
61 + $(CC) $(CFLAGS) -o $@ tcpd.o $(SHLIBFLAGS)
64 $(CC) $(CFLAGS) -o $@ miscd.o $(LIB) $(LIBS)
66 -safe_finger: safe_finger.o $(LIB)
67 - $(CC) $(CFLAGS) -o $@ safe_finger.o $(LIB) $(LIBS)
68 +safe_finger: safe_finger.o $(SHLIB)
69 + $(CC) $(CFLAGS) -o $@ safe_finger.o $(SHLIBFLAGS)
71 TCPDMATCH_OBJ = tcpdmatch.o fakelog.o inetcf.o scaffold.o
73 -tcpdmatch: $(TCPDMATCH_OBJ) $(LIB)
74 - $(CC) $(CFLAGS) -o $@ $(TCPDMATCH_OBJ) $(LIB) $(LIBS)
75 +tcpdmatch: $(TCPDMATCH_OBJ) $(SHLIB)
76 + $(CC) $(CFLAGS) -o $@ $(TCPDMATCH_OBJ) $(SHLIBFLAGS)
78 -try-from: try-from.o fakelog.o $(LIB)
79 - $(CC) $(CFLAGS) -o $@ try-from.o fakelog.o $(LIB) $(LIBS)
80 +try-from: try-from.o fakelog.o $(SHLIB)
81 + $(CC) $(CFLAGS) -o $@ try-from.o fakelog.o $(SHLIBFLAGS)
83 TCPDCHK_OBJ = tcpdchk.o fakelog.o inetcf.o scaffold.o
85 -tcpdchk: $(TCPDCHK_OBJ) $(LIB)
86 - $(CC) $(CFLAGS) -o $@ $(TCPDCHK_OBJ) $(LIB) $(LIBS)
87 +tcpdchk: $(TCPDCHK_OBJ) $(SHLIB)
88 + $(CC) $(CFLAGS) -o $@ $(TCPDCHK_OBJ) $(SHLIBFLAGS)
95 rm -f tcpd miscd safe_finger tcpdmatch tcpdchk try-from *.[oa] core \
106 +weak_symbols.o: tcpd.h
107 workarounds.o: cflags
108 workarounds.o: tcpd.h
109 diff -ruN tcp_wrappers_7.6.orig/tcpd.h tcp_wrappers_7.6/tcpd.h
110 --- tcp_wrappers_7.6.orig/tcpd.h 2004-05-02 15:37:59.000000000 +0200
111 +++ tcp_wrappers_7.6/tcpd.h 2004-05-02 15:37:49.000000000 +0200
113 * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
116 +#ifndef _TCPWRAPPERS_TCPD_H
117 +#define _TCPWRAPPERS_TCPD_H
119 +/* Need definitions of struct sockaddr_in and FILE. */
120 +#include <netinet/in.h>
125 /* Structure to describe one communications endpoint. */
127 #define STRING_LENGTH 128 /* hosts, users, processes */
129 char pid[10]; /* access via eval_pid(request) */
130 struct host_info client[1]; /* client endpoint info */
131 struct host_info server[1]; /* server endpoint info */
132 - void (*sink) (); /* datagram sink function or 0 */
133 - void (*hostname) (); /* address to printable hostname */
134 - void (*hostaddr) (); /* address to printable address */
135 - void (*cleanup) (); /* cleanup function or 0 */
136 + void (*sink) (int); /* datagram sink function or 0 */
137 + void (*hostname) (struct host_info *); /* address to printable hostname */
138 + void (*hostaddr) (struct host_info *); /* address to printable address */
139 + void (*cleanup) (struct request_info *); /* cleanup function or 0 */
140 struct netconfig *config; /* netdir handle */
144 #define fromhost sock_host /* no TLI support needed */
147 -extern int hosts_access(); /* access control */
148 -extern void shell_cmd(); /* execute shell command */
149 -extern char *percent_x(); /* do %<char> expansion */
150 -extern void rfc931(); /* client name from RFC 931 daemon */
151 -extern void clean_exit(); /* clean up and exit */
152 -extern void refuse(); /* clean up and exit */
153 -extern char *xgets(); /* fgets() on steroids */
154 -extern char *split_at(); /* strchr() and split */
155 -extern unsigned long dot_quad_addr(); /* restricted inet_addr() */
156 +extern int hosts_access(struct request_info *request); /* access control */
157 +extern void shell_cmd(char *); /* execute shell command */
158 +extern char *percent_x(char *, int, char *, struct request_info *);
159 + /* do %<char> expansion */
160 +extern void rfc931(struct sockaddr *, struct sockaddr *, char *);
161 + /* client name from RFC 931 daemon */
162 +extern void clean_exit(struct request_info *); /* clean up and exit */
163 +extern void refuse(struct request_info *); /* clean up and exit */
164 +extern char *xgets(char *, int, FILE *); /* fgets() on steroids */
165 +extern char *split_at(char *, int); /* strchr() and split */
166 +extern unsigned long dot_quad_addr(char *); /* restricted inet_addr() */
168 /* Global variables. */
170 +#ifdef HAVE_WEAKSYMS
171 +extern int allow_severity __attribute__ ((weak)); /* for connection logging */
172 +extern int deny_severity __attribute__ ((weak)); /* for connection logging */
174 extern int allow_severity; /* for connection logging */
175 extern int deny_severity; /* for connection logging */
177 extern char *hosts_allow_table; /* for verification mode redirection */
178 extern char *hosts_deny_table; /* for verification mode redirection */
179 extern int hosts_access_verbose; /* for verbose matching mode */
182 extern struct request_info *request_init(struct request_info *,...);
183 extern struct request_info *request_set(struct request_info *,...);
184 +extern int hosts_ctl(char *daemon, char *client_name, char *client_addr,
185 + char *client_user);
187 extern struct request_info *request_init(); /* initialize request */
188 extern struct request_info *request_set(); /* update request structure */
189 @@ -121,20 +139,23 @@
190 * host_info structures serve as caches for the lookup results.
193 -extern char *eval_user(); /* client user */
194 -extern char *eval_hostname(); /* printable hostname */
195 -extern char *eval_hostaddr(); /* printable host address */
196 -extern char *eval_hostinfo(); /* host name or address */
197 -extern char *eval_client(); /* whatever is available */
198 -extern char *eval_server(); /* whatever is available */
199 +extern char *eval_user(struct request_info *); /* client user */
200 +extern char *eval_hostname(struct host_info *); /* printable hostname */
201 +extern char *eval_hostaddr(struct host_info *); /* printable host address */
202 +extern char *eval_hostinfo(struct host_info *); /* host name or address */
203 +extern char *eval_client(struct request_info *);/* whatever is available */
204 +extern char *eval_server(struct request_info *);/* whatever is available */
205 #define eval_daemon(r) ((r)->daemon) /* daemon process name */
206 #define eval_pid(r) ((r)->pid) /* process id */
208 /* Socket-specific methods, including DNS hostname lookups. */
210 -extern void sock_host(); /* look up endpoint addresses */
211 -extern void sock_hostname(); /* translate address to hostname */
212 -extern void sock_hostaddr(); /* address to printable address */
213 +/* look up endpoint addresses */
214 +extern void sock_host(struct request_info *);
215 +/* translate address to hostname */
216 +extern void sock_hostname(struct host_info *);
217 +/* address to printable address */
218 +extern void sock_hostaddr(struct host_info *);
219 #define sock_methods(r) \
220 { (r)->hostname = sock_hostname; (r)->hostaddr = sock_hostaddr; }
226 -extern void process_options(); /* execute options */
227 +extern void process_options(char *, struct request_info *);/* execute options */
228 extern int dry_run; /* verification flag */
230 /* Bug workarounds. */
232 #define strtok my_strtok
233 extern char *my_strtok();
239 diff -ruN tcp_wrappers_7.6.orig/weak_symbols.c tcp_wrappers_7.6/weak_symbols.c
240 --- tcp_wrappers_7.6.orig/weak_symbols.c 1970-01-01 01:00:00.000000000 +0100
241 +++ tcp_wrappers_7.6/weak_symbols.c 2004-05-02 15:31:09.000000000 +0200
244 + * @(#) weak_symbols.h 1.5 99/12/29 23:50
246 + * Author: Anthony Towns <ajt@debian.org>
249 +#ifdef HAVE_WEAKSYMS
251 +int deny_severity = LOG_WARNING;
252 +int allow_severity = SEVERITY;