1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
--- tcp_wrappers_7.6.orig/tcpdchk.c 1997-02-12 02:13:25.000000000 +0100
+++ tcp_wrappers_7.6/tcpdchk.c 2009-06-05 18:45:03.000000000 +0200
@@ -350,6 +350,8 @@ char *pat;
{
if (pat[0] == '@') {
tcpd_warn("%s: daemon name begins with \"@\"", pat);
+ } else if (pat[0] == '/') {
+ tcpd_warn("%s: daemon name begins with \"/\"", pat);
} else if (pat[0] == '.') {
tcpd_warn("%s: daemon name begins with dot", pat);
} else if (pat[strlen(pat) - 1] == '.') {
@@ -382,6 +384,8 @@ char *pat;
{
if (pat[0] == '@') { /* @netgroup */
tcpd_warn("%s: user name begins with \"@\"", pat);
+ } else if (pat[0] == '/') {
+ tcpd_warn("%s: user name begins with \"/\"", pat);
} else if (pat[0] == '.') {
tcpd_warn("%s: user name begins with dot", pat);
} else if (pat[strlen(pat) - 1] == '.') {
@@ -402,8 +406,13 @@ char *pat;
static int check_host(pat)
char *pat;
{
+ char buf[BUFSIZ];
char *mask;
int addr_count = 1;
+ FILE *fp;
+ struct tcpd_context saved_context;
+ char *cp;
+ char *wsp = " \t\r\n";
if (pat[0] == '@') { /* @netgroup */
#ifdef NO_NETGRENT
@@ -422,6 +431,21 @@ char *pat;
tcpd_warn("netgroup support disabled");
#endif
#endif
+ } else if (pat[0] == '/') { /* /path/name */
+ if ((fp = fopen(pat, "r")) != 0) {
+ saved_context = tcpd_context;
+ tcpd_context.file = pat;
+ tcpd_context.line = 0;
+ while (fgets(buf, sizeof(buf), fp)) {
+ tcpd_context.line++;
+ for (cp = strtok(buf, wsp); cp; cp = strtok((char *) 0, wsp))
+ check_host(cp);
+ }
+ tcpd_context = saved_context;
+ fclose(fp);
+ } else if (errno != ENOENT) {
+ tcpd_warn("open %s: %m", pat);
+ }
} else if (mask = split_at(pat, '/')) { /* network/netmask */
if (dot_quad_addr(pat) == INADDR_NONE
|| dot_quad_addr(mask) == INADDR_NONE)
|