1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
* Fri May 6 2005 Thomas Woerner <twoerner@redhat.com> 7.6-39
- fixed sig patch (#141110). Thanks to Nikita Shulga for the patch
* Mon Feb 10 2003 Harald Hoyer <harald@redhat.de> 7.6-29
- added security patch tcp_wrappers-7.6-sig.patch
diff -ruNp tcp_wrappers_7.6.orig/hosts_access.c tcp_wrappers_7.6/hosts_access.c
--- tcp_wrappers_7.6.orig/hosts_access.c 2006-03-01 22:14:14.000000000 +0100
+++ tcp_wrappers_7.6/hosts_access.c 2006-03-01 22:14:11.000000000 +0100
@@ -66,6 +66,7 @@ static char sep[] = ", \t\r\n";
#define YES 1
#define NO 0
+#define ERR -1
/*
* These variables are globally visible so that they can be redirected in
@@ -130,11 +131,11 @@ struct request_info *request;
verdict = setjmp(tcpd_buf);
if (verdict != 0)
return (verdict == AC_PERMIT);
- if (table_match(hosts_allow_table, request))
+ if (table_match(hosts_allow_table, request) == YES)
return (YES);
- if (table_match(hosts_deny_table, request))
- return (NO);
- return (YES);
+ if (table_match(hosts_deny_table, request) == NO)
+ return (YES);
+ return (NO);
}
/* table_match - match table entries with (daemon, client) pair */
@@ -178,8 +179,9 @@ struct request_info *request;
(void) fclose(fp);
} else if (errno != ENOENT) {
tcpd_warn("cannot open %s: %m", table);
+ match = ERR;
}
- if (match) {
+ if (match == YES) {
if (hosts_access_verbose > 1)
syslog(LOG_DEBUG, "matched: %s line %d",
tcpd_context.file, tcpd_context.line);
|
