[packages/tcp_wrappers.git] / tcp_wrappers-bug17795.patch

diff -Nru tcp_wrappers_7.6/hosts_access.5 tcp_wrappers_7.6.new/hosts_access.5
--- tcp_wrappers_7.6/hosts_access.5	Thu Feb  8 07:42:23 2001
+++ tcp_wrappers_7.6.new/hosts_access.5	Thu Feb  8 07:44:42 2001
@@ -96,6 +96,12 @@
 address. For example, the [net]/prefixlen pattern
 `[3ffe:505:2:1::]/64\' matches every address in the range
 `3ffe:505:2:1::\' through `3ffe:505:2:1:ffff:ffff:ffff:ffff\'.
+A string that begins with a `/\' character is treated as a file
+name. A host name or address is matched if it matches any host name
+or address pattern listed in the named file. The file format is
+zero or more lines with zero or more host name or address patterns
+separated by whitespace.  A file name pattern can be used anywhere
+a host name or address pattern can be used.
 .SH WILDCARDS
 The access control language supports explicit wildcards:
 .IP ALL
diff -Nru tcp_wrappers_7.6/hosts_access.c tcp_wrappers_7.6.new/hosts_access.c
--- tcp_wrappers_7.6/hosts_access.c	Thu Feb  8 07:42:23 2001
+++ tcp_wrappers_7.6.new/hosts_access.c	Thu Feb  8 07:41:30 2001
@@ -253,6 +253,26 @@
     }
 }
 
+/* hostfile_match - look up host patterns from file */
+
+static int hostfile_match(path, host)
+char   *path;
+struct hosts_info *host;
+{
+    char    tok[BUFSIZ];
+    int     match = NO;
+    FILE   *fp;
+
+    if ((fp = fopen(path, "r")) != 0) {
+	while (fscanf(fp, "%s", tok) == 1 && !(match = host_match(tok, host)))
+	     /* void */ ;
+	fclose(fp);
+    } else if (errno != ENOENT) {
+	tcpd_warn("open %s: %m", path);
+    }
+    return (match);
+}
+
 /* host_match - match host name and/or address against pattern */
 
 static int host_match(tok, host)
@@ -280,6 +300,8 @@
 	tcpd_warn("netgroup support is disabled");	/* not tcpd_jump() */
 	return (NO);
 #endif
+    } else if (tok[0] == '/') {			/* /file hack */
+	return (hostfile_match(tok, host));
     } else if (STR_EQ(tok, "KNOWN")) {		/* check address and name */
 	char   *name = eval_hostname(host);
 	return (STR_NE(eval_hostaddr(host), unknown) && HOSTNAME_KNOWN(name));
Commit	Line	Data
7bafbb87	1	diff -Nru tcp_wrappers_7.6/hosts_access.5 tcp_wrappers_7.6.new/hosts_access.5
	2	--- tcp_wrappers_7.6/hosts_access.5 Thu Feb 8 07:42:23 2001
	3	+++ tcp_wrappers_7.6.new/hosts_access.5 Thu Feb 8 07:44:42 2001
	4	@@ -96,6 +96,12 @@
	5	address. For example, the [net]/prefixlen pattern
	6	`[3ffe:505:2:1::]/64\' matches every address in the range
	7	`3ffe:505:2:1::\' through `3ffe:505:2:1:ffff:ffff:ffff:ffff\'.
	8	+A string that begins with a `/\' character is treated as a file
	9	+name. A host name or address is matched if it matches any host name
	10	+or address pattern listed in the named file. The file format is
	11	+zero or more lines with zero or more host name or address patterns
	12	+separated by whitespace. A file name pattern can be used anywhere
	13	+a host name or address pattern can be used.
	14	.SH WILDCARDS
	15	The access control language supports explicit wildcards:
	16	.IP ALL
	17	diff -Nru tcp_wrappers_7.6/hosts_access.c tcp_wrappers_7.6.new/hosts_access.c
	18	--- tcp_wrappers_7.6/hosts_access.c Thu Feb 8 07:42:23 2001
	19	+++ tcp_wrappers_7.6.new/hosts_access.c Thu Feb 8 07:41:30 2001
	20	@@ -253,6 +253,26 @@
	21	}
	22	}
	23
	24	+/* hostfile_match - look up host patterns from file */
	25	+
	26	+static int hostfile_match(path, host)
	27	+char *path;
	28	+struct hosts_info *host;
	29	+{
	30	+ char tok[BUFSIZ];
	31	+ int match = NO;
	32	+ FILE *fp;
	33	+
	34	+ if ((fp = fopen(path, "r")) != 0) {
	35	+ while (fscanf(fp, "%s", tok) == 1 && !(match = host_match(tok, host)))
	36	+ /* void */ ;
	37	+ fclose(fp);
	38	+ } else if (errno != ENOENT) {
	39	+ tcpd_warn("open %s: %m", path);
	40	+ }
	41	+ return (match);
	42	+}
	43	+
	44	/* host_match - match host name and/or address against pattern */
	45
	46	static int host_match(tok, host)
	47	@@ -280,6 +300,8 @@
	48	tcpd_warn("netgroup support is disabled"); /* not tcpd_jump() */
	49	return (NO);
	50	#endif
	51	+ } else if (tok[0] == '/') { /* /file hack */
	52	+ return (hostfile_match(tok, host));
	53	} else if (STR_EQ(tok, "KNOWN")) { /* check address and name */
	54	char *name = eval_hostname(host);
	55	return (STR_NE(eval_hostaddr(host), unknown) && HOSTNAME_KNOWN(name));