Changeset 26899
- Timestamp:
- 2011-05-15T11:37:20+02:00 (7 years ago)
- Location:
- packages/libs/tcp_wrappers/patches
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
packages/libs/tcp_wrappers/patches/001-debian_subset.patch
r15247 r26899 1 --- tcp-wrappers-7.6.orig/hosts_access.c2 +++ tcp-wrappers-7.6/hosts_access.c3 @@ -240,6 +240,26 @@ 1 --- a/hosts_access.c 2 +++ b/hosts_access.c 3 @@ -240,6 +240,26 @@ struct request_info *request; 4 4 } 5 5 } … … 28 28 29 29 static int host_match(tok, host) 30 @@ -267,6 +287,8 @@ 30 @@ -267,6 +287,8 @@ struct host_info *host; 31 31 tcpd_warn("netgroup support is disabled"); /* not tcpd_jump() */ 32 32 return (NO); … … 37 37 char *name = eval_hostname(host); 38 38 return (STR_NE(eval_hostaddr(host), unknown) && HOSTNAME_KNOWN(name)); 39 --- tcp-wrappers-7.6.orig/tcpd.h40 +++ tcp-wrappers-7.6/tcpd.h39 --- a/tcpd.h 40 +++ b/tcpd.h 41 41 @@ -4,6 +4,25 @@ 42 42 * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. … … 65 65 66 66 #define STRING_LENGTH 128 /* hosts, users, processes */ 67 @@ -25,10 +44,10 @@ 67 @@ -25,10 +44,10 @@ struct request_info { 68 68 char pid[10]; /* access via eval_pid(request) */ 69 69 struct host_info client[1]; /* client endpoint info */ … … 80 80 }; 81 81 82 @@ -61,25 +80,30 @@ 82 @@ -61,25 +80,30 @@ extern char paranoid[]; 83 83 /* Global functions. */ 84 84 … … 121 121 extern char *hosts_deny_table; /* for verification mode redirection */ 122 122 extern int hosts_access_verbose; /* for verbose matching mode */ 123 @@ -92,9 +116,14 @@ 123 @@ -92,9 +116,14 @@ extern int resident; /* > 0 if residen 124 124 */ 125 125 … … 136 136 extern struct request_info *request_set(); /* update request structure */ 137 137 #endif 138 @@ -117,27 +146,31 @@ 138 @@ -117,27 +146,31 @@ extern struct request_info *request_set( 139 139 * host_info structures serve as caches for the lookup results. 140 140 */ … … 178 178 179 179 /* 180 @@ -178,7 +211,7 @@ 180 @@ -178,7 +211,7 @@ extern struct tcpd_context tcpd_context; 181 181 * behavior. 182 182 */ … … 187 187 188 188 /* Bug workarounds. */ 189 @@ -217,3 +250,7 @@ 189 @@ -217,3 +250,7 @@ extern char *fix_strtok(); 190 190 #define strtok my_strtok 191 191 extern char *my_strtok(); … … 195 195 + 196 196 +#endif /* tcpd.h */ 197 --- tcp-wrappers-7.6.orig/Makefile198 +++ tcp-wrappers-7.6/Makefile197 --- a/Makefile 198 +++ b/Makefile 199 199 @@ -1,5 +1,10 @@ 200 200 +GLIBC=$(shell grep -s -c __GLIBC__ /usr/include/features.h) … … 208 208 @echo 209 209 @echo "Usage: edit the REAL_DAEMON_DIR definition in the Makefile then:" 210 @@ -19,7 +24,7 @@ 210 @@ -19,7 +24,7 @@ what: 211 211 @echo " generic (most bsd-ish systems with sys5 compatibility)" 212 212 @echo " 386bsd aix alpha apollo bsdos convex-ultranet dell-gcc dgux dgux543" … … 217 217 @echo " sunos40 sunos5 sysv4 tandem ultrix unicos7 unicos8 unixware1 unixware2" 218 218 @echo " uts215 uxp" 219 @@ -43,8 +48,8 @@ 219 @@ -43,8 +48,8 @@ what: 220 220 # Ultrix 4.x SunOS 4.x ConvexOS 10.x Dynix/ptx 221 221 #REAL_DAEMON_DIR=/usr/etc … … 228 228 # BSD 4.4 229 229 #REAL_DAEMON_DIR=/usr/libexec 230 @@ -141,10 +146,21 @@ 230 @@ -141,10 +146,21 @@ freebsd: 231 231 LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ= NETGROUP= TLI= \ 232 232 EXTRA_CFLAGS=-DSYS_ERRLIST_DEFINED VSYSLOG= all … … 252 252 # This is good for many SYSV+BSD hybrids with NIS, probably also for HP-UX 7.x. 253 253 hpux hpux8 hpux9 hpux10: 254 @@ -391,7 +407,7 @@ 254 @@ -391,7 +407,7 @@ AR = ar 255 255 # the ones provided with this source distribution. The environ.c module 256 256 # implements setenv(), getenv(), and putenv(). … … 261 261 #AUX_OBJ= environ.o strcasecmp.o 262 262 263 @@ -454,7 +470,8 @@ 263 @@ -454,7 +470,8 @@ AUX_OBJ= setenv.o 264 264 # host name aliases. Compile with -DSOLARIS_24_GETHOSTBYNAME_BUG to work 265 265 # around this. The workaround does no harm on other Solaris versions. … … 271 271 #BUGS = -DGETPEERNAME_BUG -DBROKEN_FGETS -DSOLARIS_24_GETHOSTBYNAME_BUG 272 272 273 @@ -464,7 +481,7 @@ 273 @@ -464,7 +481,7 @@ BUGS = -DGETPEERNAME_BUG -DBROKEN_FGETS 274 274 # If your system supports NIS or YP-style netgroups, enable the following 275 275 # macro definition. Netgroups are used only for host access control. … … 280 280 ############################################################### 281 281 # System dependencies: whether or not your system has vsyslog() 282 @@ -491,7 +508,7 @@ 282 @@ -491,7 +508,7 @@ VSYSLOG = -Dvsyslog=myvsyslog 283 283 # Uncomment the next definition to turn on the language extensions 284 284 # (examples: allow, deny, banners, twist and spawn). … … 289 289 ################################################################ 290 290 # Optional: Changing the default disposition of logfile records 291 @@ -514,7 +531,7 @@ 291 @@ -514,7 +531,7 @@ VSYSLOG = -Dvsyslog=myvsyslog 292 292 # 293 293 # The LOG_XXX names below are taken from the /usr/include/syslog.h file. … … 298 298 # The syslog priority at which successful connections are logged. 299 299 300 @@ -610,7 +627,7 @@ 300 @@ -610,7 +627,7 @@ TABLES = -DHOSTS_DENY=\"/etc/hosts.deny\ 301 301 # Paranoid mode implies hostname lookup. In order to disable hostname 302 302 # lookups altogether, see the next section. … … 307 307 ######################################## 308 308 # Optional: turning off hostname lookups 309 @@ -623,7 +640,7 @@ 309 @@ -623,7 +640,7 @@ PARANOID= -DPARANOID 310 310 # In order to perform selective hostname lookups, disable paranoid 311 311 # mode (see previous section) and comment out the following definition. … … 316 316 ############################################# 317 317 # Optional: Turning on host ADDRESS checking 318 @@ -649,28 +666,46 @@ 318 @@ -649,28 +666,46 @@ HOSTNAME= -DALWAYS_HOSTNAME 319 319 # source-routed traffic in the kernel. Examples: 4.4BSD derivatives, 320 320 # Solaris 2.x, and Linux. See your system documentation for details. … … 366 366 367 367 KIT = README miscd.c tcpd.c fromhost.c hosts_access.c shell_cmd.c \ 368 @@ -684,46 +719,78 @@ 368 @@ -684,46 +719,78 @@ KIT = README miscd.c tcpd.c fromhost.c h 369 369 refuse.c tcpdchk.8 setenv.c inetcf.c inetcf.h scaffold.c \ 370 370 scaffold.h tcpdmatch.8 README.NIS … … 464 464 shar: $(KIT) 465 465 @shar $(KIT) 466 @@ -739,7 +806,8 @@ 466 @@ -739,7 +806,8 @@ archive: 467 467 468 468 clean: … … 474 474 tidy: clean 475 475 chmod -R a+r . 476 @@ -885,5 +953,6 @@ 476 @@ -885,5 +953,6 @@ update.o: cflags 477 477 update.o: mystdarg.h 478 478 update.o: tcpd.h … … 481 481 workarounds.o: cflags 482 482 workarounds.o: tcpd.h 483 --- tcp-wrappers-7.6.orig/hosts_access.5484 +++ tcp-wrappers-7.6/hosts_access.5485 @@ -8,9 +8,9 @@ 483 --- a/hosts_access.5 484 +++ b/hosts_access.5 485 @@ -8,9 +8,9 @@ name, host name/address) patterns. Exam 486 486 impatient reader is encouraged to skip to the EXAMPLES section for a 487 487 quick introduction. … … 496 496 In the following text, \fIdaemon\fR is the the process name of a 497 497 network daemon process, and \fIclient\fR is the name and/or address of 498 @@ -40,7 +40,7 @@ 498 @@ -40,7 +40,7 @@ A newline character is ignored when it i 499 499 character. This permits you to break up long lines so that they are 500 500 easier to edit. … … 505 505 are easier to read. 506 506 .IP \(bu 507 @@ -69,26 +69,33 @@ 507 @@ -69,26 +69,33 @@ checks are case insensitive. 508 508 .SH PATTERNS 509 509 The access control language implements the following patterns: … … 550 550 The access control language supports explicit wildcards: 551 551 .IP ALL 552 @@ -115,19 +122,19 @@ 552 @@ -115,19 +122,19 @@ without -DPARANOID when you want more co 553 553 .ne 6 554 554 .SH OPERATORS … … 574 574 completed. 575 575 .PP 576 @@ -159,7 +166,7 @@ 576 @@ -159,7 +166,7 @@ depending on how much information is ava 577 577 .IP %u 578 578 The client user name (or "unknown"). … … 583 583 Characters in % expansions that may confuse the shell are replaced by 584 584 underscores. 585 @@ -243,9 +250,9 @@ 585 @@ -243,9 +250,9 @@ A positive IDENT lookup result (the clie 586 586 less trustworthy. It is possible for an intruder to spoof both the 587 587 client connection and the IDENT lookup, although doing so is much … … 595 595 The language is flexible enough that different types of access control 596 596 policy can be expressed with a minimum of fuss. Although the language 597 @@ -285,7 +292,7 @@ 597 @@ -285,7 +292,7 @@ ALL: LOCAL @some_netgroup 598 598 .br 599 599 ALL: .foobar.edu EXCEPT terminalserver.foobar.edu … … 604 604 netgroup. The second rule permits access from all hosts in the 605 605 \fIfoobar.edu\fP domain (notice the leading dot), with the exception of 606 @@ -322,8 +329,8 @@ 606 @@ -322,8 +329,8 @@ in.tftpd: LOCAL, .my.domain 607 607 /etc/hosts.deny: 608 608 .in +3 … … 615 615 .PP 616 616 The safe_finger command comes with the tcpd wrapper and should be 617 @@ -349,7 +356,7 @@ 617 @@ -349,7 +356,7 @@ control rule; when the length of an acce 618 618 capacity of an internal buffer; when an access control rule is not 619 619 terminated by a newline character; when the result of %<letter> … … 624 624 .na 625 625 .nf 626 --- tcp-wrappers-7.6.orig/rfc931.c627 +++ tcp-wrappers-7.6/rfc931.c628 @@ -33,7 +33,7 @@ 626 --- a/rfc931.c 627 +++ b/rfc931.c 628 @@ -33,7 +33,7 @@ static char sccsid[] = "@(#) rfc931.c 1. 629 629 630 630 int rfc931_timeout = RFC931_TIMEOUT;/* Global so it can be changed */ … … 635 635 /* fsocket - open stdio stream on top of socket */ 636 636 637 @@ -62,7 +62,7 @@ 637 @@ -62,7 +62,7 @@ int protocol; 638 638 static void timeout(sig) 639 639 int sig; … … 644 644 645 645 /* rfc931 - return remote user name, given socket structures */ 646 @@ -99,7 +99,7 @@ 646 @@ -99,7 +99,7 @@ char *dest; 647 647 * Set up a timer so we won't get stuck while waiting for the server. 648 648 */ … … 653 653 alarm(rfc931_timeout); 654 654 655 --- tcp-wrappers-7.6.orig/tcpd.8656 +++ tcp-wrappers-7.6/tcpd.8657 @@ -94,7 +94,7 @@ 655 --- a/tcpd.8 656 +++ b/tcpd.8 657 @@ -94,7 +94,7 @@ configuration files. 658 658 .PP 659 659 The example assumes that the network daemons live in /usr/etc. On some … … 664 664 This example applies when \fItcpd\fR expects that the network daemons 665 665 are left in their original place. 666 @@ -110,26 +110,26 @@ 666 @@ -110,26 +110,26 @@ finger stream tcp nowait nobody /us 667 667 becomes: 668 668 .sp … … 696 696 .fi 697 697 .PP 698 --- tcp-wrappers-7.6.orig/hosts_access.3699 +++ tcp-wrappers-7.6/hosts_access.3698 --- a/hosts_access.3 699 +++ b/hosts_access.3 700 700 @@ -3,7 +3,7 @@ 701 701 hosts_access, hosts_ctl, request_init, request_set \- access control library … … 707 707 extern int allow_severity; 708 708 extern int deny_severity; 709 --- tcp-wrappers-7.6.orig/options.c710 +++ tcp-wrappers-7.6/options.c711 @@ -473,6 +473,9 @@ 709 --- a/options.c 710 +++ b/options.c 711 @@ -473,6 +473,9 @@ static struct syslog_names log_fac[] = { 712 712 #ifdef LOG_CRON 713 713 "cron", LOG_CRON, … … 719 719 "local0", LOG_LOCAL0, 720 720 #endif 721 --- tcp-wrappers-7.6.orig/fix_options.c722 +++ tcp-wrappers-7.6/fix_options.c723 @@ -35,7 +35,12 @@ 721 --- a/fix_options.c 722 +++ b/fix_options.c 723 @@ -35,7 +35,12 @@ struct request_info *request; 724 724 #ifdef IP_OPTIONS 725 725 unsigned char optbuf[BUFFER_SIZE / 3], *cp; … … 734 734 int fd = request->fd; 735 735 unsigned int opt; 736 --- tcp-wrappers-7.6.orig/workarounds.c737 +++ tcp-wrappers-7.6/workarounds.c738 @@ -163,7 +163,11 @@ 736 --- a/workarounds.c 737 +++ b/workarounds.c 738 @@ -163,7 +163,11 @@ int *fromlen; 739 739 int fix_getpeername(sock, sa, len) 740 740 int sock; … … 748 748 int ret; 749 749 struct sockaddr_in *sin = (struct sockaddr_in *) sa; 750 --- tcp-wrappers-7.6.orig/socket.c751 +++ tcp-wrappers-7.6/socket.c752 @@ -76,7 +76,11 @@ 750 --- a/socket.c 751 +++ b/socket.c 752 @@ -76,7 +76,11 @@ struct request_info *request; 753 753 { 754 754 static struct sockaddr_in client; … … 762 762 int fd = request->fd; 763 763 764 @@ -224,7 +228,11 @@ 764 @@ -224,7 +228,11 @@ int fd; 765 765 { 766 766 char buf[BUFSIZ]; … … 774 774 /* 775 775 * Eat up the not-yet received datagram. Some systems insist on a 776 --- tcp-wrappers-7.6.orig/safe_finger.c777 +++ tcp-wrappers-7.6/safe_finger.c778 @@ -26,21 +26,24 @@ 776 --- a/safe_finger.c 777 +++ b/safe_finger.c 778 @@ -26,21 +26,24 @@ static char sccsid[] = "@(#) safe_finger 779 779 #include <stdio.h> 780 780 #include <ctype.h> … … 803 803 void cleanup(sig) 804 804 int sig; 805 --- tcp-wrappers-7.6.orig/hosts_options.5806 +++ tcp-wrappers-7.6/hosts_options.5807 @@ -58,12 +58,12 @@ 805 --- a/hosts_options.5 806 +++ b/hosts_options.5 807 @@ -58,12 +58,12 @@ Notice the leading dot on the domain nam 808 808 Execute, in a child process, the specified shell command, after 809 809 performing the %<letter> expansions described in the hosts_access(5) … … 820 820 .sp 821 821 executes, in a background child process, the shell command "safe_finger 822 --- tcp-wrappers-7.6.orig/tcpdchk.c823 +++ tcp-wrappers-7.6/tcpdchk.c824 @@ -350,6 +350,8 @@ 822 --- a/tcpdchk.c 823 +++ b/tcpdchk.c 824 @@ -350,6 +350,8 @@ char *pat; 825 825 { 826 826 if (pat[0] == '@') { … … 831 831 tcpd_warn("%s: daemon name begins with dot", pat); 832 832 } else if (pat[strlen(pat) - 1] == '.') { 833 @@ -382,6 +384,8 @@ 833 @@ -382,6 +384,8 @@ char *pat; 834 834 { 835 835 if (pat[0] == '@') { /* @netgroup */ … … 840 840 tcpd_warn("%s: user name begins with dot", pat); 841 841 } else if (pat[strlen(pat) - 1] == '.') { 842 @@ -402,8 +406,13 @@ 842 @@ -402,8 +406,13 @@ char *pat; 843 843 static int check_host(pat) 844 844 char *pat; … … 854 854 if (pat[0] == '@') { /* @netgroup */ 855 855 #ifdef NO_NETGRENT 856 @@ -422,6 +431,21 @@ 856 @@ -422,6 +431,21 @@ char *pat; 857 857 tcpd_warn("netgroup support disabled"); 858 858 #endif … … 876 876 if (dot_quad_addr(pat) == INADDR_NONE 877 877 || dot_quad_addr(mask) == INADDR_NONE) 878 --- tcp-wrappers-7.6.orig/percent_m.c879 +++ tcp-wrappers-7.6/percent_m.c880 @@ -13,7 +13,7 @@ 878 --- a/percent_m.c 879 +++ b/percent_m.c 880 @@ -13,7 +13,7 @@ static char sccsid[] = "@(#) percent_m.c 881 881 #include <string.h> 882 882 … … 887 887 extern int sys_nerr; 888 888 #endif 889 @@ -29,11 +29,15 @@ 889 @@ -29,11 +29,15 @@ char *ibuf; 890 890 891 891 while (*bp = *cp) … … 903 903 cp += 2; 904 904 } else { 905 --- tcp-wrappers-7.6.orig/scaffold.c906 +++ tcp-wrappers-7.6/scaffold.c907 @@ -180,10 +180,12 @@ 905 --- a/scaffold.c 906 +++ b/scaffold.c 907 @@ -180,10 +180,12 @@ struct request_info *request; 908 908 909 909 /* ARGSUSED */ … … 921 921 922 922 /* check_path - examine accessibility */ 923 --- tcp-wrappers-7.6.orig/weak_symbols.c924 +++ tcp-wrappers-7.6/weak_symbols.c923 --- /dev/null 924 +++ b/weak_symbols.c 925 925 @@ -0,0 +1,11 @@ 926 926 + /* -
packages/libs/tcp_wrappers/patches/002-opt_cflags.patch
r15247 r26899 1 --- tcp_wrappers_7.6/Makefile.orig 2005-05-21 18:11:32.000000000 +02002 +++ tcp_wrappers_7.6/Makefile 2005-05-21 18:14:28.000000000 +02003 @@ -689,7 +689,8 @@ 1 --- a/Makefile 2 +++ b/Makefile 3 @@ -689,7 +689,8 @@ SHLIBFLAGS = -Lshared -lwrap 4 4 shared/%.o: %.c 5 5 $(CC) $(CFLAGS) $(SHCFLAGS) -c $< -o $@ -
packages/libs/tcp_wrappers/patches/003-scaffold_malloc.patch
r16078 r26899 1 --- tcp_wrappers_7.6/scaffold.c.old 2009-05-25 13:41:07.000000000 +02002 +++ tcp_wrappers_7.6/scaffold.c 2009-05-25 13:42:22.000000000 +02003 @@ -20,13 +20,12 @@ 1 --- a/scaffold.c 2 +++ b/scaffold.c 3 @@ -20,13 +20,12 @@ static char sccs_id[] = "@(#) scaffold.c 4 4 #include <syslog.h> 5 5 #include <setjmp.h> -
packages/libs/tcp_wrappers/patches/004-ipv4_prefix.patch
r26898 r26899 1 --- tcp_wrappers_7.6/hosts_access.5.orig 2011-05-05 22:34:39.000000000 -06002 +++ tcp_wrappers_7.6/hosts_access.5 2011-05-05 22:39:43.000000000 -06001 --- a/hosts_access.5 2 +++ b/hosts_access.5 3 3 @@ -90,6 +90,9 @@ bitwise AND of the address and the `mask 4 4 pattern `131.155.72.0/255.255.254.0' matches every address in the … … 11 11 name. A host name or address is matched if it matches any host name 12 12 or address pattern listed in the named file. The file format is 13 --- tcp_wrappers_7.6/tcpd.h.orig 2011-05-05 22:34:39.000000000 -060014 +++ tcp_wrappers_7.6/tcpd.h 2011-05-05 22:40:14.000000000 -060013 --- a/tcpd.h 14 +++ b/tcpd.h 15 15 @@ -93,6 +93,7 @@ extern void refuse __P((struct request_i 16 16 extern char *xgets __P((char *, int, FILE *)); /* fgets() on steroids */ … … 21 21 /* Global variables. */ 22 22 23 --- tcp_wrappers_7.6/misc.c.orig 1996-02-11 09:01:30.000000000 -070024 +++ tcp_wrappers_7.6/misc.c 2011-05-05 22:41:49.000000000 -060025 @@ -14,6 +14,8 @@ static char sccsic[] = "@(#) misc.c 1.2 23 --- a/misc.c 24 +++ b/misc.c 25 @@ -14,6 +14,8 @@ static char sccsic[] = "@(#) misc.c 1.2 26 26 #include <arpa/inet.h> 27 27 #include <stdio.h> … … 55 55 +} 56 56 + 57 --- tcp_wrappers_7.6/hosts_access.c.orig 2011-05-05 22:34:39.000000000 -060058 +++ tcp_wrappers_7.6/hosts_access.c 2011-05-05 22:45:09.000000000 -060057 --- a/hosts_access.c 58 +++ b/hosts_access.c 59 59 @@ -345,7 +345,12 @@ char *string; 60 60 if ((addr = dot_quad_addr(string)) == INADDR_NONE)
Note: See TracChangeset
for help on using the changeset viewer.