[tcp_wrappers] updated to upstream ipv6 support
plautrba
plautrba at fedoraproject.org
Thu Jan 31 15:27:44 UTC 2013
commit cf076b1867b6310182b72007111dfb89612eedcf
Author: Viktor Hercinger <vhercing at redhat.com>
Date: Mon Jan 28 13:51:32 2013 +0100
updated to upstream ipv6 support
.gitignore | 1 +
sources | 2 +-
tcp_wrappers-7.6-196326.patch | 6 +-
tcp_wrappers-7.6-220015.patch | 4 +-
tcp_wrappers-7.6-altformat.patch | 37 +
tcp_wrappers-7.6-bug17847.patch | 21 +-
tcp_wrappers-7.6-bug698464.patch | 36 +-
tcp_wrappers-7.6-fixgethostbyname.patch | 29 +-
tcp_wrappers-7.6-restore_sigalarm.patch | 37 -
tcp_wrappers-7.6-shared.patch | 101 ++--
tcp_wrappers-7.6-strerror.patch | 28 -
tcp_wrappers-7.6-uchart_fix.patch | 21 +
tcp_wrappers-7.6-warnings.patch | 97 ++--
tcp_wrappers.spec | 19 +-
tcp_wrappers.ume-ipv6.patch | 45 --
tcp_wrappers.usagi-ipv6.patch | 1108 ++-----------------------------
tcp_wrappers_7.6-249430.patch | 6 +-
tcpw7.2-config.patch | 4 +-
tcpw7.2-setenv.patch | 2 +-
tcpw7.6-netgroup.patch | 4 +-
20 files changed, 268 insertions(+), 1340 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 59e6073..7aa1a93 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
tcp_wrappers_7.6.tar.gz
+tcp_wrappers_7.6-ipv6.4.tar.gz
diff --git a/sources b/sources
index 7c11142..f6a0180 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-e6fa25f71226d090f34de3f6b122fb5a tcp_wrappers_7.6.tar.gz
+ccbc2676977c31bbd43783abfbf2fdcf tcp_wrappers_7.6-ipv6.4.tar.gz
diff --git a/tcp_wrappers-7.6-196326.patch b/tcp_wrappers-7.6-196326.patch
index 78fdb9d..bd98250 100644
--- a/tcp_wrappers-7.6-196326.patch
+++ b/tcp_wrappers-7.6-196326.patch
@@ -1,7 +1,7 @@
diff -up tcp_wrappers_7.6/hosts_access.c.patch21 tcp_wrappers_7.6/hosts_access.c
--- tcp_wrappers_7.6/hosts_access.c.patch21 2008-08-29 09:45:12.000000000 +0200
+++ tcp_wrappers_7.6/hosts_access.c 2008-08-29 09:45:12.000000000 +0200
-@@ -346,6 +346,9 @@ char *string;
+@@ -391,6 +391,9 @@ char *string;
return (STR_NE(string, unknown));
} else if (tok[(n = strlen(tok)) - 1] == '.') { /* prefix */
return (STRN_EQ(tok, string, n));
@@ -9,5 +9,5 @@ diff -up tcp_wrappers_7.6/hosts_access.c.patch21 tcp_wrappers_7.6/hosts_access.c
+ && (STR_EQ(string, "localhost") || STR_EQ(string, "localhost.localdomain"))) {
+ return (YES); /* these localhosts are equivalent */
} else { /* exact match */
- #ifdef INET6
- struct addrinfo hints, *res;
+ return (STR_EQ(tok, string));
+ }
diff --git a/tcp_wrappers-7.6-220015.patch b/tcp_wrappers-7.6-220015.patch
index a0ff835..77f5d07 100644
--- a/tcp_wrappers-7.6-220015.patch
+++ b/tcp_wrappers-7.6-220015.patch
@@ -23,8 +23,8 @@ diff -up tcp_wrappers_7.6/hosts_ctl.c.patch17 tcp_wrappers_7.6/hosts_ctl.c
diff -up tcp_wrappers_7.6/socket.c.patch17 tcp_wrappers_7.6/socket.c
--- tcp_wrappers_7.6/socket.c.patch17 2008-08-29 09:45:12.000000000 +0200
+++ tcp_wrappers_7.6/socket.c 2008-08-29 09:45:12.000000000 +0200
-@@ -147,6 +147,51 @@ struct request_info *request;
- #endif
+@@ -130,6 +130,51 @@ struct request_info *request;
+ request->server->sin = &server;
}
+/* sock_hostnofd - look up endpoint addresses and install conversion methods */
diff --git a/tcp_wrappers-7.6-altformat.patch b/tcp_wrappers-7.6-altformat.patch
new file mode 100644
index 0000000..ccf668d
--- /dev/null
+++ b/tcp_wrappers-7.6-altformat.patch
@@ -0,0 +1,37 @@
+diff -up tcp_wrappers_7.6-ipv6.4/hosts_access.c.altformat tcp_wrappers_7.6-ipv6.4/hosts_access.c
+--- tcp_wrappers_7.6-ipv6.4/hosts_access.c.altformat 2013-01-28 13:22:09.986535601 +0100
++++ tcp_wrappers_7.6-ipv6.4/hosts_access.c 2013-01-28 13:42:12.142650817 +0100
+@@ -333,9 +333,9 @@ struct host_info *host;
+
+ /*
+ * A /nnn prefix specifies how many bits of the address we
+- * need to check.
++ * need to check.
+ */
+- if ((slash = strchr(tok, '/'))) {
++ if ((slash = strchr(tok, '/')) || (slash = strchr(cbr+1, '/'))) {
+ *slash = '\0';
+ mask = atoi(slash+1);
+ if (mask < 0 || mask > IPV6_ABITS) {
+@@ -349,6 +349,8 @@ struct host_info *host;
+ }
+ }
+
++ printf("IPv6 addr/mask: %s/%s\n", tok+1, slash+1);
++
+ if (cbr == NULL || inet_pton(AF_INET6, tok+1, &in6) != 1) {
+ tcpd_warn("bad IP6 address specification");
+ return (NO);
+diff -up tcp_wrappers_7.6-ipv6.4/tcpdchk.c.altformat tcp_wrappers_7.6-ipv6.4/tcpdchk.c
+--- tcp_wrappers_7.6-ipv6.4/tcpdchk.c.altformat 2013-01-28 13:44:44.786549981 +0100
++++ tcp_wrappers_7.6-ipv6.4/tcpdchk.c 2013-01-28 13:44:58.419629764 +0100
+@@ -434,6 +434,9 @@ char *pat;
+ int err = 0;
+ int mask = IPV6_ABITS;
+
++ if (!slash)
++ slash = strchr(cbr+1, '/');
++
+ if (slash != NULL) {
+ *slash = '\0';
+ mask = atoi(slash + 1);
diff --git a/tcp_wrappers-7.6-bug17847.patch b/tcp_wrappers-7.6-bug17847.patch
index b153282..eede2e7 100644
--- a/tcp_wrappers-7.6-bug17847.patch
+++ b/tcp_wrappers-7.6-bug17847.patch
@@ -1,6 +1,5 @@
-diff -up tcp_wrappers_7.6/hosts_access.5.patch6 tcp_wrappers_7.6/hosts_access.5
---- tcp_wrappers_7.6/hosts_access.5.patch6 2008-08-29 09:45:12.000000000 +0200
-+++ tcp_wrappers_7.6/hosts_access.5 2008-08-29 09:45:12.000000000 +0200
+--- tcp_wrappers_7.6/hosts_access.5.patch6 2013-01-23 11:10:00.545081410 +0100
++++ tcp_wrappers_7.6/hosts_access.5 2013-01-23 11:10:00.549081436 +0100
@@ -96,6 +96,10 @@ or address pattern listed in the named f
zero or more lines with zero or more host name or address patterns
separated by whitespace. A file name pattern can be used anywhere
@@ -12,10 +11,9 @@ diff -up tcp_wrappers_7.6/hosts_access.5.patch6 tcp_wrappers_7.6/hosts_access.5
.SH WILDCARDS
The access control language supports explicit wildcards:
.IP ALL
-diff -up tcp_wrappers_7.6/hosts_access.c.patch6 tcp_wrappers_7.6/hosts_access.c
---- tcp_wrappers_7.6/hosts_access.c.patch6 2008-08-29 09:45:12.000000000 +0200
-+++ tcp_wrappers_7.6/hosts_access.c 2008-08-29 09:45:12.000000000 +0200
-@@ -311,6 +311,11 @@ char *string;
+--- tcp_wrappers_7.6/hosts_access.c.patch6 2013-01-23 11:10:00.546081416 +0100
++++ tcp_wrappers_7.6/hosts_access.c 2013-01-23 11:12:28.519925230 +0100
+@@ -376,6 +376,11 @@ char *string;
{
int n;
@@ -27,11 +25,10 @@ diff -up tcp_wrappers_7.6/hosts_access.c.patch6 tcp_wrappers_7.6/hosts_access.c
if (tok[0] == '.') { /* suffix */
n = strlen(string) - strlen(tok);
return (n > 0 && STR_EQ(tok, string + n));
-@@ -351,3 +356,71 @@ char *string;
- }
+@@ -417,6 +422,74 @@ char *string;
return ((addr & mask) == net);
}
-+
+
+#ifndef DISABLE_WILDCARD_MATCHING
+/* Note: this feature has been adapted in a pretty straightforward way
+ from Tatu Ylonen's last SSH version under free license by
@@ -99,3 +96,7 @@ diff -up tcp_wrappers_7.6/hosts_access.c.patch6 tcp_wrappers_7.6/hosts_access.c
+ /*NOTREACHED*/
+}
+#endif /* DISABLE_WILDCARD_MATCHING */
++
+ #ifdef HAVE_IPV6
+ /*
+ * Function that zeros all but the first "maskbits" bits of the IPV6 address
diff --git a/tcp_wrappers-7.6-bug698464.patch b/tcp_wrappers-7.6-bug698464.patch
index 483a119..2b3bfb8 100644
--- a/tcp_wrappers-7.6-bug698464.patch
+++ b/tcp_wrappers-7.6-bug698464.patch
@@ -7,34 +7,33 @@
+An expression of the form `n.n.n.n/m\' is interpreted as a
+`net/prefixlen\' pair, as below, for IPv4 addresses.
+.IP \(bu
- An expression of the form `[n:n:n:n:n:n:n:n]/m\' is interpreted as a
- `[net]/prefixlen\' pair. An IPv6 host address is matched if
+ An expression of the form `[n:n:n:n:n:n:n:n/m]\' is interpreted as a
+ `[net/prefixlen]\' pair. An IPv6 host address is matched if
`prefixlen\' bits of `net\' is equal to the `prefixlen\' bits of the
--- tcp_wrappers_7.6/tcpd.h.orig 2011-04-20 16:10:25.000000000 -0600
+++ tcp_wrappers_7.6/tcpd.h 2011-04-20 16:11:56.000000000 -0600
-@@ -101,6 +101,7 @@ extern void refuse __P((struct request_i
- extern char *xgets __P((char *, int, FILE *)); /* fgets() on steroids */
- extern char *split_at __P((char *, int)); /* strchr() and split */
- extern unsigned long dot_quad_addr __P((char *)); /* restricted inet_addr() */
+@@ -164,6 +164,7 @@ extern void refuse __P((struct request_i
+ extern char *xgets __P((char *, int, FILE *)); /* fgets() on steroids */
+ extern char *split_at __P((char *, int)); /* strchr() and split */
+ extern unsigned long dot_quad_addr __P((char *)); /* restricted inet_addr() */
+extern unsigned long prefix_to_netmask __P((char *)); /* 0-32 prefix length */
-
- /* Global variables. */
-
+ extern int numeric_addr __P((char *, union gen_addr *, int *, int *)); /* IP4/IP6 inet_addr (restricted) */
+ extern struct hostent *tcpd_gethostbyname __P((char *, int));
+ /* IP4/IP6 gethostbyname */
--- tcp_wrappers_7.6/misc.c.orig 2011-04-20 16:10:25.000000000 -0600
+++ tcp_wrappers_7.6/misc.c 2011-04-20 16:13:39.000000000 -0600
-@@ -14,6 +14,8 @@
- #include <arpa/inet.h>
- #include <stdio.h>
+@@ -16,6 +16,7 @@ static char sccsic[] = "@(#) misc.c 1.2
#include <string.h>
-+#include <ctype.h>
+ #include <ctype.h>
+ #include <netdb.h>
+#include <stdlib.h>
#include "tcpd.h"
-@@ -107,3 +107,22 @@ char *str;
+@@ -214,3 +215,21 @@ char *str;
}
- return (runs == 4 ? inet_addr(str) : INADDR_NONE);
}
+ #endif /* HAVE_IPV6 */
+
+/* prefix_to_netmask - convert prefix (0-32) to netmask */
+
@@ -53,10 +52,9 @@
+
+ return htonl(~0UL << (32 - prefix));
+}
-+
--- tcp_wrappers_7.6/hosts_access.c.orig 2011-04-20 16:10:25.000000000 -0600
+++ tcp_wrappers_7.6/hosts_access.c 2011-04-20 16:21:07.000000000 -0600
-@@ -427,8 +427,11 @@ char *string;
+@@ -420,8 +420,11 @@ char *string;
return (NO);
if ((net = dot_quad_addr(net_tok)) == INADDR_NONE
|| ((mask = dot_quad_addr(mask_tok)) == INADDR_NONE
@@ -66,6 +64,6 @@
+ && strcmp(mask_tok, "32"))) {
/* 255.255.255.255 == INADDR_NONE, separate check needed. TJ. */
+ /* 32 == INADDR_NONE, separate check needed. philipp */
- #ifndef INET6
tcpd_warn("bad net/mask expression: %s/%s", net_tok, mask_tok);
- #endif
+ return (NO); /* not tcpd_jump() */
+ }
diff --git a/tcp_wrappers-7.6-fixgethostbyname.patch b/tcp_wrappers-7.6-fixgethostbyname.patch
index 5dd8178..efb4ebe 100644
--- a/tcp_wrappers-7.6-fixgethostbyname.patch
+++ b/tcp_wrappers-7.6-fixgethostbyname.patch
@@ -1,28 +1,27 @@
-diff -up tcp_wrappers_7.6/socket.c.patch7 tcp_wrappers_7.6/socket.c
---- tcp_wrappers_7.6/socket.c.patch7 1997-03-21 19:27:25.000000000 +0100
-+++ tcp_wrappers_7.6/socket.c 2008-08-29 09:45:12.000000000 +0200
-@@ -52,7 +52,8 @@ static struct hostent *gethostbyname_dot
- char *name;
+--- tcp_wrappers_7.6-ipv6.4/socket.c.patch7 1999-10-27 15:23:14.000000000 +0200
++++ tcp_wrappers_7.6-ipv6.4/socket.c 2013-01-23 11:41:48.776857327 +0100
+@@ -54,6 +54,8 @@ int af;
{
char dot_name[MAXHOSTNAMELEN + 1];
--
+
+ struct hostent *hp;
-+
++
/*
* Don't append dots to unqualified names. Such names are likely to come
* from local hosts files or from NIS.
-@@ -61,8 +62,12 @@ char *name;
+@@ -62,8 +64,13 @@ int af;
if (strchr(name, '.') == 0 || strlen(name) >= MAXHOSTNAMELEN - 1) {
- return (gethostbyname(name));
+ return (tcpd_gethostbyname(name, af));
} else {
- sprintf(dot_name, "%s.", name);
-- return (gethostbyname(dot_name));
+- return (tcpd_gethostbyname(dot_name, af));
+ sprintf(dot_name, "%s.", name);
-+ hp = gethostbyname(dot_name);
-+ if (hp)
-+ return hp;
-+ else
-+ return (gethostbyname(name));
++ hp = tcpd_gethostbyname(dot_name, af);
++ if (hp)
++ return hp;
++
++ else
++ return tcpd_gethostbyname(name, af);
}
}
diff --git a/tcp_wrappers-7.6-shared.patch b/tcp_wrappers-7.6-shared.patch
index 311f964..3971717 100644
--- a/tcp_wrappers-7.6-shared.patch
+++ b/tcp_wrappers-7.6-shared.patch
@@ -6,9 +6,9 @@ diff -up tcp_wrappers_7.6/Makefile.patch11 tcp_wrappers_7.6/Makefile
linux:
@make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
- LIBS="-lnsl" RANLIB=ranlib ARFLAGS=rv AUX_OBJ= \
-- NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER -DINET6=1 -Dss_family=__ss_family -Dss_len=__ss_len" all
+- NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DUSE_STRERROR -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER -Dss_family=__ss_family -Dss_len=__ss_len" all
+ LIBS="-lnsl" RANLIB=ranlib ARFLAGS=rv AUX_OBJ=weak_symbols.o \
-+ NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -fPIC -DPIC -D_REENTRANT -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER -DINET6=1 -Dss_family=__ss_family -Dss_len=__ss_len -DHAVE_WEAKSYMS" all
++ NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -fPIC -DPIC -D_REENTRANT -DUSE_STRERROR -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER -Dss_family=__ss_family -Dss_len=__ss_len -DHAVE_WEAKSYMS" all
linux-old:
@make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
@@ -52,30 +52,6 @@ diff -up tcp_wrappers_7.6/Makefile.patch11 tcp_wrappers_7.6/Makefile
+weak_symbols.o: tcpd.h
workarounds.o: cflags
workarounds.o: tcpd.h
-diff -up tcp_wrappers_7.6/scaffold.c.patch11 tcp_wrappers_7.6/scaffold.c
---- tcp_wrappers_7.6/scaffold.c.patch11 2008-08-29 09:45:12.000000000 +0200
-+++ tcp_wrappers_7.6/scaffold.c 2008-08-29 09:45:12.000000000 +0200
-@@ -237,10 +237,17 @@ struct request_info *request;
-
- /* ARGSUSED */
-
--void rfc931(request)
--struct request_info *request;
-+void rfc931(rmt_sin, our_sin, dest)
-+#ifndef INET6
-+struct sockaddr_in *rmt_sin;
-+struct sockaddr_in *our_sin;
-+#else
-+struct sockaddr *rmt_sin;
-+struct sockaddr *our_sin;
-+#endif
-+char *dest;
- {
-- strcpy(request->user, unknown);
-+ strcpy(dest, unknown);
- }
-
- /* check_path - examine accessibility */
diff -up tcp_wrappers_7.6/tcpd.h.patch11 tcp_wrappers_7.6/tcpd.h
--- tcp_wrappers_7.6/tcpd.h.patch11 2008-08-29 09:45:12.000000000 +0200
+++ tcp_wrappers_7.6/tcpd.h 2008-08-29 09:45:12.000000000 +0200
@@ -105,7 +81,7 @@ diff -up tcp_wrappers_7.6/tcpd.h.patch11 tcp_wrappers_7.6/tcpd.h
/* Structure to describe one communications endpoint. */
#define STRING_LENGTH 128 /* hosts, users, processes */
-@@ -29,10 +48,10 @@ struct request_info {
+@@ -92,10 +111,10 @@ struct request_info {
char pid[10]; /* access via eval_pid(request) */
struct host_info client[1]; /* client endpoint info */
struct host_info server[1]; /* server endpoint info */
@@ -120,12 +96,12 @@ diff -up tcp_wrappers_7.6/tcpd.h.patch11 tcp_wrappers_7.6/tcpd.h
struct netconfig *config; /* netdir handle */
};
-@@ -65,25 +84,34 @@ extern char paranoid[];
+@@ -132,33 +151,38 @@ extern char paranoid[];
/* Global functions. */
#if defined(TLI) || defined(PTX) || defined(TLI_SEQUENT)
-extern void fromhost(); /* get/validate client host info */
-+extern void fromhost __P((struct request_info *)); /* get/validate client host info */
++extern void fromhost __P((struct request_info *)); /* get/validate client host info */
#else
#define fromhost sock_host /* no TLI support needed */
#endif
@@ -139,18 +115,25 @@ diff -up tcp_wrappers_7.6/tcpd.h.patch11 tcp_wrappers_7.6/tcpd.h
-extern char *xgets(); /* fgets() on steroids */
-extern char *split_at(); /* strchr() and split */
-extern unsigned long dot_quad_addr(); /* restricted inet_addr() */
-+extern void shell_cmd __P((char *)); /* execute shell command */
-+extern char *percent_x __P((char *, int, char *, struct request_info *)); /* do %<char> expansion */
-+#ifdef INET6
-+extern void rfc931 __P((struct sockaddr *, struct sockaddr *, char *)); /* client name from RFC 931 daemon */
-+#else
-+extern void rfc931 __P((struct sockaddr_in *, struct sockaddr_in *, char *)); /* client name from RFC 931 daemon */
-+#endif
-+extern void clean_exit __P((struct request_info *)); /* clean up and exit */
-+extern void refuse __P((struct request_info *)); /* clean up and exit */
-+extern char *xgets __P((char *, int, FILE *)); /* fgets() on steroids */
-+extern char *split_at __P((char *, int)); /* strchr() and split */
-+extern unsigned long dot_quad_addr __P((char *)); /* restricted inet_addr() */
+-extern int numeric_addr(); /* IP4/IP6 inet_addr (restricted) */
+-extern struct hostent *tcpd_gethostbyname();
++extern void shell_cmd __P((char *)); /* execute shell command */
++extern char *percent_x __P((char *, int, char *, struct request_info *)); /* do %<char> expansion */
++extern void rfc931 __P((struct sockaddr_gen *, struct sockaddr_gen *, char *)); /* client name from RFC 931 daemon */
++extern void clean_exit __P((struct request_info *)); /* clean up and exit */
++extern void refuse __P((struct request_info *)); /* clean up and exit */
++extern char *xgets __P((char *, int, FILE *)); /* fgets() on steroids */
++extern char *split_at __P((char *, int)); /* strchr() and split */
++extern unsigned long dot_quad_addr __P((char *)); /* restricted inet_addr() */
++extern int numeric_addr __P((char *, union gen_addr *, int *, int *)); /* IP4/IP6 inet_addr (restricted) */
++extern struct hostent *tcpd_gethostbyname __P((char *, int));
+ /* IP4/IP6 gethostbyname */
+ #ifdef HAVE_IPV6
+-extern char *skip_ipv6_addrs(); /* skip over colons in IPv6 addrs */
++extern char *skip_ipv6_addrs __P((char *)); /* skip over colons in IPv6 addrs */
+ #else
+ #define skip_ipv6_addrs(x) x
+ #endif
/* Global variables. */
@@ -165,7 +148,7 @@ diff -up tcp_wrappers_7.6/tcpd.h.patch11 tcp_wrappers_7.6/tcpd.h
extern char *hosts_allow_table; /* for verification mode redirection */
extern char *hosts_deny_table; /* for verification mode redirection */
extern int hosts_access_verbose; /* for verbose matching mode */
-@@ -96,9 +124,14 @@ extern int resident; /* > 0 if residen
+@@ -171,9 +195,14 @@ extern int resident; /* > 0 if residen
*/
#ifdef __STDC__
@@ -180,7 +163,7 @@ diff -up tcp_wrappers_7.6/tcpd.h.patch11 tcp_wrappers_7.6/tcpd.h
extern struct request_info *request_init(); /* initialize request */
extern struct request_info *request_set(); /* update request structure */
#endif
-@@ -121,27 +154,31 @@ extern struct request_info *request_set(
+@@ -196,27 +225,31 @@ extern struct request_info *request_set(
* host_info structures serve as caches for the lookup results.
*/
@@ -222,7 +205,7 @@ diff -up tcp_wrappers_7.6/tcpd.h.patch11 tcp_wrappers_7.6/tcpd.h
#endif
/*
-@@ -182,7 +219,7 @@ extern struct tcpd_context tcpd_context;
+@@ -257,7 +290,7 @@ extern struct tcpd_context tcpd_context;
* behavior.
*/
@@ -231,7 +214,7 @@ diff -up tcp_wrappers_7.6/tcpd.h.patch11 tcp_wrappers_7.6/tcpd.h
extern int dry_run; /* verification flag */
/* Bug workarounds. */
-@@ -221,3 +258,7 @@ extern char *fix_strtok();
+@@ -296,3 +329,7 @@ extern char *fix_strtok();
#define strtok my_strtok
extern char *my_strtok();
#endif
@@ -254,3 +237,31 @@ diff -up /dev/null tcp_wrappers_7.6/weak_symbols.c
+int deny_severity = LOG_WARNING;
+int allow_severity = SEVERITY;
+#endif
+diff -up tcp_wrappers_7.6/scaffold.c.patch11 tcp_wrappers_7.6/scaffold.c
+--- tcp_wrappers_7.6/scaffold.c.patch11 2013-01-28 11:08:48.598273563 +0100
++++ tcp_wrappers_7.6/scaffold.c 2013-01-28 11:08:56.069316992 +0100
+@@ -25,7 +25,7 @@ static char sccs_id[] = "@(#) scaffold.c
+ #define INADDR_NONE (-1) /* XXX should be 0xffffffff */
+ #endif
+
+-extern char *malloc();
++extern void *malloc(size_t);
+
+ /* Application-specific. */
+
+@@ -180,10 +180,12 @@ struct request_info *request;
+
+ /* ARGSUSED */
+
+-void rfc931(request)
+-struct request_info *request;
++void rfc931(rmt_sin, our_sin, dest)
++struct sockaddr_gen *rmt_sin;
++struct sockaddr_gen *our_sin;
++char *dest;
+ {
+- strcpy(request->user, unknown);
++ strcpy(dest, unknown);
+ }
+
+ /* check_path - examine accessibility */
diff --git a/tcp_wrappers-7.6-uchart_fix.patch b/tcp_wrappers-7.6-uchart_fix.patch
new file mode 100644
index 0000000..5ac0788
--- /dev/null
+++ b/tcp_wrappers-7.6-uchart_fix.patch
@@ -0,0 +1,21 @@
+diff -up tcp_wrappers_7.6-ipv6.4/hosts_access.c.ucharpatch tcp_wrappers_7.6-ipv6.4/hosts_access.c
+--- tcp_wrappers_7.6-ipv6.4/hosts_access.c.ucharpatch 2013-01-28 10:19:20.424857730 +0100
++++ tcp_wrappers_7.6-ipv6.4/hosts_access.c 2013-01-28 10:19:44.719991745 +0100
+@@ -514,7 +514,7 @@ static void ipv6_mask(in6p, maskbits)
+ struct in6_addr *in6p;
+ int maskbits;
+ {
+- uchar_t *p = (uchar_t*) in6p;
++ unsigned char *p = (unsigned char*) in6p;
+
+ if (maskbits < 0 || maskbits >= IPV6_ABITS)
+ return;
+@@ -525,7 +525,7 @@ int maskbits;
+ if (maskbits != 0)
+ *p++ &= 0xff << (8 - maskbits);
+
+- while (p < (((uchar_t*) in6p)) + sizeof(*in6p))
++ while (p < (((unsigned char*) in6p)) + sizeof(*in6p))
+ *p++ = 0;
+ }
+ #endif
diff --git a/tcp_wrappers-7.6-warnings.patch b/tcp_wrappers-7.6-warnings.patch
index 7fcbaf6..6b6bddd 100644
--- a/tcp_wrappers-7.6-warnings.patch
+++ b/tcp_wrappers-7.6-warnings.patch
@@ -66,7 +66,7 @@ diff -up tcp_wrappers_7.6/fix_options.c.warnings tcp_wrappers_7.6/fix_options.c
unsigned int opt;
@@ -46,7 +48,7 @@ struct request_info *request;
struct in_addr dummy;
- #ifdef INET6
+ #ifdef HAVE_IPV6
struct sockaddr_storage ss;
- int sslen;
+ unsigned int sslen;
@@ -76,15 +76,16 @@ diff -up tcp_wrappers_7.6/fix_options.c.warnings tcp_wrappers_7.6/fix_options.c
diff -up tcp_wrappers_7.6/hosts_access.c.warnings tcp_wrappers_7.6/hosts_access.c
--- tcp_wrappers_7.6/hosts_access.c.warnings 2011-08-16 10:29:50.233418824 +0200
+++ tcp_wrappers_7.6/hosts_access.c 2011-08-16 10:29:51.653475947 +0200
-@@ -39,6 +39,8 @@ static char sccsid[] = "@(#) hosts_acces
+@@ -33,6 +33,9 @@ static char sccsid[] = "@(#) hosts_acces
#include <errno.h>
#include <setjmp.h>
#include <string.h>
+#include <stdlib.h>
+#include <rpcsvc/ypclnt.h>
- #ifdef INET6
- #include <netdb.h>
- #endif
++#include <netdb.h>
+
+ extern char *fgets();
+ extern int errno;
@@ -58,6 +60,8 @@ extern int errno;
extern jmp_buf tcpd_buf;
@@ -94,6 +95,23 @@ diff -up tcp_wrappers_7.6/hosts_access.c.warnings tcp_wrappers_7.6/hosts_access.
/* Delimiters for lists of daemons or clients. */
static char sep[] = ", \t\r\n";
+@@ -323,14 +328,14 @@ struct host_info *host;
+ hip = &host->sin->sg_sin6.sin6_addr;
+ }
+
+- if (cbr = strchr(tok, ']'))
++ if ((cbr = strchr(tok, ']')))
+ *cbr = '\0';
+
+ /*
+ * A /nnn prefix specifies how many bits of the address we
+ * need to check.
+ */
+- if (slash = strchr(tok, '/')) {
++ if ((slash = strchr(tok, '/'))) {
+ *slash = '\0';
+ mask = atoi(slash+1);
+ if (mask < 0 || mask > IPV6_ABITS) {
diff -up tcp_wrappers_7.6/inetcf.c.warnings tcp_wrappers_7.6/inetcf.c
--- tcp_wrappers_7.6/inetcf.c.warnings 2011-08-16 10:29:48.117418621 +0200
+++ tcp_wrappers_7.6/inetcf.c 2011-08-16 10:29:51.752605633 +0200
@@ -309,8 +327,8 @@ diff -up tcp_wrappers_7.6/percent_m.c.warnings tcp_wrappers_7.6/percent_m.c
- while (*bp = *cp)
+ while ((*bp = *cp))
if (*cp == '%' && cp[1] == 'm') {
- #ifdef HAVE_STRERROR
- strcpy(bp, strerror(errno));
+ #ifdef USE_STRERROR
+ strcpy(bp, strerror(errno));
diff -up tcp_wrappers_7.6/percent_x.c.warnings tcp_wrappers_7.6/percent_x.c
--- tcp_wrappers_7.6/percent_x.c.warnings 1994-12-28 17:42:38.000000000 +0100
+++ tcp_wrappers_7.6/percent_x.c 2011-08-16 10:29:52.116485510 +0200
@@ -341,7 +359,7 @@ diff -up tcp_wrappers_7.6/rfc931.c.warnings tcp_wrappers_7.6/rfc931.c
+ unsigned saved_timeout = 0;
struct sigaction nact, oact;
- #ifdef INET6
+ /*
@@ -223,7 +224,7 @@ char *dest;
* protocol, not part of the data.
*/
@@ -397,43 +415,24 @@ diff -up tcp_wrappers_7.6/scaffold.c.warnings tcp_wrappers_7.6/scaffold.c
#ifndef INADDR_NONE
#define INADDR_NONE (-1) /* XXX should be 0xffffffff */
-@@ -174,7 +176,9 @@ char *host;
- struct hostent *hp;
- #endif
- int count;
-+#ifndef INET6
- char *addr;
-+#endif
-
- if ((hp = find_inet_addr(host)) == 0)
- return (0);
diff -up tcp_wrappers_7.6/socket.c.warnings tcp_wrappers_7.6/socket.c
--- tcp_wrappers_7.6/socket.c.warnings 2011-08-16 10:29:48.319483715 +0200
+++ tcp_wrappers_7.6/socket.c 2011-08-16 10:29:52.630463906 +0200
-@@ -95,7 +95,7 @@ struct request_info *request;
- static struct sockaddr_in client;
- static struct sockaddr_in server;
- #endif
+@@ -84,7 +84,7 @@ struct request_info *request;
+ {
+ static struct sockaddr_gen client;
+ static struct sockaddr_gen server;
- int len;
+ unsigned len;
char buf[BUFSIZ];
int fd = request->fd;
-@@ -228,7 +228,7 @@ struct host_info *host;
- struct sockaddr *sin = host->sin;
- struct sockaddr_in sin4;
- struct addrinfo hints, *res, *res0 = NULL;
-- int salen, alen, err = 1;
-+ int salen, alen = 0, err = 1;
- char *ap = NULL, *rap, hname[NI_MAXHOST];
-
- if (sin != NULL) {
-@@ -471,7 +471,7 @@ int fd;
- #else
+@@ -293,7 +293,7 @@ int fd;
+ {
+ char buf[BUFSIZ];
struct sockaddr_in sin;
- #endif
- int size = sizeof(sin);
-+ unsigned int size = sizeof(sin);
++ unsigned size = sizeof(sin);
/*
* Eat up the not-yet received datagram. Some systems insist on a
@@ -464,7 +463,7 @@ diff -up tcp_wrappers_7.6/tcpd.c.warnings tcp_wrappers_7.6/tcpd.c
diff -up tcp_wrappers_7.6/tcpdchk.c.warnings tcp_wrappers_7.6/tcpdchk.c
--- tcp_wrappers_7.6/tcpdchk.c.warnings 2011-08-16 10:29:45.552501988 +0200
+++ tcp_wrappers_7.6/tcpdchk.c 2011-08-16 10:47:12.440605857 +0200
-@@ -33,6 +33,8 @@ static char sccsid[] = "@(#) tcpdchk.c 1
+@@ -30,6 +30,8 @@ static char sccsid[] = "@(#) tcpdchk.c 1
#include <errno.h>
#include <netdb.h>
#include <string.h>
@@ -473,7 +472,7 @@ diff -up tcp_wrappers_7.6/tcpdchk.c.warnings tcp_wrappers_7.6/tcpdchk.c
extern int errno;
extern void exit();
-@@ -202,13 +204,15 @@ struct request_info *request;
+@@ -199,13 +201,15 @@ struct request_info *request;
char sv_list[BUFLEN]; /* becomes list of daemons */
char *cl_list; /* becomes list of requests */
char *sh_cmd; /* becomes optional shell command */
@@ -490,7 +489,7 @@ diff -up tcp_wrappers_7.6/tcpdchk.c.warnings tcp_wrappers_7.6/tcpdchk.c
tcpd_context.file = table;
tcpd_context.line = 0;
while (xgets(sv_list, sizeof(sv_list), fp)) {
-@@ -334,7 +338,7 @@ char *list;
+@@ -331,7 +335,7 @@ char *list;
clients = 0;
} else {
clients++;
@@ -499,15 +498,15 @@ diff -up tcp_wrappers_7.6/tcpdchk.c.warnings tcp_wrappers_7.6/tcpdchk.c
check_user(cp);
check_host(host);
} else {
-@@ -450,7 +454,7 @@ char *pat;
- tcpd_warn("netgroup support disabled");
- #endif
+@@ -446,7 +450,7 @@ char *pat;
+ if (err)
+ tcpd_warn("bad IP6 address specification: %s", pat);
#endif
- } else if (mask = split_at(pat, '/')) { /* network/netmask */
+ } else if ((mask = split_at(pat, '/'))) { /* network/netmask */
- #ifdef INET6
- int mask_len;
-
+ if (dot_quad_addr(pat) == INADDR_NONE
+ || dot_quad_addr(mask) == INADDR_NONE)
+ tcpd_warn("%s/%s: bad net/mask pattern", pat, mask);
diff -up tcp_wrappers_7.6/tcpdmatch.c.warnings tcp_wrappers_7.6/tcpdmatch.c
--- tcp_wrappers_7.6/tcpdmatch.c.warnings 2011-08-16 10:29:49.531427106 +0200
+++ tcp_wrappers_7.6/tcpdmatch.c 2011-08-16 10:29:52.968605853 +0200
@@ -519,16 +518,6 @@ diff -up tcp_wrappers_7.6/tcpdmatch.c.warnings tcp_wrappers_7.6/tcpdmatch.c
extern void exit();
extern int optind;
-@@ -65,7 +66,9 @@ char **argv;
- char *myname = argv[0];
- char *client;
- char *server;
-+#ifndef INET6
- char *addr;
-+#endif
- char *user;
- char *daemon;
- struct request_info request;
diff -up tcp_wrappers_7.6/try-from.c.warnings tcp_wrappers_7.6/try-from.c
--- tcp_wrappers_7.6/try-from.c.warnings 1994-12-28 17:42:55.000000000 +0100
+++ tcp_wrappers_7.6/try-from.c 2011-08-16 10:29:53.095607440 +0200
diff --git a/tcp_wrappers.spec b/tcp_wrappers.spec
index 7c58ebe..65a5862 100644
--- a/tcp_wrappers.spec
+++ b/tcp_wrappers.spec
@@ -1,7 +1,7 @@
Summary: A security tool which acts as a wrapper for TCP daemons
Name: tcp_wrappers
Version: 7.6
-Release: 70%{?dist}
+Release: 71%{?dist}
%define LIB_MAJOR 0
%define LIB_MINOR 7
@@ -9,7 +9,7 @@ Release: 70%{?dist}
License: BSD
Group: System Environment/Daemons
-Source: ftp://ftp.porcupine.org/pub/security/%{name}_%{version}.tar.gz
+Source: ftp://ftp.porcupine.org/pub/security/%{name}_%{version}-ipv6.4.tar.gz
URL: ftp://ftp.porcupine.org/pub/security/index.html
Patch0: tcpw7.2-config.patch
Patch1: tcpw7.2-setenv.patch
@@ -21,15 +21,12 @@ Patch6: tcp_wrappers-7.6-fixgethostbyname.patch
Patch7: tcp_wrappers-7.6-docu.patch
Patch8: tcp_wrappers-7.6-man.patch
Patch9: tcp_wrappers.usagi-ipv6.patch
-Patch10: tcp_wrappers.ume-ipv6.patch
Patch11: tcp_wrappers-7.6-shared.patch
Patch12: tcp_wrappers-7.6-sig.patch
-Patch13: tcp_wrappers-7.6-strerror.patch
Patch14: tcp_wrappers-7.6-ldflags.patch
Patch15: tcp_wrappers-7.6-fix_sig-bug141110.patch
Patch16: tcp_wrappers-7.6-162412.patch
Patch17: tcp_wrappers-7.6-220015.patch
-Patch18: tcp_wrappers-7.6-restore_sigalarm.patch
Patch19: tcp_wrappers-7.6-siglongjmp.patch
Patch20: tcp_wrappers-7.6-sigchld.patch
Patch21: tcp_wrappers-7.6-196326.patch
@@ -40,6 +37,8 @@ Patch25: tcp_wrappers-7.6-relro.patch
Patch26: tcp_wrappers-7.6-xgets.patch
Patch27: tcp_wrappers-7.6-initgroups.patch
Patch28: tcp_wrappers-7.6-warnings.patch
+Patch29: tcp_wrappers-7.6-uchart_fix.patch
+Patch30: tcp_wrappers-7.6-altformat.patch
# required by sin_scope_id in ipv6 patch
BuildRequires: glibc-devel >= 2.2
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -72,7 +71,7 @@ tcp_wrappers-devel contains the libraries and header files needed to
develop applications with tcp_wrappers support.
%prep
-%setup -q -n %{name}_%{version}
+%setup -q -n %{name}_%{version}-ipv6.4
%patch0 -p1 -b .config
%patch1 -p1 -b .setenv
%patch2 -p1 -b .netgroup
@@ -83,15 +82,12 @@ develop applications with tcp_wrappers support.
%patch7 -p1 -b .docu
%patch8 -p1 -b .man
%patch9 -p1 -b .usagi-ipv6
-%patch10 -p1 -b .ume-ipv6
%patch11 -p1 -b .shared
%patch12 -p1 -b .sig
-%patch13 -p1 -b .strerror
%patch14 -p1 -b .cflags
%patch15 -p1 -b .fix_sig
%patch16 -p1 -b .162412
%patch17 -p1 -b .220015
-%patch18 -p1 -b .restore_sigalarm
%patch19 -p1 -b .siglongjmp
%patch20 -p1 -b .sigchld
%patch21 -p1 -b .196326
@@ -102,6 +98,8 @@ develop applications with tcp_wrappers support.
%patch26 -p1 -b .xgets
%patch27 -p1 -b .initgroups
%patch28 -p1 -b .warnings
+%patch29 -p1 -b .uchart_fix
+%patch30 -p1 -b .altformat
%build
make RPM_OPT_FLAGS="$RPM_OPT_FLAGS -fPIC -DPIC -D_REENTRANT -DHAVE_STRERROR" LDFLAGS="-pie" MAJOR=%{LIB_MAJOR} MINOR=%{LIB_MINOR} REL=%{LIB_REL} linux
@@ -159,6 +157,9 @@ rm -rf ${RPM_BUILD_ROOT}
%{_mandir}/man3/*
%changelog
+* Mon Jan 28 2013 Viktor Hercinger <vhercing at redhat.com> - 7.6-71
+- Updated to version with upstream IPv6 support
+
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 7.6-70
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
diff --git a/tcp_wrappers.usagi-ipv6.patch b/tcp_wrappers.usagi-ipv6.patch
index 2fe7484..e3bc707 100644
--- a/tcp_wrappers.usagi-ipv6.patch
+++ b/tcp_wrappers.usagi-ipv6.patch
@@ -5,7 +5,7 @@ diff -up tcp_wrappers_7.6/fix_options.c.patch9 tcp_wrappers_7.6/fix_options.c
#include <sys/types.h>
#include <sys/param.h>
-+#ifdef INET6
++#ifdef HAVE_IPV6
+#include <sys/socket.h>
+#endif
#include <netinet/in.h>
@@ -15,7 +15,7 @@ diff -up tcp_wrappers_7.6/fix_options.c.patch9 tcp_wrappers_7.6/fix_options.c
unsigned int opt;
int optlen;
struct in_addr dummy;
-+#ifdef INET6
++#ifdef HAVE_IPV6
+ struct sockaddr_storage ss;
+ int sslen;
+
@@ -47,220 +47,16 @@ diff -up tcp_wrappers_7.6/hosts_access.5.patch9 tcp_wrappers_7.6/hosts_access.5
pattern `131.155.72.0/255.255.254.0\' matches every address in the
range `131.155.72.0\' through `131.155.73.255\'.
.IP \(bu
-+An expression of the form `[n:n:n:n:n:n:n:n]/m\' is interpreted as a
-+`[net]/prefixlen\' pair. An IPv6 host address is matched if
++An expression of the form `[n:n:n:n:n:n:n:n/m]\' is interpreted as a
++`[net/prefixlen]\' pair. An IPv6 host address is matched if
+`prefixlen\' bits of `net\' is equal to the `prefixlen\' bits of the
-+address. For example, the [net]/prefixlen pattern
-+`[3ffe:505:2:1::]/64\' matches every address in the range
++address. For example, the [net/prefixlen] pattern
++`[3ffe:505:2:1::/64]\' matches every address in the range
+`3ffe:505:2:1::\' through `3ffe:505:2:1:ffff:ffff:ffff:ffff\'.
+.IP \(bu
A string that begins with a `/\' character is treated as a file
name. A host name or address is matched if it matches any host name
or address pattern listed in the named file. The file format is
-diff -up tcp_wrappers_7.6/hosts_access.c.patch9 tcp_wrappers_7.6/hosts_access.c
---- tcp_wrappers_7.6/hosts_access.c.patch9 2008-08-29 09:45:12.000000000 +0200
-+++ tcp_wrappers_7.6/hosts_access.c 2008-08-29 09:45:12.000000000 +0200
-@@ -24,7 +24,13 @@ static char sccsid[] = "@(#) hosts_acces
- /* System libraries. */
-
- #include <sys/types.h>
-+#ifdef INT32_T
-+ typedef uint32_t u_int32_t;
-+#endif
- #include <sys/param.h>
-+#ifdef INET6
-+#include <sys/socket.h>
-+#endif
- #include <netinet/in.h>
- #include <arpa/inet.h>
- #include <stdio.h>
-@@ -33,6 +39,9 @@ static char sccsid[] = "@(#) hosts_acces
- #include <errno.h>
- #include <setjmp.h>
- #include <string.h>
-+#ifdef INET6
-+#include <netdb.h>
-+#endif
-
- extern char *fgets();
- extern int errno;
-@@ -82,6 +91,10 @@ static int client_match();
- static int host_match();
- static int string_match();
- static int masked_match();
-+#ifdef INET6
-+static int masked_match4();
-+static int masked_match6();
-+#endif
-
- /* Size of logical line buffer. */
-
-@@ -311,6 +324,13 @@ char *string;
- {
- int n;
-
-+#ifdef INET6
-+ /* convert IPv4 mapped IPv6 address to IPv4 address */
-+ if (STRN_EQ(string, "::ffff:", 7)
-+ && dot_quad_addr(string + 7) != INADDR_NONE) {
-+ string += 7;
-+ }
-+#endif
- #ifndef DISABLE_WILDCARD_MATCHING
- if (strchr(tok, '*') || strchr(tok,'?')) { /* contains '*' or '?' */
- return (match_pattern_ylo(string,tok));
-@@ -326,20 +346,72 @@ char *string;
- } else if (tok[(n = strlen(tok)) - 1] == '.') { /* prefix */
- return (STRN_EQ(tok, string, n));
- } else { /* exact match */
-+#ifdef INET6
-+ struct addrinfo hints, *res;
-+ struct sockaddr_in6 pat, addr;
-+ int len, ret;
-+ char ch;
-+
-+ len = strlen(tok);
-+ if (*tok == '[' && tok[len - 1] == ']') {
-+ ch = tok[len - 1];
-+ tok[len - 1] = '\0';
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_family = AF_INET6;
-+ hints.ai_socktype = SOCK_STREAM;
-+ hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST;
-+ if ((ret = getaddrinfo(tok + 1, NULL, &hints, &res)) == 0) {
-+ memcpy(&pat, res->ai_addr, sizeof(pat));
-+ freeaddrinfo(res);
-+ }
-+ tok[len - 1] = ch;
-+ if (ret != 0 || getaddrinfo(string, NULL, &hints, &res) != 0)
-+ return NO;
-+ memcpy(&addr, res->ai_addr, sizeof(addr));
-+ freeaddrinfo(res);
-+#ifdef NI_WITHSCOPEID
-+ if (pat.sin6_scope_id != 0 &&
-+ addr.sin6_scope_id != pat.sin6_scope_id)
-+ return NO;
-+#endif
-+ return (!memcmp(&pat.sin6_addr, &addr.sin6_addr,
-+ sizeof(struct in6_addr)));
-+ return (ret);
-+ }
-+#endif
- return (STR_EQ(tok, string));
- }
- }
-
- /* masked_match - match address against netnumber/netmask */
-
-+#ifdef INET6
- static int masked_match(net_tok, mask_tok, string)
- char *net_tok;
- char *mask_tok;
- char *string;
- {
-+ return (masked_match4(net_tok, mask_tok, string) ||
-+ masked_match6(net_tok, mask_tok, string));
-+}
-+
-+static int masked_match4(net_tok, mask_tok, string)
-+#else
-+static int masked_match(net_tok, mask_tok, string)
-+#endif
-+char *net_tok;
-+char *mask_tok;
-+char *string;
-+{
-+#ifdef INET6
-+ u_int32_t net;
-+ u_int32_t mask;
-+ u_int32_t addr;
-+#else
- unsigned long net;
- unsigned long mask;
- unsigned long addr;
-+#endif
-
- /*
- * Disallow forms other than dotted quad: the treatment that inet_addr()
-@@ -351,12 +423,78 @@ char *string;
- return (NO);
- if ((net = dot_quad_addr(net_tok)) == INADDR_NONE
- || (mask = dot_quad_addr(mask_tok)) == INADDR_NONE) {
-+#ifndef INET6
- tcpd_warn("bad net/mask expression: %s/%s", net_tok, mask_tok);
-+#endif
- return (NO); /* not tcpd_jump() */
- }
- return ((addr & mask) == net);
- }
-
-+#ifdef INET6
-+static int masked_match6(net_tok, mask_tok, string)
-+char *net_tok;
-+char *mask_tok;
-+char *string;
-+{
-+ struct addrinfo hints, *res;
-+ struct sockaddr_in6 net, addr;
-+ u_int32_t mask;
-+ int len, mask_len, i = 0;
-+ char ch;
-+
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_family = AF_INET6;
-+ hints.ai_socktype = SOCK_STREAM;
-+ hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST;
-+ if (getaddrinfo(string, NULL, &hints, &res) != 0)
-+ return NO;
-+ memcpy(&addr, res->ai_addr, sizeof(addr));
-+ freeaddrinfo(res);
-+
-+ if (IN6_IS_ADDR_V4MAPPED(&addr.sin6_addr)) {
-+ if ((*(u_int32_t *)&net.sin6_addr.s6_addr[12] = dot_quad_addr(net_tok)) == INADDR_NONE
-+ || (mask = dot_quad_addr(mask_tok)) == INADDR_NONE)
-+ return (NO);
-+ return ((*(u_int32_t *)&addr.sin6_addr.s6_addr[12] & mask) == *(u_int32_t *)&net.sin6_addr.s6_addr[12]);
-+ }
-+
-+ /* match IPv6 address against netnumber/prefixlen */
-+ len = strlen(net_tok);
-+ if (*net_tok != '[' || net_tok[len - 1] != ']')
-+ return NO;
-+ ch = net_tok[len - 1];
-+ net_tok[len - 1] = '\0';
-+ if (getaddrinfo(net_tok + 1, NULL, &hints, &res) != 0) {
-+ net_tok[len - 1] = ch;
-+ return NO;
-+ }
-+ memcpy(&net, res->ai_addr, sizeof(net));
-+ freeaddrinfo(res);
-+ net_tok[len - 1] = ch;
-+ if ((mask_len = atoi(mask_tok)) < 0 || mask_len > 128)
-+ return NO;
-+
-+#ifdef NI_WITHSCOPEID
-+ if (net.sin6_scope_id != 0 && addr.sin6_scope_id != net.sin6_scope_id)
-+ return NO;
-+#endif
-+ while (mask_len > 0) {
-+ if (mask_len < 32) {
-+ mask = htonl(~(0xffffffff >> mask_len));
-+ if ((*(u_int32_t *)&addr.sin6_addr.s6_addr[i] & mask) != (*(u_int32_t *)&net.sin6_addr.s6_addr[i] & mask))
-+ return NO;
-+ break;
-+ }
-+ if (*(u_int32_t *)&addr.sin6_addr.s6_addr[i] != *(u_int32_t *)&net.sin6_addr.s6_addr[i])
-+ return NO;
-+ i += 4;
-+ mask_len -= 32;
-+ }
-+ return YES;
-+}
-+#endif /* INET6 */
-+
- #ifndef DISABLE_WILDCARD_MATCHING
- /* Note: this feature has been adapted in a pretty straightforward way
- from Tatu Ylonen's last SSH version under free license by
diff -up tcp_wrappers_7.6/inetcf.c.patch9 tcp_wrappers_7.6/inetcf.c
--- tcp_wrappers_7.6/inetcf.c.patch9 1997-02-12 02:13:24.000000000 +0100
+++ tcp_wrappers_7.6/inetcf.c 2008-08-29 09:45:12.000000000 +0200
@@ -268,15 +64,15 @@ diff -up tcp_wrappers_7.6/inetcf.c.patch9 tcp_wrappers_7.6/inetcf.c
* guesses. Shorter names follow longer ones.
*/
char *inet_files[] = {
-+#ifdef INET6
++#ifdef HAVE_IPV6
+ "/usr/local/v6/etc/inet6d.conf", /* KAME */
+#endif
"/private/etc/inetd.conf", /* NEXT */
"/etc/inet/inetd.conf", /* SYSV4 */
"/usr/etc/inetd.conf", /* IRIX?? */
diff -up tcp_wrappers_7.6/Makefile.patch9 tcp_wrappers_7.6/Makefile
---- tcp_wrappers_7.6/Makefile.patch9 2008-08-29 09:45:12.000000000 +0200
-+++ tcp_wrappers_7.6/Makefile 2008-08-29 09:45:12.000000000 +0200
+--- tcp_wrappers_7.6/Makefile.patch9 2013-01-25 10:53:33.891349937 +0100
++++ tcp_wrappers_7.6/Makefile 2013-01-25 11:00:57.362801588 +0100
@@ -21,7 +21,7 @@ what:
@echo " dynix epix esix freebsd hpux irix4 irix5 irix6 isc iunix"
@echo " linux machten mips(untested) ncrsvr4 netbsd next osf power_unix_211"
@@ -286,58 +82,49 @@ diff -up tcp_wrappers_7.6/Makefile.patch9 tcp_wrappers_7.6/Makefile
@echo " uts215 uxp"
@echo
@echo "If none of these match your environment, edit the system"
-@@ -131,20 +131,33 @@ epix:
- NETGROUP=-DNETGROUP TLI= SYSTYPE="-systype bsd43" all
-
- # Freebsd and linux by default have no NIS.
--386bsd netbsd bsdos:
-+386bsd bsdos:
- @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
- LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ= NETGROUP= TLI= \
- EXTRA_CFLAGS=-DSYS_ERRLIST_DEFINED VSYSLOG= all
+@@ -138,13 +138,25 @@ epix:
freebsd:
@make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
+ LIBS="-L/usr/local/v6/lib -linet6" \
LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ= NETGROUP= TLI= \
-- EXTRA_CFLAGS=-DSYS_ERRLIST_DEFINED VSYSLOG= all
-+ EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -DINET6 -Dss_family=__ss_family -Dss_len=__ss_len" \
-+ VSYSLOG= all
+- EXTRA_CFLAGS=-DUSE_STRERROR VSYSLOG= all
++ EXTRA_CFLAGS="-DUSE_STRERROR -Dss_family=__ss_family -Dss_len=__ss_len" VSYSLOG= all
+
+netbsd:
+ @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
+ LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ= NETGROUP= TLI= \
-+ EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -DINET6 -Dss_family=__ss_family -Dss_len=__ss_len" VSYSLOG= all
++ EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -Dss_family=__ss_family -Dss_len=__ss_len" VSYSLOG= all
linux:
@make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
LIBS="-lnsl" RANLIB=ranlib ARFLAGS=rv AUX_OBJ= \
-- NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all
-+ NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER -DINET6=1 -Dss_family=__ss_family -Dss_len=__ss_len" all
+- NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DUSE_STRERROR -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all
++ NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DUSE_STRERROR -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER -Dss_family=__ss_family -Dss_len=__ss_len" all
+
+linux-old:
+ @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
+ LIBS="/usr/inet6/lib/libinet6.a -lresolv" \
+ RANLIB=ranlib ARFLAGS=rv AUX_OBJ=setenv.o NETGROUP= TLI= \
-+ EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER -DINET6=1 -Dss_family=sin6_family -Dsockaddr_storage=sockaddr_in6 -I/usr/inet6/include" all
++ EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER -Dss_family=sin6_family -Dsockaddr_storage=sockaddr_in6 -I/usr/inet6/include" all
# This is good for many SYSV+BSD hybrids with NIS, probably also for HP-UX 7.x.
hpux hpux8 hpux9 hpux10:
-@@ -196,6 +209,13 @@ sunos5:
- NETGROUP=-DNETGROUP AUX_OBJ=setenv.o TLI=-DTLI \
- BUGS="$(BUGS) -DSOLARIS_24_GETHOSTBYNAME_BUG" all
+@@ -197,6 +209,13 @@ sunos5:
+ BUGS="$(BUGS) -DSOLARIS_24_GETHOSTBYNAME_BUG" IPV6="$(IPV6)" \
+ EXTRA_CFLAGS=-DUSE_STRERROR all
+# SunOS 5.8 is another SYSV4 variant, but has IPv6 support
+solaris8:
+ @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
+ LIBS="-lsocket -lnsl" RANLIB=echo ARFLAGS=rv VSYSLOG= \
+ NETGROUP=-DNETGROUP AUX_OBJ=setenv.o TLI=-DTLI \
-+ EXTRA_CFLAGS="-DINET6 -DNO_CLONE_DEVICE -DINT32_T" all
++ EXTRA_CFLAGS="-DNO_CLONE_DEVICE -DINT32_T" all
+
# Generic SYSV40
esix sysv4:
@make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
-@@ -391,7 +411,7 @@ AR = ar
+@@ -392,7 +411,7 @@ AR = ar
# the ones provided with this source distribution. The environ.c module
# implements setenv(), getenv(), and putenv().
@@ -346,7 +133,7 @@ diff -up tcp_wrappers_7.6/Makefile.patch9 tcp_wrappers_7.6/Makefile
#AUX_OBJ= environ.o
#AUX_OBJ= environ.o strcasecmp.o
-@@ -454,7 +474,7 @@ AUX_OBJ= setenv.o
+@@ -455,7 +474,7 @@ AUX_OBJ= setenv.o
# host name aliases. Compile with -DSOLARIS_24_GETHOSTBYNAME_BUG to work
# around this. The workaround does no harm on other Solaris versions.
@@ -355,13 +142,22 @@ diff -up tcp_wrappers_7.6/Makefile.patch9 tcp_wrappers_7.6/Makefile
#BUGS = -DGETPEERNAME_BUG -DBROKEN_FGETS -DINET_ADDR_BUG
#BUGS = -DGETPEERNAME_BUG -DBROKEN_FGETS -DSOLARIS_24_GETHOSTBYNAME_BUG
-@@ -472,7 +492,7 @@ BUGS = -DGETPEERNAME_BUG -DBROKEN_FGETS
+@@ -473,7 +492,7 @@ BUGS = -DGETPEERNAME_BUG -DBROKEN_FGETS
# If your system supports vsyslog(), comment out the following definition.
# If in doubt leave it in, it won't harm.
-VSYSLOG = -Dvsyslog=myvsyslog
+#VSYSLOG = -Dvsyslog=myvsyslog
+ ###############################################################
+ # System dependencies: whether or not your system has IPV6
+@@ -485,7 +504,7 @@ VSYSLOG = -Dvsyslog=myvsyslog
+
+ # If your system does not have getipnodebyname() but uses the obsolete
+ # gethostbyname2() instead, use this (AIX)
+-# IPV6 = -DHAVE_IPV6 -DUSE_GETHOSTBYNAME2
++IPV6 = -DHAVE_IPV6 -DUSE_GETHOSTBYNAME2
+
# End of the system dependencies.
#################################
diff -up tcp_wrappers_7.6/misc.c.patch9 tcp_wrappers_7.6/misc.c
@@ -371,7 +167,7 @@ diff -up tcp_wrappers_7.6/misc.c.patch9 tcp_wrappers_7.6/misc.c
{
char *cp;
-+#ifdef INET6
++#ifdef HAVE_IPV6
+ int bracket = 0;
+
+ for (cp = string; cp && *cp; cp++) {
@@ -406,7 +202,7 @@ diff -up tcp_wrappers_7.6/refuse.c.patch9 tcp_wrappers_7.6/refuse.c
void refuse(request)
struct request_info *request;
{
-+#ifdef INET6
++#ifdef HAVE_IPV6
+ syslog(deny_severity, "refused connect from %s (%s)",
+ eval_client(request), eval_hostaddr(request->client));
+#else
@@ -416,613 +212,21 @@ diff -up tcp_wrappers_7.6/refuse.c.patch9 tcp_wrappers_7.6/refuse.c
/* NOTREACHED */
}
diff -up tcp_wrappers_7.6/rfc931.c.patch9 tcp_wrappers_7.6/rfc931.c
---- tcp_wrappers_7.6/rfc931.c.patch9 1995-01-02 16:11:34.000000000 +0100
-+++ tcp_wrappers_7.6/rfc931.c 2008-08-29 09:45:12.000000000 +0200
-@@ -68,20 +68,50 @@ int sig;
- /* rfc931 - return remote user name, given socket structures */
-
- void rfc931(rmt_sin, our_sin, dest)
-+#ifdef INET6
-+struct sockaddr *rmt_sin;
-+struct sockaddr *our_sin;
-+#else
- struct sockaddr_in *rmt_sin;
- struct sockaddr_in *our_sin;
-+#endif
- char *dest;
- {
- unsigned rmt_port;
- unsigned our_port;
-+#ifdef INET6
-+ struct sockaddr_storage rmt_query_sin;
-+ struct sockaddr_storage our_query_sin;
-+ int alen;
-+#else
- struct sockaddr_in rmt_query_sin;
- struct sockaddr_in our_query_sin;
-+#endif
- char user[256]; /* XXX */
- char buffer[512]; /* XXX */
- char *cp;
- char *result = unknown;
- FILE *fp;
+--- tcp_wrappers_7.6/rfc931.c.patch9 2004-05-04 16:01:01.000000000 +0200
++++ tcp_wrappers_7.6/rfc931.c 2013-01-25 11:08:26.690292897 +0100
+@@ -94,6 +94,12 @@ char *dest;
+ * sockets.
+ */
-+#ifdef INET6
+ /* address family must be the same */
-+ if (rmt_sin->sa_family != our_sin->sa_family) {
++ if (SGFAM(rmt_sin) != SGFAM(our_sin)) {
+ STRN_CPY(dest, result, STRING_LENGTH);
+ return;
+ }
-+ switch (our_sin->sa_family) {
-+ case AF_INET:
-+ alen = sizeof(struct sockaddr_in);
-+ break;
-+ case AF_INET6:
-+ alen = sizeof(struct sockaddr_in6);
-+ break;
-+ default:
-+ STRN_CPY(dest, result, STRING_LENGTH);
-+ return;
-+ }
-+#endif
+
- /*
- * Use one unbuffered stdio stream for writing to and for reading from
- * the RFC931 etc. server. This is done because of a bug in the SunOS
-@@ -92,7 +122,11 @@ char *dest;
- * sockets.
- */
-
-+#ifdef INET6
-+ if ((fp = fsocket(our_sin->sa_family, SOCK_STREAM, 0)) != 0) {
-+#else
- if ((fp = fsocket(AF_INET, SOCK_STREAM, 0)) != 0) {
-+#endif
+ if ((fp = fsocket(SGFAM(rmt_sin), SOCK_STREAM, 0)) != 0) {
setbuf(fp, (char *) 0);
- /*
-@@ -112,6 +146,25 @@ char *dest;
- * addresses from the query socket.
- */
-
-+#ifdef INET6
-+ memcpy(&our_query_sin, our_sin, alen);
-+ memcpy(&rmt_query_sin, rmt_sin, alen);
-+ switch (our_sin->sa_family) {
-+ case AF_INET:
-+ ((struct sockaddr_in *)&our_query_sin)->sin_port = htons(ANY_PORT);
-+ ((struct sockaddr_in *)&rmt_query_sin)->sin_port = htons(RFC931_PORT);
-+ break;
-+ case AF_INET6:
-+ ((struct sockaddr_in6 *)&our_query_sin)->sin6_port = htons(ANY_PORT);
-+ ((struct sockaddr_in6 *)&rmt_query_sin)->sin6_port = htons(RFC931_PORT);
-+ break;
-+ }
-+
-+ if (bind(fileno(fp), (struct sockaddr *) & our_query_sin,
-+ alen) >= 0 &&
-+ connect(fileno(fp), (struct sockaddr *) & rmt_query_sin,
-+ alen) >= 0) {
-+#else
- our_query_sin = *our_sin;
- our_query_sin.sin_port = htons(ANY_PORT);
- rmt_query_sin = *rmt_sin;
-@@ -121,6 +174,7 @@ char *dest;
- sizeof(our_query_sin)) >= 0 &&
- connect(fileno(fp), (struct sockaddr *) & rmt_query_sin,
- sizeof(rmt_query_sin)) >= 0) {
-+#endif
-
- /*
- * Send query to server. Neglect the risk that a 13-byte
-@@ -129,8 +183,13 @@ char *dest;
- */
-
- fprintf(fp, "%u,%u\r\n",
-+#ifdef INET6
-+ ntohs(((struct sockaddr_in *)rmt_sin)->sin_port),
-+ ntohs(((struct sockaddr_in *)our_sin)->sin_port));
-+#else
- ntohs(rmt_sin->sin_port),
- ntohs(our_sin->sin_port));
-+#endif
- fflush(fp);
-
- /*
-@@ -144,8 +203,13 @@ char *dest;
- && ferror(fp) == 0 && feof(fp) == 0
- && sscanf(buffer, "%u , %u : USERID :%*[^:]:%255s",
- &rmt_port, &our_port, user) == 3
-+#ifdef INET6
-+ && ntohs(((struct sockaddr_in *)rmt_sin)->sin_port) == rmt_port
-+ && ntohs(((struct sockaddr_in *)our_sin)->sin_port) == our_port) {
-+#else
- && ntohs(rmt_sin->sin_port) == rmt_port
- && ntohs(our_sin->sin_port) == our_port) {
-+#endif
-
- /*
- * Strip trailing carriage return. It is part of the
-diff -up tcp_wrappers_7.6/scaffold.c.patch9 tcp_wrappers_7.6/scaffold.c
---- tcp_wrappers_7.6/scaffold.c.patch9 1997-03-21 19:27:24.000000000 +0100
-+++ tcp_wrappers_7.6/scaffold.c 2008-08-29 09:45:12.000000000 +0200
-@@ -25,7 +25,9 @@ static char sccs_id[] = "@(#) scaffold.c
- #define INADDR_NONE (-1) /* XXX should be 0xffffffff */
- #endif
-
-+#ifndef INET6
- extern char *malloc();
-+#endif
-
- /* Application-specific. */
-
-@@ -39,6 +41,7 @@ int allow_severity = SEVERITY;
- int deny_severity = LOG_WARNING;
- int rfc931_timeout = RFC931_TIMEOUT;
-
-+#ifndef INET6
- /* dup_hostent - create hostent in one memory block */
-
- static struct hostent *dup_hostent(hp)
-@@ -73,9 +76,46 @@ struct hostent *hp;
- }
- return (&hb->host);
- }
-+#endif
-
- /* find_inet_addr - find all addresses for this host, result to free() */
-
-+#ifdef INET6
-+struct addrinfo *find_inet_addr(host)
-+char *host;
-+{
-+ struct addrinfo hints, *res;
-+
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_family = PF_UNSPEC;
-+ hints.ai_socktype = SOCK_STREAM;
-+ hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST;
-+ if (getaddrinfo(host, NULL, &hints, &res) == 0)
-+ return (res);
-+
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_family = PF_UNSPEC;
-+ hints.ai_socktype = SOCK_STREAM;
-+ hints.ai_flags = AI_PASSIVE | AI_CANONNAME;
-+ if (getaddrinfo(host, NULL, &hints, &res) != 0) {
-+ tcpd_warn("%s: host not found", host);
-+ return (0);
-+ }
-+ if (res->ai_family != AF_INET6 && res->ai_family != AF_INET) {
-+ tcpd_warn("%d: not an internet host", res->ai_family);
-+ freeaddrinfo(res);
-+ return (0);
-+ }
-+ if (!res->ai_canonname) {
-+ tcpd_warn("%s: hostname alias", host);
-+ tcpd_warn("(cannot obtain official name)", res->ai_canonname);
-+ } else if (STR_NE(host, res->ai_canonname)) {
-+ tcpd_warn("%s: hostname alias", host);
-+ tcpd_warn("(official name: %.*s)", STRING_LENGTH, res->ai_canonname);
-+ }
-+ return (res);
-+}
-+#else
- struct hostent *find_inet_addr(host)
- char *host;
- {
-@@ -118,6 +158,7 @@ char *host;
- }
- return (dup_hostent(hp));
- }
-+#endif
-
- /* check_dns - give each address thorough workout, return address count */
-
-@@ -125,8 +166,13 @@ int check_dns(host)
- char *host;
- {
- struct request_info request;
-+#ifdef INET6
-+ struct sockaddr_storage sin;
-+ struct addrinfo *hp, *res;
-+#else
- struct sockaddr_in sin;
- struct hostent *hp;
-+#endif
- int count;
- char *addr;
-
-@@ -134,11 +180,18 @@ char *host;
- return (0);
- request_init(&request, RQ_CLIENT_SIN, &sin, 0);
- sock_methods(&request);
-+#ifndef INET6
- memset((char *) &sin, 0, sizeof(sin));
- sin.sin_family = AF_INET;
-+#endif
-
-+#ifdef INET6
-+ for (res = hp, count = 0; res; res = res->ai_next, count++) {
-+ memcpy(&sin, res->ai_addr, res->ai_addrlen);
-+#else
- for (count = 0; (addr = hp->h_addr_list[count]) != 0; count++) {
- memcpy((char *) &sin.sin_addr, addr, sizeof(sin.sin_addr));
-+#endif
-
- /*
- * Force host name and address conversions. Use the request structure
-@@ -151,7 +204,11 @@ char *host;
- tcpd_warn("host address %s->name lookup failed",
- eval_hostaddr(request.client));
- }
-+#ifdef INET6
-+ freeaddrinfo(hp);
-+#else
- free((char *) hp);
-+#endif
- return (count);
- }
-
-diff -up tcp_wrappers_7.6/scaffold.h.patch9 tcp_wrappers_7.6/scaffold.h
---- tcp_wrappers_7.6/scaffold.h.patch9 1994-12-31 18:19:20.000000000 +0100
-+++ tcp_wrappers_7.6/scaffold.h 2008-08-29 09:45:12.000000000 +0200
-@@ -4,6 +4,10 @@
- * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
- */
-
-+#ifdef INET6
-+extern struct addrinfo *find_inet_addr();
-+#else
- extern struct hostent *find_inet_addr();
-+#endif
- extern int check_dns();
- extern int check_path();
-diff -up tcp_wrappers_7.6/socket.c.patch9 tcp_wrappers_7.6/socket.c
---- tcp_wrappers_7.6/socket.c.patch9 2008-08-29 09:45:12.000000000 +0200
-+++ tcp_wrappers_7.6/socket.c 2008-08-29 09:45:12.000000000 +0200
-@@ -24,13 +24,22 @@ static char sccsid[] = "@(#) socket.c 1.
- #include <sys/types.h>
- #include <sys/param.h>
- #include <sys/socket.h>
-+#ifdef INT32_T
-+typedef uint32_t u_int32_t;
-+#endif
- #include <netinet/in.h>
- #include <netdb.h>
- #include <stdio.h>
- #include <syslog.h>
- #include <string.h>
-
-+#ifdef INET6
-+#ifndef NI_WITHSCOPEID
-+#define NI_WITHSCOPEID 0
-+#endif
-+#else
- extern char *inet_ntoa();
-+#endif
-
- /* Local stuff. */
-
-@@ -79,8 +88,13 @@ char *name;
- void sock_host(request)
- struct request_info *request;
- {
-+#ifdef INET6
-+ static struct sockaddr_storage client;
-+ static struct sockaddr_storage server;
-+#else
- static struct sockaddr_in client;
- static struct sockaddr_in server;
-+#endif
- int len;
- char buf[BUFSIZ];
- int fd = request->fd;
-@@ -109,7 +123,11 @@ struct request_info *request;
- memset(buf, 0 sizeof(buf));
- #endif
- }
-+#ifdef INET6
-+ request->client->sin = (struct sockaddr *)&client;
-+#else
- request->client->sin = &client;
-+#endif
-
- /*
- * Determine the server binding. This is used for client username
-@@ -122,7 +140,11 @@ struct request_info *request;
- tcpd_warn("getsockname: %m");
- return;
- }
-+#ifdef INET6
-+ request->server->sin = (struct sockaddr *)&server;
-+#else
- request->server->sin = &server;
-+#endif
- }
-
- /* sock_hostaddr - map endpoint address to printable form */
-@@ -130,10 +152,26 @@ struct request_info *request;
- void sock_hostaddr(host)
- struct host_info *host;
- {
-+#ifdef INET6
-+ struct sockaddr *sin = host->sin;
-+ int salen;
-+
-+ if (!sin)
-+ return;
-+#ifdef SIN6_LEN
-+ salen = sin->sa_len;
-+#else
-+ salen = (sin->sa_family == AF_INET) ? sizeof(struct sockaddr_in)
-+ : sizeof(struct sockaddr_in6);
-+#endif
-+ getnameinfo(sin, salen, host->addr, sizeof(host->addr),
-+ NULL, 0, NI_NUMERICHOST | NI_WITHSCOPEID);
-+#else
- struct sockaddr_in *sin = host->sin;
-
- if (sin != 0)
- STRN_CPY(host->addr, inet_ntoa(sin->sin_addr), sizeof(host->addr));
-+#endif
- }
-
- /* sock_hostname - map endpoint address to host name */
-@@ -141,6 +179,160 @@ struct host_info *host;
- void sock_hostname(host)
- struct host_info *host;
- {
-+#ifdef INET6
-+ struct sockaddr *sin = host->sin;
-+ struct sockaddr_in sin4;
-+ struct addrinfo hints, *res, *res0 = NULL;
-+ int salen, alen, err = 1;
-+ char *ap = NULL, *rap, hname[NI_MAXHOST];
-+
-+ if (sin != NULL) {
-+ if (sin->sa_family == AF_INET6) {
-+ struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sin;
-+
-+ if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {
-+ memset(&sin4, 0, sizeof(sin4));
-+#ifdef SIN6_LEN
-+ sin4.sin_len = sizeof(sin4);
-+#endif
-+ sin4.sin_family = AF_INET;
-+ sin4.sin_port = sin6->sin6_port;
-+ sin4.sin_addr.s_addr = *(u_int32_t *)&sin6->sin6_addr.s6_addr[12];
-+ sin = (struct sockaddr *)&sin4;
-+ }
-+ }
-+ switch (sin->sa_family) {
-+ case AF_INET:
-+ ap = (char *)&((struct sockaddr_in *)sin)->sin_addr;
-+ alen = sizeof(struct in_addr);
-+ salen = sizeof(struct sockaddr_in);
-+ break;
-+ case AF_INET6:
-+ ap = (char *)&((struct sockaddr_in6 *)sin)->sin6_addr;
-+ alen = sizeof(struct in6_addr);
-+ salen = sizeof(struct sockaddr_in6);
-+ break;
-+ default:
-+ break;
-+ }
-+ if (ap)
-+ err = getnameinfo(sin, salen, hname, sizeof(hname),
-+ NULL, 0, NI_WITHSCOPEID | NI_NAMEREQD);
-+ }
-+ if (!err) {
-+
-+ STRN_CPY(host->name, hname, sizeof(host->name));
-+
-+ /* reject numeric addresses */
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_family = sin->sa_family;
-+ hints.ai_socktype = SOCK_STREAM;
-+ hints.ai_flags = AI_PASSIVE | AI_CANONNAME | AI_NUMERICHOST;
-+ if ((err = getaddrinfo(host->name, NULL, &hints, &res0) == 0)) {
-+ freeaddrinfo(res0);
-+ res0 = NULL;
-+ tcpd_warn("host name/name mismatch: "
-+ "reverse lookup results in non-FQDN %s",
-+ host->name);
-+ strcpy(host->name, paranoid); /* name is bad, clobber it */
-+ }
-+ err = !err;
-+ }
-+ if (!err) {
-+ /* we are now sure that this is non-numeric */
-+
-+ /*
-+ * Verify that the address is a member of the address list returned
-+ * by gethostbyname(hostname).
-+ *
-+ * Verify also that gethostbyaddr() and gethostbyname() return the same
-+ * hostname, or rshd and rlogind may still end up being spoofed.
-+ *
-+ * On some sites, gethostbyname("localhost") returns "localhost.domain".
-+ * This is a DNS artefact. We treat it as a special case. When we
-+ * can't believe the address list from gethostbyname("localhost")
-+ * we're in big trouble anyway.
-+ */
-+
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_family = sin->sa_family;
-+ hints.ai_socktype = SOCK_STREAM;
-+ hints.ai_flags = AI_PASSIVE | AI_CANONNAME;
-+ if (getaddrinfo(host->name, NULL, &hints, &res0) != 0) {
-+
-+ /*
-+ * Unable to verify that the host name matches the address. This
-+ * may be a transient problem or a botched name server setup.
-+ */
-+
-+ tcpd_warn("can't verify hostname: getaddrinfo(%s, %s) failed",
-+ host->name,
-+ (sin->sa_family == AF_INET) ? "AF_INET" : "AF_INET6");
-+
-+ } else if ((res0->ai_canonname == NULL
-+ || STR_NE(host->name, res0->ai_canonname))
-+ && STR_NE(host->name, "localhost")) {
-+
-+ /*
-+ * The gethostbyaddr() and gethostbyname() calls did not return
-+ * the same hostname. This could be a nameserver configuration
-+ * problem. It could also be that someone is trying to spoof us.
-+ */
-+
-+ tcpd_warn("host name/name mismatch: %s != %.*s",
-+ host->name, STRING_LENGTH,
-+ (res0->ai_canonname == NULL) ? "" : res0->ai_canonname);
-+
-+ } else {
-+
-+ /*
-+ * The address should be a member of the address list returned by
-+ * gethostbyname(). We should first verify that the h_addrtype
-+ * field is AF_INET, but this program has already caused too much
-+ * grief on systems with broken library code.
-+ */
-+
-+ for (res = res0; res; res = res->ai_next) {
-+ if (res->ai_family != sin->sa_family)
-+ continue;
-+ switch (res->ai_family) {
-+ case AF_INET:
-+ rap = (char *)&((struct sockaddr_in *)res->ai_addr)->sin_addr;
-+ break;
-+ case AF_INET6:
-+ /* need to check scope_id */
-+ if (((struct sockaddr_in6 *)sin)->sin6_scope_id !=
-+ ((struct sockaddr_in6 *)res->ai_addr)->sin6_scope_id) {
-+ continue;
-+ }
-+ rap = (char *)&((struct sockaddr_in6 *)res->ai_addr)->sin6_addr;
-+ break;
-+ default:
-+ continue;
-+ }
-+ if (memcmp(rap, ap, alen) == 0) {
-+ freeaddrinfo(res0);
-+ return; /* name is good, keep it */
-+ }
-+ }
-+
-+ /*
-+ * The host name does not map to the initial address. Perhaps
-+ * someone has messed up. Perhaps someone compromised a name
-+ * server.
-+ */
-+
-+ getnameinfo(sin, salen, hname, sizeof(hname),
-+ NULL, 0, NI_NUMERICHOST | NI_WITHSCOPEID);
-+ tcpd_warn("host name/address mismatch: %s != %.*s",
-+ hname, STRING_LENGTH,
-+ (res0->ai_canonname == NULL) ? "" : res0->ai_canonname);
-+ }
-+ strcpy(host->name, paranoid); /* name is bad, clobber it */
-+ if (res0)
-+ freeaddrinfo(res0);
-+ }
-+#else /* INET6 */
- struct sockaddr_in *sin = host->sin;
- struct hostent *hp;
- int i;
-@@ -220,6 +412,7 @@ struct host_info *host;
- }
- strcpy(host->name, paranoid); /* name is bad, clobber it */
- }
-+#endif /* INET6 */
- }
-
- /* sock_sink - absorb unreceived IP datagram */
-@@ -228,7 +421,11 @@ static void sock_sink(fd)
- int fd;
- {
- char buf[BUFSIZ];
-+#ifdef INET6
-+ struct sockaddr_storage sin;
-+#else
- struct sockaddr_in sin;
-+#endif
- int size = sizeof(sin);
-
- /*
-diff -up tcp_wrappers_7.6/tcpdchk.c.patch9 tcp_wrappers_7.6/tcpdchk.c
---- tcp_wrappers_7.6/tcpdchk.c.patch9 1997-02-12 02:13:25.000000000 +0100
-+++ tcp_wrappers_7.6/tcpdchk.c 2008-08-29 09:45:12.000000000 +0200
-@@ -22,6 +22,9 @@ static char sccsid[] = "@(#) tcpdchk.c 1
-
- #include <sys/types.h>
- #include <sys/stat.h>
-+#ifdef INET6
-+#include <sys/socket.h>
-+#endif
- #include <netinet/in.h>
- #include <arpa/inet.h>
- #include <stdio.h>
-@@ -397,6 +400,31 @@ char *pat;
- }
- }
-
-+#ifdef INET6
-+static int is_inet6_addr(pat)
-+ char *pat;
-+{
-+ struct addrinfo hints, *res;
-+ int len, ret;
-+ char ch;
-+
-+ if (*pat != '[')
-+ return (0);
-+ len = strlen(pat);
-+ if ((ch = pat[len - 1]) != ']')
-+ return (0);
-+ pat[len - 1] = '\0';
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_family = AF_INET6;
-+ hints.ai_socktype = SOCK_STREAM;
-+ hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST;
-+ if ((ret = getaddrinfo(pat + 1, NULL, &hints, &res)) == 0)
-+ freeaddrinfo(res);
-+ pat[len - 1] = ch;
-+ return (ret == 0);
-+}
-+#endif
-+
- /* check_host - criticize host pattern */
-
- static int check_host(pat)
-@@ -423,14 +451,27 @@ char *pat;
- #endif
- #endif
- } else if (mask = split_at(pat, '/')) { /* network/netmask */
-+#ifdef INET6
-+ int mask_len;
-+
-+ if ((dot_quad_addr(pat) == INADDR_NONE
-+ || dot_quad_addr(mask) == INADDR_NONE)
-+ && (!is_inet6_addr(pat)
-+ || ((mask_len = atoi(mask)) < 0 || mask_len > 128)))
-+#else
- if (dot_quad_addr(pat) == INADDR_NONE
- || dot_quad_addr(mask) == INADDR_NONE)
-+#endif
- tcpd_warn("%s/%s: bad net/mask pattern", pat, mask);
- } else if (STR_EQ(pat, "FAIL")) { /* obsolete */
- tcpd_warn("FAIL is no longer recognized");
- tcpd_warn("(use EXCEPT or DENY instead)");
- } else if (reserved_name(pat)) { /* other reserved */
- /* void */ ;
-+#ifdef INET6
-+ } else if (is_inet6_addr(pat)) { /* IPv6 address */
-+ addr_count = 1;
-+#endif
- } else if (NOT_INADDR(pat)) { /* internet name */
- if (pat[strlen(pat) - 1] == '.') {
- tcpd_warn("%s: domain or host name ends in dot", pat);
diff -up tcp_wrappers_7.6/tcpd.c.patch9 tcp_wrappers_7.6/tcpd.c
--- tcp_wrappers_7.6/tcpd.c.patch9 2008-08-29 09:45:12.000000000 +0200
+++ tcp_wrappers_7.6/tcpd.c 2008-08-29 09:45:12.000000000 +0200
@@ -1030,7 +234,7 @@ diff -up tcp_wrappers_7.6/tcpd.c.patch9 tcp_wrappers_7.6/tcpd.c
/* Report request and invoke the real daemon program. */
-+#ifdef INET6
++#ifdef HAVE_IPV6
+ syslog(allow_severity, "connect from %s (%s)",
+ eval_client(&request), eval_hostaddr(request.client));
+#else
@@ -1039,230 +243,6 @@ diff -up tcp_wrappers_7.6/tcpd.c.patch9 tcp_wrappers_7.6/tcpd.c
closelog();
(void) execv(path, argv);
syslog(LOG_ERR, "error: cannot execute %s: %m", path);
-diff -up tcp_wrappers_7.6/tcpd.h.patch9 tcp_wrappers_7.6/tcpd.h
---- tcp_wrappers_7.6/tcpd.h.patch9 1996-03-19 16:22:25.000000000 +0100
-+++ tcp_wrappers_7.6/tcpd.h 2008-08-29 09:45:12.000000000 +0200
-@@ -11,7 +11,11 @@
- struct host_info {
- char name[STRING_LENGTH]; /* access via eval_hostname(host) */
- char addr[STRING_LENGTH]; /* access via eval_hostaddr(host) */
-+#ifdef INET6
-+ struct sockaddr *sin; /* socket address or 0 */
-+#else
- struct sockaddr_in *sin; /* socket address or 0 */
-+#endif
- struct t_unitdata *unit; /* TLI transport address or 0 */
- struct request_info *request; /* for shared information */
- };
-diff -up tcp_wrappers_7.6/tcpdmatch.c.patch9 tcp_wrappers_7.6/tcpdmatch.c
---- tcp_wrappers_7.6/tcpdmatch.c.patch9 1996-02-11 17:01:36.000000000 +0100
-+++ tcp_wrappers_7.6/tcpdmatch.c 2008-08-29 09:45:12.000000000 +0200
-@@ -57,7 +57,11 @@ int main(argc, argv)
- int argc;
- char **argv;
- {
-+#ifdef INET6
-+ struct addrinfo hints, *hp, *res;
-+#else
- struct hostent *hp;
-+#endif
- char *myname = argv[0];
- char *client;
- char *server;
-@@ -68,8 +72,13 @@ char **argv;
- int ch;
- char *inetcf = 0;
- int count;
-+#ifdef INET6
-+ struct sockaddr_storage server_sin;
-+ struct sockaddr_storage client_sin;
-+#else
- struct sockaddr_in server_sin;
- struct sockaddr_in client_sin;
-+#endif
- struct stat st;
-
- /*
-@@ -172,13 +181,20 @@ char **argv;
- if (NOT_INADDR(server) == 0 || HOSTNAME_KNOWN(server)) {
- if ((hp = find_inet_addr(server)) == 0)
- exit(1);
-+#ifndef INET6
- memset((char *) &server_sin, 0, sizeof(server_sin));
- server_sin.sin_family = AF_INET;
-+#endif
- request_set(&request, RQ_SERVER_SIN, &server_sin, 0);
-
-+#ifdef INET6
-+ for (res = hp, count = 0; res; res = res->ai_next, count++) {
-+ memcpy(&server_sin, res->ai_addr, res->ai_addrlen);
-+#else
- for (count = 0; (addr = hp->h_addr_list[count]) != 0; count++) {
- memcpy((char *) &server_sin.sin_addr, addr,
- sizeof(server_sin.sin_addr));
-+#endif
-
- /*
- * Force evaluation of server host name and address. Host name
-@@ -194,7 +210,11 @@ char **argv;
- fprintf(stderr, "Please specify an address instead\n");
- exit(1);
- }
-+#ifdef INET6
-+ freeaddrinfo(hp);
-+#else
- free((char *) hp);
-+#endif
- } else {
- request_set(&request, RQ_SERVER_NAME, server, 0);
- }
-@@ -208,6 +228,18 @@ char **argv;
- tcpdmatch(&request);
- exit(0);
- }
-+#ifdef INET6
-+ memset(&hints, 0, sizeof(hints));
-+ hints.ai_family = AF_INET6;
-+ hints.ai_socktype = SOCK_STREAM;
-+ hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST;
-+ if (getaddrinfo(client, NULL, &hints, &res) == 0) {
-+ freeaddrinfo(res);
-+ request_set(&request, RQ_CLIENT_ADDR, client, 0);
-+ tcpdmatch(&request);
-+ exit(0);
-+ }
-+#endif
-
- /*
- * Perhaps they are testing special client hostname patterns that aren't
-@@ -229,6 +261,34 @@ char **argv;
- */
- if ((hp = find_inet_addr(client)) == 0)
- exit(1);
-+#ifdef INET6
-+ request_set(&request, RQ_CLIENT_SIN, &client_sin, 0);
-+
-+ for (res = hp, count = 0; res; res = res->ai_next, count++) {
-+ memcpy(&client_sin, res->ai_addr, res->ai_addrlen);
-+
-+ /*
-+ * getnameinfo() doesn't do reverse lookup against link-local
-+ * address. So, we pass through host name evaluation against
-+ * such addresses.
-+ */
-+ if (res->ai_family != AF_INET6 ||
-+ !IN6_IS_ADDR_LINKLOCAL(&((struct sockaddr_in6 *)res->ai_addr)->sin6_addr)) {
-+ /*
-+ * Force evaluation of client host name and address. Host name
-+ * conflicts will be reported while eval_hostname() does its job.
-+ */
-+ request_set(&request, RQ_CLIENT_NAME, "", RQ_CLIENT_ADDR, "", 0);
-+ if (STR_EQ(eval_hostname(request.client), unknown))
-+ tcpd_warn("host address %s->name lookup failed",
-+ eval_hostaddr(request.client));
-+ }
-+ tcpdmatch(&request);
-+ if (res->ai_next)
-+ printf("\n");
-+ }
-+ freeaddrinfo(hp);
-+#else
- memset((char *) &client_sin, 0, sizeof(client_sin));
- client_sin.sin_family = AF_INET;
- request_set(&request, RQ_CLIENT_SIN, &client_sin, 0);
-@@ -250,6 +310,7 @@ char **argv;
- printf("\n");
- }
- free((char *) hp);
-+#endif
- exit(0);
- }
-
-diff -up tcp_wrappers_7.6/tli.c.patch9 tcp_wrappers_7.6/tli.c
---- tcp_wrappers_7.6/tli.c.patch9 1997-03-21 19:27:26.000000000 +0100
-+++ tcp_wrappers_7.6/tli.c 2008-08-29 09:45:12.000000000 +0200
-@@ -65,8 +65,13 @@ static void tli_sink();
- void tli_host(request)
- struct request_info *request;
- {
-+#ifdef INET6
-+ static struct sockaddr_storage client;
-+ static struct sockaddr_storage server;
-+#else
- static struct sockaddr_in client;
- static struct sockaddr_in server;
-+#endif
-
- /*
- * If we discover that we are using an IP transport, pretend we never
-@@ -76,14 +81,29 @@ struct request_info *request;
-
- tli_endpoints(request);
- if ((request->config = tli_transport(request->fd)) != 0
-+#ifdef INET6
-+ && (STR_EQ(request->config->nc_protofmly, "inet") ||
-+ STR_EQ(request->config->nc_protofmly, "inet6"))) {
-+#else
- && STR_EQ(request->config->nc_protofmly, "inet")) {
-+#endif
- if (request->client->unit != 0) {
-+#ifdef INET6
-+ client = *(struct sockaddr_storage *) request->client->unit->addr.buf;
-+ request->client->sin = (struct sockaddr *) &client;
-+#else
- client = *(struct sockaddr_in *) request->client->unit->addr.buf;
- request->client->sin = &client;
-+#endif
- }
- if (request->server->unit != 0) {
-+#ifdef INET6
-+ server = *(struct sockaddr_storage *) request->server->unit->addr.buf;
-+ request->server->sin = (struct sockaddr *) &server;
-+#else
- server = *(struct sockaddr_in *) request->server->unit->addr.buf;
- request->server->sin = &server;
-+#endif
- }
- tli_cleanup(request);
- sock_methods(request);
-@@ -187,7 +207,15 @@ int fd;
- }
- while (config = getnetconfig(handlep)) {
- if (stat(config->nc_device, &from_config) == 0) {
-+#ifdef NO_CLONE_DEVICE
-+ /*
-+ * If the network devices are not cloned (as is the case for
-+ * Solaris 8 Beta), we must compare the major device numbers.
-+ */
-+ if (major(from_config.st_rdev) == major(from_client.st_rdev))
-+#else
- if (minor(from_config.st_rdev) == major(from_client.st_rdev))
-+#endif
- break;
- }
- }
-diff -up tcp_wrappers_7.6/update.c.patch9 tcp_wrappers_7.6/update.c
---- tcp_wrappers_7.6/update.c.patch9 1994-12-28 17:42:56.000000000 +0100
-+++ tcp_wrappers_7.6/update.c 2008-08-29 09:45:12.000000000 +0200
-@@ -46,10 +46,18 @@ va_list ap;
- request->fd = va_arg(ap, int);
- continue;
- case RQ_CLIENT_SIN:
-+#ifdef INET6
-+ request->client->sin = va_arg(ap, struct sockaddr *);
-+#else
- request->client->sin = va_arg(ap, struct sockaddr_in *);
-+#endif
- continue;
- case RQ_SERVER_SIN:
-+#ifdef INET6
-+ request->server->sin = va_arg(ap, struct sockaddr *);
-+#else
- request->server->sin = va_arg(ap, struct sockaddr_in *);
-+#endif
- continue;
-
- /*
diff -up tcp_wrappers_7.6/workarounds.c.patch9 tcp_wrappers_7.6/workarounds.c
--- tcp_wrappers_7.6/workarounds.c.patch9 1996-03-19 16:22:26.000000000 +0100
+++ tcp_wrappers_7.6/workarounds.c 2008-08-29 09:45:12.000000000 +0200
@@ -1270,14 +250,14 @@ diff -up tcp_wrappers_7.6/workarounds.c.patch9 tcp_wrappers_7.6/workarounds.c
int *len;
{
int ret;
-+#ifdef INET6
++#ifdef HAVE_IPV6
+ struct sockaddr *sin = sa;
+#else
struct sockaddr_in *sin = (struct sockaddr_in *) sa;
+#endif
if ((ret = getpeername(sock, sa, len)) >= 0
-+#ifdef INET6
++#ifdef HAVE_IPV6
+ && ((sin->su_si.si_family == AF_INET6
+ && IN6_IS_ADDR_UNSPECIFIED(&sin->su_sin6.sin6_addr))
+ || (sin->su_si.si_family == AF_INET
diff --git a/tcp_wrappers_7.6-249430.patch b/tcp_wrappers_7.6-249430.patch
index 0ff6fcb..e4b26c6 100644
--- a/tcp_wrappers_7.6-249430.patch
+++ b/tcp_wrappers_7.6-249430.patch
@@ -1,7 +1,7 @@
diff -up tcp_wrappers_7.6/hosts_access.c.patch22 tcp_wrappers_7.6/hosts_access.c
--- tcp_wrappers_7.6/hosts_access.c.patch22 2008-08-29 09:45:12.000000000 +0200
+++ tcp_wrappers_7.6/hosts_access.c 2008-08-29 09:45:12.000000000 +0200
-@@ -426,7 +426,9 @@ char *string;
+@@ -419,7 +419,9 @@ char *string;
if ((addr = dot_quad_addr(string)) == INADDR_NONE)
return (NO);
if ((net = dot_quad_addr(net_tok)) == INADDR_NONE
@@ -9,6 +9,6 @@ diff -up tcp_wrappers_7.6/hosts_access.c.patch22 tcp_wrappers_7.6/hosts_access.c
+ || ((mask = dot_quad_addr(mask_tok)) == INADDR_NONE
+ && strcmp(mask_tok, "255.255.255.255"))) {
+ /* 255.255.255.255 == INADDR_NONE, separate check needed. TJ. */
- #ifndef INET6
tcpd_warn("bad net/mask expression: %s/%s", net_tok, mask_tok);
- #endif
+ return (NO); /* not tcpd_jump() */
+ }
diff --git a/tcpw7.2-config.patch b/tcpw7.2-config.patch
index 76d37fd..b612076 100644
--- a/tcpw7.2-config.patch
+++ b/tcpw7.2-config.patch
@@ -14,8 +14,8 @@ diff -up tcp_wrappers_7.6/Makefile.patch1 tcp_wrappers_7.6/Makefile
linux:
@make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ=setenv.o \
-- NETGROUP= TLI= EXTRA_CFLAGS="-DBROKEN_SO_LINGER" all
-+ NETGROUP= TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all
+- NETGROUP= TLI= EXTRA_CFLAGS="-DBROKEN_SO_LINGER -DUSE_STRERROR" all
++ NETGROUP= TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DUSE_STRERROR -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all
# This is good for many SYSV+BSD hybrids with NIS, probably also for HP-UX 7.x.
hpux hpux8 hpux9 hpux10:
diff --git a/tcpw7.2-setenv.patch b/tcpw7.2-setenv.patch
index e8ee8ad..b855944 100644
--- a/tcpw7.2-setenv.patch
+++ b/tcpw7.2-setenv.patch
@@ -7,6 +7,6 @@ diff -up tcp_wrappers_7.6/Makefile.patch2 tcp_wrappers_7.6/Makefile
@make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
- LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ=setenv.o \
+ LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ= \
- NETGROUP= TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all
+ NETGROUP= TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DUSE_STRERROR -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all
# This is good for many SYSV+BSD hybrids with NIS, probably also for HP-UX 7.x.
diff --git a/tcpw7.6-netgroup.patch b/tcpw7.6-netgroup.patch
index f63e48b..239b6ed 100644
--- a/tcpw7.6-netgroup.patch
+++ b/tcpw7.6-netgroup.patch
@@ -6,9 +6,9 @@ diff -up tcp_wrappers_7.6/Makefile.patch3 tcp_wrappers_7.6/Makefile
linux:
@make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \
- LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ= \
-- NETGROUP= TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all
+- NETGROUP= TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DUSE_STRERROR -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all
+ LIBS="-lnsl" RANLIB=ranlib ARFLAGS=rv AUX_OBJ= \
-+ NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all
++ NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DUSE_STRERROR -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all
# This is good for many SYSV+BSD hybrids with NIS, probably also for HP-UX 7.x.
hpux hpux8 hpux9 hpux10:
More information about the scm-commits
mailing list