hosts_access.c (63158) | hosts_access.c (146187) |
---|---|
1 /* 2 * This module implements a simple access control language that is based on 3 * host (or domain) names, NIS (host) netgroup names, IP addresses (or 4 * network numbers) and daemon process names. When a match is found the 5 * search is terminated, and depending on whether PROCESS_OPTIONS is defined, 6 * a list of options is executed or an optional shell command is executed. 7 * 8 * Host and user names are looked up on demand, provided that suitable endpoint 9 * information is available as sockaddr_in structures or TLI netbufs. As a 10 * side effect, the pattern matching process may change the contents of 11 * request structure fields. 12 * 13 * Diagnostics are reported through syslog(3). 14 * 15 * Compile with -DNETGROUP if your library provides support for netgroups. 16 * 17 * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. 18 * | 1 /* 2 * This module implements a simple access control language that is based on 3 * host (or domain) names, NIS (host) netgroup names, IP addresses (or 4 * network numbers) and daemon process names. When a match is found the 5 * search is terminated, and depending on whether PROCESS_OPTIONS is defined, 6 * a list of options is executed or an optional shell command is executed. 7 * 8 * Host and user names are looked up on demand, provided that suitable endpoint 9 * information is available as sockaddr_in structures or TLI netbufs. As a 10 * side effect, the pattern matching process may change the contents of 11 * request structure fields. 12 * 13 * Diagnostics are reported through syslog(3). 14 * 15 * Compile with -DNETGROUP if your library provides support for netgroups. 16 * 17 * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. 18 * |
19 * $FreeBSD: head/contrib/tcp_wrappers/hosts_access.c 63158 2000-07-14 17:15:34Z ume $ | 19 * $FreeBSD: head/contrib/tcp_wrappers/hosts_access.c 146187 2005-05-13 16:31:11Z ume $ |
20 */ 21 22#ifndef lint 23static char sccsid[] = "@(#) hosts_access.c 1.21 97/02/12 02:13:22"; 24#endif 25 26/* System libraries. */ 27 --- 333 unchanged lines hidden (view full) --- 361 memcpy(&pat, res->ai_addr, sizeof(pat)); 362 freeaddrinfo(res); 363 } 364 tok[len - 1] = ch; 365 if (ret != 0 || getaddrinfo(string, NULL, &hints, &res) != 0) 366 return NO; 367 memcpy(&addr, res->ai_addr, sizeof(addr)); 368 freeaddrinfo(res); | 20 */ 21 22#ifndef lint 23static char sccsid[] = "@(#) hosts_access.c 1.21 97/02/12 02:13:22"; 24#endif 25 26/* System libraries. */ 27 --- 333 unchanged lines hidden (view full) --- 361 memcpy(&pat, res->ai_addr, sizeof(pat)); 362 freeaddrinfo(res); 363 } 364 tok[len - 1] = ch; 365 if (ret != 0 || getaddrinfo(string, NULL, &hints, &res) != 0) 366 return NO; 367 memcpy(&addr, res->ai_addr, sizeof(addr)); 368 freeaddrinfo(res); |
369#ifdef NI_WITHSCOPEID | |
370 if (pat.sin6_scope_id != 0 && 371 addr.sin6_scope_id != pat.sin6_scope_id) 372 return NO; | 369 if (pat.sin6_scope_id != 0 && 370 addr.sin6_scope_id != pat.sin6_scope_id) 371 return NO; |
373#endif | |
374 return (!memcmp(&pat.sin6_addr, &addr.sin6_addr, 375 sizeof(struct in6_addr))); 376 return (ret); 377 } 378#endif 379 return (STR_EQ(tok, string)); 380 } 381} --- 85 unchanged lines hidden (view full) --- 467 return NO; 468 } 469 memcpy(&net, res->ai_addr, sizeof(net)); 470 freeaddrinfo(res); 471 net_tok[len - 1] = ch; 472 if ((mask_len = atoi(mask_tok)) < 0 || mask_len > 128) 473 return NO; 474 | 372 return (!memcmp(&pat.sin6_addr, &addr.sin6_addr, 373 sizeof(struct in6_addr))); 374 return (ret); 375 } 376#endif 377 return (STR_EQ(tok, string)); 378 } 379} --- 85 unchanged lines hidden (view full) --- 465 return NO; 466 } 467 memcpy(&net, res->ai_addr, sizeof(net)); 468 freeaddrinfo(res); 469 net_tok[len - 1] = ch; 470 if ((mask_len = atoi(mask_tok)) < 0 || mask_len > 128) 471 return NO; 472 |
475#ifdef NI_WITHSCOPEID | |
476 if (net.sin6_scope_id != 0 && addr.sin6_scope_id != net.sin6_scope_id) 477 return NO; | 473 if (net.sin6_scope_id != 0 && addr.sin6_scope_id != net.sin6_scope_id) 474 return NO; |
478#endif | |
479 while (mask_len > 0) { 480 if (mask_len < 32) { 481 mask = htonl(~(0xffffffff >> mask_len)); 482 if ((*(u_int32_t *)&addr.sin6_addr.s6_addr[i] & mask) != (*(u_int32_t *)&net.sin6_addr.s6_addr[i] & mask)) 483 return NO; 484 break; 485 } 486 if (*(u_int32_t *)&addr.sin6_addr.s6_addr[i] != *(u_int32_t *)&net.sin6_addr.s6_addr[i]) 487 return NO; 488 i += 4; 489 mask_len -= 32; 490 } 491 return YES; 492} 493#endif /* INET6 */ | 475 while (mask_len > 0) { 476 if (mask_len < 32) { 477 mask = htonl(~(0xffffffff >> mask_len)); 478 if ((*(u_int32_t *)&addr.sin6_addr.s6_addr[i] & mask) != (*(u_int32_t *)&net.sin6_addr.s6_addr[i] & mask)) 479 return NO; 480 break; 481 } 482 if (*(u_int32_t *)&addr.sin6_addr.s6_addr[i] != *(u_int32_t *)&net.sin6_addr.s6_addr[i]) 483 return NO; 484 i += 4; 485 mask_len -= 32; 486 } 487 return YES; 488} 489#endif /* INET6 */ |