Print this page
4385 Missing hosts_ctl() prototype in tcpd.h

Split Close
Expand all
Collapse all
          --- old/usr/src/lib/libwrap/tcpd.h
          +++ new/usr/src/lib/libwrap/tcpd.h
   1    1  /*
        2 + * Copyright 2014 Sachidananda Urs <sacchi@gmail.com>
   2    3   * Copyright 2001 Sun Microsystems, Inc.  All rights reserved.
   3    4   * Use is subject to license terms.
   4    5   */
   5      -#pragma ident   "%Z%%M% %I%     %E% SMI"
   6    6  
   7      - /*
   8      -  * @(#) tcpd.h 1.5 96/03/19 16:22:24
   9      -  * 
  10      -  * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
  11      -  */
        7 +/*
        8 + * @(#) tcpd.h 1.5 96/03/19 16:22:24
        9 + *
       10 + * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
       11 + */
       12 +
       13 +#ifndef _TCPD_H
       14 +#define _TCPD_H
  12   15  
  13   16  /*
  14   17   * HAVE_IPV6 is traditionally configured at tcp_wrappers build time but for
  15   18   * Solaris it must always be defined to keep the library interface binary
  16   19   * compatible.
  17   20   */
  18   21  #define HAVE_IPV6
  19   22  
  20   23  /* Structure to describe one communications endpoint. */
  21   24  
  22      -#define STRING_LENGTH   128             /* hosts, users, processes */
       25 +#define STRING_LENGTH   128             /* hosts, users, processes */
  23   26  
  24   27  #include <sys/socket.h>
  25   28  #include <netinet/in.h>
  26   29  
  27   30  typedef struct sockaddr_gen {
  28   31      union {
  29   32          struct sockaddr _sg_sa;
  30   33          struct sockaddr_in      _sg_sin;
  31   34  #ifdef HAVE_IPV6
  32   35          struct sockaddr_in6     _sg_sin6;
  33   36  #endif
  34      -    } sg_addr;
       37 +        } sg_addr;
  35   38  } sockaddr_gen;
  36   39  
  37   40  typedef union gen_addr {
  38   41      struct in_addr      ga_in;
  39   42  #ifdef HAVE_IPV6
  40   43      struct in6_addr     ga_in6;
  41   44  #endif
  42   45  } gen_addr;
  43   46  
  44   47  extern void sockgen_simplify();
  45   48  
  46      -#define sg_sa           sg_addr._sg_sa
  47      -#define sg_sin          sg_addr._sg_sin
  48      -#define sg_sin6         sg_addr._sg_sin6
  49      -#define sg_family       sg_sa.sa_family
       49 +#define sg_sa           sg_addr._sg_sa
       50 +#define sg_sin          sg_addr._sg_sin
       51 +#define sg_sin6         sg_addr._sg_sin6
       52 +#define sg_family       sg_sa.sa_family
  50   53  #ifdef HAVE_IPV6
  51      -#define SGADDRSZ(sag)           ((sag)->sg_family == AF_INET6 ? \
       54 +#define SGADDRSZ(sag)           ((sag)->sg_family == AF_INET6 ? \
  52   55                                      sizeof (struct in6_addr) : \
  53   56                                      sizeof (struct in_addr))
  54      -#define SGSOCKADDRSZ(sag)       ((sag)->sg_family == AF_INET6 ? \
       57 +#define SGSOCKADDRSZ(sag)       ((sag)->sg_family == AF_INET6 ? \
  55   58                                      sizeof (struct sockaddr_in6) : \
  56   59                                      sizeof (struct sockaddr_in))
  57      -#define SGPORT(sag)             (*((sag)->sg_family == AF_INET6 ? \
       60 +#define SGPORT(sag)             (*((sag)->sg_family == AF_INET6 ? \
  58   61                                      &(sag)->sg_sin6.sin6_port : \
  59   62                                      &(sag)->sg_sin.sin_port))
  60      -#define SGADDRP(sag)            (((sag)->sg_family == AF_INET6 ? \
  61      -                                    (char *) &(sag)->sg_sin6.sin6_addr : \
  62      -                                    (char *) &(sag)->sg_sin.sin_addr))
  63      -#define SGFAM(sag)              ((sag)->sg_family == AF_INET6 ? \
       63 +#define SGADDRP(sag)            (((sag)->sg_family == AF_INET6 ? \
       64 +                                    (char *)&(sag)->sg_sin6.sin6_addr : \
       65 +                                    (char *)&(sag)->sg_sin.sin_addr))
       66 +#define SGFAM(sag)              ((sag)->sg_family == AF_INET6 ? \
  64   67                                      AF_INET6 : AF_INET)
  65   68  
  66      -#define SG_IS_UNSPECIFIED(sag) \
       69 +#define SG_IS_UNSPECIFIED(sag) \
  67   70                  ((sag)->sg_family == AF_INET6 ? \
  68   71                          IN6_IS_ADDR_UNSPECIFIED(&(sag)->sg_sin6.sin6_addr) : \
  69   72                          (sag)->sg_sin.sin_addr.s_addr == 0)
  70   73  
  71      -#define VALID_ADDRTYPE(t)       ((t) == AF_INET || (t) == AF_INET6)
       74 +#define VALID_ADDRTYPE(t)       ((t) == AF_INET || (t) == AF_INET6)
  72   75  
  73   76  #ifndef IPV6_ABITS
  74      -#define IPV6_ABITS 128                  /* Size of IPV6 address in bits */
       77 +#define IPV6_ABITS 128                  /* Size of IPV6 address in bits */
  75   78  #endif
  76   79  
  77   80  #else /* HAVE_IPV6 */
  78   81  
  79      -#define SGADDRSZ(sag)           sizeof(struct in_addr)
  80      -#define SGSOCKADDRSZ(sag)       sizeof(struct sockaddr_in)
  81      -#define SGPORT(sag)             ((sag)->sg_sin.sin_port)
  82      -#define SGADDRP(sag)            ((char*) &(sag)->sg_sin.sin_addr)
  83      -#define SGFAM(sag)              AF_INET
  84      -#define SG_IS_UNSPECIFIED(sag)  ((sag)->sg_sin.sin_addr.s_addr == 0)
       82 +#define SGADDRSZ(sag)           sizeof (struct in_addr)
       83 +#define SGSOCKADDRSZ(sag)       sizeof (struct sockaddr_in)
       84 +#define SGPORT(sag)             ((sag)->sg_sin.sin_port)
       85 +#define SGADDRP(sag)            ((char *)&(sag)->sg_sin.sin_addr)
       86 +#define SGFAM(sag)              AF_INET
       87 +#define SG_IS_UNSPECIFIED(sag)  ((sag)->sg_sin.sin_addr.s_addr == 0)
  85   88  
  86      -#define VALID_ADDRTYPE(t)       ((t) == AF_INET)
       89 +#define VALID_ADDRTYPE(t)       ((t) == AF_INET)
  87   90  
  88   91  #endif /* HAVE_IPV6 */
  89   92  
  90   93  struct host_info {
  91   94      char    name[STRING_LENGTH];        /* access via eval_hostname(host) */
  92   95      char    addr[STRING_LENGTH];        /* access via eval_hostaddr(host) */
  93   96      struct sockaddr_gen *sin;           /* socket address or 0 */
  94   97      struct t_unitdata *unit;            /* TLI transport address or 0 */
  95   98      struct request_info *request;       /* for shared information */
  96   99  };
  97  100  
  98  101  /* Structure to describe what we know about a service request. */
  99  102  
 100  103  struct request_info {
 101      -    int     fd;                         /* socket handle */
      104 +    int     fd;                         /* socket handle */
 102  105      char    user[STRING_LENGTH];        /* access via eval_user(request) */
 103  106      char    daemon[STRING_LENGTH];      /* access via eval_daemon(request) */
 104  107      char    pid[10];                    /* access via eval_pid(request) */
 105  108      struct host_info client[1];         /* client endpoint info */
 106  109      struct host_info server[1];         /* server endpoint info */
 107  110      void  (*sink) ();                   /* datagram sink function or 0 */
 108  111      void  (*hostname) ();               /* address to printable hostname */
 109  112      void  (*hostaddr) ();               /* address to printable address */
 110  113      void  (*cleanup) ();                /* cleanup function or 0 */
 111  114      struct netconfig *config;           /* netdir handle */
 112  115  };
 113  116  
 114  117  /* Common string operations. Less clutter should be more readable. */
 115  118  
 116      -#define STRN_CPY(d,s,l) { strncpy((d),(s),(l)); (d)[(l)-1] = 0; }
      119 +#define STRN_CPY(d, s, l)       { strncpy((d), (s), (l)); (d)[(l)-1] = 0; }
 117  120  
 118      -#define STRN_EQ(x,y,l)  (strncasecmp((x),(y),(l)) == 0)
 119      -#define STRN_NE(x,y,l)  (strncasecmp((x),(y),(l)) != 0)
 120      -#define STR_EQ(x,y)     (strcasecmp((x),(y)) == 0)
 121      -#define STR_NE(x,y)     (strcasecmp((x),(y)) != 0)
 122      -
 123      - /*
 124      -  * Initially, all above strings have the empty value. Information that
 125      -  * cannot be determined at runtime is set to "unknown", so that we can
 126      -  * distinguish between `unavailable' and `not yet looked up'. A hostname
 127      -  * that we do not believe in is set to "paranoid".
 128      -  */
      121 +#define STRN_EQ(x, y, l)        (strncasecmp((x), (y), (l)) == 0)
      122 +#define STRN_NE(x, y, l)        (strncasecmp((x), (y), (l)) != 0)
      123 +#define STR_EQ(x, y)            (strcasecmp((x), (y)) == 0)
      124 +#define STR_NE(x, y)            (strcasecmp((x), (y)) != 0)
      125 +
      126 +/*
      127 + * Initially, all above strings have the empty value. Information that
      128 + * cannot be determined at runtime is set to "unknown", so that we can
      129 + * distinguish between `unavailable' and `not yet looked up'. A hostname
      130 + * that we do not believe in is set to "paranoid".
      131 + */
 129  132  
 130      -#define STRING_UNKNOWN  "unknown"       /* lookup failed */
 131      -#define STRING_PARANOID "paranoid"      /* hostname conflict */
      133 +#define STRING_UNKNOWN  "unknown"       /* lookup failed */
      134 +#define STRING_PARANOID "paranoid"      /* hostname conflict */
 132  135  
 133  136  extern char unknown[];
 134  137  extern char paranoid[];
 135  138  
 136      -#define HOSTNAME_KNOWN(s) (STR_NE((s),unknown) && STR_NE((s),paranoid))
      139 +#define HOSTNAME_KNOWN(s) (STR_NE((s), unknown) && STR_NE((s), paranoid))
 137  140  
 138  141  #ifdef HAVE_IPV6
 139      -#define NOT_INADDR(s) (strchr(s,':') == 0 && s[strspn(s,"0123456789./")] != 0)
      142 +#define NOT_INADDR(s) (strchr(s, ':') == 0 && s[strspn(s, "0123456789./")] != 0)
 140  143  #else
 141      -#define NOT_INADDR(s) (s[strspn(s,"0123456789./")] != 0)
      144 +#define NOT_INADDR(s) (s[strspn(s, "0123456789./")] != 0)
 142  145  #endif
 143  146  
 144  147  /* Global functions. */
 145  148  
 146  149  #if defined(TLI) || defined(PTX) || defined(TLI_SEQUENT)
 147  150  extern void fromhost();                 /* get/validate client host info */
 148  151  #else
 149      -#define fromhost sock_host              /* no TLI support needed */
      152 +#define fromhost sock_host              /* no TLI support needed */
 150  153  #endif
 151  154  
      155 +extern int hosts_ctl();                 /* wrapper around request_init() */
 152  156  extern int hosts_access();              /* access control */
 153  157  extern void shell_cmd();                /* execute shell command */
 154  158  extern char *percent_x();               /* do %<char> expansion */
 155  159  extern void rfc931();                   /* client name from RFC 931 daemon */
 156  160  extern void clean_exit();               /* clean up and exit */
 157  161  extern void refuse();                   /* clean up and exit */
 158  162  extern char *xgets();                   /* fgets() on steroids */
 159  163  extern char *split_at();                /* strchr() and split */
 160  164  extern unsigned long dot_quad_addr();   /* restricted inet_addr() */
 161  165  extern int numeric_addr();              /* IP4/IP6 inet_addr (restricted) */
 162  166  extern struct hostent *tcpd_gethostbyname();
 163  167                                          /* IP4/IP6 gethostbyname */
 164  168  #ifdef HAVE_IPV6
 165  169  extern char *skip_ipv6_addrs();         /* skip over colons in IPv6 addrs */
 166  170  #else
 167      -#define skip_ipv6_addrs(x)      x
      171 +#define skip_ipv6_addrs(x)      x
 168  172  #endif
 169  173  
 170  174  /* Global variables. */
 171  175  
 172  176  extern int allow_severity;              /* for connection logging */
 173  177  extern int deny_severity;               /* for connection logging */
 174  178  extern char *hosts_allow_table;         /* for verification mode redirection */
 175  179  extern char *hosts_deny_table;          /* for verification mode redirection */
 176  180  extern int hosts_access_verbose;        /* for verbose matching mode */
 177  181  extern int rfc931_timeout;              /* user lookup timeout */
 178  182  extern int resident;                    /* > 0 if resident process */
 179  183  
 180      - /*
 181      -  * Routines for controlled initialization and update of request structure
 182      -  * attributes. Each attribute has its own key.
 183      -  */
      184 +/*
      185 + * Routines for controlled initialization and update of request structure
      186 + * attributes. Each attribute has its own key.
      187 + */
 184  188  
 185  189  #ifdef __STDC__
 186      -extern struct request_info *request_init(struct request_info *,...);
 187      -extern struct request_info *request_set(struct request_info *,...);
      190 +extern struct request_info *request_init(struct request_info *, ...);
      191 +extern struct request_info *request_set(struct request_info *, ...);
 188  192  #else
 189  193  extern struct request_info *request_init();     /* initialize request */
 190  194  extern struct request_info *request_set();      /* update request structure */
 191  195  #endif
 192  196  
 193      -#define RQ_FILE         1               /* file descriptor */
 194      -#define RQ_DAEMON       2               /* server process (argv[0]) */
 195      -#define RQ_USER         3               /* client user name */
 196      -#define RQ_CLIENT_NAME  4               /* client host name */
 197      -#define RQ_CLIENT_ADDR  5               /* client host address */
 198      -#define RQ_CLIENT_SIN   6               /* client endpoint (internal) */
 199      -#define RQ_SERVER_NAME  7               /* server host name */
 200      -#define RQ_SERVER_ADDR  8               /* server host address */
 201      -#define RQ_SERVER_SIN   9               /* server endpoint (internal) */
 202      -
 203      - /*
 204      -  * Routines for delayed evaluation of request attributes. Each attribute
 205      -  * type has its own access method. The trivial ones are implemented by
 206      -  * macros. The other ones are wrappers around the transport-specific host
 207      -  * name, address, and client user lookup methods. The request_info and
 208      -  * host_info structures serve as caches for the lookup results.
 209      -  */
      197 +#define RQ_FILE         1               /* file descriptor */
      198 +#define RQ_DAEMON       2               /* server process (argv[0]) */
      199 +#define RQ_USER         3               /* client user name */
      200 +#define RQ_CLIENT_NAME  4               /* client host name */
      201 +#define RQ_CLIENT_ADDR  5               /* client host address */
      202 +#define RQ_CLIENT_SIN   6               /* client endpoint (internal) */
      203 +#define RQ_SERVER_NAME  7               /* server host name */
      204 +#define RQ_SERVER_ADDR  8               /* server host address */
      205 +#define RQ_SERVER_SIN   9               /* server endpoint (internal) */
      206 +
      207 +/*
      208 + * Routines for delayed evaluation of request attributes. Each attribute
      209 + * type has its own access method. The trivial ones are implemented by
      210 + * macros. The other ones are wrappers around the transport-specific host
      211 + * name, address, and client user lookup methods. The request_info and
      212 + * host_info structures serve as caches for the lookup results.
      213 + */
 210  214  
 211  215  extern char *eval_user();               /* client user */
 212  216  extern char *eval_hostname();           /* printable hostname */
 213  217  extern char *eval_hostaddr();           /* printable host address */
 214  218  extern char *eval_hostinfo();           /* host name or address */
 215  219  extern char *eval_client();             /* whatever is available */
 216  220  extern char *eval_server();             /* whatever is available */
 217      -#define eval_daemon(r)  ((r)->daemon)   /* daemon process name */
 218      -#define eval_pid(r)     ((r)->pid)      /* process id */
      221 +#define eval_daemon(r)  ((r)->daemon)   /* daemon process name */
      222 +#define eval_pid(r)     ((r)->pid)      /* process id */
 219  223  
 220  224  /* Socket-specific methods, including DNS hostname lookups. */
 221  225  
 222  226  extern void sock_host();                /* look up endpoint addresses */
 223  227  extern void sock_hostname();            /* translate address to hostname */
 224  228  extern void sock_hostaddr();            /* address to printable address */
 225      -#define sock_methods(r) \
      229 +#define sock_methods(r) \
 226  230          { (r)->hostname = sock_hostname; (r)->hostaddr = sock_hostaddr; }
 227  231  
 228  232  /* The System V Transport-Level Interface (TLI) interface. */
 229  233  
 230  234  #if defined(TLI) || defined(PTX) || defined(TLI_SEQUENT)
 231  235  extern void tli_host();                 /* look up endpoint addresses etc. */
 232  236  #endif
 233  237  
 234      - /*
 235      -  * Problem reporting interface. Additional file/line context is reported
 236      -  * when available. The jump buffer (tcpd_buf) is not declared here, or
 237      -  * everyone would have to include <setjmp.h>.
 238      -  */
      238 +/*
      239 + * Problem reporting interface. Additional file/line context is reported
      240 + * when available. The jump buffer (tcpd_buf) is not declared here, or
      241 + * everyone would have to include <setjmp.h>.
      242 + */
 239  243  
 240  244  #ifdef __STDC__
 241  245  extern void tcpd_warn(char *, ...);     /* report problem and proceed */
 242  246  extern void tcpd_jump(char *, ...);     /* report problem and jump */
 243  247  #else
 244  248  extern void tcpd_warn();
 245  249  extern void tcpd_jump();
 246  250  #endif
 247  251  
 248  252  struct tcpd_context {
 249  253      char   *file;                       /* current file */
 250      -    int     line;                       /* current line */
      254 +    int     line;                       /* current line */
 251  255  };
 252  256  extern struct tcpd_context tcpd_context;
 253  257  
 254      - /*
 255      -  * While processing access control rules, error conditions are handled by
 256      -  * jumping back into the hosts_access() routine. This is cleaner than
 257      -  * checking the return value of each and every silly little function. The
 258      -  * (-1) returns are here because zero is already taken by longjmp().
 259      -  */
 260      -
 261      -#define AC_PERMIT       1               /* permit access */
 262      -#define AC_DENY         (-1)            /* deny_access */
 263      -#define AC_ERROR        AC_DENY         /* XXX */
 264      -
 265      - /*
 266      -  * In verification mode an option function should just say what it would do,
 267      -  * instead of really doing it. An option function that would not return
 268      -  * should clear the dry_run flag to inform the caller of this unusual
 269      -  * behavior.
 270      -  */
      258 +/*
      259 + * While processing access control rules, error conditions are handled by
      260 + * jumping back into the hosts_access() routine. This is cleaner than
      261 + * checking the return value of each and every silly little function. The
      262 + * (-1) returns are here because zero is already taken by longjmp().
      263 + */
      264 +
      265 +#define AC_PERMIT       1               /* permit access */
      266 +#define AC_DENY         (-1)            /* deny_access */
      267 +#define AC_ERROR        AC_DENY         /* XXX */
      268 +
      269 +/*
      270 + * In verification mode an option function should just say what it would do,
      271 + * instead of really doing it. An option function that would not return
      272 + * should clear the dry_run flag to inform the caller of this unusual
      273 + * behavior.
      274 + */
 271  275  
 272  276  extern void process_options();          /* execute options */
 273  277  extern int dry_run;                     /* verification flag */
 274  278  
 275  279  /* Bug workarounds. */
 276  280  
 277  281  #ifdef INET_ADDR_BUG                    /* inet_addr() returns struct */
 278      -#define inet_addr fix_inet_addr
      282 +#define inet_addr fix_inet_addr
 279  283  extern long fix_inet_addr();
 280  284  #endif
 281  285  
 282  286  #ifdef BROKEN_FGETS                     /* partial reads from sockets */
 283      -#define fgets fix_fgets
      287 +#define fgets fix_fgets
 284  288  extern char *fix_fgets();
 285  289  #endif
 286  290  
 287  291  #ifdef RECVFROM_BUG                     /* no address family info */
 288      -#define recvfrom fix_recvfrom
      292 +#define recvfrom fix_recvfrom
 289  293  extern int fix_recvfrom();
 290  294  #endif
 291  295  
 292  296  #ifdef GETPEERNAME_BUG                  /* claims success with UDP */
 293      -#define getpeername fix_getpeername
      297 +#define getpeername fix_getpeername
 294  298  extern int fix_getpeername();
 295  299  #endif
 296  300  
 297  301  #ifdef SOLARIS_24_GETHOSTBYNAME_BUG     /* lists addresses as aliases */
 298      -#define gethostbyname fix_gethostbyname
      302 +#define gethostbyname fix_gethostbyname
 299  303  extern struct hostent *fix_gethostbyname();
 300  304  #endif
 301  305  
 302  306  #ifdef USE_STRSEP                       /* libc calls strtok() */
 303      -#define strtok  fix_strtok
      307 +#define strtok  fix_strtok
 304  308  extern char *fix_strtok();
 305  309  #endif
 306  310  
 307  311  #ifdef LIBC_CALLS_STRTOK                /* libc calls strtok() */
 308      -#define strtok  my_strtok
      312 +#define strtok  my_strtok
 309  313  extern char *my_strtok();
 310  314  #endif
      315 +
      316 +#endif /* _TCPD_H */
    
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX