# --- SDE-COPYRIGHT-NOTE-BEGIN --- # This copyright note is auto-generated by ./scripts/Create-CopyPatch. # # Filename: package/.../tcp_wrappers/0024-tcp_wrappers-7.6-sig-fix.patch # Copyright (C) 2011 The OpenSDE Project # # More information can be found in the files COPYING and README. # # This patch file is dual-licensed. It is available under the license the # patched project is licensed under, as long as it is an OpenSource license # as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms # of the GNU General Public License as published by the Free Software # Foundation; either version 2 of the License, or (at your option) any later # version. # --- SDE-COPYRIGHT-NOTE-END --- * Fri May 6 2005 Thomas Woerner 7.6-39 - fixed sig patch (#141110). Thanks to Nikita Shulga for the patch * Mon Feb 10 2003 Harald Hoyer 7.6-29 - added security patch tcp_wrappers-7.6-sig.patch diff -ruNp tcp_wrappers_7.6.orig/hosts_access.c tcp_wrappers_7.6/hosts_access.c --- tcp_wrappers_7.6.orig/hosts_access.c 2006-03-01 22:14:14.000000000 +0100 +++ tcp_wrappers_7.6/hosts_access.c 2006-03-01 22:14:11.000000000 +0100 @@ -66,6 +66,7 @@ static char sep[] = ", \t\r\n"; #define YES 1 #define NO 0 +#define ERR -1 /* * These variables are globally visible so that they can be redirected in @@ -130,11 +131,11 @@ struct request_info *request; verdict = setjmp(tcpd_buf); if (verdict != 0) return (verdict == AC_PERMIT); - if (table_match(hosts_allow_table, request)) + if (table_match(hosts_allow_table, request) == YES) return (YES); - if (table_match(hosts_deny_table, request)) - return (NO); - return (YES); + if (table_match(hosts_deny_table, request) == NO) + return (YES); + return (NO); } /* table_match - match table entries with (daemon, client) pair */ @@ -178,8 +179,9 @@ struct request_info *request; (void) fclose(fp); } else if (errno != ENOENT) { tcpd_warn("cannot open %s: %m", table); + match = ERR; } - if (match) { + if (match == YES) { if (hosts_access_verbose > 1) syslog(LOG_DEBUG, "matched: %s line %d", tcpd_context.file, tcpd_context.line);