aboutsummaryrefslogtreecommitdiff
path: root/src/tcpwrap.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/tcpwrap.c')
-rw-r--r--src/tcpwrap.c83
1 files changed, 83 insertions, 0 deletions
diff --git a/src/tcpwrap.c b/src/tcpwrap.c
new file mode 100644
index 0000000..eccf21b
--- /dev/null
+++ b/src/tcpwrap.c
@@ -0,0 +1,83 @@
+/* wydawca - automatic release submission daemon
+ Copyright (C) 2007, 2008, 2009 Sergey Poznyakoff
+
+ Wydawca is free software; you can redistribute it and/or modify it
+ under the terms of the GNU General Public License as published by the
+ Free Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+ Wydawca is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with wydawca. If not, see <http://www.gnu.org/licenses/>. */
+
+#include "wydawca.h"
+#include <mailutils/syslog.h>
+
+#ifdef WITH_LIBWRAP
+# include <tcpd.h>
+
+static int tcpwrap_enable;
+static char *tcpwrap_daemon;
+int deny_severity = LOG_INFO;
+int allow_severity = LOG_INFO;
+
+static int
+cb_syslog_priority (enum gconf_callback_command cmd,
+ gconf_locus_t *locus,
+ void *varptr,
+ gconf_value_t *value,
+ void *cb_data)
+{
+ if (assert_string_arg (locus, cmd, value))
+ return 1;
+
+ if (mu_string_to_syslog_priority (value->v.string, varptr))
+ gconf_error (locus, 0, _("Unknown syslog priority `%s'"),
+ value->v.string);
+ return 0;
+}
+
+struct gconf_keyword tcpwrapper_kw[] = {
+ { "enable", NULL,
+ N_("Enable TCP wrapper access control. Default is \"yes\"."),
+ gconf_type_bool, &tcpwrap_enable },
+ { "daemon", N_("name"),
+ N_("Set daemon name for TCP wrapper lookups. Default is program name."),
+ gconf_type_string, &tcpwrap_daemon },
+ { "allow-table", N_("file"),
+ N_("Use file for positive client address access control "
+ "(default: /etc/hosts.allow)."),
+ gconf_type_string, &hosts_allow_table },
+ { "deny-table", N_("file"),
+ N_("Use file for negative client address access control "
+ "(default: /etc/hosts.deny)."),
+ gconf_type_string, &hosts_deny_table },
+ { "allow-syslog-priority", N_("prio"),
+ N_("Log host allows at this syslog priority."),
+ gconf_type_string, &allow_severity, 0, cb_syslog_priority },
+ { "deny-syslog-priority", N_("prio"),
+ N_("Log host denies at this syslog priority."),
+ gconf_type_string, &deny_severity, 0, cb_syslog_priority },
+ { NULL }
+};
+
+int
+tcpwrap_access(int fd)
+{
+ struct request_info req;
+
+ if (!tcpwrap_enable)
+ return 1;
+ request_init(&req,
+ RQ_DAEMON,
+ tcpwrap_daemon ? tcpwrap_daemon : program_name,
+ RQ_FILE, fd, NULL);
+ fromhost(&req);
+ return hosts_access(&req);
+}
+
+#endif

Return to:

Send suggestions and report system problems to the System administrator.