diff options
Diffstat (limited to 'src/tcpwrap.c')
-rw-r--r-- | src/tcpwrap.c | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/src/tcpwrap.c b/src/tcpwrap.c new file mode 100644 index 0000000..eccf21b --- /dev/null +++ b/src/tcpwrap.c @@ -0,0 +1,83 @@ +/* wydawca - automatic release submission daemon + Copyright (C) 2007, 2008, 2009 Sergey Poznyakoff + + Wydawca is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by the + Free Software Foundation; either version 3 of the License, or (at your + option) any later version. + + Wydawca is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with wydawca. If not, see <http://www.gnu.org/licenses/>. */ + +#include "wydawca.h" +#include <mailutils/syslog.h> + +#ifdef WITH_LIBWRAP +# include <tcpd.h> + +static int tcpwrap_enable; +static char *tcpwrap_daemon; +int deny_severity = LOG_INFO; +int allow_severity = LOG_INFO; + +static int +cb_syslog_priority (enum gconf_callback_command cmd, + gconf_locus_t *locus, + void *varptr, + gconf_value_t *value, + void *cb_data) +{ + if (assert_string_arg (locus, cmd, value)) + return 1; + + if (mu_string_to_syslog_priority (value->v.string, varptr)) + gconf_error (locus, 0, _("Unknown syslog priority `%s'"), + value->v.string); + return 0; +} + +struct gconf_keyword tcpwrapper_kw[] = { + { "enable", NULL, + N_("Enable TCP wrapper access control. Default is \"yes\"."), + gconf_type_bool, &tcpwrap_enable }, + { "daemon", N_("name"), + N_("Set daemon name for TCP wrapper lookups. Default is program name."), + gconf_type_string, &tcpwrap_daemon }, + { "allow-table", N_("file"), + N_("Use file for positive client address access control " + "(default: /etc/hosts.allow)."), + gconf_type_string, &hosts_allow_table }, + { "deny-table", N_("file"), + N_("Use file for negative client address access control " + "(default: /etc/hosts.deny)."), + gconf_type_string, &hosts_deny_table }, + { "allow-syslog-priority", N_("prio"), + N_("Log host allows at this syslog priority."), + gconf_type_string, &allow_severity, 0, cb_syslog_priority }, + { "deny-syslog-priority", N_("prio"), + N_("Log host denies at this syslog priority."), + gconf_type_string, &deny_severity, 0, cb_syslog_priority }, + { NULL } +}; + +int +tcpwrap_access(int fd) +{ + struct request_info req; + + if (!tcpwrap_enable) + return 1; + request_init(&req, + RQ_DAEMON, + tcpwrap_daemon ? tcpwrap_daemon : program_name, + RQ_FILE, fd, NULL); + fromhost(&req); + return hosts_access(&req); +} + +#endif |