aboutsummaryrefslogtreecommitdiff
path: root/src/tcpwrap.c
blob: 3c29f312241cc81828a205b63959cb67453a01e7 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
/* wydawca - automatic release submission daemon
   Copyright (C) 2007-2011 Sergey Poznyakoff

   Wydawca is free software; you can redistribute it and/or modify it
   under the terms of the GNU General Public License as published by the
   Free Software Foundation; either version 3 of the License, or (at your
   option) any later version.

   Wydawca is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.

   You should have received a copy of the GNU General Public License along
   with wydawca. If not, see <http://www.gnu.org/licenses/>. */

#include "wydawca.h"
#include <mailutils/syslog.h>

#ifdef WITH_LIBWRAP
# include <tcpd.h>

static int tcpwrap_enable;
static char *tcpwrap_daemon;
int deny_severity = LOG_INFO;
int allow_severity = LOG_INFO;

static int
cb_syslog_priority (enum grecs_callback_command cmd,
		    grecs_locus_t *locus,
		    void *varptr,
		    grecs_value_t *value,
		    void *cb_data)
{
  if (assert_string_arg (locus, cmd, value))
    return 1;

  if (mu_string_to_syslog_priority (value->v.string, varptr))
    grecs_error (locus, 0, _("Unknown syslog priority `%s'"),
		 value->v.string);
  return 0;
}

struct grecs_keyword tcpwrapper_kw[] = {
  { "enable", NULL,
    N_("Enable TCP wrapper access control.  Default is \"yes\"."),
    grecs_type_bool, GRECS_DFLT, &tcpwrap_enable },
  { "daemon", N_("name"),
    N_("Set daemon name for TCP wrapper lookups.  Default is program name."), 
    grecs_type_string, GRECS_DFLT, &tcpwrap_daemon },
  { "allow-table", N_("file"),
    N_("Use file for positive client address access control "      
       "(default: /etc/hosts.allow)."),					      
    grecs_type_string, GRECS_DFLT, &hosts_allow_table },
  { "deny-table", N_("file"),
    N_("Use file for negative client address access control "		      
       "(default: /etc/hosts.deny)."),					      
    grecs_type_string, GRECS_DFLT, &hosts_deny_table },
  { "allow-syslog-priority", N_("prio"),
    N_("Log host allows at this syslog priority."),
    grecs_type_string, GRECS_DFLT, &allow_severity, 0, cb_syslog_priority },
  { "deny-syslog-priority", N_("prio"),
    N_("Log host denies at this syslog priority."),
    grecs_type_string, GRECS_DFLT, &deny_severity, 0, cb_syslog_priority },
  { NULL }
};

int
tcpwrap_access(int fd)
{
  struct request_info req;

  if (!tcpwrap_enable)
    return 1;
  request_init(&req,
	       RQ_DAEMON,
	       tcpwrap_daemon ? tcpwrap_daemon : program_name,
	       RQ_FILE, fd, NULL);
  fromhost(&req);
  return hosts_access(&req);
}

#endif

Return to:

Send suggestions and report system problems to the System administrator.