Login
Log in using an SSO provider:
Fedora Account System
Red Hat Associate
Red Hat Customer
Login using a Red Hat Bugzilla account
Forgot Password
Create an Account
Red Hat Bugzilla – Attachment 690801 Details for
Bug 698740
Version bump needed for tcp_wrappers
Home
New
Search
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh90 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
[?]
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Update to official IPv6 codebase
0001-updated-to-upstream-ipv6-support.patch (text/plain), 79.52 KB, created by
Viktor Hercinger
on 2013-01-31 09:32:36 UTC
(
hide
)
Description:
Update to official IPv6 codebase
Filename:
MIME Type:
Creator:
Viktor Hercinger
Created:
2013-01-31 09:32:36 UTC
Size:
79.52 KB
patch
obsolete
>From b6faf866a57f4d8266fbe7fa8618a0cae9326974 Mon Sep 17 00:00:00 2001 >From: Viktor Hercinger <vhercing@redhat.com> >Date: Mon, 28 Jan 2013 13:51:32 +0100 >Subject: [PATCH] updated to upstream ipv6 support > >--- > .gitignore | 1 + > sources | 2 +- > tcp_wrappers-7.6-196326.patch | 6 +- > tcp_wrappers-7.6-220015.patch | 4 +- > tcp_wrappers-7.6-altformat.patch | 37 ++ > tcp_wrappers-7.6-bug17847.patch | 21 +- > tcp_wrappers-7.6-bug698464.patch | 36 +- > tcp_wrappers-7.6-fixgethostbyname.patch | 29 +- > tcp_wrappers-7.6-restore_sigalarm.patch | 37 -- > tcp_wrappers-7.6-shared.patch | 101 +-- > tcp_wrappers-7.6-strerror.patch | 28 - > tcp_wrappers-7.6-uchart_fix.patch | 21 + > tcp_wrappers-7.6-warnings.patch | 97 ++- > tcp_wrappers.spec | 19 +- > tcp_wrappers.ume-ipv6.patch | 45 -- > tcp_wrappers.usagi-ipv6.patch | 1108 ++----------------------------- > tcp_wrappers_7.6-249430.patch | 6 +- > tcpw7.2-config.patch | 4 +- > tcpw7.2-setenv.patch | 2 +- > tcpw7.6-netgroup.patch | 4 +- > 20 files changed, 268 insertions(+), 1340 deletions(-) > create mode 100644 tcp_wrappers-7.6-altformat.patch > delete mode 100644 tcp_wrappers-7.6-restore_sigalarm.patch > delete mode 100644 tcp_wrappers-7.6-strerror.patch > create mode 100644 tcp_wrappers-7.6-uchart_fix.patch > delete mode 100644 tcp_wrappers.ume-ipv6.patch > >diff --git a/.gitignore b/.gitignore >index 59e6073..7aa1a93 100644 >--- a/.gitignore >+++ b/.gitignore >@@ -1 +1,2 @@ > tcp_wrappers_7.6.tar.gz >+tcp_wrappers_7.6-ipv6.4.tar.gz >diff --git a/sources b/sources >index 7c11142..f6a0180 100644 >--- a/sources >+++ b/sources >@@ -1 +1 @@ >-e6fa25f71226d090f34de3f6b122fb5a tcp_wrappers_7.6.tar.gz >+ccbc2676977c31bbd43783abfbf2fdcf tcp_wrappers_7.6-ipv6.4.tar.gz >diff --git a/tcp_wrappers-7.6-196326.patch b/tcp_wrappers-7.6-196326.patch >index 78fdb9d..bd98250 100644 >--- a/tcp_wrappers-7.6-196326.patch >+++ b/tcp_wrappers-7.6-196326.patch >@@ -1,7 +1,7 @@ > diff -up tcp_wrappers_7.6/hosts_access.c.patch21 tcp_wrappers_7.6/hosts_access.c > --- tcp_wrappers_7.6/hosts_access.c.patch21 2008-08-29 09:45:12.000000000 +0200 > +++ tcp_wrappers_7.6/hosts_access.c 2008-08-29 09:45:12.000000000 +0200 >-@@ -346,6 +346,9 @@ char *string; >+@@ -391,6 +391,9 @@ char *string; > return (STR_NE(string, unknown)); > } else if (tok[(n = strlen(tok)) - 1] == '.') { /* prefix */ > return (STRN_EQ(tok, string, n)); >@@ -9,5 +9,5 @@ diff -up tcp_wrappers_7.6/hosts_access.c.patch21 tcp_wrappers_7.6/hosts_access.c > + && (STR_EQ(string, "localhost") || STR_EQ(string, "localhost.localdomain"))) { > + return (YES); /* these localhosts are equivalent */ > } else { /* exact match */ >- #ifdef INET6 >- struct addrinfo hints, *res; >+ return (STR_EQ(tok, string)); >+ } >diff --git a/tcp_wrappers-7.6-220015.patch b/tcp_wrappers-7.6-220015.patch >index a0ff835..77f5d07 100644 >--- a/tcp_wrappers-7.6-220015.patch >+++ b/tcp_wrappers-7.6-220015.patch >@@ -23,8 +23,8 @@ diff -up tcp_wrappers_7.6/hosts_ctl.c.patch17 tcp_wrappers_7.6/hosts_ctl.c > diff -up tcp_wrappers_7.6/socket.c.patch17 tcp_wrappers_7.6/socket.c > --- tcp_wrappers_7.6/socket.c.patch17 2008-08-29 09:45:12.000000000 +0200 > +++ tcp_wrappers_7.6/socket.c 2008-08-29 09:45:12.000000000 +0200 >-@@ -147,6 +147,51 @@ struct request_info *request; >- #endif >+@@ -130,6 +130,51 @@ struct request_info *request; >+ request->server->sin = &server; > } > > +/* sock_hostnofd - look up endpoint addresses and install conversion methods */ >diff --git a/tcp_wrappers-7.6-altformat.patch b/tcp_wrappers-7.6-altformat.patch >new file mode 100644 >index 0000000..ccf668d >--- /dev/null >+++ b/tcp_wrappers-7.6-altformat.patch >@@ -0,0 +1,37 @@ >+diff -up tcp_wrappers_7.6-ipv6.4/hosts_access.c.altformat tcp_wrappers_7.6-ipv6.4/hosts_access.c >+--- tcp_wrappers_7.6-ipv6.4/hosts_access.c.altformat 2013-01-28 13:22:09.986535601 +0100 >++++ tcp_wrappers_7.6-ipv6.4/hosts_access.c 2013-01-28 13:42:12.142650817 +0100 >+@@ -333,9 +333,9 @@ struct host_info *host; >+ >+ /* >+ * A /nnn prefix specifies how many bits of the address we >+- * need to check. >++ * need to check. >+ */ >+- if ((slash = strchr(tok, '/'))) { >++ if ((slash = strchr(tok, '/')) || (slash = strchr(cbr+1, '/'))) { >+ *slash = '\0'; >+ mask = atoi(slash+1); >+ if (mask < 0 || mask > IPV6_ABITS) { >+@@ -349,6 +349,8 @@ struct host_info *host; >+ } >+ } >+ >++ printf("IPv6 addr/mask: %s/%s\n", tok+1, slash+1); >++ >+ if (cbr == NULL || inet_pton(AF_INET6, tok+1, &in6) != 1) { >+ tcpd_warn("bad IP6 address specification"); >+ return (NO); >+diff -up tcp_wrappers_7.6-ipv6.4/tcpdchk.c.altformat tcp_wrappers_7.6-ipv6.4/tcpdchk.c >+--- tcp_wrappers_7.6-ipv6.4/tcpdchk.c.altformat 2013-01-28 13:44:44.786549981 +0100 >++++ tcp_wrappers_7.6-ipv6.4/tcpdchk.c 2013-01-28 13:44:58.419629764 +0100 >+@@ -434,6 +434,9 @@ char *pat; >+ int err = 0; >+ int mask = IPV6_ABITS; >+ >++ if (!slash) >++ slash = strchr(cbr+1, '/'); >++ >+ if (slash != NULL) { >+ *slash = '\0'; >+ mask = atoi(slash + 1); >diff --git a/tcp_wrappers-7.6-bug17847.patch b/tcp_wrappers-7.6-bug17847.patch >index b153282..eede2e7 100644 >--- a/tcp_wrappers-7.6-bug17847.patch >+++ b/tcp_wrappers-7.6-bug17847.patch >@@ -1,6 +1,5 @@ >-diff -up tcp_wrappers_7.6/hosts_access.5.patch6 tcp_wrappers_7.6/hosts_access.5 >---- tcp_wrappers_7.6/hosts_access.5.patch6 2008-08-29 09:45:12.000000000 +0200 >-+++ tcp_wrappers_7.6/hosts_access.5 2008-08-29 09:45:12.000000000 +0200 >+--- tcp_wrappers_7.6/hosts_access.5.patch6 2013-01-23 11:10:00.545081410 +0100 >++++ tcp_wrappers_7.6/hosts_access.5 2013-01-23 11:10:00.549081436 +0100 > @@ -96,6 +96,10 @@ or address pattern listed in the named f > zero or more lines with zero or more host name or address patterns > separated by whitespace. A file name pattern can be used anywhere >@@ -12,10 +11,9 @@ diff -up tcp_wrappers_7.6/hosts_access.5.patch6 tcp_wrappers_7.6/hosts_access.5 > .SH WILDCARDS > The access control language supports explicit wildcards: > .IP ALL >-diff -up tcp_wrappers_7.6/hosts_access.c.patch6 tcp_wrappers_7.6/hosts_access.c >---- tcp_wrappers_7.6/hosts_access.c.patch6 2008-08-29 09:45:12.000000000 +0200 >-+++ tcp_wrappers_7.6/hosts_access.c 2008-08-29 09:45:12.000000000 +0200 >-@@ -311,6 +311,11 @@ char *string; >+--- tcp_wrappers_7.6/hosts_access.c.patch6 2013-01-23 11:10:00.546081416 +0100 >++++ tcp_wrappers_7.6/hosts_access.c 2013-01-23 11:12:28.519925230 +0100 >+@@ -376,6 +376,11 @@ char *string; > { > int n; > >@@ -27,11 +25,10 @@ diff -up tcp_wrappers_7.6/hosts_access.c.patch6 tcp_wrappers_7.6/hosts_access.c > if (tok[0] == '.') { /* suffix */ > n = strlen(string) - strlen(tok); > return (n > 0 && STR_EQ(tok, string + n)); >-@@ -351,3 +356,71 @@ char *string; >- } >+@@ -417,6 +422,74 @@ char *string; > return ((addr & mask) == net); > } >-+ >+ > +#ifndef DISABLE_WILDCARD_MATCHING > +/* Note: this feature has been adapted in a pretty straightforward way > + from Tatu Ylonen's last SSH version under free license by >@@ -99,3 +96,7 @@ diff -up tcp_wrappers_7.6/hosts_access.c.patch6 tcp_wrappers_7.6/hosts_access.c > + /*NOTREACHED*/ > +} > +#endif /* DISABLE_WILDCARD_MATCHING */ >++ >+ #ifdef HAVE_IPV6 >+ /* >+ * Function that zeros all but the first "maskbits" bits of the IPV6 address >diff --git a/tcp_wrappers-7.6-bug698464.patch b/tcp_wrappers-7.6-bug698464.patch >index 483a119..2b3bfb8 100644 >--- a/tcp_wrappers-7.6-bug698464.patch >+++ b/tcp_wrappers-7.6-bug698464.patch >@@ -7,34 +7,33 @@ > +An expression of the form `n.n.n.n/m\' is interpreted as a > +`net/prefixlen\' pair, as below, for IPv4 addresses. > +.IP \(bu >- An expression of the form `[n:n:n:n:n:n:n:n]/m\' is interpreted as a >- `[net]/prefixlen\' pair. An IPv6 host address is matched if >+ An expression of the form `[n:n:n:n:n:n:n:n/m]\' is interpreted as a >+ `[net/prefixlen]\' pair. An IPv6 host address is matched if > `prefixlen\' bits of `net\' is equal to the `prefixlen\' bits of the > --- tcp_wrappers_7.6/tcpd.h.orig 2011-04-20 16:10:25.000000000 -0600 > +++ tcp_wrappers_7.6/tcpd.h 2011-04-20 16:11:56.000000000 -0600 >-@@ -101,6 +101,7 @@ extern void refuse __P((struct request_i >- extern char *xgets __P((char *, int, FILE *)); /* fgets() on steroids */ >- extern char *split_at __P((char *, int)); /* strchr() and split */ >- extern unsigned long dot_quad_addr __P((char *)); /* restricted inet_addr() */ >+@@ -164,6 +164,7 @@ extern void refuse __P((struct request_i >+ extern char *xgets __P((char *, int, FILE *)); /* fgets() on steroids */ >+ extern char *split_at __P((char *, int)); /* strchr() and split */ >+ extern unsigned long dot_quad_addr __P((char *)); /* restricted inet_addr() */ > +extern unsigned long prefix_to_netmask __P((char *)); /* 0-32 prefix length */ >- >- /* Global variables. */ >- >+ extern int numeric_addr __P((char *, union gen_addr *, int *, int *)); /* IP4/IP6 inet_addr (restricted) */ >+ extern struct hostent *tcpd_gethostbyname __P((char *, int)); >+ /* IP4/IP6 gethostbyname */ > --- tcp_wrappers_7.6/misc.c.orig 2011-04-20 16:10:25.000000000 -0600 > +++ tcp_wrappers_7.6/misc.c 2011-04-20 16:13:39.000000000 -0600 >-@@ -14,6 +14,8 @@ >- #include <arpa/inet.h> >- #include <stdio.h> >+@@ -16,6 +16,7 @@ static char sccsic[] = "@(#) misc.c 1.2 > #include <string.h> >-+#include <ctype.h> >+ #include <ctype.h> >+ #include <netdb.h> > +#include <stdlib.h> > > #include "tcpd.h" > >-@@ -107,3 +107,22 @@ char *str; >+@@ -214,3 +215,21 @@ char *str; > } >- return (runs == 4 ? inet_addr(str) : INADDR_NONE); > } >+ #endif /* HAVE_IPV6 */ > + > +/* prefix_to_netmask - convert prefix (0-32) to netmask */ > + >@@ -53,10 +52,9 @@ > + > + return htonl(~0UL << (32 - prefix)); > +} >-+ > --- tcp_wrappers_7.6/hosts_access.c.orig 2011-04-20 16:10:25.000000000 -0600 > +++ tcp_wrappers_7.6/hosts_access.c 2011-04-20 16:21:07.000000000 -0600 >-@@ -427,8 +427,11 @@ char *string; >+@@ -420,8 +420,11 @@ char *string; > return (NO); > if ((net = dot_quad_addr(net_tok)) == INADDR_NONE > || ((mask = dot_quad_addr(mask_tok)) == INADDR_NONE >@@ -66,6 +64,6 @@ > + && strcmp(mask_tok, "32"))) { > /* 255.255.255.255 == INADDR_NONE, separate check needed. TJ. */ > + /* 32 == INADDR_NONE, separate check needed. philipp */ >- #ifndef INET6 > tcpd_warn("bad net/mask expression: %s/%s", net_tok, mask_tok); >- #endif >+ return (NO); /* not tcpd_jump() */ >+ } >diff --git a/tcp_wrappers-7.6-fixgethostbyname.patch b/tcp_wrappers-7.6-fixgethostbyname.patch >index 5dd8178..efb4ebe 100644 >--- a/tcp_wrappers-7.6-fixgethostbyname.patch >+++ b/tcp_wrappers-7.6-fixgethostbyname.patch >@@ -1,28 +1,27 @@ >-diff -up tcp_wrappers_7.6/socket.c.patch7 tcp_wrappers_7.6/socket.c >---- tcp_wrappers_7.6/socket.c.patch7 1997-03-21 19:27:25.000000000 +0100 >-+++ tcp_wrappers_7.6/socket.c 2008-08-29 09:45:12.000000000 +0200 >-@@ -52,7 +52,8 @@ static struct hostent *gethostbyname_dot >- char *name; >+--- tcp_wrappers_7.6-ipv6.4/socket.c.patch7 1999-10-27 15:23:14.000000000 +0200 >++++ tcp_wrappers_7.6-ipv6.4/socket.c 2013-01-23 11:41:48.776857327 +0100 >+@@ -54,6 +54,8 @@ int af; > { > char dot_name[MAXHOSTNAMELEN + 1]; >-- >+ > + struct hostent *hp; >-+ >++ > /* > * Don't append dots to unqualified names. Such names are likely to come > * from local hosts files or from NIS. >-@@ -61,8 +62,12 @@ char *name; >+@@ -62,8 +64,13 @@ int af; > if (strchr(name, '.') == 0 || strlen(name) >= MAXHOSTNAMELEN - 1) { >- return (gethostbyname(name)); >+ return (tcpd_gethostbyname(name, af)); > } else { > - sprintf(dot_name, "%s.", name); >-- return (gethostbyname(dot_name)); >+- return (tcpd_gethostbyname(dot_name, af)); > + sprintf(dot_name, "%s.", name); >-+ hp = gethostbyname(dot_name); >-+ if (hp) >-+ return hp; >-+ else >-+ return (gethostbyname(name)); >++ hp = tcpd_gethostbyname(dot_name, af); >++ if (hp) >++ return hp; >++ >++ else >++ return tcpd_gethostbyname(name, af); > } > } > >diff --git a/tcp_wrappers-7.6-restore_sigalarm.patch b/tcp_wrappers-7.6-restore_sigalarm.patch >deleted file mode 100644 >index a4b3a5d..0000000 >--- a/tcp_wrappers-7.6-restore_sigalarm.patch >+++ /dev/null >@@ -1,37 +0,0 @@ >-diff -up tcp_wrappers_7.6/rfc931.c.patch18 tcp_wrappers_7.6/rfc931.c >---- tcp_wrappers_7.6/rfc931.c.patch18 2008-08-29 09:45:12.000000000 +0200 >-+++ tcp_wrappers_7.6/rfc931.c 2008-08-29 09:45:12.000000000 +0200 >-@@ -92,6 +92,8 @@ char *dest; >- char *cp; >- char *result = unknown; >- FILE *fp; >-+ unsigned saved_timeout; >-+ struct sigaction nact, oact; >- >- #ifdef INET6 >- /* address family must be the same */ >-@@ -134,7 +136,12 @@ char *dest; >- */ >- >- if (setjmp(timebuf) == 0) { >-- signal(SIGALRM, timeout); >-+ /* Save SIGALRM timer and handler. Sudheer Abdul-Salam, SUN. */ >-+ saved_timeout = alarm(0); >-+ nact.sa_handler = timeout; >-+ nact.sa_flags = 0; >-+ (void) sigemptyset(&nact.sa_mask); >-+ (void) sigaction(SIGALRM, &nact, &oact); >- alarm(rfc931_timeout); >- >- /* >-@@ -223,6 +230,10 @@ char *dest; >- } >- alarm(0); >- } >-+ /* Restore SIGALRM timer and handler. Sudheer Abdul-Salam, SUN. */ >-+ (void) sigaction(SIGALRM, &oact, NULL); >-+ if (saved_timeout > 0) >-+ alarm(saved_timeout); >- fclose(fp); >- } >- STRN_CPY(dest, result, STRING_LENGTH); >diff --git a/tcp_wrappers-7.6-shared.patch b/tcp_wrappers-7.6-shared.patch >index 311f964..3971717 100644 >--- a/tcp_wrappers-7.6-shared.patch >+++ b/tcp_wrappers-7.6-shared.patch >@@ -6,9 +6,9 @@ diff -up tcp_wrappers_7.6/Makefile.patch11 tcp_wrappers_7.6/Makefile > linux: > @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \ > - LIBS="-lnsl" RANLIB=ranlib ARFLAGS=rv AUX_OBJ= \ >-- NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER -DINET6=1 -Dss_family=__ss_family -Dss_len=__ss_len" all >+- NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DUSE_STRERROR -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER -Dss_family=__ss_family -Dss_len=__ss_len" all > + LIBS="-lnsl" RANLIB=ranlib ARFLAGS=rv AUX_OBJ=weak_symbols.o \ >-+ NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -fPIC -DPIC -D_REENTRANT -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER -DINET6=1 -Dss_family=__ss_family -Dss_len=__ss_len -DHAVE_WEAKSYMS" all >++ NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -fPIC -DPIC -D_REENTRANT -DUSE_STRERROR -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER -Dss_family=__ss_family -Dss_len=__ss_len -DHAVE_WEAKSYMS" all > > linux-old: > @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \ >@@ -52,30 +52,6 @@ diff -up tcp_wrappers_7.6/Makefile.patch11 tcp_wrappers_7.6/Makefile > +weak_symbols.o: tcpd.h > workarounds.o: cflags > workarounds.o: tcpd.h >-diff -up tcp_wrappers_7.6/scaffold.c.patch11 tcp_wrappers_7.6/scaffold.c >---- tcp_wrappers_7.6/scaffold.c.patch11 2008-08-29 09:45:12.000000000 +0200 >-+++ tcp_wrappers_7.6/scaffold.c 2008-08-29 09:45:12.000000000 +0200 >-@@ -237,10 +237,17 @@ struct request_info *request; >- >- /* ARGSUSED */ >- >--void rfc931(request) >--struct request_info *request; >-+void rfc931(rmt_sin, our_sin, dest) >-+#ifndef INET6 >-+struct sockaddr_in *rmt_sin; >-+struct sockaddr_in *our_sin; >-+#else >-+struct sockaddr *rmt_sin; >-+struct sockaddr *our_sin; >-+#endif >-+char *dest; >- { >-- strcpy(request->user, unknown); >-+ strcpy(dest, unknown); >- } >- >- /* check_path - examine accessibility */ > diff -up tcp_wrappers_7.6/tcpd.h.patch11 tcp_wrappers_7.6/tcpd.h > --- tcp_wrappers_7.6/tcpd.h.patch11 2008-08-29 09:45:12.000000000 +0200 > +++ tcp_wrappers_7.6/tcpd.h 2008-08-29 09:45:12.000000000 +0200 >@@ -105,7 +81,7 @@ diff -up tcp_wrappers_7.6/tcpd.h.patch11 tcp_wrappers_7.6/tcpd.h > /* Structure to describe one communications endpoint. */ > > #define STRING_LENGTH 128 /* hosts, users, processes */ >-@@ -29,10 +48,10 @@ struct request_info { >+@@ -92,10 +111,10 @@ struct request_info { > char pid[10]; /* access via eval_pid(request) */ > struct host_info client[1]; /* client endpoint info */ > struct host_info server[1]; /* server endpoint info */ >@@ -120,12 +96,12 @@ diff -up tcp_wrappers_7.6/tcpd.h.patch11 tcp_wrappers_7.6/tcpd.h > struct netconfig *config; /* netdir handle */ > }; > >-@@ -65,25 +84,34 @@ extern char paranoid[]; >+@@ -132,33 +151,38 @@ extern char paranoid[]; > /* Global functions. */ > > #if defined(TLI) || defined(PTX) || defined(TLI_SEQUENT) > -extern void fromhost(); /* get/validate client host info */ >-+extern void fromhost __P((struct request_info *)); /* get/validate client host info */ >++extern void fromhost __P((struct request_info *)); /* get/validate client host info */ > #else > #define fromhost sock_host /* no TLI support needed */ > #endif >@@ -139,18 +115,25 @@ diff -up tcp_wrappers_7.6/tcpd.h.patch11 tcp_wrappers_7.6/tcpd.h > -extern char *xgets(); /* fgets() on steroids */ > -extern char *split_at(); /* strchr() and split */ > -extern unsigned long dot_quad_addr(); /* restricted inet_addr() */ >-+extern void shell_cmd __P((char *)); /* execute shell command */ >-+extern char *percent_x __P((char *, int, char *, struct request_info *)); /* do %<char> expansion */ >-+#ifdef INET6 >-+extern void rfc931 __P((struct sockaddr *, struct sockaddr *, char *)); /* client name from RFC 931 daemon */ >-+#else >-+extern void rfc931 __P((struct sockaddr_in *, struct sockaddr_in *, char *)); /* client name from RFC 931 daemon */ >-+#endif >-+extern void clean_exit __P((struct request_info *)); /* clean up and exit */ >-+extern void refuse __P((struct request_info *)); /* clean up and exit */ >-+extern char *xgets __P((char *, int, FILE *)); /* fgets() on steroids */ >-+extern char *split_at __P((char *, int)); /* strchr() and split */ >-+extern unsigned long dot_quad_addr __P((char *)); /* restricted inet_addr() */ >+-extern int numeric_addr(); /* IP4/IP6 inet_addr (restricted) */ >+-extern struct hostent *tcpd_gethostbyname(); >++extern void shell_cmd __P((char *)); /* execute shell command */ >++extern char *percent_x __P((char *, int, char *, struct request_info *)); /* do %<char> expansion */ >++extern void rfc931 __P((struct sockaddr_gen *, struct sockaddr_gen *, char *)); /* client name from RFC 931 daemon */ >++extern void clean_exit __P((struct request_info *)); /* clean up and exit */ >++extern void refuse __P((struct request_info *)); /* clean up and exit */ >++extern char *xgets __P((char *, int, FILE *)); /* fgets() on steroids */ >++extern char *split_at __P((char *, int)); /* strchr() and split */ >++extern unsigned long dot_quad_addr __P((char *)); /* restricted inet_addr() */ >++extern int numeric_addr __P((char *, union gen_addr *, int *, int *)); /* IP4/IP6 inet_addr (restricted) */ >++extern struct hostent *tcpd_gethostbyname __P((char *, int)); >+ /* IP4/IP6 gethostbyname */ >+ #ifdef HAVE_IPV6 >+-extern char *skip_ipv6_addrs(); /* skip over colons in IPv6 addrs */ >++extern char *skip_ipv6_addrs __P((char *)); /* skip over colons in IPv6 addrs */ >+ #else >+ #define skip_ipv6_addrs(x) x >+ #endif > > /* Global variables. */ > >@@ -165,7 +148,7 @@ diff -up tcp_wrappers_7.6/tcpd.h.patch11 tcp_wrappers_7.6/tcpd.h > extern char *hosts_allow_table; /* for verification mode redirection */ > extern char *hosts_deny_table; /* for verification mode redirection */ > extern int hosts_access_verbose; /* for verbose matching mode */ >-@@ -96,9 +124,14 @@ extern int resident; /* > 0 if residen >+@@ -171,9 +195,14 @@ extern int resident; /* > 0 if residen > */ > > #ifdef __STDC__ >@@ -180,7 +163,7 @@ diff -up tcp_wrappers_7.6/tcpd.h.patch11 tcp_wrappers_7.6/tcpd.h > extern struct request_info *request_init(); /* initialize request */ > extern struct request_info *request_set(); /* update request structure */ > #endif >-@@ -121,27 +154,31 @@ extern struct request_info *request_set( >+@@ -196,27 +225,31 @@ extern struct request_info *request_set( > * host_info structures serve as caches for the lookup results. > */ > >@@ -222,7 +205,7 @@ diff -up tcp_wrappers_7.6/tcpd.h.patch11 tcp_wrappers_7.6/tcpd.h > #endif > > /* >-@@ -182,7 +219,7 @@ extern struct tcpd_context tcpd_context; >+@@ -257,7 +290,7 @@ extern struct tcpd_context tcpd_context; > * behavior. > */ > >@@ -231,7 +214,7 @@ diff -up tcp_wrappers_7.6/tcpd.h.patch11 tcp_wrappers_7.6/tcpd.h > extern int dry_run; /* verification flag */ > > /* Bug workarounds. */ >-@@ -221,3 +258,7 @@ extern char *fix_strtok(); >+@@ -296,3 +329,7 @@ extern char *fix_strtok(); > #define strtok my_strtok > extern char *my_strtok(); > #endif >@@ -254,3 +237,31 @@ diff -up /dev/null tcp_wrappers_7.6/weak_symbols.c > +int deny_severity = LOG_WARNING; > +int allow_severity = SEVERITY; > +#endif >+diff -up tcp_wrappers_7.6/scaffold.c.patch11 tcp_wrappers_7.6/scaffold.c >+--- tcp_wrappers_7.6/scaffold.c.patch11 2013-01-28 11:08:48.598273563 +0100 >++++ tcp_wrappers_7.6/scaffold.c 2013-01-28 11:08:56.069316992 +0100 >+@@ -25,7 +25,7 @@ static char sccs_id[] = "@(#) scaffold.c >+ #define INADDR_NONE (-1) /* XXX should be 0xffffffff */ >+ #endif >+ >+-extern char *malloc(); >++extern void *malloc(size_t); >+ >+ /* Application-specific. */ >+ >+@@ -180,10 +180,12 @@ struct request_info *request; >+ >+ /* ARGSUSED */ >+ >+-void rfc931(request) >+-struct request_info *request; >++void rfc931(rmt_sin, our_sin, dest) >++struct sockaddr_gen *rmt_sin; >++struct sockaddr_gen *our_sin; >++char *dest; >+ { >+- strcpy(request->user, unknown); >++ strcpy(dest, unknown); >+ } >+ >+ /* check_path - examine accessibility */ >diff --git a/tcp_wrappers-7.6-strerror.patch b/tcp_wrappers-7.6-strerror.patch >deleted file mode 100644 >index 222d2f4..0000000 >--- a/tcp_wrappers-7.6-strerror.patch >+++ /dev/null >@@ -1,28 +0,0 @@ >-diff -up tcp_wrappers_7.6/percent_m.c.patch13 tcp_wrappers_7.6/percent_m.c >---- tcp_wrappers_7.6/percent_m.c.patch13 1994-12-28 17:42:37.000000000 +0100 >-+++ tcp_wrappers_7.6/percent_m.c 2008-08-29 09:45:12.000000000 +0200 >-@@ -13,7 +13,7 @@ static char sccsid[] = "@(#) percent_m.c >- #include <string.h> >- >- extern int errno; >--#ifndef SYS_ERRLIST_DEFINED >-+#if !defined(SYS_ERRLIST_DEFINED) && !defined(HAVE_STRERROR) >- extern char *sys_errlist[]; >- extern int sys_nerr; >- #endif >-@@ -29,11 +29,15 @@ char *ibuf; >- >- while (*bp = *cp) >- if (*cp == '%' && cp[1] == 'm') { >-+#ifdef HAVE_STRERROR >-+ strcpy(bp, strerror(errno)); >-+#else >- if (errno < sys_nerr && errno > 0) { >- strcpy(bp, sys_errlist[errno]); >- } else { >- sprintf(bp, "Unknown error %d", errno); >- } >-+#endif >- bp += strlen(bp); >- cp += 2; >- } else { >diff --git a/tcp_wrappers-7.6-uchart_fix.patch b/tcp_wrappers-7.6-uchart_fix.patch >new file mode 100644 >index 0000000..5ac0788 >--- /dev/null >+++ b/tcp_wrappers-7.6-uchart_fix.patch >@@ -0,0 +1,21 @@ >+diff -up tcp_wrappers_7.6-ipv6.4/hosts_access.c.ucharpatch tcp_wrappers_7.6-ipv6.4/hosts_access.c >+--- tcp_wrappers_7.6-ipv6.4/hosts_access.c.ucharpatch 2013-01-28 10:19:20.424857730 +0100 >++++ tcp_wrappers_7.6-ipv6.4/hosts_access.c 2013-01-28 10:19:44.719991745 +0100 >+@@ -514,7 +514,7 @@ static void ipv6_mask(in6p, maskbits) >+ struct in6_addr *in6p; >+ int maskbits; >+ { >+- uchar_t *p = (uchar_t*) in6p; >++ unsigned char *p = (unsigned char*) in6p; >+ >+ if (maskbits < 0 || maskbits >= IPV6_ABITS) >+ return; >+@@ -525,7 +525,7 @@ int maskbits; >+ if (maskbits != 0) >+ *p++ &= 0xff << (8 - maskbits); >+ >+- while (p < (((uchar_t*) in6p)) + sizeof(*in6p)) >++ while (p < (((unsigned char*) in6p)) + sizeof(*in6p)) >+ *p++ = 0; >+ } >+ #endif >diff --git a/tcp_wrappers-7.6-warnings.patch b/tcp_wrappers-7.6-warnings.patch >index 7fcbaf6..6b6bddd 100644 >--- a/tcp_wrappers-7.6-warnings.patch >+++ b/tcp_wrappers-7.6-warnings.patch >@@ -66,7 +66,7 @@ diff -up tcp_wrappers_7.6/fix_options.c.warnings tcp_wrappers_7.6/fix_options.c > unsigned int opt; > @@ -46,7 +48,7 @@ struct request_info *request; > struct in_addr dummy; >- #ifdef INET6 >+ #ifdef HAVE_IPV6 > struct sockaddr_storage ss; > - int sslen; > + unsigned int sslen; >@@ -76,15 +76,16 @@ diff -up tcp_wrappers_7.6/fix_options.c.warnings tcp_wrappers_7.6/fix_options.c > diff -up tcp_wrappers_7.6/hosts_access.c.warnings tcp_wrappers_7.6/hosts_access.c > --- tcp_wrappers_7.6/hosts_access.c.warnings 2011-08-16 10:29:50.233418824 +0200 > +++ tcp_wrappers_7.6/hosts_access.c 2011-08-16 10:29:51.653475947 +0200 >-@@ -39,6 +39,8 @@ static char sccsid[] = "@(#) hosts_acces >+@@ -33,6 +33,9 @@ static char sccsid[] = "@(#) hosts_acces > #include <errno.h> > #include <setjmp.h> > #include <string.h> > +#include <stdlib.h> > +#include <rpcsvc/ypclnt.h> >- #ifdef INET6 >- #include <netdb.h> >- #endif >++#include <netdb.h> >+ >+ extern char *fgets(); >+ extern int errno; > @@ -58,6 +60,8 @@ extern int errno; > > extern jmp_buf tcpd_buf; >@@ -94,6 +95,23 @@ diff -up tcp_wrappers_7.6/hosts_access.c.warnings tcp_wrappers_7.6/hosts_access. > /* Delimiters for lists of daemons or clients. */ > > static char sep[] = ", \t\r\n"; >+@@ -323,14 +328,14 @@ struct host_info *host; >+ hip = &host->sin->sg_sin6.sin6_addr; >+ } >+ >+- if (cbr = strchr(tok, ']')) >++ if ((cbr = strchr(tok, ']'))) >+ *cbr = '\0'; >+ >+ /* >+ * A /nnn prefix specifies how many bits of the address we >+ * need to check. >+ */ >+- if (slash = strchr(tok, '/')) { >++ if ((slash = strchr(tok, '/'))) { >+ *slash = '\0'; >+ mask = atoi(slash+1); >+ if (mask < 0 || mask > IPV6_ABITS) { > diff -up tcp_wrappers_7.6/inetcf.c.warnings tcp_wrappers_7.6/inetcf.c > --- tcp_wrappers_7.6/inetcf.c.warnings 2011-08-16 10:29:48.117418621 +0200 > +++ tcp_wrappers_7.6/inetcf.c 2011-08-16 10:29:51.752605633 +0200 >@@ -309,8 +327,8 @@ diff -up tcp_wrappers_7.6/percent_m.c.warnings tcp_wrappers_7.6/percent_m.c > - while (*bp = *cp) > + while ((*bp = *cp)) > if (*cp == '%' && cp[1] == 'm') { >- #ifdef HAVE_STRERROR >- strcpy(bp, strerror(errno)); >+ #ifdef USE_STRERROR >+ strcpy(bp, strerror(errno)); > diff -up tcp_wrappers_7.6/percent_x.c.warnings tcp_wrappers_7.6/percent_x.c > --- tcp_wrappers_7.6/percent_x.c.warnings 1994-12-28 17:42:38.000000000 +0100 > +++ tcp_wrappers_7.6/percent_x.c 2011-08-16 10:29:52.116485510 +0200 >@@ -341,7 +359,7 @@ diff -up tcp_wrappers_7.6/rfc931.c.warnings tcp_wrappers_7.6/rfc931.c > + unsigned saved_timeout = 0; > struct sigaction nact, oact; > >- #ifdef INET6 >+ /* > @@ -223,7 +224,7 @@ char *dest; > * protocol, not part of the data. > */ >@@ -397,43 +415,24 @@ diff -up tcp_wrappers_7.6/scaffold.c.warnings tcp_wrappers_7.6/scaffold.c > > #ifndef INADDR_NONE > #define INADDR_NONE (-1) /* XXX should be 0xffffffff */ >-@@ -174,7 +176,9 @@ char *host; >- struct hostent *hp; >- #endif >- int count; >-+#ifndef INET6 >- char *addr; >-+#endif >- >- if ((hp = find_inet_addr(host)) == 0) >- return (0); > diff -up tcp_wrappers_7.6/socket.c.warnings tcp_wrappers_7.6/socket.c > --- tcp_wrappers_7.6/socket.c.warnings 2011-08-16 10:29:48.319483715 +0200 > +++ tcp_wrappers_7.6/socket.c 2011-08-16 10:29:52.630463906 +0200 >-@@ -95,7 +95,7 @@ struct request_info *request; >- static struct sockaddr_in client; >- static struct sockaddr_in server; >- #endif >+@@ -84,7 +84,7 @@ struct request_info *request; >+ { >+ static struct sockaddr_gen client; >+ static struct sockaddr_gen server; > - int len; > + unsigned len; > char buf[BUFSIZ]; > int fd = request->fd; > >-@@ -228,7 +228,7 @@ struct host_info *host; >- struct sockaddr *sin = host->sin; >- struct sockaddr_in sin4; >- struct addrinfo hints, *res, *res0 = NULL; >-- int salen, alen, err = 1; >-+ int salen, alen = 0, err = 1; >- char *ap = NULL, *rap, hname[NI_MAXHOST]; >- >- if (sin != NULL) { >-@@ -471,7 +471,7 @@ int fd; >- #else >+@@ -293,7 +293,7 @@ int fd; >+ { >+ char buf[BUFSIZ]; > struct sockaddr_in sin; >- #endif > - int size = sizeof(sin); >-+ unsigned int size = sizeof(sin); >++ unsigned size = sizeof(sin); > > /* > * Eat up the not-yet received datagram. Some systems insist on a >@@ -464,7 +463,7 @@ diff -up tcp_wrappers_7.6/tcpd.c.warnings tcp_wrappers_7.6/tcpd.c > diff -up tcp_wrappers_7.6/tcpdchk.c.warnings tcp_wrappers_7.6/tcpdchk.c > --- tcp_wrappers_7.6/tcpdchk.c.warnings 2011-08-16 10:29:45.552501988 +0200 > +++ tcp_wrappers_7.6/tcpdchk.c 2011-08-16 10:47:12.440605857 +0200 >-@@ -33,6 +33,8 @@ static char sccsid[] = "@(#) tcpdchk.c 1 >+@@ -30,6 +30,8 @@ static char sccsid[] = "@(#) tcpdchk.c 1 > #include <errno.h> > #include <netdb.h> > #include <string.h> >@@ -473,7 +472,7 @@ diff -up tcp_wrappers_7.6/tcpdchk.c.warnings tcp_wrappers_7.6/tcpdchk.c > > extern int errno; > extern void exit(); >-@@ -202,13 +204,15 @@ struct request_info *request; >+@@ -199,13 +201,15 @@ struct request_info *request; > char sv_list[BUFLEN]; /* becomes list of daemons */ > char *cl_list; /* becomes list of requests */ > char *sh_cmd; /* becomes optional shell command */ >@@ -490,7 +489,7 @@ diff -up tcp_wrappers_7.6/tcpdchk.c.warnings tcp_wrappers_7.6/tcpdchk.c > tcpd_context.file = table; > tcpd_context.line = 0; > while (xgets(sv_list, sizeof(sv_list), fp)) { >-@@ -334,7 +338,7 @@ char *list; >+@@ -331,7 +335,7 @@ char *list; > clients = 0; > } else { > clients++; >@@ -499,15 +498,15 @@ diff -up tcp_wrappers_7.6/tcpdchk.c.warnings tcp_wrappers_7.6/tcpdchk.c > check_user(cp); > check_host(host); > } else { >-@@ -450,7 +454,7 @@ char *pat; >- tcpd_warn("netgroup support disabled"); >- #endif >+@@ -446,7 +450,7 @@ char *pat; >+ if (err) >+ tcpd_warn("bad IP6 address specification: %s", pat); > #endif > - } else if (mask = split_at(pat, '/')) { /* network/netmask */ > + } else if ((mask = split_at(pat, '/'))) { /* network/netmask */ >- #ifdef INET6 >- int mask_len; >- >+ if (dot_quad_addr(pat) == INADDR_NONE >+ || dot_quad_addr(mask) == INADDR_NONE) >+ tcpd_warn("%s/%s: bad net/mask pattern", pat, mask); > diff -up tcp_wrappers_7.6/tcpdmatch.c.warnings tcp_wrappers_7.6/tcpdmatch.c > --- tcp_wrappers_7.6/tcpdmatch.c.warnings 2011-08-16 10:29:49.531427106 +0200 > +++ tcp_wrappers_7.6/tcpdmatch.c 2011-08-16 10:29:52.968605853 +0200 >@@ -519,16 +518,6 @@ diff -up tcp_wrappers_7.6/tcpdmatch.c.warnings tcp_wrappers_7.6/tcpdmatch.c > > extern void exit(); > extern int optind; >-@@ -65,7 +66,9 @@ char **argv; >- char *myname = argv[0]; >- char *client; >- char *server; >-+#ifndef INET6 >- char *addr; >-+#endif >- char *user; >- char *daemon; >- struct request_info request; > diff -up tcp_wrappers_7.6/try-from.c.warnings tcp_wrappers_7.6/try-from.c > --- tcp_wrappers_7.6/try-from.c.warnings 1994-12-28 17:42:55.000000000 +0100 > +++ tcp_wrappers_7.6/try-from.c 2011-08-16 10:29:53.095607440 +0200 >diff --git a/tcp_wrappers.spec b/tcp_wrappers.spec >index 7c58ebe..65a5862 100644 >--- a/tcp_wrappers.spec >+++ b/tcp_wrappers.spec >@@ -1,7 +1,7 @@ > Summary: A security tool which acts as a wrapper for TCP daemons > Name: tcp_wrappers > Version: 7.6 >-Release: 70%{?dist} >+Release: 71%{?dist} > > %define LIB_MAJOR 0 > %define LIB_MINOR 7 >@@ -9,7 +9,7 @@ Release: 70%{?dist} > > License: BSD > Group: System Environment/Daemons >-Source: ftp://ftp.porcupine.org/pub/security/%{name}_%{version}.tar.gz >+Source: ftp://ftp.porcupine.org/pub/security/%{name}_%{version}-ipv6.4.tar.gz > URL: ftp://ftp.porcupine.org/pub/security/index.html > Patch0: tcpw7.2-config.patch > Patch1: tcpw7.2-setenv.patch >@@ -21,15 +21,12 @@ Patch6: tcp_wrappers-7.6-fixgethostbyname.patch > Patch7: tcp_wrappers-7.6-docu.patch > Patch8: tcp_wrappers-7.6-man.patch > Patch9: tcp_wrappers.usagi-ipv6.patch >-Patch10: tcp_wrappers.ume-ipv6.patch > Patch11: tcp_wrappers-7.6-shared.patch > Patch12: tcp_wrappers-7.6-sig.patch >-Patch13: tcp_wrappers-7.6-strerror.patch > Patch14: tcp_wrappers-7.6-ldflags.patch > Patch15: tcp_wrappers-7.6-fix_sig-bug141110.patch > Patch16: tcp_wrappers-7.6-162412.patch > Patch17: tcp_wrappers-7.6-220015.patch >-Patch18: tcp_wrappers-7.6-restore_sigalarm.patch > Patch19: tcp_wrappers-7.6-siglongjmp.patch > Patch20: tcp_wrappers-7.6-sigchld.patch > Patch21: tcp_wrappers-7.6-196326.patch >@@ -40,6 +37,8 @@ Patch25: tcp_wrappers-7.6-relro.patch > Patch26: tcp_wrappers-7.6-xgets.patch > Patch27: tcp_wrappers-7.6-initgroups.patch > Patch28: tcp_wrappers-7.6-warnings.patch >+Patch29: tcp_wrappers-7.6-uchart_fix.patch >+Patch30: tcp_wrappers-7.6-altformat.patch > # required by sin_scope_id in ipv6 patch > BuildRequires: glibc-devel >= 2.2 > BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) >@@ -72,7 +71,7 @@ tcp_wrappers-devel contains the libraries and header files needed to > develop applications with tcp_wrappers support. > > %prep >-%setup -q -n %{name}_%{version} >+%setup -q -n %{name}_%{version}-ipv6.4 > %patch0 -p1 -b .config > %patch1 -p1 -b .setenv > %patch2 -p1 -b .netgroup >@@ -83,15 +82,12 @@ develop applications with tcp_wrappers support. > %patch7 -p1 -b .docu > %patch8 -p1 -b .man > %patch9 -p1 -b .usagi-ipv6 >-%patch10 -p1 -b .ume-ipv6 > %patch11 -p1 -b .shared > %patch12 -p1 -b .sig >-%patch13 -p1 -b .strerror > %patch14 -p1 -b .cflags > %patch15 -p1 -b .fix_sig > %patch16 -p1 -b .162412 > %patch17 -p1 -b .220015 >-%patch18 -p1 -b .restore_sigalarm > %patch19 -p1 -b .siglongjmp > %patch20 -p1 -b .sigchld > %patch21 -p1 -b .196326 >@@ -102,6 +98,8 @@ develop applications with tcp_wrappers support. > %patch26 -p1 -b .xgets > %patch27 -p1 -b .initgroups > %patch28 -p1 -b .warnings >+%patch29 -p1 -b .uchart_fix >+%patch30 -p1 -b .altformat > > %build > make RPM_OPT_FLAGS="$RPM_OPT_FLAGS -fPIC -DPIC -D_REENTRANT -DHAVE_STRERROR" LDFLAGS="-pie" MAJOR=%{LIB_MAJOR} MINOR=%{LIB_MINOR} REL=%{LIB_REL} linux >@@ -159,6 +157,9 @@ rm -rf ${RPM_BUILD_ROOT} > %{_mandir}/man3/* > > %changelog >+* Mon Jan 28 2013 Viktor Hercinger <vhercing@redhat.com> - 7.6-71 >+- Updated to version with upstream IPv6 support >+ > * Sat Jul 21 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7.6-70 > - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild > >diff --git a/tcp_wrappers.ume-ipv6.patch b/tcp_wrappers.ume-ipv6.patch >deleted file mode 100644 >index 07ddc97..0000000 >--- a/tcp_wrappers.ume-ipv6.patch >+++ /dev/null >@@ -1,45 +0,0 @@ >-diff -up tcp_wrappers_7.6/hosts_access.c.patch10 tcp_wrappers_7.6/hosts_access.c >---- tcp_wrappers_7.6/hosts_access.c.patch10 2008-08-29 09:45:12.000000000 +0200 >-+++ tcp_wrappers_7.6/hosts_access.c 2008-08-29 09:45:12.000000000 +0200 >-@@ -443,6 +443,15 @@ char *string; >- int len, mask_len, i = 0; >- char ch; >- >-+ /* >-+ * Behavior of getaddrinfo() against IPv4-mapped IPv6 address is >-+ * different between KAME and Solaris8. While KAME returns >-+ * AF_INET6, Solaris8 returns AF_INET. So, we avoid this here. >-+ */ >-+ if (STRN_EQ(string, "::ffff:", 7) >-+ && dot_quad_addr(string + 7) != INADDR_NONE) >-+ return (masked_match4(net_tok, mask_tok, string + 7)); >-+ >- memset(&hints, 0, sizeof(hints)); >- hints.ai_family = AF_INET6; >- hints.ai_socktype = SOCK_STREAM; >-@@ -452,13 +461,6 @@ char *string; >- memcpy(&addr, res->ai_addr, sizeof(addr)); >- freeaddrinfo(res); >- >-- if (IN6_IS_ADDR_V4MAPPED(&addr.sin6_addr)) { >-- if ((*(u_int32_t *)&net.sin6_addr.s6_addr[12] = dot_quad_addr(net_tok)) == INADDR_NONE >-- || (mask = dot_quad_addr(mask_tok)) == INADDR_NONE) >-- return (NO); >-- return ((*(u_int32_t *)&addr.sin6_addr.s6_addr[12] & mask) == *(u_int32_t *)&net.sin6_addr.s6_addr[12]); >-- } >-- >- /* match IPv6 address against netnumber/prefixlen */ >- len = strlen(net_tok); >- if (*net_tok != '[' || net_tok[len - 1] != ']') >-diff -up tcp_wrappers_7.6/socket.c.patch10 tcp_wrappers_7.6/socket.c >---- tcp_wrappers_7.6/socket.c.patch10 2008-08-29 09:45:12.000000000 +0200 >-+++ tcp_wrappers_7.6/socket.c 2008-08-29 09:45:12.000000000 +0200 >-@@ -228,7 +228,7 @@ struct host_info *host; >- hints.ai_family = sin->sa_family; >- hints.ai_socktype = SOCK_STREAM; >- hints.ai_flags = AI_PASSIVE | AI_CANONNAME | AI_NUMERICHOST; >-- if ((err = getaddrinfo(host->name, NULL, &hints, &res0) == 0)) { >-+ if ((err = getaddrinfo(host->name, NULL, &hints, &res0)) == 0) { >- freeaddrinfo(res0); >- res0 = NULL; >- tcpd_warn("host name/name mismatch: " >diff --git a/tcp_wrappers.usagi-ipv6.patch b/tcp_wrappers.usagi-ipv6.patch >index 2fe7484..e3bc707 100644 >--- a/tcp_wrappers.usagi-ipv6.patch >+++ b/tcp_wrappers.usagi-ipv6.patch >@@ -5,7 +5,7 @@ diff -up tcp_wrappers_7.6/fix_options.c.patch9 tcp_wrappers_7.6/fix_options.c > > #include <sys/types.h> > #include <sys/param.h> >-+#ifdef INET6 >++#ifdef HAVE_IPV6 > +#include <sys/socket.h> > +#endif > #include <netinet/in.h> >@@ -15,7 +15,7 @@ diff -up tcp_wrappers_7.6/fix_options.c.patch9 tcp_wrappers_7.6/fix_options.c > unsigned int opt; > int optlen; > struct in_addr dummy; >-+#ifdef INET6 >++#ifdef HAVE_IPV6 > + struct sockaddr_storage ss; > + int sslen; > + >@@ -47,220 +47,16 @@ diff -up tcp_wrappers_7.6/hosts_access.5.patch9 tcp_wrappers_7.6/hosts_access.5 > pattern `131.155.72.0/255.255.254.0\' matches every address in the > range `131.155.72.0\' through `131.155.73.255\'. > .IP \(bu >-+An expression of the form `[n:n:n:n:n:n:n:n]/m\' is interpreted as a >-+`[net]/prefixlen\' pair. An IPv6 host address is matched if >++An expression of the form `[n:n:n:n:n:n:n:n/m]\' is interpreted as a >++`[net/prefixlen]\' pair. An IPv6 host address is matched if > +`prefixlen\' bits of `net\' is equal to the `prefixlen\' bits of the >-+address. For example, the [net]/prefixlen pattern >-+`[3ffe:505:2:1::]/64\' matches every address in the range >++address. For example, the [net/prefixlen] pattern >++`[3ffe:505:2:1::/64]\' matches every address in the range > +`3ffe:505:2:1::\' through `3ffe:505:2:1:ffff:ffff:ffff:ffff\'. > +.IP \(bu > A string that begins with a `/\' character is treated as a file > name. A host name or address is matched if it matches any host name > or address pattern listed in the named file. The file format is >-diff -up tcp_wrappers_7.6/hosts_access.c.patch9 tcp_wrappers_7.6/hosts_access.c >---- tcp_wrappers_7.6/hosts_access.c.patch9 2008-08-29 09:45:12.000000000 +0200 >-+++ tcp_wrappers_7.6/hosts_access.c 2008-08-29 09:45:12.000000000 +0200 >-@@ -24,7 +24,13 @@ static char sccsid[] = "@(#) hosts_acces >- /* System libraries. */ >- >- #include <sys/types.h> >-+#ifdef INT32_T >-+ typedef uint32_t u_int32_t; >-+#endif >- #include <sys/param.h> >-+#ifdef INET6 >-+#include <sys/socket.h> >-+#endif >- #include <netinet/in.h> >- #include <arpa/inet.h> >- #include <stdio.h> >-@@ -33,6 +39,9 @@ static char sccsid[] = "@(#) hosts_acces >- #include <errno.h> >- #include <setjmp.h> >- #include <string.h> >-+#ifdef INET6 >-+#include <netdb.h> >-+#endif >- >- extern char *fgets(); >- extern int errno; >-@@ -82,6 +91,10 @@ static int client_match(); >- static int host_match(); >- static int string_match(); >- static int masked_match(); >-+#ifdef INET6 >-+static int masked_match4(); >-+static int masked_match6(); >-+#endif >- >- /* Size of logical line buffer. */ >- >-@@ -311,6 +324,13 @@ char *string; >- { >- int n; >- >-+#ifdef INET6 >-+ /* convert IPv4 mapped IPv6 address to IPv4 address */ >-+ if (STRN_EQ(string, "::ffff:", 7) >-+ && dot_quad_addr(string + 7) != INADDR_NONE) { >-+ string += 7; >-+ } >-+#endif >- #ifndef DISABLE_WILDCARD_MATCHING >- if (strchr(tok, '*') || strchr(tok,'?')) { /* contains '*' or '?' */ >- return (match_pattern_ylo(string,tok)); >-@@ -326,20 +346,72 @@ char *string; >- } else if (tok[(n = strlen(tok)) - 1] == '.') { /* prefix */ >- return (STRN_EQ(tok, string, n)); >- } else { /* exact match */ >-+#ifdef INET6 >-+ struct addrinfo hints, *res; >-+ struct sockaddr_in6 pat, addr; >-+ int len, ret; >-+ char ch; >-+ >-+ len = strlen(tok); >-+ if (*tok == '[' && tok[len - 1] == ']') { >-+ ch = tok[len - 1]; >-+ tok[len - 1] = '\0'; >-+ memset(&hints, 0, sizeof(hints)); >-+ hints.ai_family = AF_INET6; >-+ hints.ai_socktype = SOCK_STREAM; >-+ hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST; >-+ if ((ret = getaddrinfo(tok + 1, NULL, &hints, &res)) == 0) { >-+ memcpy(&pat, res->ai_addr, sizeof(pat)); >-+ freeaddrinfo(res); >-+ } >-+ tok[len - 1] = ch; >-+ if (ret != 0 || getaddrinfo(string, NULL, &hints, &res) != 0) >-+ return NO; >-+ memcpy(&addr, res->ai_addr, sizeof(addr)); >-+ freeaddrinfo(res); >-+#ifdef NI_WITHSCOPEID >-+ if (pat.sin6_scope_id != 0 && >-+ addr.sin6_scope_id != pat.sin6_scope_id) >-+ return NO; >-+#endif >-+ return (!memcmp(&pat.sin6_addr, &addr.sin6_addr, >-+ sizeof(struct in6_addr))); >-+ return (ret); >-+ } >-+#endif >- return (STR_EQ(tok, string)); >- } >- } >- >- /* masked_match - match address against netnumber/netmask */ >- >-+#ifdef INET6 >- static int masked_match(net_tok, mask_tok, string) >- char *net_tok; >- char *mask_tok; >- char *string; >- { >-+ return (masked_match4(net_tok, mask_tok, string) || >-+ masked_match6(net_tok, mask_tok, string)); >-+} >-+ >-+static int masked_match4(net_tok, mask_tok, string) >-+#else >-+static int masked_match(net_tok, mask_tok, string) >-+#endif >-+char *net_tok; >-+char *mask_tok; >-+char *string; >-+{ >-+#ifdef INET6 >-+ u_int32_t net; >-+ u_int32_t mask; >-+ u_int32_t addr; >-+#else >- unsigned long net; >- unsigned long mask; >- unsigned long addr; >-+#endif >- >- /* >- * Disallow forms other than dotted quad: the treatment that inet_addr() >-@@ -351,12 +423,78 @@ char *string; >- return (NO); >- if ((net = dot_quad_addr(net_tok)) == INADDR_NONE >- || (mask = dot_quad_addr(mask_tok)) == INADDR_NONE) { >-+#ifndef INET6 >- tcpd_warn("bad net/mask expression: %s/%s", net_tok, mask_tok); >-+#endif >- return (NO); /* not tcpd_jump() */ >- } >- return ((addr & mask) == net); >- } >- >-+#ifdef INET6 >-+static int masked_match6(net_tok, mask_tok, string) >-+char *net_tok; >-+char *mask_tok; >-+char *string; >-+{ >-+ struct addrinfo hints, *res; >-+ struct sockaddr_in6 net, addr; >-+ u_int32_t mask; >-+ int len, mask_len, i = 0; >-+ char ch; >-+ >-+ memset(&hints, 0, sizeof(hints)); >-+ hints.ai_family = AF_INET6; >-+ hints.ai_socktype = SOCK_STREAM; >-+ hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST; >-+ if (getaddrinfo(string, NULL, &hints, &res) != 0) >-+ return NO; >-+ memcpy(&addr, res->ai_addr, sizeof(addr)); >-+ freeaddrinfo(res); >-+ >-+ if (IN6_IS_ADDR_V4MAPPED(&addr.sin6_addr)) { >-+ if ((*(u_int32_t *)&net.sin6_addr.s6_addr[12] = dot_quad_addr(net_tok)) == INADDR_NONE >-+ || (mask = dot_quad_addr(mask_tok)) == INADDR_NONE) >-+ return (NO); >-+ return ((*(u_int32_t *)&addr.sin6_addr.s6_addr[12] & mask) == *(u_int32_t *)&net.sin6_addr.s6_addr[12]); >-+ } >-+ >-+ /* match IPv6 address against netnumber/prefixlen */ >-+ len = strlen(net_tok); >-+ if (*net_tok != '[' || net_tok[len - 1] != ']') >-+ return NO; >-+ ch = net_tok[len - 1]; >-+ net_tok[len - 1] = '\0'; >-+ if (getaddrinfo(net_tok + 1, NULL, &hints, &res) != 0) { >-+ net_tok[len - 1] = ch; >-+ return NO; >-+ } >-+ memcpy(&net, res->ai_addr, sizeof(net)); >-+ freeaddrinfo(res); >-+ net_tok[len - 1] = ch; >-+ if ((mask_len = atoi(mask_tok)) < 0 || mask_len > 128) >-+ return NO; >-+ >-+#ifdef NI_WITHSCOPEID >-+ if (net.sin6_scope_id != 0 && addr.sin6_scope_id != net.sin6_scope_id) >-+ return NO; >-+#endif >-+ while (mask_len > 0) { >-+ if (mask_len < 32) { >-+ mask = htonl(~(0xffffffff >> mask_len)); >-+ if ((*(u_int32_t *)&addr.sin6_addr.s6_addr[i] & mask) != (*(u_int32_t *)&net.sin6_addr.s6_addr[i] & mask)) >-+ return NO; >-+ break; >-+ } >-+ if (*(u_int32_t *)&addr.sin6_addr.s6_addr[i] != *(u_int32_t *)&net.sin6_addr.s6_addr[i]) >-+ return NO; >-+ i += 4; >-+ mask_len -= 32; >-+ } >-+ return YES; >-+} >-+#endif /* INET6 */ >-+ >- #ifndef DISABLE_WILDCARD_MATCHING >- /* Note: this feature has been adapted in a pretty straightforward way >- from Tatu Ylonen's last SSH version under free license by > diff -up tcp_wrappers_7.6/inetcf.c.patch9 tcp_wrappers_7.6/inetcf.c > --- tcp_wrappers_7.6/inetcf.c.patch9 1997-02-12 02:13:24.000000000 +0100 > +++ tcp_wrappers_7.6/inetcf.c 2008-08-29 09:45:12.000000000 +0200 >@@ -268,15 +64,15 @@ diff -up tcp_wrappers_7.6/inetcf.c.patch9 tcp_wrappers_7.6/inetcf.c > * guesses. Shorter names follow longer ones. > */ > char *inet_files[] = { >-+#ifdef INET6 >++#ifdef HAVE_IPV6 > + "/usr/local/v6/etc/inet6d.conf", /* KAME */ > +#endif > "/private/etc/inetd.conf", /* NEXT */ > "/etc/inet/inetd.conf", /* SYSV4 */ > "/usr/etc/inetd.conf", /* IRIX?? */ > diff -up tcp_wrappers_7.6/Makefile.patch9 tcp_wrappers_7.6/Makefile >---- tcp_wrappers_7.6/Makefile.patch9 2008-08-29 09:45:12.000000000 +0200 >-+++ tcp_wrappers_7.6/Makefile 2008-08-29 09:45:12.000000000 +0200 >+--- tcp_wrappers_7.6/Makefile.patch9 2013-01-25 10:53:33.891349937 +0100 >++++ tcp_wrappers_7.6/Makefile 2013-01-25 11:00:57.362801588 +0100 > @@ -21,7 +21,7 @@ what: > @echo " dynix epix esix freebsd hpux irix4 irix5 irix6 isc iunix" > @echo " linux machten mips(untested) ncrsvr4 netbsd next osf power_unix_211" >@@ -286,58 +82,49 @@ diff -up tcp_wrappers_7.6/Makefile.patch9 tcp_wrappers_7.6/Makefile > @echo " uts215 uxp" > @echo > @echo "If none of these match your environment, edit the system" >-@@ -131,20 +131,33 @@ epix: >- NETGROUP=-DNETGROUP TLI= SYSTYPE="-systype bsd43" all >- >- # Freebsd and linux by default have no NIS. >--386bsd netbsd bsdos: >-+386bsd bsdos: >- @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \ >- LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ= NETGROUP= TLI= \ >- EXTRA_CFLAGS=-DSYS_ERRLIST_DEFINED VSYSLOG= all >+@@ -138,13 +138,25 @@ epix: > > freebsd: > @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \ > + LIBS="-L/usr/local/v6/lib -linet6" \ > LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ= NETGROUP= TLI= \ >-- EXTRA_CFLAGS=-DSYS_ERRLIST_DEFINED VSYSLOG= all >-+ EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -DINET6 -Dss_family=__ss_family -Dss_len=__ss_len" \ >-+ VSYSLOG= all >+- EXTRA_CFLAGS=-DUSE_STRERROR VSYSLOG= all >++ EXTRA_CFLAGS="-DUSE_STRERROR -Dss_family=__ss_family -Dss_len=__ss_len" VSYSLOG= all > + > +netbsd: > + @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \ > + LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ= NETGROUP= TLI= \ >-+ EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -DINET6 -Dss_family=__ss_family -Dss_len=__ss_len" VSYSLOG= all >++ EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -Dss_family=__ss_family -Dss_len=__ss_len" VSYSLOG= all > > linux: > @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \ > LIBS="-lnsl" RANLIB=ranlib ARFLAGS=rv AUX_OBJ= \ >-- NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all >-+ NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER -DINET6=1 -Dss_family=__ss_family -Dss_len=__ss_len" all >+- NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DUSE_STRERROR -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all >++ NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DUSE_STRERROR -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER -Dss_family=__ss_family -Dss_len=__ss_len" all > + > +linux-old: > + @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \ > + LIBS="/usr/inet6/lib/libinet6.a -lresolv" \ > + RANLIB=ranlib ARFLAGS=rv AUX_OBJ=setenv.o NETGROUP= TLI= \ >-+ EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER -DINET6=1 -Dss_family=sin6_family -Dsockaddr_storage=sockaddr_in6 -I/usr/inet6/include" all >++ EXTRA_CFLAGS="-DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER -Dss_family=sin6_family -Dsockaddr_storage=sockaddr_in6 -I/usr/inet6/include" all > > # This is good for many SYSV+BSD hybrids with NIS, probably also for HP-UX 7.x. > hpux hpux8 hpux9 hpux10: >-@@ -196,6 +209,13 @@ sunos5: >- NETGROUP=-DNETGROUP AUX_OBJ=setenv.o TLI=-DTLI \ >- BUGS="$(BUGS) -DSOLARIS_24_GETHOSTBYNAME_BUG" all >+@@ -197,6 +209,13 @@ sunos5: >+ BUGS="$(BUGS) -DSOLARIS_24_GETHOSTBYNAME_BUG" IPV6="$(IPV6)" \ >+ EXTRA_CFLAGS=-DUSE_STRERROR all > > +# SunOS 5.8 is another SYSV4 variant, but has IPv6 support > +solaris8: > + @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \ > + LIBS="-lsocket -lnsl" RANLIB=echo ARFLAGS=rv VSYSLOG= \ > + NETGROUP=-DNETGROUP AUX_OBJ=setenv.o TLI=-DTLI \ >-+ EXTRA_CFLAGS="-DINET6 -DNO_CLONE_DEVICE -DINT32_T" all >++ EXTRA_CFLAGS="-DNO_CLONE_DEVICE -DINT32_T" all > + > # Generic SYSV40 > esix sysv4: > @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \ >-@@ -391,7 +411,7 @@ AR = ar >+@@ -392,7 +411,7 @@ AR = ar > # the ones provided with this source distribution. The environ.c module > # implements setenv(), getenv(), and putenv(). > >@@ -346,7 +133,7 @@ diff -up tcp_wrappers_7.6/Makefile.patch9 tcp_wrappers_7.6/Makefile > #AUX_OBJ= environ.o > #AUX_OBJ= environ.o strcasecmp.o > >-@@ -454,7 +474,7 @@ AUX_OBJ= setenv.o >+@@ -455,7 +474,7 @@ AUX_OBJ= setenv.o > # host name aliases. Compile with -DSOLARIS_24_GETHOSTBYNAME_BUG to work > # around this. The workaround does no harm on other Solaris versions. > >@@ -355,13 +142,22 @@ diff -up tcp_wrappers_7.6/Makefile.patch9 tcp_wrappers_7.6/Makefile > #BUGS = -DGETPEERNAME_BUG -DBROKEN_FGETS -DINET_ADDR_BUG > #BUGS = -DGETPEERNAME_BUG -DBROKEN_FGETS -DSOLARIS_24_GETHOSTBYNAME_BUG > >-@@ -472,7 +492,7 @@ BUGS = -DGETPEERNAME_BUG -DBROKEN_FGETS >+@@ -473,7 +492,7 @@ BUGS = -DGETPEERNAME_BUG -DBROKEN_FGETS > # If your system supports vsyslog(), comment out the following definition. > # If in doubt leave it in, it won't harm. > > -VSYSLOG = -Dvsyslog=myvsyslog > +#VSYSLOG = -Dvsyslog=myvsyslog > >+ ############################################################### >+ # System dependencies: whether or not your system has IPV6 >+@@ -485,7 +504,7 @@ VSYSLOG = -Dvsyslog=myvsyslog >+ >+ # If your system does not have getipnodebyname() but uses the obsolete >+ # gethostbyname2() instead, use this (AIX) >+-# IPV6 = -DHAVE_IPV6 -DUSE_GETHOSTBYNAME2 >++IPV6 = -DHAVE_IPV6 -DUSE_GETHOSTBYNAME2 >+ > # End of the system dependencies. > ################################# > diff -up tcp_wrappers_7.6/misc.c.patch9 tcp_wrappers_7.6/misc.c >@@ -371,7 +167,7 @@ diff -up tcp_wrappers_7.6/misc.c.patch9 tcp_wrappers_7.6/misc.c > { > char *cp; > >-+#ifdef INET6 >++#ifdef HAVE_IPV6 > + int bracket = 0; > + > + for (cp = string; cp && *cp; cp++) { >@@ -406,7 +202,7 @@ diff -up tcp_wrappers_7.6/refuse.c.patch9 tcp_wrappers_7.6/refuse.c > void refuse(request) > struct request_info *request; > { >-+#ifdef INET6 >++#ifdef HAVE_IPV6 > + syslog(deny_severity, "refused connect from %s (%s)", > + eval_client(request), eval_hostaddr(request->client)); > +#else >@@ -416,613 +212,21 @@ diff -up tcp_wrappers_7.6/refuse.c.patch9 tcp_wrappers_7.6/refuse.c > /* NOTREACHED */ > } > diff -up tcp_wrappers_7.6/rfc931.c.patch9 tcp_wrappers_7.6/rfc931.c >---- tcp_wrappers_7.6/rfc931.c.patch9 1995-01-02 16:11:34.000000000 +0100 >-+++ tcp_wrappers_7.6/rfc931.c 2008-08-29 09:45:12.000000000 +0200 >-@@ -68,20 +68,50 @@ int sig; >- /* rfc931 - return remote user name, given socket structures */ >- >- void rfc931(rmt_sin, our_sin, dest) >-+#ifdef INET6 >-+struct sockaddr *rmt_sin; >-+struct sockaddr *our_sin; >-+#else >- struct sockaddr_in *rmt_sin; >- struct sockaddr_in *our_sin; >-+#endif >- char *dest; >- { >- unsigned rmt_port; >- unsigned our_port; >-+#ifdef INET6 >-+ struct sockaddr_storage rmt_query_sin; >-+ struct sockaddr_storage our_query_sin; >-+ int alen; >-+#else >- struct sockaddr_in rmt_query_sin; >- struct sockaddr_in our_query_sin; >-+#endif >- char user[256]; /* XXX */ >- char buffer[512]; /* XXX */ >- char *cp; >- char *result = unknown; >- FILE *fp; >+--- tcp_wrappers_7.6/rfc931.c.patch9 2004-05-04 16:01:01.000000000 +0200 >++++ tcp_wrappers_7.6/rfc931.c 2013-01-25 11:08:26.690292897 +0100 >+@@ -94,6 +94,12 @@ char *dest; >+ * sockets. >+ */ > >-+#ifdef INET6 > + /* address family must be the same */ >-+ if (rmt_sin->sa_family != our_sin->sa_family) { >++ if (SGFAM(rmt_sin) != SGFAM(our_sin)) { > + STRN_CPY(dest, result, STRING_LENGTH); > + return; > + } >-+ switch (our_sin->sa_family) { >-+ case AF_INET: >-+ alen = sizeof(struct sockaddr_in); >-+ break; >-+ case AF_INET6: >-+ alen = sizeof(struct sockaddr_in6); >-+ break; >-+ default: >-+ STRN_CPY(dest, result, STRING_LENGTH); >-+ return; >-+ } >-+#endif > + >- /* >- * Use one unbuffered stdio stream for writing to and for reading from >- * the RFC931 etc. server. This is done because of a bug in the SunOS >-@@ -92,7 +122,11 @@ char *dest; >- * sockets. >- */ >- >-+#ifdef INET6 >-+ if ((fp = fsocket(our_sin->sa_family, SOCK_STREAM, 0)) != 0) { >-+#else >- if ((fp = fsocket(AF_INET, SOCK_STREAM, 0)) != 0) { >-+#endif >+ if ((fp = fsocket(SGFAM(rmt_sin), SOCK_STREAM, 0)) != 0) { > setbuf(fp, (char *) 0); > >- /* >-@@ -112,6 +146,25 @@ char *dest; >- * addresses from the query socket. >- */ >- >-+#ifdef INET6 >-+ memcpy(&our_query_sin, our_sin, alen); >-+ memcpy(&rmt_query_sin, rmt_sin, alen); >-+ switch (our_sin->sa_family) { >-+ case AF_INET: >-+ ((struct sockaddr_in *)&our_query_sin)->sin_port = htons(ANY_PORT); >-+ ((struct sockaddr_in *)&rmt_query_sin)->sin_port = htons(RFC931_PORT); >-+ break; >-+ case AF_INET6: >-+ ((struct sockaddr_in6 *)&our_query_sin)->sin6_port = htons(ANY_PORT); >-+ ((struct sockaddr_in6 *)&rmt_query_sin)->sin6_port = htons(RFC931_PORT); >-+ break; >-+ } >-+ >-+ if (bind(fileno(fp), (struct sockaddr *) & our_query_sin, >-+ alen) >= 0 && >-+ connect(fileno(fp), (struct sockaddr *) & rmt_query_sin, >-+ alen) >= 0) { >-+#else >- our_query_sin = *our_sin; >- our_query_sin.sin_port = htons(ANY_PORT); >- rmt_query_sin = *rmt_sin; >-@@ -121,6 +174,7 @@ char *dest; >- sizeof(our_query_sin)) >= 0 && >- connect(fileno(fp), (struct sockaddr *) & rmt_query_sin, >- sizeof(rmt_query_sin)) >= 0) { >-+#endif >- >- /* >- * Send query to server. Neglect the risk that a 13-byte >-@@ -129,8 +183,13 @@ char *dest; >- */ >- >- fprintf(fp, "%u,%u\r\n", >-+#ifdef INET6 >-+ ntohs(((struct sockaddr_in *)rmt_sin)->sin_port), >-+ ntohs(((struct sockaddr_in *)our_sin)->sin_port)); >-+#else >- ntohs(rmt_sin->sin_port), >- ntohs(our_sin->sin_port)); >-+#endif >- fflush(fp); >- >- /* >-@@ -144,8 +203,13 @@ char *dest; >- && ferror(fp) == 0 && feof(fp) == 0 >- && sscanf(buffer, "%u , %u : USERID :%*[^:]:%255s", >- &rmt_port, &our_port, user) == 3 >-+#ifdef INET6 >-+ && ntohs(((struct sockaddr_in *)rmt_sin)->sin_port) == rmt_port >-+ && ntohs(((struct sockaddr_in *)our_sin)->sin_port) == our_port) { >-+#else >- && ntohs(rmt_sin->sin_port) == rmt_port >- && ntohs(our_sin->sin_port) == our_port) { >-+#endif >- >- /* >- * Strip trailing carriage return. It is part of the >-diff -up tcp_wrappers_7.6/scaffold.c.patch9 tcp_wrappers_7.6/scaffold.c >---- tcp_wrappers_7.6/scaffold.c.patch9 1997-03-21 19:27:24.000000000 +0100 >-+++ tcp_wrappers_7.6/scaffold.c 2008-08-29 09:45:12.000000000 +0200 >-@@ -25,7 +25,9 @@ static char sccs_id[] = "@(#) scaffold.c >- #define INADDR_NONE (-1) /* XXX should be 0xffffffff */ >- #endif >- >-+#ifndef INET6 >- extern char *malloc(); >-+#endif >- >- /* Application-specific. */ >- >-@@ -39,6 +41,7 @@ int allow_severity = SEVERITY; >- int deny_severity = LOG_WARNING; >- int rfc931_timeout = RFC931_TIMEOUT; >- >-+#ifndef INET6 >- /* dup_hostent - create hostent in one memory block */ >- >- static struct hostent *dup_hostent(hp) >-@@ -73,9 +76,46 @@ struct hostent *hp; >- } >- return (&hb->host); >- } >-+#endif >- >- /* find_inet_addr - find all addresses for this host, result to free() */ >- >-+#ifdef INET6 >-+struct addrinfo *find_inet_addr(host) >-+char *host; >-+{ >-+ struct addrinfo hints, *res; >-+ >-+ memset(&hints, 0, sizeof(hints)); >-+ hints.ai_family = PF_UNSPEC; >-+ hints.ai_socktype = SOCK_STREAM; >-+ hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST; >-+ if (getaddrinfo(host, NULL, &hints, &res) == 0) >-+ return (res); >-+ >-+ memset(&hints, 0, sizeof(hints)); >-+ hints.ai_family = PF_UNSPEC; >-+ hints.ai_socktype = SOCK_STREAM; >-+ hints.ai_flags = AI_PASSIVE | AI_CANONNAME; >-+ if (getaddrinfo(host, NULL, &hints, &res) != 0) { >-+ tcpd_warn("%s: host not found", host); >-+ return (0); >-+ } >-+ if (res->ai_family != AF_INET6 && res->ai_family != AF_INET) { >-+ tcpd_warn("%d: not an internet host", res->ai_family); >-+ freeaddrinfo(res); >-+ return (0); >-+ } >-+ if (!res->ai_canonname) { >-+ tcpd_warn("%s: hostname alias", host); >-+ tcpd_warn("(cannot obtain official name)", res->ai_canonname); >-+ } else if (STR_NE(host, res->ai_canonname)) { >-+ tcpd_warn("%s: hostname alias", host); >-+ tcpd_warn("(official name: %.*s)", STRING_LENGTH, res->ai_canonname); >-+ } >-+ return (res); >-+} >-+#else >- struct hostent *find_inet_addr(host) >- char *host; >- { >-@@ -118,6 +158,7 @@ char *host; >- } >- return (dup_hostent(hp)); >- } >-+#endif >- >- /* check_dns - give each address thorough workout, return address count */ >- >-@@ -125,8 +166,13 @@ int check_dns(host) >- char *host; >- { >- struct request_info request; >-+#ifdef INET6 >-+ struct sockaddr_storage sin; >-+ struct addrinfo *hp, *res; >-+#else >- struct sockaddr_in sin; >- struct hostent *hp; >-+#endif >- int count; >- char *addr; >- >-@@ -134,11 +180,18 @@ char *host; >- return (0); >- request_init(&request, RQ_CLIENT_SIN, &sin, 0); >- sock_methods(&request); >-+#ifndef INET6 >- memset((char *) &sin, 0, sizeof(sin)); >- sin.sin_family = AF_INET; >-+#endif >- >-+#ifdef INET6 >-+ for (res = hp, count = 0; res; res = res->ai_next, count++) { >-+ memcpy(&sin, res->ai_addr, res->ai_addrlen); >-+#else >- for (count = 0; (addr = hp->h_addr_list[count]) != 0; count++) { >- memcpy((char *) &sin.sin_addr, addr, sizeof(sin.sin_addr)); >-+#endif >- >- /* >- * Force host name and address conversions. Use the request structure >-@@ -151,7 +204,11 @@ char *host; >- tcpd_warn("host address %s->name lookup failed", >- eval_hostaddr(request.client)); >- } >-+#ifdef INET6 >-+ freeaddrinfo(hp); >-+#else >- free((char *) hp); >-+#endif >- return (count); >- } >- >-diff -up tcp_wrappers_7.6/scaffold.h.patch9 tcp_wrappers_7.6/scaffold.h >---- tcp_wrappers_7.6/scaffold.h.patch9 1994-12-31 18:19:20.000000000 +0100 >-+++ tcp_wrappers_7.6/scaffold.h 2008-08-29 09:45:12.000000000 +0200 >-@@ -4,6 +4,10 @@ >- * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. >- */ >- >-+#ifdef INET6 >-+extern struct addrinfo *find_inet_addr(); >-+#else >- extern struct hostent *find_inet_addr(); >-+#endif >- extern int check_dns(); >- extern int check_path(); >-diff -up tcp_wrappers_7.6/socket.c.patch9 tcp_wrappers_7.6/socket.c >---- tcp_wrappers_7.6/socket.c.patch9 2008-08-29 09:45:12.000000000 +0200 >-+++ tcp_wrappers_7.6/socket.c 2008-08-29 09:45:12.000000000 +0200 >-@@ -24,13 +24,22 @@ static char sccsid[] = "@(#) socket.c 1. >- #include <sys/types.h> >- #include <sys/param.h> >- #include <sys/socket.h> >-+#ifdef INT32_T >-+typedef uint32_t u_int32_t; >-+#endif >- #include <netinet/in.h> >- #include <netdb.h> >- #include <stdio.h> >- #include <syslog.h> >- #include <string.h> >- >-+#ifdef INET6 >-+#ifndef NI_WITHSCOPEID >-+#define NI_WITHSCOPEID 0 >-+#endif >-+#else >- extern char *inet_ntoa(); >-+#endif >- >- /* Local stuff. */ >- >-@@ -79,8 +88,13 @@ char *name; >- void sock_host(request) >- struct request_info *request; >- { >-+#ifdef INET6 >-+ static struct sockaddr_storage client; >-+ static struct sockaddr_storage server; >-+#else >- static struct sockaddr_in client; >- static struct sockaddr_in server; >-+#endif >- int len; >- char buf[BUFSIZ]; >- int fd = request->fd; >-@@ -109,7 +123,11 @@ struct request_info *request; >- memset(buf, 0 sizeof(buf)); >- #endif >- } >-+#ifdef INET6 >-+ request->client->sin = (struct sockaddr *)&client; >-+#else >- request->client->sin = &client; >-+#endif >- >- /* >- * Determine the server binding. This is used for client username >-@@ -122,7 +140,11 @@ struct request_info *request; >- tcpd_warn("getsockname: %m"); >- return; >- } >-+#ifdef INET6 >-+ request->server->sin = (struct sockaddr *)&server; >-+#else >- request->server->sin = &server; >-+#endif >- } >- >- /* sock_hostaddr - map endpoint address to printable form */ >-@@ -130,10 +152,26 @@ struct request_info *request; >- void sock_hostaddr(host) >- struct host_info *host; >- { >-+#ifdef INET6 >-+ struct sockaddr *sin = host->sin; >-+ int salen; >-+ >-+ if (!sin) >-+ return; >-+#ifdef SIN6_LEN >-+ salen = sin->sa_len; >-+#else >-+ salen = (sin->sa_family == AF_INET) ? sizeof(struct sockaddr_in) >-+ : sizeof(struct sockaddr_in6); >-+#endif >-+ getnameinfo(sin, salen, host->addr, sizeof(host->addr), >-+ NULL, 0, NI_NUMERICHOST | NI_WITHSCOPEID); >-+#else >- struct sockaddr_in *sin = host->sin; >- >- if (sin != 0) >- STRN_CPY(host->addr, inet_ntoa(sin->sin_addr), sizeof(host->addr)); >-+#endif >- } >- >- /* sock_hostname - map endpoint address to host name */ >-@@ -141,6 +179,160 @@ struct host_info *host; >- void sock_hostname(host) >- struct host_info *host; >- { >-+#ifdef INET6 >-+ struct sockaddr *sin = host->sin; >-+ struct sockaddr_in sin4; >-+ struct addrinfo hints, *res, *res0 = NULL; >-+ int salen, alen, err = 1; >-+ char *ap = NULL, *rap, hname[NI_MAXHOST]; >-+ >-+ if (sin != NULL) { >-+ if (sin->sa_family == AF_INET6) { >-+ struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sin; >-+ >-+ if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { >-+ memset(&sin4, 0, sizeof(sin4)); >-+#ifdef SIN6_LEN >-+ sin4.sin_len = sizeof(sin4); >-+#endif >-+ sin4.sin_family = AF_INET; >-+ sin4.sin_port = sin6->sin6_port; >-+ sin4.sin_addr.s_addr = *(u_int32_t *)&sin6->sin6_addr.s6_addr[12]; >-+ sin = (struct sockaddr *)&sin4; >-+ } >-+ } >-+ switch (sin->sa_family) { >-+ case AF_INET: >-+ ap = (char *)&((struct sockaddr_in *)sin)->sin_addr; >-+ alen = sizeof(struct in_addr); >-+ salen = sizeof(struct sockaddr_in); >-+ break; >-+ case AF_INET6: >-+ ap = (char *)&((struct sockaddr_in6 *)sin)->sin6_addr; >-+ alen = sizeof(struct in6_addr); >-+ salen = sizeof(struct sockaddr_in6); >-+ break; >-+ default: >-+ break; >-+ } >-+ if (ap) >-+ err = getnameinfo(sin, salen, hname, sizeof(hname), >-+ NULL, 0, NI_WITHSCOPEID | NI_NAMEREQD); >-+ } >-+ if (!err) { >-+ >-+ STRN_CPY(host->name, hname, sizeof(host->name)); >-+ >-+ /* reject numeric addresses */ >-+ memset(&hints, 0, sizeof(hints)); >-+ hints.ai_family = sin->sa_family; >-+ hints.ai_socktype = SOCK_STREAM; >-+ hints.ai_flags = AI_PASSIVE | AI_CANONNAME | AI_NUMERICHOST; >-+ if ((err = getaddrinfo(host->name, NULL, &hints, &res0) == 0)) { >-+ freeaddrinfo(res0); >-+ res0 = NULL; >-+ tcpd_warn("host name/name mismatch: " >-+ "reverse lookup results in non-FQDN %s", >-+ host->name); >-+ strcpy(host->name, paranoid); /* name is bad, clobber it */ >-+ } >-+ err = !err; >-+ } >-+ if (!err) { >-+ /* we are now sure that this is non-numeric */ >-+ >-+ /* >-+ * Verify that the address is a member of the address list returned >-+ * by gethostbyname(hostname). >-+ * >-+ * Verify also that gethostbyaddr() and gethostbyname() return the same >-+ * hostname, or rshd and rlogind may still end up being spoofed. >-+ * >-+ * On some sites, gethostbyname("localhost") returns "localhost.domain". >-+ * This is a DNS artefact. We treat it as a special case. When we >-+ * can't believe the address list from gethostbyname("localhost") >-+ * we're in big trouble anyway. >-+ */ >-+ >-+ memset(&hints, 0, sizeof(hints)); >-+ hints.ai_family = sin->sa_family; >-+ hints.ai_socktype = SOCK_STREAM; >-+ hints.ai_flags = AI_PASSIVE | AI_CANONNAME; >-+ if (getaddrinfo(host->name, NULL, &hints, &res0) != 0) { >-+ >-+ /* >-+ * Unable to verify that the host name matches the address. This >-+ * may be a transient problem or a botched name server setup. >-+ */ >-+ >-+ tcpd_warn("can't verify hostname: getaddrinfo(%s, %s) failed", >-+ host->name, >-+ (sin->sa_family == AF_INET) ? "AF_INET" : "AF_INET6"); >-+ >-+ } else if ((res0->ai_canonname == NULL >-+ || STR_NE(host->name, res0->ai_canonname)) >-+ && STR_NE(host->name, "localhost")) { >-+ >-+ /* >-+ * The gethostbyaddr() and gethostbyname() calls did not return >-+ * the same hostname. This could be a nameserver configuration >-+ * problem. It could also be that someone is trying to spoof us. >-+ */ >-+ >-+ tcpd_warn("host name/name mismatch: %s != %.*s", >-+ host->name, STRING_LENGTH, >-+ (res0->ai_canonname == NULL) ? "" : res0->ai_canonname); >-+ >-+ } else { >-+ >-+ /* >-+ * The address should be a member of the address list returned by >-+ * gethostbyname(). We should first verify that the h_addrtype >-+ * field is AF_INET, but this program has already caused too much >-+ * grief on systems with broken library code. >-+ */ >-+ >-+ for (res = res0; res; res = res->ai_next) { >-+ if (res->ai_family != sin->sa_family) >-+ continue; >-+ switch (res->ai_family) { >-+ case AF_INET: >-+ rap = (char *)&((struct sockaddr_in *)res->ai_addr)->sin_addr; >-+ break; >-+ case AF_INET6: >-+ /* need to check scope_id */ >-+ if (((struct sockaddr_in6 *)sin)->sin6_scope_id != >-+ ((struct sockaddr_in6 *)res->ai_addr)->sin6_scope_id) { >-+ continue; >-+ } >-+ rap = (char *)&((struct sockaddr_in6 *)res->ai_addr)->sin6_addr; >-+ break; >-+ default: >-+ continue; >-+ } >-+ if (memcmp(rap, ap, alen) == 0) { >-+ freeaddrinfo(res0); >-+ return; /* name is good, keep it */ >-+ } >-+ } >-+ >-+ /* >-+ * The host name does not map to the initial address. Perhaps >-+ * someone has messed up. Perhaps someone compromised a name >-+ * server. >-+ */ >-+ >-+ getnameinfo(sin, salen, hname, sizeof(hname), >-+ NULL, 0, NI_NUMERICHOST | NI_WITHSCOPEID); >-+ tcpd_warn("host name/address mismatch: %s != %.*s", >-+ hname, STRING_LENGTH, >-+ (res0->ai_canonname == NULL) ? "" : res0->ai_canonname); >-+ } >-+ strcpy(host->name, paranoid); /* name is bad, clobber it */ >-+ if (res0) >-+ freeaddrinfo(res0); >-+ } >-+#else /* INET6 */ >- struct sockaddr_in *sin = host->sin; >- struct hostent *hp; >- int i; >-@@ -220,6 +412,7 @@ struct host_info *host; >- } >- strcpy(host->name, paranoid); /* name is bad, clobber it */ >- } >-+#endif /* INET6 */ >- } >- >- /* sock_sink - absorb unreceived IP datagram */ >-@@ -228,7 +421,11 @@ static void sock_sink(fd) >- int fd; >- { >- char buf[BUFSIZ]; >-+#ifdef INET6 >-+ struct sockaddr_storage sin; >-+#else >- struct sockaddr_in sin; >-+#endif >- int size = sizeof(sin); >- >- /* >-diff -up tcp_wrappers_7.6/tcpdchk.c.patch9 tcp_wrappers_7.6/tcpdchk.c >---- tcp_wrappers_7.6/tcpdchk.c.patch9 1997-02-12 02:13:25.000000000 +0100 >-+++ tcp_wrappers_7.6/tcpdchk.c 2008-08-29 09:45:12.000000000 +0200 >-@@ -22,6 +22,9 @@ static char sccsid[] = "@(#) tcpdchk.c 1 >- >- #include <sys/types.h> >- #include <sys/stat.h> >-+#ifdef INET6 >-+#include <sys/socket.h> >-+#endif >- #include <netinet/in.h> >- #include <arpa/inet.h> >- #include <stdio.h> >-@@ -397,6 +400,31 @@ char *pat; >- } >- } >- >-+#ifdef INET6 >-+static int is_inet6_addr(pat) >-+ char *pat; >-+{ >-+ struct addrinfo hints, *res; >-+ int len, ret; >-+ char ch; >-+ >-+ if (*pat != '[') >-+ return (0); >-+ len = strlen(pat); >-+ if ((ch = pat[len - 1]) != ']') >-+ return (0); >-+ pat[len - 1] = '\0'; >-+ memset(&hints, 0, sizeof(hints)); >-+ hints.ai_family = AF_INET6; >-+ hints.ai_socktype = SOCK_STREAM; >-+ hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST; >-+ if ((ret = getaddrinfo(pat + 1, NULL, &hints, &res)) == 0) >-+ freeaddrinfo(res); >-+ pat[len - 1] = ch; >-+ return (ret == 0); >-+} >-+#endif >-+ >- /* check_host - criticize host pattern */ >- >- static int check_host(pat) >-@@ -423,14 +451,27 @@ char *pat; >- #endif >- #endif >- } else if (mask = split_at(pat, '/')) { /* network/netmask */ >-+#ifdef INET6 >-+ int mask_len; >-+ >-+ if ((dot_quad_addr(pat) == INADDR_NONE >-+ || dot_quad_addr(mask) == INADDR_NONE) >-+ && (!is_inet6_addr(pat) >-+ || ((mask_len = atoi(mask)) < 0 || mask_len > 128))) >-+#else >- if (dot_quad_addr(pat) == INADDR_NONE >- || dot_quad_addr(mask) == INADDR_NONE) >-+#endif >- tcpd_warn("%s/%s: bad net/mask pattern", pat, mask); >- } else if (STR_EQ(pat, "FAIL")) { /* obsolete */ >- tcpd_warn("FAIL is no longer recognized"); >- tcpd_warn("(use EXCEPT or DENY instead)"); >- } else if (reserved_name(pat)) { /* other reserved */ >- /* void */ ; >-+#ifdef INET6 >-+ } else if (is_inet6_addr(pat)) { /* IPv6 address */ >-+ addr_count = 1; >-+#endif >- } else if (NOT_INADDR(pat)) { /* internet name */ >- if (pat[strlen(pat) - 1] == '.') { >- tcpd_warn("%s: domain or host name ends in dot", pat); > diff -up tcp_wrappers_7.6/tcpd.c.patch9 tcp_wrappers_7.6/tcpd.c > --- tcp_wrappers_7.6/tcpd.c.patch9 2008-08-29 09:45:12.000000000 +0200 > +++ tcp_wrappers_7.6/tcpd.c 2008-08-29 09:45:12.000000000 +0200 >@@ -1030,7 +234,7 @@ diff -up tcp_wrappers_7.6/tcpd.c.patch9 tcp_wrappers_7.6/tcpd.c > > /* Report request and invoke the real daemon program. */ > >-+#ifdef INET6 >++#ifdef HAVE_IPV6 > + syslog(allow_severity, "connect from %s (%s)", > + eval_client(&request), eval_hostaddr(request.client)); > +#else >@@ -1039,230 +243,6 @@ diff -up tcp_wrappers_7.6/tcpd.c.patch9 tcp_wrappers_7.6/tcpd.c > closelog(); > (void) execv(path, argv); > syslog(LOG_ERR, "error: cannot execute %s: %m", path); >-diff -up tcp_wrappers_7.6/tcpd.h.patch9 tcp_wrappers_7.6/tcpd.h >---- tcp_wrappers_7.6/tcpd.h.patch9 1996-03-19 16:22:25.000000000 +0100 >-+++ tcp_wrappers_7.6/tcpd.h 2008-08-29 09:45:12.000000000 +0200 >-@@ -11,7 +11,11 @@ >- struct host_info { >- char name[STRING_LENGTH]; /* access via eval_hostname(host) */ >- char addr[STRING_LENGTH]; /* access via eval_hostaddr(host) */ >-+#ifdef INET6 >-+ struct sockaddr *sin; /* socket address or 0 */ >-+#else >- struct sockaddr_in *sin; /* socket address or 0 */ >-+#endif >- struct t_unitdata *unit; /* TLI transport address or 0 */ >- struct request_info *request; /* for shared information */ >- }; >-diff -up tcp_wrappers_7.6/tcpdmatch.c.patch9 tcp_wrappers_7.6/tcpdmatch.c >---- tcp_wrappers_7.6/tcpdmatch.c.patch9 1996-02-11 17:01:36.000000000 +0100 >-+++ tcp_wrappers_7.6/tcpdmatch.c 2008-08-29 09:45:12.000000000 +0200 >-@@ -57,7 +57,11 @@ int main(argc, argv) >- int argc; >- char **argv; >- { >-+#ifdef INET6 >-+ struct addrinfo hints, *hp, *res; >-+#else >- struct hostent *hp; >-+#endif >- char *myname = argv[0]; >- char *client; >- char *server; >-@@ -68,8 +72,13 @@ char **argv; >- int ch; >- char *inetcf = 0; >- int count; >-+#ifdef INET6 >-+ struct sockaddr_storage server_sin; >-+ struct sockaddr_storage client_sin; >-+#else >- struct sockaddr_in server_sin; >- struct sockaddr_in client_sin; >-+#endif >- struct stat st; >- >- /* >-@@ -172,13 +181,20 @@ char **argv; >- if (NOT_INADDR(server) == 0 || HOSTNAME_KNOWN(server)) { >- if ((hp = find_inet_addr(server)) == 0) >- exit(1); >-+#ifndef INET6 >- memset((char *) &server_sin, 0, sizeof(server_sin)); >- server_sin.sin_family = AF_INET; >-+#endif >- request_set(&request, RQ_SERVER_SIN, &server_sin, 0); >- >-+#ifdef INET6 >-+ for (res = hp, count = 0; res; res = res->ai_next, count++) { >-+ memcpy(&server_sin, res->ai_addr, res->ai_addrlen); >-+#else >- for (count = 0; (addr = hp->h_addr_list[count]) != 0; count++) { >- memcpy((char *) &server_sin.sin_addr, addr, >- sizeof(server_sin.sin_addr)); >-+#endif >- >- /* >- * Force evaluation of server host name and address. Host name >-@@ -194,7 +210,11 @@ char **argv; >- fprintf(stderr, "Please specify an address instead\n"); >- exit(1); >- } >-+#ifdef INET6 >-+ freeaddrinfo(hp); >-+#else >- free((char *) hp); >-+#endif >- } else { >- request_set(&request, RQ_SERVER_NAME, server, 0); >- } >-@@ -208,6 +228,18 @@ char **argv; >- tcpdmatch(&request); >- exit(0); >- } >-+#ifdef INET6 >-+ memset(&hints, 0, sizeof(hints)); >-+ hints.ai_family = AF_INET6; >-+ hints.ai_socktype = SOCK_STREAM; >-+ hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST; >-+ if (getaddrinfo(client, NULL, &hints, &res) == 0) { >-+ freeaddrinfo(res); >-+ request_set(&request, RQ_CLIENT_ADDR, client, 0); >-+ tcpdmatch(&request); >-+ exit(0); >-+ } >-+#endif >- >- /* >- * Perhaps they are testing special client hostname patterns that aren't >-@@ -229,6 +261,34 @@ char **argv; >- */ >- if ((hp = find_inet_addr(client)) == 0) >- exit(1); >-+#ifdef INET6 >-+ request_set(&request, RQ_CLIENT_SIN, &client_sin, 0); >-+ >-+ for (res = hp, count = 0; res; res = res->ai_next, count++) { >-+ memcpy(&client_sin, res->ai_addr, res->ai_addrlen); >-+ >-+ /* >-+ * getnameinfo() doesn't do reverse lookup against link-local >-+ * address. So, we pass through host name evaluation against >-+ * such addresses. >-+ */ >-+ if (res->ai_family != AF_INET6 || >-+ !IN6_IS_ADDR_LINKLOCAL(&((struct sockaddr_in6 *)res->ai_addr)->sin6_addr)) { >-+ /* >-+ * Force evaluation of client host name and address. Host name >-+ * conflicts will be reported while eval_hostname() does its job. >-+ */ >-+ request_set(&request, RQ_CLIENT_NAME, "", RQ_CLIENT_ADDR, "", 0); >-+ if (STR_EQ(eval_hostname(request.client), unknown)) >-+ tcpd_warn("host address %s->name lookup failed", >-+ eval_hostaddr(request.client)); >-+ } >-+ tcpdmatch(&request); >-+ if (res->ai_next) >-+ printf("\n"); >-+ } >-+ freeaddrinfo(hp); >-+#else >- memset((char *) &client_sin, 0, sizeof(client_sin)); >- client_sin.sin_family = AF_INET; >- request_set(&request, RQ_CLIENT_SIN, &client_sin, 0); >-@@ -250,6 +310,7 @@ char **argv; >- printf("\n"); >- } >- free((char *) hp); >-+#endif >- exit(0); >- } >- >-diff -up tcp_wrappers_7.6/tli.c.patch9 tcp_wrappers_7.6/tli.c >---- tcp_wrappers_7.6/tli.c.patch9 1997-03-21 19:27:26.000000000 +0100 >-+++ tcp_wrappers_7.6/tli.c 2008-08-29 09:45:12.000000000 +0200 >-@@ -65,8 +65,13 @@ static void tli_sink(); >- void tli_host(request) >- struct request_info *request; >- { >-+#ifdef INET6 >-+ static struct sockaddr_storage client; >-+ static struct sockaddr_storage server; >-+#else >- static struct sockaddr_in client; >- static struct sockaddr_in server; >-+#endif >- >- /* >- * If we discover that we are using an IP transport, pretend we never >-@@ -76,14 +81,29 @@ struct request_info *request; >- >- tli_endpoints(request); >- if ((request->config = tli_transport(request->fd)) != 0 >-+#ifdef INET6 >-+ && (STR_EQ(request->config->nc_protofmly, "inet") || >-+ STR_EQ(request->config->nc_protofmly, "inet6"))) { >-+#else >- && STR_EQ(request->config->nc_protofmly, "inet")) { >-+#endif >- if (request->client->unit != 0) { >-+#ifdef INET6 >-+ client = *(struct sockaddr_storage *) request->client->unit->addr.buf; >-+ request->client->sin = (struct sockaddr *) &client; >-+#else >- client = *(struct sockaddr_in *) request->client->unit->addr.buf; >- request->client->sin = &client; >-+#endif >- } >- if (request->server->unit != 0) { >-+#ifdef INET6 >-+ server = *(struct sockaddr_storage *) request->server->unit->addr.buf; >-+ request->server->sin = (struct sockaddr *) &server; >-+#else >- server = *(struct sockaddr_in *) request->server->unit->addr.buf; >- request->server->sin = &server; >-+#endif >- } >- tli_cleanup(request); >- sock_methods(request); >-@@ -187,7 +207,15 @@ int fd; >- } >- while (config = getnetconfig(handlep)) { >- if (stat(config->nc_device, &from_config) == 0) { >-+#ifdef NO_CLONE_DEVICE >-+ /* >-+ * If the network devices are not cloned (as is the case for >-+ * Solaris 8 Beta), we must compare the major device numbers. >-+ */ >-+ if (major(from_config.st_rdev) == major(from_client.st_rdev)) >-+#else >- if (minor(from_config.st_rdev) == major(from_client.st_rdev)) >-+#endif >- break; >- } >- } >-diff -up tcp_wrappers_7.6/update.c.patch9 tcp_wrappers_7.6/update.c >---- tcp_wrappers_7.6/update.c.patch9 1994-12-28 17:42:56.000000000 +0100 >-+++ tcp_wrappers_7.6/update.c 2008-08-29 09:45:12.000000000 +0200 >-@@ -46,10 +46,18 @@ va_list ap; >- request->fd = va_arg(ap, int); >- continue; >- case RQ_CLIENT_SIN: >-+#ifdef INET6 >-+ request->client->sin = va_arg(ap, struct sockaddr *); >-+#else >- request->client->sin = va_arg(ap, struct sockaddr_in *); >-+#endif >- continue; >- case RQ_SERVER_SIN: >-+#ifdef INET6 >-+ request->server->sin = va_arg(ap, struct sockaddr *); >-+#else >- request->server->sin = va_arg(ap, struct sockaddr_in *); >-+#endif >- continue; >- >- /* > diff -up tcp_wrappers_7.6/workarounds.c.patch9 tcp_wrappers_7.6/workarounds.c > --- tcp_wrappers_7.6/workarounds.c.patch9 1996-03-19 16:22:26.000000000 +0100 > +++ tcp_wrappers_7.6/workarounds.c 2008-08-29 09:45:12.000000000 +0200 >@@ -1270,14 +250,14 @@ diff -up tcp_wrappers_7.6/workarounds.c.patch9 tcp_wrappers_7.6/workarounds.c > int *len; > { > int ret; >-+#ifdef INET6 >++#ifdef HAVE_IPV6 > + struct sockaddr *sin = sa; > +#else > struct sockaddr_in *sin = (struct sockaddr_in *) sa; > +#endif > > if ((ret = getpeername(sock, sa, len)) >= 0 >-+#ifdef INET6 >++#ifdef HAVE_IPV6 > + && ((sin->su_si.si_family == AF_INET6 > + && IN6_IS_ADDR_UNSPECIFIED(&sin->su_sin6.sin6_addr)) > + || (sin->su_si.si_family == AF_INET >diff --git a/tcp_wrappers_7.6-249430.patch b/tcp_wrappers_7.6-249430.patch >index 0ff6fcb..e4b26c6 100644 >--- a/tcp_wrappers_7.6-249430.patch >+++ b/tcp_wrappers_7.6-249430.patch >@@ -1,7 +1,7 @@ > diff -up tcp_wrappers_7.6/hosts_access.c.patch22 tcp_wrappers_7.6/hosts_access.c > --- tcp_wrappers_7.6/hosts_access.c.patch22 2008-08-29 09:45:12.000000000 +0200 > +++ tcp_wrappers_7.6/hosts_access.c 2008-08-29 09:45:12.000000000 +0200 >-@@ -426,7 +426,9 @@ char *string; >+@@ -419,7 +419,9 @@ char *string; > if ((addr = dot_quad_addr(string)) == INADDR_NONE) > return (NO); > if ((net = dot_quad_addr(net_tok)) == INADDR_NONE >@@ -9,6 +9,6 @@ diff -up tcp_wrappers_7.6/hosts_access.c.patch22 tcp_wrappers_7.6/hosts_access.c > + || ((mask = dot_quad_addr(mask_tok)) == INADDR_NONE > + && strcmp(mask_tok, "255.255.255.255"))) { > + /* 255.255.255.255 == INADDR_NONE, separate check needed. TJ. */ >- #ifndef INET6 > tcpd_warn("bad net/mask expression: %s/%s", net_tok, mask_tok); >- #endif >+ return (NO); /* not tcpd_jump() */ >+ } >diff --git a/tcpw7.2-config.patch b/tcpw7.2-config.patch >index 76d37fd..b612076 100644 >--- a/tcpw7.2-config.patch >+++ b/tcpw7.2-config.patch >@@ -14,8 +14,8 @@ diff -up tcp_wrappers_7.6/Makefile.patch1 tcp_wrappers_7.6/Makefile > linux: > @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \ > LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ=setenv.o \ >-- NETGROUP= TLI= EXTRA_CFLAGS="-DBROKEN_SO_LINGER" all >-+ NETGROUP= TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all >+- NETGROUP= TLI= EXTRA_CFLAGS="-DBROKEN_SO_LINGER -DUSE_STRERROR" all >++ NETGROUP= TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DUSE_STRERROR -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all > > # This is good for many SYSV+BSD hybrids with NIS, probably also for HP-UX 7.x. > hpux hpux8 hpux9 hpux10: >diff --git a/tcpw7.2-setenv.patch b/tcpw7.2-setenv.patch >index e8ee8ad..b855944 100644 >--- a/tcpw7.2-setenv.patch >+++ b/tcpw7.2-setenv.patch >@@ -7,6 +7,6 @@ diff -up tcp_wrappers_7.6/Makefile.patch2 tcp_wrappers_7.6/Makefile > @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \ > - LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ=setenv.o \ > + LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ= \ >- NETGROUP= TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all >+ NETGROUP= TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DUSE_STRERROR -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all > > # This is good for many SYSV+BSD hybrids with NIS, probably also for HP-UX 7.x. >diff --git a/tcpw7.6-netgroup.patch b/tcpw7.6-netgroup.patch >index f63e48b..239b6ed 100644 >--- a/tcpw7.6-netgroup.patch >+++ b/tcpw7.6-netgroup.patch >@@ -6,9 +6,9 @@ diff -up tcp_wrappers_7.6/Makefile.patch3 tcp_wrappers_7.6/Makefile > linux: > @make REAL_DAEMON_DIR=$(REAL_DAEMON_DIR) STYLE=$(STYLE) \ > - LIBS= RANLIB=ranlib ARFLAGS=rv AUX_OBJ= \ >-- NETGROUP= TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all >+- NETGROUP= TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DUSE_STRERROR -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all > + LIBS="-lnsl" RANLIB=ranlib ARFLAGS=rv AUX_OBJ= \ >-+ NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all >++ NETGROUP="-DNETGROUP" TLI= EXTRA_CFLAGS="$(RPM_OPT_FLAGS) -DUSE_STRERROR -DSYS_ERRLIST_DEFINED -DBROKEN_SO_LINGER" all > > # This is good for many SYSV+BSD hybrids with NIS, probably also for HP-UX 7.x. > hpux hpux8 hpux9 hpux10: >-- >1.7.11.7 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=690801">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 698740
: 690801