Line 0
Link Here
|
|
|
1 |
--- include/tcpd.h.orig 2016-06-15 10:03:22 UTC |
2 |
+++ include/tcpd.h |
3 |
@@ -0,0 +1,235 @@ |
4 |
+ /* |
5 |
+ * @(#) tcpd.h 1.5 96/03/19 16:22:24 |
6 |
+ * |
7 |
+ * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. |
8 |
+ */ |
9 |
+ |
10 |
+/* |
11 |
+ * This version of the file has been hacked over by |
12 |
+ * Kern Sibbald to make it compatible with C++ for |
13 |
+ * the few functions that Bacula uses. 19 April 2002 |
14 |
+ * It now compiles with C++ but remains untested. |
15 |
+ * A correct fix would require significantly more work. |
16 |
+ */ |
17 |
+ |
18 |
+#ifdef __cplusplus |
19 |
+extern "C" { |
20 |
+#endif |
21 |
+ |
22 |
+/* Structure to describe one communications endpoint. */ |
23 |
+ |
24 |
+#define STRING_LENGTH 128 /* hosts, users, processes */ |
25 |
+ |
26 |
+struct host_info { |
27 |
+ char name[STRING_LENGTH]; /* access via eval_hostname(host) */ |
28 |
+ char addr[STRING_LENGTH]; /* access via eval_hostaddr(host) */ |
29 |
+ struct sockaddr_in *sin; /* socket address or 0 */ |
30 |
+ struct t_unitdata *unit; /* TLI transport address or 0 */ |
31 |
+ struct request_info *request; /* for shared information */ |
32 |
+}; |
33 |
+ |
34 |
+/* Structure to describe what we know about a service request. */ |
35 |
+ |
36 |
+struct request_info { |
37 |
+ int fd; /* socket handle */ |
38 |
+ char user[STRING_LENGTH]; /* access via eval_user(request) */ |
39 |
+ char daemon[STRING_LENGTH]; /* access via eval_daemon(request) */ |
40 |
+ char pid[10]; /* access via eval_pid(request) */ |
41 |
+ struct host_info client[1]; /* client endpoint info */ |
42 |
+ struct host_info server[1]; /* server endpoint info */ |
43 |
+ void (*sink) (void); /* datagram sink function or 0 */ |
44 |
+ void (*hostname) (void); /* address to printable hostname */ |
45 |
+ void (*hostaddr) (void); /* address to printable address */ |
46 |
+ void (*cleanup) (void); /* cleanup function or 0 */ |
47 |
+ struct netconfig *config; /* netdir handle */ |
48 |
+}; |
49 |
+ |
50 |
+/* Common string operations. Less clutter should be more readable. */ |
51 |
+ |
52 |
+#define STRN_CPY(d,s,l) { strncpy((d),(s),(l)); (d)[(l)-1] = 0; } |
53 |
+ |
54 |
+#define STRN_EQ(x,y,l) (strncasecmp((x),(y),(l)) == 0) |
55 |
+#define STRN_NE(x,y,l) (strncasecmp((x),(y),(l)) != 0) |
56 |
+#define STR_EQ(x,y) (strcasecmp((x),(y)) == 0) |
57 |
+#define STR_NE(x,y) (strcasecmp((x),(y)) != 0) |
58 |
+ |
59 |
+ /* |
60 |
+ * Initially, all above strings have the empty value. Information that |
61 |
+ * cannot be determined at runtime is set to "unknown", so that we can |
62 |
+ * distinguish between `unavailable' and `not yet looked up'. A hostname |
63 |
+ * that we do not believe in is set to "paranoid". |
64 |
+ */ |
65 |
+ |
66 |
+#define STRING_UNKNOWN "unknown" /* lookup failed */ |
67 |
+#define STRING_PARANOID "paranoid" /* hostname conflict */ |
68 |
+ |
69 |
+extern char unknown[]; |
70 |
+extern char paranoid[]; |
71 |
+ |
72 |
+#define HOSTNAME_KNOWN(s) (STR_NE((s),unknown) && STR_NE((s),paranoid)) |
73 |
+ |
74 |
+#define NOT_INADDR(s) (s[strspn(s,"01234567890./")] != 0) |
75 |
+ |
76 |
+/* Global functions. */ |
77 |
+ |
78 |
+#if defined(TLI) || defined(PTX) || defined(TLI_SEQUENT) |
79 |
+extern void fromhost(); /* get/validate client host info */ |
80 |
+#else |
81 |
+#define fromhost sock_host /* no TLI support needed */ |
82 |
+#endif |
83 |
+ |
84 |
+extern int hosts_access(struct request_info *); /* access control */ |
85 |
+extern void shell_cmd(void); /* execute shell command */ |
86 |
+extern char *percent_x(void); /* do %<char> expansion */ |
87 |
+extern void rfc931(void); /* client name from RFC 931 daemon */ |
88 |
+extern void clean_exit(void); /* clean up and exit */ |
89 |
+extern void refuse(void); /* clean up and exit */ |
90 |
+extern char *xgets(void); /* fgets() on steroids */ |
91 |
+extern char *split_at(void); /* strchr() and split */ |
92 |
+extern unsigned long dot_quad_addr(void); /* restricted inet_addr() */ |
93 |
+ |
94 |
+/* Global variables. */ |
95 |
+ |
96 |
+extern int allow_severity; /* for connection logging */ |
97 |
+extern int deny_severity; /* for connection logging */ |
98 |
+extern char *hosts_allow_table; /* for verification mode redirection */ |
99 |
+extern char *hosts_deny_table; /* for verification mode redirection */ |
100 |
+extern int hosts_access_verbose; /* for verbose matching mode */ |
101 |
+extern int rfc931_timeout; /* user lookup timeout */ |
102 |
+extern int resident; /* > 0 if resident process */ |
103 |
+ |
104 |
+ /* |
105 |
+ * Routines for controlled initialization and update of request structure |
106 |
+ * attributes. Each attribute has its own key. |
107 |
+ */ |
108 |
+ |
109 |
+#ifdef __STDC__ |
110 |
+extern struct request_info *request_init(struct request_info *,...); |
111 |
+extern struct request_info *request_set(struct request_info *,...); |
112 |
+#else |
113 |
+extern struct request_info *request_init(); /* initialize request */ |
114 |
+extern struct request_info *request_set(); /* update request structure */ |
115 |
+#endif |
116 |
+ |
117 |
+#define RQ_FILE 1 /* file descriptor */ |
118 |
+#define RQ_DAEMON 2 /* server process (argv[0]) */ |
119 |
+#define RQ_USER 3 /* client user name */ |
120 |
+#define RQ_CLIENT_NAME 4 /* client host name */ |
121 |
+#define RQ_CLIENT_ADDR 5 /* client host address */ |
122 |
+#define RQ_CLIENT_SIN 6 /* client endpoint (internal) */ |
123 |
+#define RQ_SERVER_NAME 7 /* server host name */ |
124 |
+#define RQ_SERVER_ADDR 8 /* server host address */ |
125 |
+#define RQ_SERVER_SIN 9 /* server endpoint (internal) */ |
126 |
+ |
127 |
+ /* |
128 |
+ * Routines for delayed evaluation of request attributes. Each attribute |
129 |
+ * type has its own access method. The trivial ones are implemented by |
130 |
+ * macros. The other ones are wrappers around the transport-specific host |
131 |
+ * name, address, and client user lookup methods. The request_info and |
132 |
+ * host_info structures serve as caches for the lookup results. |
133 |
+ */ |
134 |
+ |
135 |
+extern char *eval_user(void); /* client user */ |
136 |
+extern char *eval_hostname(void); /* printable hostname */ |
137 |
+extern char *eval_hostaddr(void); /* printable host address */ |
138 |
+extern char *eval_hostinfo(void); /* host name or address */ |
139 |
+extern char *eval_client(struct request_info *); /* whatever is available */ |
140 |
+extern char *eval_server(void); /* whatever is available */ |
141 |
+#define eval_daemon(r) ((r)->daemon) /* daemon process name */ |
142 |
+#define eval_pid(r) ((r)->pid) /* process id */ |
143 |
+ |
144 |
+/* Socket-specific methods, including DNS hostname lookups. */ |
145 |
+ |
146 |
+extern void sock_host(struct request_info *); |
147 |
+extern void sock_hostname(void); /* translate address to hostname */ |
148 |
+extern void sock_hostaddr(void); /* address to printable address */ |
149 |
+#define sock_methods(r) \ |
150 |
+ { (r)->hostname = sock_hostname; (r)->hostaddr = sock_hostaddr; } |
151 |
+ |
152 |
+/* The System V Transport-Level Interface (TLI) interface. */ |
153 |
+ |
154 |
+#if defined(TLI) || defined(PTX) || defined(TLI_SEQUENT) |
155 |
+extern void tli_host(); /* look up endpoint addresses etc. */ |
156 |
+#endif |
157 |
+ |
158 |
+ /* |
159 |
+ * Problem reporting interface. Additional file/line context is reported |
160 |
+ * when available. The jump buffer (tcpd_buf) is not declared here, or |
161 |
+ * everyone would have to include <setjmp.h>. |
162 |
+ */ |
163 |
+ |
164 |
+#ifdef __STDC__ |
165 |
+extern void tcpd_warn(char *, ...); /* report problem and proceed */ |
166 |
+extern void tcpd_jump(char *, ...); /* report problem and jump */ |
167 |
+#else |
168 |
+extern void tcpd_warn(); |
169 |
+extern void tcpd_jump(); |
170 |
+#endif |
171 |
+ |
172 |
+struct tcpd_context { |
173 |
+ char *file; /* current file */ |
174 |
+ int line; /* current line */ |
175 |
+}; |
176 |
+extern struct tcpd_context tcpd_context; |
177 |
+ |
178 |
+ /* |
179 |
+ * While processing access control rules, error conditions are handled by |
180 |
+ * jumping back into the hosts_access() routine. This is cleaner than |
181 |
+ * checking the return value of each and every silly little function. The |
182 |
+ * (-1) returns are here because zero is already taken by longjmp(). |
183 |
+ */ |
184 |
+ |
185 |
+#define AC_PERMIT 1 /* permit access */ |
186 |
+#define AC_DENY (-1) /* deny_access */ |
187 |
+#define AC_ERROR AC_DENY /* XXX */ |
188 |
+ |
189 |
+ /* |
190 |
+ * In verification mode an option function should just say what it would do, |
191 |
+ * instead of really doing it. An option function that would not return |
192 |
+ * should clear the dry_run flag to inform the caller of this unusual |
193 |
+ * behavior. |
194 |
+ */ |
195 |
+ |
196 |
+extern void process_options(void); /* execute options */ |
197 |
+extern int dry_run; /* verification flag */ |
198 |
+ |
199 |
+/* Bug workarounds. */ |
200 |
+ |
201 |
+#ifdef INET_ADDR_BUG /* inet_addr() returns struct */ |
202 |
+#define inet_addr fix_inet_addr |
203 |
+extern long fix_inet_addr(void); |
204 |
+#endif |
205 |
+ |
206 |
+#ifdef BROKEN_FGETS /* partial reads from sockets */ |
207 |
+#define fgets fix_fgets |
208 |
+extern char *fix_fgets(void); |
209 |
+#endif |
210 |
+ |
211 |
+#ifdef RECVFROM_BUG /* no address family info */ |
212 |
+#define recvfrom fix_recvfrom |
213 |
+extern int fix_recvfrom(void); |
214 |
+#endif |
215 |
+ |
216 |
+#ifdef GETPEERNAME_BUG /* claims success with UDP */ |
217 |
+#define getpeername fix_getpeername |
218 |
+extern int fix_getpeername(void); |
219 |
+#endif |
220 |
+ |
221 |
+#ifdef SOLARIS_24_GETHOSTBYNAME_BUG /* lists addresses as aliases */ |
222 |
+#define gethostbyname fix_gethostbyname |
223 |
+extern struct hostent *fix_gethostbyname(void); |
224 |
+#endif |
225 |
+ |
226 |
+#ifdef USE_STRSEP /* libc calls strtok(void) */ |
227 |
+#define strtok fix_strtok |
228 |
+extern char *fix_strtok(void); |
229 |
+#endif |
230 |
+ |
231 |
+#ifdef LIBC_CALLS_STRTOK /* libc calls strtok() */ |
232 |
+#define strtok my_strtok |
233 |
+extern char *my_strtok(void); |
234 |
+#endif |
235 |
+ |
236 |
+#ifdef __cplusplus |
237 |
+} |
238 |
+#endif |