hosts_access(3) offers hosts_ctl for checking tcpd access restrictions. The corresponding prototype in <tcpd.h> is missing, though. Fix: Add extern int hosts_ctl(char *daemon, char *client_name, char *client_addr, char *client_user); or extern int hosts_ctl(); to tcpd.h. If you go for the first version, it might be worth updating the prototypes of the other functions as well. I could do this and provide an entire patch if requested. How-To-Repeat: Compile an application which uses hosts_ctl -> warning about missing prototype.
Responsible Changed From-To: freebsd-bugs->dwmalone I'm interested in adding prototypes to tcpd.h (though it needs some care as it is contributed code).
Well, it's open so long. Bellow are the patch that adds prototype to tcpd.h with care, as it is contributed code. David, if you disagree with this patch, commit the hosts_ctl prototype add only. It's true bug, other are cosmetics changes only. Thank you Dan *** contrib/tcp_wrappers/tcpd.h.ORIG Thu Feb 3 11:26:59 2000 --- contrib/tcp_wrappers/tcpd.h Mon Sep 6 08:55:07 2004 *************** *** 6,11 **** --- 6,22 ---- * $FreeBSD: src/contrib/tcp_wrappers/tcpd.h,v 1.2 2000/02/03 10:26:59 shin Exp $ */ + #ifndef __TCPD_H__ + #define __TCPD_H__ + + #ifndef __P + # if defined(__STDC__) || defined (__cplusplus) + # define __P(x) x + # else + # define __P(x) () + # endif + #endif + /* Structure to describe one communications endpoint. */ #define STRING_LENGTH 128 /* hosts, users, processes */ *************** *** 67,86 **** /* Global functions. */ #if defined(TLI) || defined(PTX) || defined(TLI_SEQUENT) ! extern void fromhost(); /* get/validate client host info */ #else #define fromhost sock_host /* no TLI support needed */ #endif ! extern int hosts_access(); /* access control */ ! extern void shell_cmd(); /* execute shell command */ ! extern char *percent_x(); /* do %<char> expansion */ ! extern void rfc931(); /* client name from RFC 931 daemon */ ! extern void clean_exit(); /* clean up and exit */ ! extern void refuse(); /* clean up and exit */ ! extern char *xgets(); /* fgets() on steroids */ ! extern char *split_at(); /* strchr() and split */ ! extern unsigned long dot_quad_addr(); /* restricted inet_addr() */ /* Global variables. */ --- 78,103 ---- /* Global functions. */ #if defined(TLI) || defined(PTX) || defined(TLI_SEQUENT) ! extern void ! fromhost __P((struct request_info *request)); /* get/validate client host info */ #else #define fromhost sock_host /* no TLI support needed */ #endif ! extern int hosts_access __P((struct request_info *)); ! extern int hosts_ctl __P((char *, char *, char *, char *)); ! extern void shell_cmd __P((char *command)); ! extern char *percent_x __P((char *, int, char *, struct request_info *)); ! #ifdef INET6 ! extern void rfc931 __P((struct sockaddr *, struct sockaddr *)); ! #else ! extern void rfc931 __P((struct sockaddr_in *, struct sockaddr_in *)); ! #endif ! extern void clean_exit __P((struct request_info *)); ! extern void refuse __P((struct request_info *)); ! extern char *xgets __P((char *, int, FILE *)); ! extern char *split_at __P((char *, int)); ! extern unsigned long dot_quad_addr __P((char *)); /* Global variables. */ *************** *** 97,109 **** * attributes. Each attribute has its own key. */ ! #ifdef __STDC__ ! extern struct request_info *request_init(struct request_info *,...); ! extern struct request_info *request_set(struct request_info *,...); ! #else ! extern struct request_info *request_init(); /* initialize request */ ! extern struct request_info *request_set(); /* update request structure */ ! #endif #define RQ_FILE 1 /* file descriptor */ #define RQ_DAEMON 2 /* server process (argv[0]) */ --- 114,121 ---- * attributes. Each attribute has its own key. */ ! extern struct request_info *request_init __P((struct request_info *,...)); ! extern struct request_info *request_set __P((struct request_info *,...)); #define RQ_FILE 1 /* file descriptor */ #define RQ_DAEMON 2 /* server process (argv[0]) */ *************** *** 123,149 **** * host_info structures serve as caches for the lookup results. */ ! extern char *eval_user(); /* client user */ ! extern char *eval_hostname(); /* printable hostname */ ! extern char *eval_hostaddr(); /* printable host address */ ! extern char *eval_hostinfo(); /* host name or address */ ! extern char *eval_client(); /* whatever is available */ ! extern char *eval_server(); /* whatever is available */ #define eval_daemon(r) ((r)->daemon) /* daemon process name */ #define eval_pid(r) ((r)->pid) /* process id */ /* Socket-specific methods, including DNS hostname lookups. */ ! extern void sock_host(); /* look up endpoint addresses */ ! extern void sock_hostname(); /* translate address to hostname */ ! extern void sock_hostaddr(); /* address to printable address */ #define sock_methods(r) \ { (r)->hostname = sock_hostname; (r)->hostaddr = sock_hostaddr; } /* The System V Transport-Level Interface (TLI) interface. */ #if defined(TLI) || defined(PTX) || defined(TLI_SEQUENT) ! extern void tli_host(); /* look up endpoint addresses etc. */ #endif /* --- 135,161 ---- * host_info structures serve as caches for the lookup results. */ ! extern char *eval_user __P((struct request_info *)); ! extern char *eval_hostname __P((struct host_info *)); ! extern char *eval_hostaddr __P((struct host_info *)); ! extern char *eval_hostinfo __P((struct host_info *)); /* host name or address */ ! extern char *eval_client __P((struct request_info *)); ! extern char *eval_server __P((struct request_info *)); #define eval_daemon(r) ((r)->daemon) /* daemon process name */ #define eval_pid(r) ((r)->pid) /* process id */ /* Socket-specific methods, including DNS hostname lookups. */ ! extern void sock_host __P((struct request_info *)); ! extern void sock_hostname __P((struct host_info *)); ! extern void sock_hostaddr __P((struct host_info *)); #define sock_methods(r) \ { (r)->hostname = sock_hostname; (r)->hostaddr = sock_hostaddr; } /* The System V Transport-Level Interface (TLI) interface. */ #if defined(TLI) || defined(PTX) || defined(TLI_SEQUENT) ! extern void tli_host __P((struct request_info *)); #endif /* *************** *** 152,164 **** * everyone would have to include <setjmp.h>. */ ! #ifdef __STDC__ ! extern void tcpd_warn(char *, ...); /* report problem and proceed */ ! extern void tcpd_jump(char *, ...); /* report problem and jump */ ! #else ! extern void tcpd_warn(); ! extern void tcpd_jump(); ! #endif struct tcpd_context { char *file; /* current file */ --- 164,171 ---- * everyone would have to include <setjmp.h>. */ ! extern void tcpd_warn __P((char *, ...)); /* report problem and proceed */ ! extern void tcpd_jump __P((char *, ...)); /* report problem and jump */ struct tcpd_context { char *file; /* current file */ *************** *** 184,225 **** * behavior. */ ! extern void process_options(); /* execute options */ extern int dry_run; /* verification flag */ /* Bug workarounds. */ #ifdef INET_ADDR_BUG /* inet_addr() returns struct */ #define inet_addr fix_inet_addr ! extern long fix_inet_addr(); #endif #ifdef BROKEN_FGETS /* partial reads from sockets */ #define fgets fix_fgets ! extern char *fix_fgets(); #endif #ifdef RECVFROM_BUG /* no address family info */ #define recvfrom fix_recvfrom ! extern int fix_recvfrom(); #endif #ifdef GETPEERNAME_BUG /* claims success with UDP */ #define getpeername fix_getpeername ! extern int fix_getpeername(); #endif #ifdef SOLARIS_24_GETHOSTBYNAME_BUG /* lists addresses as aliases */ #define gethostbyname fix_gethostbyname ! extern struct hostent *fix_gethostbyname(); #endif #ifdef USE_STRSEP /* libc calls strtok() */ #define strtok fix_strtok ! extern char *fix_strtok(); #endif #ifdef LIBC_CALLS_STRTOK /* libc calls strtok() */ #define strtok my_strtok ! extern char *my_strtok(); #endif --- 191,238 ---- * behavior. */ ! extern void process_options __P((char *, struct request_info *)); extern int dry_run; /* verification flag */ /* Bug workarounds. */ #ifdef INET_ADDR_BUG /* inet_addr() returns struct */ #define inet_addr fix_inet_addr ! extern long fix_inet_addr __P((char *)); #endif #ifdef BROKEN_FGETS /* partial reads from sockets */ #define fgets fix_fgets ! extern char *fix_fgets __P((char *. int, FILE *)); #endif #ifdef RECVFROM_BUG /* no address family info */ #define recvfrom fix_recvfrom ! extern int fix_recvfrom __P((int, char *, int, int, struct sockaddr *, int)); #endif #ifdef GETPEERNAME_BUG /* claims success with UDP */ #define getpeername fix_getpeername ! extern int fix_getpeername __P((int, struct sockaddr *, int)); ! #endif ! ! #ifdef USE_GETDOMAIN /* no yp_default_domain() */ ! extern int yp_get_default_domain __P((char **)); #endif #ifdef SOLARIS_24_GETHOSTBYNAME_BUG /* lists addresses as aliases */ #define gethostbyname fix_gethostbyname ! extern struct hostent *fix_gethostbyname __P((char *)); #endif #ifdef USE_STRSEP /* libc calls strtok() */ #define strtok fix_strtok ! extern char *fix_strtok __P((char *, char *)); #endif #ifdef LIBC_CALLS_STRTOK /* libc calls strtok() */ #define strtok my_strtok ! extern char *my_strtok __P((char *, char *)); #endif + + #endif /* __TCPD_H__ */
Responsible Changed From-To: dwmalone->freebsd-bugs over to the pool (approved by bugmeister)
For reference, Illumos did this already https://www.illumos.org/issues/4385 (with lots of other changes) https://github.com/Nexenta/illumos-nexenta/commit/9b5f5885b666050a9ec3f0ff18de2c6bf4703232
A commit references this bug: Author: pfg Date: Sat Oct 11 18:54:37 UTC 2014 New revision: 272950 URL: https://svnweb.freebsd.org/changeset/base/272950 Log: tcpd.h: add prototype for hosts_ctl According the hosts_access(3) man page the hosts_ctl() prototype should be in tcpd.h. For now, follow other declarations and don't add the arguments in the prototype. Reference: https://www.illumos.org/issues/4385 PR: 32808 MFC after: 2 weeks Changes: head/contrib/tcp_wrappers/tcpd.h
I kept the patch really simple but it should be enough for most applications.
It's not all that urgent to MFC this.
A commit references this bug: Author: pfg Date: Sat Jan 17 01:20:29 UTC 2015 New revision: 277281 URL: https://svnweb.freebsd.org/changeset/base/277281 Log: MFC r272947, r272950: tcpd: complete function prototypes. tcpd.h: add prototype for hosts_ctl This clears up at least a build issues on mysql-server ports. While here also replace some spaces with tabs in our headers. PR: 32808 PR: 42336 Changes: _U stable/10/ stable/10/contrib/tcp_wrappers/inetcf.h stable/10/contrib/tcp_wrappers/mystdarg.h stable/10/contrib/tcp_wrappers/tcpd.h stable/10/contrib/tcp_wrappers/tli-sequent.h
A commit references this bug: Author: pfg Date: Sat Jan 17 01:21:31 UTC 2015 New revision: 277282 URL: https://svnweb.freebsd.org/changeset/base/277282 Log: MFC r272947, r272950: tcpd: complete function prototypes. tcpd.h: add prototype for hosts_ctl This clears up at least a build issues on mysql-server ports. While here also replace some spaces with tabs in our headers. PR: 32808 PR: 42336 Changes: stable/9/contrib/tcp_wrappers/inetcf.h stable/9/contrib/tcp_wrappers/mystdarg.h stable/9/contrib/tcp_wrappers/tcpd.h stable/9/contrib/tcp_wrappers/tli-sequent.h
A commit references this bug: Author: dim Date: Mon Jan 9 20:14:21 UTC 2017 New revision: 311816 URL: https://svnweb.freebsd.org/changeset/base/311816 Log: MFC r257398 (by sbruno): Quiesce warnings by updating headerfile includes r257404 | sbruno | 2013-10-30 23:41:18 +0100 (Wed, 30 Oct 2013) | 9 lines Quiesce two warnings: 1. define the CODE * as const 2. restructure function to eliminate warning about exiting with no return. severity_map() never returns when it can't find an appropriate sysylog facility, and it longjmp()'s away into error code handling. Keep this behavior by stashing the facility value found during our search and checking for -1 if found. MFC r257405 (by sbruno): Quiesce warning, which could be a bug IMO, by correctly defining the host_info structure name MFC r257406 (by sbruno): Queisce warning about undeclared function usage. yp_get_default_domain is defined in workaround.c but is not declared in any header file. Tie the declaration to the same #define conditional used when the function is called, NETGROUP MFC r272949 (by pfg): tcpd: complete function prototypes. This clears up at least a build issues on mysql-server ports. While here also replace some spaces with tabs in our headers. PR: 42336 MFC r272950 (by pfg): tcpd.h: add prototype for hosts_ctl According the hosts_access(3) man page the hosts_ctl() prototype should be in tcpd.h. For now, follow other declarations and don't add the arguments in the prototype. Reference: https://www.illumos.org/issues/4385 PR: 32808 MFC r311459: Put proper prototypes in tcpd.h Clang 4.0.0 complains about tcpd.h's not-really-prototypes, e.g.: /usr/include/tcpd.h:75:24: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes] extern int hosts_access(); /* access control */ ^ To fix this, turn these declarations into real prototypes. While here, garbage collect the incompatible rfc931() function from scaffold.c, as it is never used. Reviewed by: emaste Differential Revision: https://reviews.freebsd.org/D9052 MFC r311461: Also remove unnecessary extern keywords from tcpd.h. Noticed by: kib MFC r311556: After r311459, some ports can break, because a few of the newly added prototypes in <tcpd.h> use FILE. Pull in a minimal forward declaration of FILE from <stdio.h> to minimize impact. Sorry for the breakage. Reported by: Shawn Webb <shawn.webb@hardenedbsd.org> Changes: _U stable/9/ _U stable/9/contrib/ stable/9/contrib/tcp_wrappers/clean_exit.c stable/9/contrib/tcp_wrappers/hosts_access.c stable/9/contrib/tcp_wrappers/options.c stable/9/contrib/tcp_wrappers/percent_x.c stable/9/contrib/tcp_wrappers/rfc931.c stable/9/contrib/tcp_wrappers/scaffold.c stable/9/contrib/tcp_wrappers/shell_cmd.c stable/9/contrib/tcp_wrappers/tcpd.h stable/9/contrib/tcp_wrappers/update.c