| History log of /src/lib/libwrap/hosts_access.c |
| Revision | | Date | Author | Comments |
| 1.24 |
| 18-Mar-2021 |
christos | simplify expression, daemon is an array can't be NULL.
|
| 1.23 |
| 07-Mar-2021 |
christos | Add blocklist support to libwrap which enables all programs using libwrap
to block access from hosts we deny. (libwrap support from Greg A. Woods)
|
| 1.22 |
| 30-Mar-2020 |
ryo | PR/54992: fix hosts_access(5) to works for IPv6 linklocal address without scope-id
|
| 1.21 |
| 17-Feb-2016 |
christos | branches: 1.21.16;
PR/50823: David Binderman: Limit scanf width
|
| 1.20 |
| 21-Mar-2012 |
matt | Use C89 function definition
|
| 1.19 |
| 18-Dec-2008 |
christos | branches: 1.19.8; 1.19.10;
Wietse Wenema's tcpd-blacklist-patch:
ftp://ftp.porcupine.org/pub/security/tcpd-blacklist-patch
- If a host starts with a / treat it as a filename containing a list of hosts.
|
| 1.18 |
| 08-Jan-2006 |
jdc | Use ntohl(host_address) so that RBL lookups work on little-endian hosts.
Tested on alpha, i386 and sparc64.
Fixes PR lib/30402.
|
| 1.17 |
| 26-Dec-2002 |
lukem | branches: 1.17.6;
If we're going to replace strtok() with strtok_r(), and the caller of the
latter is invoked recursively, use static (instead of automatic) storage
for the "last" pointer so that we remember where we're up to ...
Fixes bug with hosts.deny rules such as "rpcbind: ALL EXCEPT some.domain".
|
| 1.16 |
| 22-Jun-2002 |
itojun | use strtok_r, as strtok can interfere with other callers. from openbsd
|
| 1.15 |
| 06-Jun-2002 |
itojun | support scoped IPv6 address properly. PR 16810.
|
| 1.14 |
| 24-May-2002 |
itojun | cleanup some of portability #ifdefs, which are not needed for netbsd.
|
| 1.13 |
| 24-Apr-2002 |
atatat | Clean out "dirty" to avoid spurious log entries.
|
| 1.12 |
| 04-Apr-2002 |
atatat | Log a warning if the address (n) has more significant bits than the
netmask (m) in a entry of the form "n.n.n.n/m.m.m.m".
|
| 1.11 |
| 21-Jan-2000 |
mycroft | Nuke `extern int errno;' in code we compile with -Wstrict-prototypes. We get
the correct definition from errno.h.
|
| 1.10 |
| 31-Aug-1999 |
itojun | Apply IPv6 support patch.
Note that all IPv6 address must be wrapped with square bracket, like:
ALL: [::1/128] 127.0.0.1/255.255.255.255
Increase shlib minor.
ftp://ftp.kame.net/pub/kame/misc/tcp_wrappers-76-v6-19990831.diff.gz
|
| 1.9 |
| 27-Aug-1999 |
itojun | resolve conflicts on upgrade (to 7.6).
|
| 1.8 |
| 03-Jul-1999 |
simonb | Revert white space changes for imported sources.
|
| 1.7 |
| 02-Jul-1999 |
simonb | More trailing white space.
|
| 1.6 |
| 09-May-1999 |
christos | don't use inet_addr, use inet_aton... Otherwise masks of 255.255.255.255
don't work, so we cannot restrict rules to a single host.
|
| 1.5 |
| 18-Jan-1999 |
christos | branches: 1.5.2;
sprintf -> snprintf (not needed, but since snprintf is used everywhere else)
|
| 1.4 |
| 18-Jan-1999 |
christos | PR/6837: Greg A. Woods: Add RBL capability for libwrap.
|
| 1.3 |
| 26-Oct-1997 |
christos | PR/4347: Jim Bernard: compile error with -DNETGROUP
|
| 1.2 |
| 09-Oct-1997 |
christos | branches: 1.2.2;
Fix for WARNS=1 and remove WARNS override from Makefile
|
| 1.1 |
| 26-Nov-1996 |
mrg | branches: 1.1.1;
Initial revision
|
| 1.1.1.2 |
| 27-Aug-1999 |
itojun | libwrap from tcp_wrappers 7.6
|
| 1.1.1.1 |
| 26-Nov-1996 |
mrg | libwrap from tcp_wrappers 7.4
|
| 1.2.2.1 |
| 09-Nov-1997 |
veego | Pull up rev 1.3 from the trunk (approved by jason):
>PR/4347: Jim Bernard: compile error with -DNETGROUP
|
| 1.5.2.1 |
| 23-Jan-2000 |
he | Pull up revision 1.11 (requested by mycroft):
Always do the errno indirection hack, so that non-threaded
libraries get the right errno value when linked with -lpthread.
This means "always include <errno.h> and never declare errno
yourself".
|
| 1.17.6.1 |
| 21-Jan-2006 |
snj | Pull up following revision(s) (requested by jdc in ticket #1118):
lib/libwrap/hosts_access.c: revision 1.18
Use ntohl(host_address) so that RBL lookups work on little-endian hosts.
Tested on alpha, i386 and sparc64.
Fixes PR lib/30402.
|
| 1.19.10.2 |
| 23-Apr-2012 |
riz | Back out changes committed as part of ticket #195 which were apparently
not intended as part of the pullup request. Should fix netbsd-6 build.
|
| 1.19.10.1 |
| 23-Apr-2012 |
riz | Pull up following revision(s) (requested by manu in ticket #195):
lib/libskey/skeysubr.c: revision 1.27
lib/libkvm/kvm_getloadavg.c: revision 1.11
lib/libwrap/update.c: revision 1.9
lib/liby/yyerror.c: revision 1.9
lib/libpuffs/puffs_ops.3: revision 1.30
lib/libwrap/misc.c: revision 1.10
lib/libwrap/hosts_access.c: revision 1.20
lib/libpuffs/pnode.c: revision 1.11
lib/libperfuse/subr.c: revision 1.17
lib/libpuffs/pnode.c: revision 1.12
lib/libperfuse/subr.c: revision 1.18
lib/libwrap/options.c: revision 1.15
lib/libwrap/fix_options.c: revision 1.11
lib/libperfuse/ops.c: revision 1.52
lib/libperfuse/ops.c: revision 1.53
lib/libperfuse/ops.c: revision 1.54
lib/libwrap/hosts_ctl.c: revision 1.5
lib/libintl/gettext.c: revision 1.27
lib/libwrap/shell_cmd.c: revision 1.6
lib/libpuffs/dispatcher.c: revision 1.39
lib/libperfuse/perfuse_priv.h: revision 1.27
lib/libwrap/socket.c: revision 1.19
lib/libpuffs/puffs.3: revision 1.50
lib/libperfuse/perfuse_priv.h: revision 1.28
lib/libpuffs/puffs_priv.h: revision 1.45
lib/libpuffs/puffs.3: revision 1.51
lib/libperfuse/perfuse_priv.h: revision 1.29
lib/libwrap/percent_x.c: revision 1.5
lib/libpuffs/puffs.3: revision 1.52
lib/libperfuse/debug.c: revision 1.11
sys/fs/puffs/puffs_vnops.c: revision 1.165
lib/libwrap/tcpd.h: revision 1.13
sys/fs/puffs/puffs_vnops.c: revision 1.166
lib/libwrap/eval.c: revision 1.7
sys/fs/puffs/puffs_msgif.h: revision 1.78
sys/fs/puffs/puffs_vfsops.c: revision 1.101
lib/libwrap/rfc931.c: revision 1.9
lib/libwrap/clean_exit.c: revision 1.5
lib/libpuffs/puffs.h: revision 1.120
lib/libc/stdlib/jemalloc.c: revision 1.27
lib/librmt/rmtlib.c: revision 1.26
lib/libpuffs/puffs.h: revision 1.121
sys/fs/puffs/puffs_sys.h: revision 1.79
lib/librumpclient/rumpclient.c: revision 1.48
lib/libwrap/refuse.c: revision 1.5
lib/libperfuse/perfuse.c: revision 1.26
lib/libperfuse/perfuse.c: revision 1.27
tests/fs/puffs/t_fuzz.c: revision 1.5
lib/libperfuse/perfuse.c: revision 1.28
lib/libpuffs/dispatcher.c: revision 1.40
sys/fs/puffs/puffs_node.c: revision 1.24
lib/libwrap/diag.c: revision 1.9
lib/libintl/textdomain.c: revision 1.13
Use C89 function definition
Add name and atttribute cache with filesytem provided TTL.
lookup, create, mknod, mkdir, symlink, getattr and setattr messages
have been extended so that attributes and their TTL can be provided
by the filesytem. lookup, create, mknod, mkdir, and symlink messages
are also extended so that the filesystem can provide name TTL.
Add PUFFS_KFLAG_CACHE_FS_TTL flag to puffs_init(3) to use name and
attribute cache with filesystem provided TTL.
lookup, create, mknod, mkdir, symlink, getattr and setattr messages
have been extended so that attributes and their TTL can be provided
by the filesytem. lookup, create, mknod, mkdir, and symlink messages
are also extended so that the filesystem can provide name TTL.
The filesystem updates attributes and TTL using
puffs_pn_getvap(3), puffs_pn_getvattl(3), and puffs_pn_getcnttl(3)
Use new PUFFS_KFLAG_CACHE_FS_TTL option to puffs_init(3) so that
FUSE TTL on name and attributes are used. This save many PUFFS
operations and improves performances.
PUFFS_KFLAG_CACHE_FS_TTL is #ifdef'ed in many places for now so that
libperfuse can still be used on netbsd-5.
Split file system.
Comma fixes.
Remove dangling "and".
Bump date for previous.
- Makesure update_va does not change vnode size when it should not. For
instance when doing a fault-issued VOP_GETPAGES within VOP_WRITE, changing
size leads to panic: genfs_getpages: past eof.
-Handle ticks wrap around for vnode name andattribute timeout
- When using PUFFS_KFLAG_CACHE_FS_TTL, do not use puffs_node to carry
attribute and TTL fora newly created node. Instead extend puffs_newinfo
and add puffs_newinfo_setva() and puffs_newinfo_setttl()
- Remove node_mk_common_final in libperfuse. It used to set uid/gid for
a newly created vnode but has been made redundant along time ago since
uid and gid are properly set in FUSE header.
- In libperfuse, check for corner case where opc = 0 on INACTIVE and RECLAIM
(how is it possible? Check for it to avoid a crash anyway)
- In libperfuse, make sure we unlimit RLIMIT_AS and RLIMIT_DATA so that
we do notrun out of memory because the kernel is lazy at reclaiming vnodes.
- In libperfuse, cleanup style of perfuse_destroy_pn()
Do not set PUFFS_KFLAG_CACHE_FS_TTL for PUFFS tests
|
| 1.19.8.1 |
| 17-Apr-2012 |
yamt | sync with head
|
| 1.21.16.1 |
| 08-Apr-2020 |
martin | Merge changes from current as of 20200406
|
