Date: Wed, 29 Oct 2003 17:10:09 +0100 From: Guido van Rooij <guido@gvr.org> To: Dan Langille <dan@langille.org> Cc: FreeBSD-hackers@freebsd.org Subject: Re: hosts_access(3) - correct usage? Message-ID: <20031029161009.GA26309@gvr.gvr.org> In-Reply-To: <3F9F8AAA.12507.14D8EE23@localhost> References: <3F9F8AAA.12507.14D8EE23@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Oct 29, 2003 at 09:38:50AM -0500, Dan Langille wrote: > Is this the right way to use hosts_access? The code blows up during > the hosts_access call. I'm told it runs OK on Linux/Solaris. I'm > wonderding if there's something different it needs to do be doing on > FreeBSD. > > Thanks > > #ifdef HAVE_LIBWRAP > P(mutex); /* hosts_access is not thread safe */ > request_init(&request, RQ_DAEMON, my_name, RQ_FILE, newsockfd, > 0); > fromhost(&request); > if (!hosts_access(&request)) { > V(mutex); > Jmsg2(NULL, M_WARNING, 0, _("Connection from %s:%d refused > by hosts.access"), > inet_ntoa(cli_addr.sin_addr), ntohs(cli_addr.sin_port)); > close(newsockfd); > continue; > } > V(mutex); > #endif This seems okay to me. OpenSSH uses: struct request_info req; request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0); fromhost(&req); if (!hosts_access(&req)) { debug("Connection refused by tcp wrapper"); refuse(&req); /* NOTREACHED */ fatal("libwrap refuse returns"); } I take it that newsockfd is the one returned from accept()? I'd try using a debug version of libwrap... -Guido
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031029161009.GA26309>