Changeset 295
- Timestamp:
- Oct 31, 2010, 10:36:04 AM (14 years ago)
- Location:
- trunk
- Files:
-
- 2 added
- 25 edited
-
Makefile.in (modified) (8 diffs)
-
acconfig.h (modified) (1 diff)
-
aclocal.m4 (modified) (1 diff)
-
configure.ac (modified) (3 diffs)
-
depend.dep (modified) (6 diffs)
-
depend.sum (modified) (1 diff)
-
docs/Changelog (modified) (1 diff)
-
include/samhain.h (modified) (2 diffs)
-
include/sh_calls.h (modified) (1 diff)
-
include/sh_ipvx.h (added)
-
include/sh_tools.h (modified) (1 diff)
-
src/cutest_sh_tools.c (modified) (2 diffs)
-
src/sh_audit.c (modified) (1 diff)
-
src/sh_calls.c (modified) (10 diffs)
-
src/sh_forward.c (modified) (41 diffs)
-
src/sh_getopt.c (modified) (1 diff)
-
src/sh_ipvx.c (added)
-
src/sh_login_track.c (modified) (2 diffs)
-
src/sh_mail.c (modified) (8 diffs)
-
src/sh_port2proc.c (modified) (12 diffs)
-
src/sh_portcheck.c (modified) (63 diffs)
-
src/sh_registry.c (modified) (5 diffs)
-
src/sh_socket.c (modified) (2 diffs)
-
src/sh_tools.c (modified) (9 diffs)
-
src/sh_unix.c (modified) (8 diffs)
-
src/sh_utmp.c (modified) (4 diffs)
-
test/testrun_1e.sh (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/Makefile.in
r294 r295 124 124 sh_processcheck.h sh_portcheck.h sh_pthread.h sh_string.h \ 125 125 sh_log_check.h sh_log_evalrule.h sh_log_correlate.h \ 126 sh_log_mark.h sh_log_repeat.h sh_inotify.h sh_registry.h 126 sh_log_mark.h sh_log_repeat.h sh_inotify.h sh_registry.h sh_ipvx.h 127 127 128 128 … … 166 166 $(srcsrc)/sh_inotify.c $(srcsrc)/sh_log_repeat.c \ 167 167 $(srcsrc)/sh_audit.c $(srcsrc)/sh_registry.c \ 168 $(srcsrc)/sh_ipvx.c \ 168 169 $(srcsrc)/t-test1.c 169 170 … … 185 186 sh_log_correlate.o sh_log_mark.o sh_log_repeat.o \ 186 187 sh_pthread.o sh_string.o sh_inotify.o dnmalloc.o \ 187 sh_audit.o sh_registry.o 188 sh_audit.o sh_registry.o sh_ipvx.o 188 189 189 190 KERN = kern_head.h kern_head.c … … 1689 1690 1690 1691 samhain.o: $(srcsrc)/samhain.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_files.h $(srcinc)/sh_utils.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_getopt.h $(srcinc)/sh_readconf.h $(srcinc)/sh_hash.h $(srcinc)/sh_nmail.h $(srcinc)/sh_tiger.h $(srcinc)/sh_gpg.h $(srcinc)/sh_mem.h $(srcinc)/sh_forward.h $(srcinc)/sh_tools.h $(srcinc)/sh_hash.h $(srcinc)/sh_extern.h $(srcinc)/sh_modules.h $(srcinc)/sh_ignore.h $(srcinc)/sh_prelink.h sh_MK.h $(srcinc)/sh_schedule.h 1691 sh_unix.o: $(srcsrc)/sh_unix.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_utils.h $(srcinc)/sh_mem.h $(srcinc)/sh_hash.h $(srcinc)/sh_tools.h $(srcinc)/sh_ tiger.h $(srcinc)/sh_prelink.h $(srcinc)/sh_pthread.h $(srcinc)/sh_static.h $(srcinc)/sh_prelude.h $(srcinc)/zAVLTree.h $(srcinc)/sh_ignore.h1692 sh_unix.o: $(srcsrc)/sh_unix.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_utils.h $(srcinc)/sh_mem.h $(srcinc)/sh_hash.h $(srcinc)/sh_tools.h $(srcinc)/sh_ipvx.h $(srcinc)/sh_tiger.h $(srcinc)/sh_prelink.h $(srcinc)/sh_pthread.h $(srcinc)/sh_static.h $(srcinc)/sh_prelude.h $(srcinc)/zAVLTree.h $(srcinc)/sh_ignore.h 1692 1693 sh_utils.o: $(srcsrc)/sh_utils.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_tiger.h $(srcinc)/sh_entropy.h $(srcinc)/sh_pthread.h 1693 1694 sh_error.o: $(srcsrc)/sh_error.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_cat.h $(srcinc)/sh_database.h $(srcinc)/sh_error.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_tiger.h $(srcinc)/sh_nmail.h $(srcinc)/sh_forward.h $(srcinc)/sh_prelude.h $(srcinc)/sh_pthread.h $(srcinc)/sh_tools.h $(srcinc)/sh_extern.h … … 1701 1702 sh_tiger2_64.o: $(srcsrc)/sh_tiger2_64.c Makefile config_xor.h 1702 1703 sh_hash.o: $(srcsrc)/sh_hash.c Makefile config_xor.h $(srcinc)/sh_hash.h $(srcinc)/sh_utils.h $(srcinc)/sh_error.h $(srcinc)/sh_tiger.h $(srcinc)/sh_gpg.h $(srcinc)/sh_unix.h $(srcinc)/sh_files.h $(srcinc)/sh_ignore.h $(srcinc)/sh_pthread.h $(srcinc)/sh_forward.h $(srcinc)/sh_hash.h 1703 sh_mail.o: $(srcsrc)/sh_mail.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_tiger.h $(srcinc)/sh_mail.h $(srcinc)/sh_utils.h $(srcinc)/sh_fifo.h $(srcinc)/sh_tools.h $(srcinc)/sh_pthread.h $(srcinc)/sh_filter.h $(srcinc)/sh_mail_int.h $(srcinc)/sh_nmail.h $(srcinc)/sh_ static.h $(srcinc)/sh_tools.h1704 sh_mail.o: $(srcsrc)/sh_mail.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_tiger.h $(srcinc)/sh_mail.h $(srcinc)/sh_utils.h $(srcinc)/sh_fifo.h $(srcinc)/sh_tools.h $(srcinc)/sh_pthread.h $(srcinc)/sh_filter.h $(srcinc)/sh_mail_int.h $(srcinc)/sh_nmail.h $(srcinc)/sh_ipvx.h $(srcinc)/sh_static.h $(srcinc)/sh_tools.h 1704 1705 sh_mem.o: $(srcsrc)/sh_mem.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_utils.h $(srcinc)/sh_mem.h $(srcinc)/sh_pthread.h 1705 1706 sh_entropy.o: $(srcsrc)/sh_entropy.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_tiger.h $(srcinc)/sh_calls.h $(srcinc)/sh_pthread.h $(srcinc)/sh_static.h $(srcinc)/sh_pthread.h $(srcinc)/CuTest.h 1706 sh_forward.o: $(srcsrc)/sh_forward.c Makefile config_xor.h $(srcinc)/s amhain.h $(srcinc)/sh_tiger.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_forward.h $(srcinc)/sh_srp.h $(srcinc)/sh_fifo.h $(srcinc)/sh_tools.h $(srcinc)/sh_entropy.h $(srcinc)/sh_html.h $(srcinc)/sh_nmail.h $(srcinc)/sh_socket.h $(srcinc)/sh_static.h $(srcinc)/rijndael-api-fst.h $(srcinc)/sh_readconf.h $(srcinc)/zAVLTree.h $(srcinc)/sh_extern.h1707 sh_forward.o: $(srcsrc)/sh_forward.c Makefile config_xor.h $(srcinc)/sh_ipvx.h $(srcinc)/samhain.h $(srcinc)/sh_tiger.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_forward.h $(srcinc)/sh_srp.h $(srcinc)/sh_fifo.h $(srcinc)/sh_tools.h $(srcinc)/sh_entropy.h $(srcinc)/sh_html.h $(srcinc)/sh_nmail.h $(srcinc)/sh_socket.h $(srcinc)/sh_static.h $(srcinc)/rijndael-api-fst.h $(srcinc)/sh_readconf.h $(srcinc)/zAVLTree.h $(srcinc)/sh_extern.h 1707 1708 sh_modules.o: $(srcsrc)/sh_modules.c Makefile config_xor.h $(srcinc)/sh_modules.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utmp.h $(srcinc)/sh_mounts.h $(srcinc)/sh_userfiles.h $(srcinc)/sh_kern.h $(srcinc)/sh_suidchk.h $(srcinc)/sh_processcheck.h $(srcinc)/sh_portcheck.h $(srcinc)/sh_logmon.h $(srcinc)/sh_registry.h 1708 1709 sh_utmp.o: $(srcsrc)/sh_utmp.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_utils.h $(srcinc)/sh_error.h $(srcinc)/sh_modules.h $(srcinc)/sh_utmp.h $(srcinc)/sh_pthread.h $(srcinc)/sh_inotify.h … … 1711 1712 sh_srp.o: $(srcsrc)/sh_srp.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_tiger.h $(srcinc)/sh_mem.h $(srcinc)/sh_utils.h $(srcinc)/sh_srp.h $(srcinc)/bignum.h $(srcinc)/CuTest.h 1712 1713 sh_fifo.o: $(srcsrc)/sh_fifo.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_mem.h $(srcinc)/sh_unix.h $(srcinc)/sh_utils.h $(srcinc)/sh_string.h $(srcinc)/sh_fifo.h 1713 sh_tools.o: $(srcsrc)/sh_tools.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_mem.h $(srcinc)/sh_error.h $(srcinc)/sh_tools.h $(srcinc)/sh_utils.h $(srcinc)/sh_tiger.h $(srcinc)/sh_static.h $(srcinc)/sh_pthread.h $(srcinc)/ rijndael-api-fst.h $(srcinc)/rijndael-api-fst.h1714 sh_tools.o: $(srcsrc)/sh_tools.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_mem.h $(srcinc)/sh_error.h $(srcinc)/sh_tools.h $(srcinc)/sh_utils.h $(srcinc)/sh_tiger.h $(srcinc)/sh_static.h $(srcinc)/sh_pthread.h $(srcinc)/sh_ipvx.h $(srcinc)/rijndael-api-fst.h $(srcinc)/rijndael-api-fst.h 1714 1715 sh_html.o: $(srcsrc)/sh_html.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_forward.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_utils.h $(srcinc)/sh_html.h $(srcinc)/zAVLTree.h 1715 1716 sh_gpg.o: $(srcsrc)/sh_gpg.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_utils.h $(srcinc)/sh_error.h $(srcinc)/sh_tiger.h $(srcinc)/sh_static.h 1716 1717 sh_cat.o: $(srcsrc)/sh_cat.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_cat.h 1717 sh_calls.o: $(srcsrc)/sh_calls.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_calls.h 1718 sh_calls.o: $(srcsrc)/sh_calls.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_calls.h $(srcinc)/sh_ipvx.h 1718 1719 sh_extern.o: $(srcsrc)/sh_extern.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_tiger.h $(srcinc)/sh_extern.h $(srcinc)/sh_calls.h $(srcinc)/sh_filter.h $(srcinc)/sh_static.h 1719 1720 sh_database.o: $(srcsrc)/sh_database.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_cat.h $(srcinc)/sh_error.h $(srcinc)/sh_utils.h … … 1748 1749 sh_async.o: $(srcsrc)/sh_async.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_calls.h $(srcinc)/sh_error.h 1749 1750 sh_processcheck.o: $(srcsrc)/sh_processcheck.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_modules.h $(srcinc)/sh_processcheck.h $(srcinc)/sh_utils.h $(srcinc)/sh_error.h $(srcinc)/sh_extern.h $(srcinc)/sh_calls.h $(srcinc)/sh_pthread.h $(srcinc)/CuTest.h 1750 sh_portcheck.o: $(srcsrc)/sh_portcheck.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_mem.h $(srcinc)/sh_calls.h $(srcinc)/sh_utils.h $(srcinc)/sh_modules.h $(srcinc)/sh_static.h $(srcinc)/sh_pthread.h $(srcinc)/ CuTest.h1751 sh_portcheck.o: $(srcsrc)/sh_portcheck.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_mem.h $(srcinc)/sh_calls.h $(srcinc)/sh_utils.h $(srcinc)/sh_modules.h $(srcinc)/sh_static.h $(srcinc)/sh_pthread.h $(srcinc)/sh_ipvx.h $(srcinc)/CuTest.h 1751 1752 sh_pthread.o: $(srcsrc)/sh_pthread.c Makefile config_xor.h $(srcinc)/sh_pthread.h $(srcinc)/sh_calls.h $(srcinc)/sh_modules.h 1752 1753 sh_string.o: $(srcsrc)/sh_string.c Makefile config_xor.h $(srcinc)/sh_string.h $(srcinc)/sh_mem.h $(srcinc)/CuTest.h 1753 1754 dnmalloc.o: $(srcsrc)/dnmalloc.c Makefile config.h 1754 1755 t-test1.o: $(srcsrc)/t-test1.c Makefile config.h $(srcinc)/malloc.h 1755 sh_port2proc.o: $(srcsrc)/sh_port2proc.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_utils.h $(srcinc)/sh_error_min.h $(srcinc)/sh_pthread.h 1756 sh_port2proc.o: $(srcsrc)/sh_port2proc.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_utils.h $(srcinc)/sh_error_min.h $(srcinc)/sh_pthread.h $(srcinc)/sh_ipvx.h $(srcinc)/samhain.h $(srcinc)/sh_utils.h 1756 1757 sh_log_parse_syslog.o: $(srcsrc)/sh_log_parse_syslog.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_log_check.h $(srcinc)/sh_utils.h $(srcinc)/sh_string.h 1757 1758 sh_log_parse_pacct.o: $(srcsrc)/sh_log_parse_pacct.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_log_check.h $(srcinc)/sh_utils.h $(srcinc)/sh_string.h … … 1767 1768 sh_log_repeat.o: $(srcsrc)/sh_log_repeat.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_string.h $(srcinc)/sh_log_check.h $(srcinc)/sh_log_evalrule.h 1768 1769 sh_log_parse_generic.o: $(srcsrc)/sh_log_parse_generic.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_log_check.h $(srcinc)/sh_string.h 1769 sh_login_track.o: $(srcsrc)/sh_login_track.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_string.h $(srcinc)/sh_tools.h $(srcinc)/sh_ error_min.h $(srcinc)/CuTest.h $(srcinc)/CuTest.h1770 sh_login_track.o: $(srcsrc)/sh_login_track.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_string.h $(srcinc)/sh_tools.h $(srcinc)/sh_ipvx.h $(srcinc)/sh_error_min.h $(srcinc)/CuTest.h $(srcinc)/CuTest.h 1770 1771 sh_audit.o: $(srcsrc)/sh_audit.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_extern.h $(srcinc)/sh_utils.h 1771 1772 sh_registry.o: $(srcsrc)/sh_registry.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_modules.h $(srcinc)/sh_hash.h $(srcinc)/sh_tiger.h 1773 sh_ipvx.o: $(srcsrc)/sh_ipvx.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_static.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_ipvx.h -
trunk/acconfig.h
r265 r295 363 363 /* Define if your struct utmp has ut_addr. */ 364 364 #undef HAVE_UTADDR 365 366 /* Define if your struct utmp has ut_addr_v6 */ 367 #undef HAVE_UTADDR_V6 365 368 366 369 /* Define if your includes are broken. */ -
trunk/aclocal.m4
r290 r295 409 409 x_libraries=NONE 410 410 DESTDIR= 411 SH_ENABLE_OPTS="ssp db-reload xml-log message-queue login-watch process-check port-check mounts-check logfile-monitor userfiles debug ptrace static network udp nocl stealth micro-stealth install-name identity khide suidcheck base largefile mail external-scripts encrypt srp dnmalloc "411 SH_ENABLE_OPTS="ssp db-reload xml-log message-queue login-watch process-check port-check mounts-check logfile-monitor userfiles debug ptrace static network udp nocl stealth micro-stealth install-name identity khide suidcheck base largefile mail external-scripts encrypt srp dnmalloc ipv6" 412 412 SH_WITH_OPTS="prelude libprelude-prefix database libwrap cflags libs console altconsole timeserver alttimeserver rnd egd-socket port logserver altlogserver kcheck gpg keyid checksum fp recipient sender trusted tmp-dir config-file log-file pid-file state-dir data-file html-file" 413 413 -
trunk/configure.ac
r294 r295 247 247 AC_EGREP_HEADER(ut_host, utmpx.h, AC_DEFINE(HAVE_UTHOST) ) 248 248 AC_EGREP_HEADER(ut_addr, utmpx.h, AC_DEFINE(HAVE_UTADDR) ) 249 AC_EGREP_HEADER(ut_addr_v6, utmpx.h, AC_DEFINE(HAVE_UTADDR_V6) ) 249 250 AC_EGREP_HEADER(ut_xtime,utmpx.h, AC_DEFINE(HAVE_UTXTIME) ) 250 251 AC_EGREP_HEADER(ut_type, utmpx.h, AC_DEFINE(HAVE_UTTYPE) ) … … 369 370 strptime basename sched_yield hasmntopt \ 370 371 inet_aton gethostbyname setutent setrlimit gethostname uname \ 372 getaddrinfo getnameinfo \ 371 373 initgroups getpagesize \ 372 374 ttyname fchmod writev mmap tzset \ … … 1575 1577 fi 1576 1578 mydebugit="yes" 1579 elif test "x${enable_debug}" = "xgdb"; then 1580 if test "x${myneedg3}" = "xyes"; then 1581 mydebugdef="-g3" 1582 else 1583 mydebugdef="-g" 1584 fi 1585 mydebugit="yes" 1577 1586 fi 1578 1587 ] 1579 1588 ) 1580 1589 AC_SUBST(mydebugdef) 1590 1591 1592 AC_ARG_ENABLE(ipv6, 1593 [ --disable-ipv6 disable ipv6 support], 1594 [ 1595 if test "x${enable_ipv6}" = xno; then 1596 AC_DEFINE(USE_IPV4,1,[Define if you do not want IPv6]) 1597 fi 1598 ] 1599 ) 1581 1600 1582 1601 if test "x${dnmalloc_ok}" = "xyes"; then -
trunk/depend.dep
r294 r295 2 2 # DO NOT DELETE THIS LINE 3 3 samhain.o: $(srcsrc)/samhain.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_files.h $(srcinc)/sh_utils.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_getopt.h $(srcinc)/sh_readconf.h $(srcinc)/sh_hash.h $(srcinc)/sh_nmail.h $(srcinc)/sh_tiger.h $(srcinc)/sh_gpg.h $(srcinc)/sh_mem.h $(srcinc)/sh_forward.h $(srcinc)/sh_tools.h $(srcinc)/sh_hash.h $(srcinc)/sh_extern.h $(srcinc)/sh_modules.h $(srcinc)/sh_ignore.h $(srcinc)/sh_prelink.h sh_MK.h $(srcinc)/sh_schedule.h 4 sh_unix.o: $(srcsrc)/sh_unix.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_utils.h $(srcinc)/sh_mem.h $(srcinc)/sh_hash.h $(srcinc)/sh_tools.h $(srcinc)/sh_ tiger.h $(srcinc)/sh_prelink.h $(srcinc)/sh_pthread.h $(srcinc)/sh_static.h $(srcinc)/sh_prelude.h $(srcinc)/zAVLTree.h $(srcinc)/sh_ignore.h4 sh_unix.o: $(srcsrc)/sh_unix.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_utils.h $(srcinc)/sh_mem.h $(srcinc)/sh_hash.h $(srcinc)/sh_tools.h $(srcinc)/sh_ipvx.h $(srcinc)/sh_tiger.h $(srcinc)/sh_prelink.h $(srcinc)/sh_pthread.h $(srcinc)/sh_static.h $(srcinc)/sh_prelude.h $(srcinc)/zAVLTree.h $(srcinc)/sh_ignore.h 5 5 sh_utils.o: $(srcsrc)/sh_utils.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_tiger.h $(srcinc)/sh_entropy.h $(srcinc)/sh_pthread.h 6 6 sh_error.o: $(srcsrc)/sh_error.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_cat.h $(srcinc)/sh_database.h $(srcinc)/sh_error.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_tiger.h $(srcinc)/sh_nmail.h $(srcinc)/sh_forward.h $(srcinc)/sh_prelude.h $(srcinc)/sh_pthread.h $(srcinc)/sh_tools.h $(srcinc)/sh_extern.h … … 14 14 sh_tiger2_64.o: $(srcsrc)/sh_tiger2_64.c Makefile config_xor.h 15 15 sh_hash.o: $(srcsrc)/sh_hash.c Makefile config_xor.h $(srcinc)/sh_hash.h $(srcinc)/sh_utils.h $(srcinc)/sh_error.h $(srcinc)/sh_tiger.h $(srcinc)/sh_gpg.h $(srcinc)/sh_unix.h $(srcinc)/sh_files.h $(srcinc)/sh_ignore.h $(srcinc)/sh_pthread.h $(srcinc)/sh_forward.h $(srcinc)/sh_hash.h 16 sh_mail.o: $(srcsrc)/sh_mail.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_tiger.h $(srcinc)/sh_mail.h $(srcinc)/sh_utils.h $(srcinc)/sh_fifo.h $(srcinc)/sh_tools.h $(srcinc)/sh_pthread.h $(srcinc)/sh_filter.h $(srcinc)/sh_mail_int.h $(srcinc)/sh_nmail.h $(srcinc)/sh_ static.h $(srcinc)/sh_tools.h16 sh_mail.o: $(srcsrc)/sh_mail.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_tiger.h $(srcinc)/sh_mail.h $(srcinc)/sh_utils.h $(srcinc)/sh_fifo.h $(srcinc)/sh_tools.h $(srcinc)/sh_pthread.h $(srcinc)/sh_filter.h $(srcinc)/sh_mail_int.h $(srcinc)/sh_nmail.h $(srcinc)/sh_ipvx.h $(srcinc)/sh_static.h $(srcinc)/sh_tools.h 17 17 sh_mem.o: $(srcsrc)/sh_mem.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_utils.h $(srcinc)/sh_mem.h $(srcinc)/sh_pthread.h 18 18 sh_entropy.o: $(srcsrc)/sh_entropy.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_tiger.h $(srcinc)/sh_calls.h $(srcinc)/sh_pthread.h $(srcinc)/sh_static.h $(srcinc)/sh_pthread.h $(srcinc)/CuTest.h 19 sh_forward.o: $(srcsrc)/sh_forward.c Makefile config_xor.h $(srcinc)/s amhain.h $(srcinc)/sh_tiger.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_forward.h $(srcinc)/sh_srp.h $(srcinc)/sh_fifo.h $(srcinc)/sh_tools.h $(srcinc)/sh_entropy.h $(srcinc)/sh_html.h $(srcinc)/sh_nmail.h $(srcinc)/sh_socket.h $(srcinc)/sh_static.h $(srcinc)/rijndael-api-fst.h $(srcinc)/sh_readconf.h $(srcinc)/zAVLTree.h $(srcinc)/sh_extern.h19 sh_forward.o: $(srcsrc)/sh_forward.c Makefile config_xor.h $(srcinc)/sh_ipvx.h $(srcinc)/samhain.h $(srcinc)/sh_tiger.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_forward.h $(srcinc)/sh_srp.h $(srcinc)/sh_fifo.h $(srcinc)/sh_tools.h $(srcinc)/sh_entropy.h $(srcinc)/sh_html.h $(srcinc)/sh_nmail.h $(srcinc)/sh_socket.h $(srcinc)/sh_static.h $(srcinc)/rijndael-api-fst.h $(srcinc)/sh_readconf.h $(srcinc)/zAVLTree.h $(srcinc)/sh_extern.h 20 20 sh_modules.o: $(srcsrc)/sh_modules.c Makefile config_xor.h $(srcinc)/sh_modules.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utmp.h $(srcinc)/sh_mounts.h $(srcinc)/sh_userfiles.h $(srcinc)/sh_kern.h $(srcinc)/sh_suidchk.h $(srcinc)/sh_processcheck.h $(srcinc)/sh_portcheck.h $(srcinc)/sh_logmon.h $(srcinc)/sh_registry.h 21 21 sh_utmp.o: $(srcsrc)/sh_utmp.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_utils.h $(srcinc)/sh_error.h $(srcinc)/sh_modules.h $(srcinc)/sh_utmp.h $(srcinc)/sh_pthread.h $(srcinc)/sh_inotify.h … … 24 24 sh_srp.o: $(srcsrc)/sh_srp.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_tiger.h $(srcinc)/sh_mem.h $(srcinc)/sh_utils.h $(srcinc)/sh_srp.h $(srcinc)/bignum.h $(srcinc)/CuTest.h 25 25 sh_fifo.o: $(srcsrc)/sh_fifo.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_mem.h $(srcinc)/sh_unix.h $(srcinc)/sh_utils.h $(srcinc)/sh_string.h $(srcinc)/sh_fifo.h 26 sh_tools.o: $(srcsrc)/sh_tools.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_mem.h $(srcinc)/sh_error.h $(srcinc)/sh_tools.h $(srcinc)/sh_utils.h $(srcinc)/sh_tiger.h $(srcinc)/sh_static.h $(srcinc)/sh_pthread.h $(srcinc)/ rijndael-api-fst.h $(srcinc)/rijndael-api-fst.h26 sh_tools.o: $(srcsrc)/sh_tools.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_mem.h $(srcinc)/sh_error.h $(srcinc)/sh_tools.h $(srcinc)/sh_utils.h $(srcinc)/sh_tiger.h $(srcinc)/sh_static.h $(srcinc)/sh_pthread.h $(srcinc)/sh_ipvx.h $(srcinc)/rijndael-api-fst.h $(srcinc)/rijndael-api-fst.h 27 27 sh_html.o: $(srcsrc)/sh_html.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_forward.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_utils.h $(srcinc)/sh_html.h $(srcinc)/zAVLTree.h 28 28 sh_gpg.o: $(srcsrc)/sh_gpg.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_utils.h $(srcinc)/sh_error.h $(srcinc)/sh_tiger.h $(srcinc)/sh_static.h 29 29 sh_cat.o: $(srcsrc)/sh_cat.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_cat.h 30 sh_calls.o: $(srcsrc)/sh_calls.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_calls.h 30 sh_calls.o: $(srcsrc)/sh_calls.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_calls.h $(srcinc)/sh_ipvx.h 31 31 sh_extern.o: $(srcsrc)/sh_extern.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_tiger.h $(srcinc)/sh_extern.h $(srcinc)/sh_calls.h $(srcinc)/sh_filter.h $(srcinc)/sh_static.h 32 32 sh_database.o: $(srcsrc)/sh_database.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_cat.h $(srcinc)/sh_error.h $(srcinc)/sh_utils.h … … 58 58 sh_prelink.o: $(srcsrc)/sh_prelink.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_tiger.h $(srcinc)/sh_extern.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h 59 59 sh_static.o: $(srcsrc)/sh_static.c Makefile config_xor.h $(srcinc)/sh_pthread.h 60 sh_portcheck.o: $(srcsrc)/sh_portcheck.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_mem.h $(srcinc)/sh_calls.h $(srcinc)/sh_utils.h $(srcinc)/sh_modules.h $(srcinc)/sh_static.h $(srcinc)/sh_pthread.h $(srcinc)/ CuTest.h60 sh_portcheck.o: $(srcsrc)/sh_portcheck.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_mem.h $(srcinc)/sh_calls.h $(srcinc)/sh_utils.h $(srcinc)/sh_modules.h $(srcinc)/sh_static.h $(srcinc)/sh_pthread.h $(srcinc)/sh_ipvx.h $(srcinc)/CuTest.h 61 61 sh_processcheck.o: $(srcsrc)/sh_processcheck.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_modules.h $(srcinc)/sh_processcheck.h $(srcinc)/sh_utils.h $(srcinc)/sh_error.h $(srcinc)/sh_extern.h $(srcinc)/sh_calls.h $(srcinc)/sh_pthread.h $(srcinc)/CuTest.h 62 62 sh_prelude_old.o: $(srcsrc)/sh_prelude_old.c Makefile config_xor.h $(srcinc)/slib.h $(srcinc)/sh_mem.h $(srcinc)/sh_cat.h $(srcinc)/sh_error_min.h $(srcinc)/sh_prelude.h $(srcinc)/sh_static.h $(srcinc)/sh_pthread.h … … 68 68 dnmalloc-portable.o: $(srcsrc)/dnmalloc-portable.c Makefile config.h 69 69 dnmalloc.o: $(srcsrc)/dnmalloc.c Makefile config.h 70 sh_port2proc.o: $(srcsrc)/sh_port2proc.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_utils.h $(srcinc)/sh_error_min.h $(srcinc)/sh_pthread.h 70 sh_port2proc.o: $(srcsrc)/sh_port2proc.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_utils.h $(srcinc)/sh_error_min.h $(srcinc)/sh_pthread.h $(srcinc)/sh_ipvx.h $(srcinc)/samhain.h $(srcinc)/sh_utils.h 71 71 sh_log_parse_syslog.o: $(srcsrc)/sh_log_parse_syslog.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_log_check.h $(srcinc)/sh_utils.h $(srcinc)/sh_string.h 72 72 sh_log_parse_pacct.o: $(srcsrc)/sh_log_parse_pacct.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_log_check.h $(srcinc)/sh_utils.h $(srcinc)/sh_string.h … … 82 82 sh_log_repeat.o: $(srcsrc)/sh_log_repeat.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_string.h $(srcinc)/sh_log_check.h $(srcinc)/sh_log_evalrule.h 83 83 sh_log_parse_generic.o: $(srcsrc)/sh_log_parse_generic.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_log_check.h $(srcinc)/sh_string.h 84 sh_login_track.o: $(srcsrc)/sh_login_track.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_string.h $(srcinc)/sh_tools.h $(srcinc)/sh_ error_min.h $(srcinc)/CuTest.h $(srcinc)/CuTest.h84 sh_login_track.o: $(srcsrc)/sh_login_track.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_string.h $(srcinc)/sh_tools.h $(srcinc)/sh_ipvx.h $(srcinc)/sh_error_min.h $(srcinc)/CuTest.h $(srcinc)/CuTest.h 85 85 sh_audit.o: $(srcsrc)/sh_audit.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_extern.h $(srcinc)/sh_utils.h 86 86 sh_registry.o: $(srcsrc)/sh_registry.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_modules.h $(srcinc)/sh_hash.h $(srcinc)/sh_tiger.h 87 sh_ipvx.o: $(srcsrc)/sh_ipvx.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_static.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_ipvx.h -
trunk/depend.sum
r294 r295 1 2205834486 1 1732172137 -
trunk/docs/Changelog
r294 r295 1 1 2.8.0: 2 * Support IPv6 2 3 * Add registry checking 3 4 * Use auditd records to find out who did it -
trunk/include/samhain.h
r283 r295 34 34 **************************************************/ 35 35 36 /* IPv6 */ 37 #if defined(HAVE_GETNAMEINFO) && defined(HAVE_GETADDRINFO) 38 39 #if defined(SH_COMPILE_STATIC) && defined(__linux__) 40 #undef USE_IPVX 41 #define SH_SOCKMAX 1 42 #else 43 44 #if defined(USE_IPV4) 45 #undef USE_IPVX 46 #else 47 #define USE_IPVX 1 48 #endif 49 50 #define SH_SOCKMAX 8 51 #endif 52 53 #else 54 #undef USE_IPVX 55 #define SH_SOCKMAX 1 56 #endif 57 58 /* end IPv6 */ 59 36 60 #define REPLACE_OLD 37 61 … … 39 63 * IPv6 is 8 groups of 4 hex digits seperated by colons. 40 64 */ 41 #define SH_IP_BUF 4 065 #define SH_IP_BUF 48 42 66 #define SH_MINIBUF 64 43 67 #define SH_BUFSIZE 1024 -
trunk/include/sh_calls.h
r170 r295 35 35 int sh_aud_set_functions(const char * str_s); 36 36 37 #ifdef SH_IPVX_H 38 long int retry_accept(const char * file, int line, 39 int fd, struct sh_sockaddr *serv_addr, int * addrlen); 40 #endif 37 41 38 long int retry_accept(const char * file, int line,39 int fd, struct sockaddr *serv_addr, int * addrlen);40 42 long int retry_stat (const char * file, int line, 41 43 const char *file_name, struct stat *buf); -
trunk/include/sh_tools.h
r197 r295 28 28 */ 29 29 char * sh_tools_safe_name(const char * str, int flag); 30 int is_numeric (const char * address); 30 31 31 int connect_port (char * address, int port, 32 32 char * ecall, int * errnum, char * errmsg, int errsiz); -
trunk/src/cutest_sh_tools.c
r19 r295 6 6 #include "samhain.h" 7 7 #include "sh_tools.h" 8 #include "sh_ipvx.h" 8 9 9 10 void Test_sh_tools_safe_name_01(CuTest *tc) { … … 106 107 char* input = strdup("hello world"); 107 108 108 CuAssertTrue(tc, ! is_numeric(input));109 CuAssertTrue(tc, !sh_ipvx_is_numeric(input)); 109 110 110 111 input = strdup("127.0.0.1"); 111 CuAssertTrue(tc, is_numeric(input));112 CuAssertTrue(tc, sh_ipvx_is_numeric(input)); 112 113 input = strdup("127.0.0.de"); 113 CuAssertTrue(tc, ! is_numeric(input));114 CuAssertTrue(tc, !sh_ipvx_is_numeric(input)); 114 115 input = strdup("127"); 115 CuAssertTrue(tc, is_numeric(input));116 CuAssertTrue(tc, sh_ipvx_is_numeric(input)); 116 117 } 117 118 -
trunk/src/sh_audit.c
r294 r295 276 276 for (i = 0; i < 4; ++i) 277 277 { 278 if (0 == access(_(actl_paths[i]), F_OK)) 279 { 280 if (0 == access(_(actl_paths[i]), X_OK)) 278 if (0 == access(_(actl_paths[i]), F_OK))/* flawfinder: ignore */ 279 { 280 if (0 == access(_(actl_paths[i]), X_OK))/* flawfinder: ignore */ 281 281 { 282 282 actl_pnum = i; -
trunk/src/sh_calls.c
r171 r295 51 51 #include "sh_error.h" 52 52 #include "sh_calls.h" 53 #include "sh_ipvx.h" 53 54 54 55 #undef FIL__ … … 134 135 } 135 136 136 static struct in_addr bind_addr;137 static struct sh_sockaddr bind_addr; 137 138 static int use_bind_addr = 0; 138 139 … … 147 148 reject = 1; 148 149 149 if (0 == /*@-unrecog@*/inet_aton(str, &bind_addr)/*@+unrecog@*/) 150 { 151 return -1; 152 } 150 #if defined(USE_IPVX) 151 if (0 == sh_ipvx_aton(str, &bind_addr)) 152 return -1; 153 #else 154 if (0 == inet_aton(str, &(bind_addr.sin.sin_addr))) 155 return -1; 156 #endif 157 153 158 use_bind_addr = 1; 154 159 return 0; … … 161 166 int error; 162 167 long int val_retry = 0; 163 static struct sockaddr_in new_addr;164 168 char errbuf[SH_ERRBUF_SIZE]; 165 169 … … 170 174 if (0 != use_bind_addr) 171 175 { 172 memcpy(&new_addr.sin_addr, &bind_addr, sizeof(struct in_addr)); 173 new_addr.sin_family = AF_INET; 174 175 val_retry = /*@-unrecog@*/bind(sockfd, 176 (struct sockaddr*)&new_addr, 177 sizeof(struct sockaddr_in))/*@+unrecog@*/; 176 int slen = SH_SS_LEN(bind_addr); 177 178 val_retry = bind(sockfd, sh_ipvx_sockaddr_cast(&bind_addr), slen); 178 179 } 179 180 … … 181 182 { 182 183 do { 183 val_retry = 184 /*@-unrecog@*/connect(sockfd, serv_addr, addrlen)/*@+unrecog@*/; 184 val_retry = connect(sockfd, serv_addr, addrlen); 185 185 } while (val_retry < 0 && (errno == EINTR || errno == EINPROGRESS)); 186 186 } … … 188 188 error = errno; 189 189 if (val_retry != 0) { 190 /* ugly cast back to struct sockaddr_in :-( 191 */ 190 long eport; 191 char eaddr[SH_IP_BUF]; 192 193 struct sh_sockaddr ss; 194 sh_ipvx_save(&ss, serv_addr->sa_family, serv_addr); 195 sh_ipvx_ntoa(eaddr, sizeof(eaddr), &ss); 196 197 if (serv_addr->sa_family == AF_INET) 198 eport = (long) ntohs(((struct sockaddr_in *)serv_addr)->sin_port); 199 else 200 eport = (long) ntohs(((struct sockaddr_in6 *)serv_addr)->sin6_port); 201 192 202 sh_error_handle ((-1), file, line, error, MSG_ERR_CONNECT, 193 203 sh_error_message(error, errbuf, sizeof(errbuf)), 194 (long) sockfd, 195 /*@-unrecog -type@*/ 196 (long) ntohs(((struct sockaddr_in *)serv_addr)->sin_port), 197 /*@+unrecog +type@*/ 198 #ifdef HAVE_INET_ATON 199 /*@-unrecog -type@*/ 200 inet_ntoa( ((struct sockaddr_in *)serv_addr)->sin_addr ) 201 /*@+unrecog +type@*/ 202 #else 203 _("unknown") 204 #endif 205 ); 204 (long) sockfd, eport, eaddr); 206 205 } 207 206 errno = error; … … 210 209 211 210 long int retry_accept(const char * file, int line, int fd, 212 struct s ockaddr *serv_addr, int * addrlen)211 struct sh_sockaddr *serv_addr, int * addrlen) 213 212 { 214 213 int error; 215 214 long int val_retry = -1; 216 215 char errbuf[SH_ERRBUF_SIZE]; 217 218 ACCEPT_TYPE_ARG3 my_addrlen = (ACCEPT_TYPE_ARG3) *addrlen; 216 struct sockaddr_storage ss; 217 218 ACCEPT_TYPE_ARG3 my_addrlen = sizeof(ss); 219 219 220 220 errno = 0; … … 223 223 224 224 do { 225 val_retry = /*@-unrecog@*/accept(fd, serv_addr, &my_addrlen)/*@+unrecog@*/;225 val_retry = accept(fd, (struct sockaddr *)&ss, &my_addrlen); 226 226 } while (val_retry < 0 && errno == EINTR); 227 227 228 *addrlen = (int) my_addrlen; 228 229 error = errno; … … 232 233 (long) fd ); 233 234 } 234 errno = error; 235 errno = error; 236 237 sh_ipvx_save(serv_addr, ss.ss_family, (struct sockaddr *) &ss); 238 235 239 SL_RETURN(val_retry, _("retry_accept")); 236 240 } -
trunk/src/sh_forward.c
r283 r295 121 121 #endif 122 122 123 #include "sh_ipvx.h" 123 124 #include "samhain.h" 124 125 #include "sh_tiger.h" … … 239 240 * --> last part must be kept 240 241 */ 241 if (0 != is_numeric(name))242 if (0 != sh_ipvx_is_numeric(name)) 242 243 { 243 244 SL_RETURN( name, _("sh_strip_domain")); … … 2187 2188 char FileType[5]; 2188 2189 2189 struct s ockaddr_inaddr_peer;2190 struct sh_sockaddr addr_peer; 2190 2191 } sh_conn_t; 2191 2192 … … 2592 2593 #endif 2593 2594 2594 int check_addr (const char * claim, struct s ockaddr_inaddr_peer)2595 int check_addr (const char * claim, struct sh_sockaddr * addr_peer) 2595 2596 { 2596 2597 char h_name[MAXHOSTNAMELEN + 1]; 2597 2598 char h_peer[MAXHOSTNAMELEN + 1]; 2598 char h_peer_IP[16]; 2599 char tmp_peer_IP[16]; 2600 struct hostent * he; 2601 char ** p = NULL; 2602 int i; 2603 int flag = 0; 2599 char h_peer_IP[SH_IP_BUF]; 2600 char tmp_peer_IP[SH_IP_BUF]; 2601 char * canonical; 2602 char numeric[SH_IP_BUF]; 2604 2603 2605 2604 SL_ENTER(_("check_addr")); … … 2614 2613 /* Make sure we have the canonical name for the client 2615 2614 */ 2616 he = sh_gethostbyname (claim); 2617 2618 if (he != NULL && he->h_name != NULL) 2619 { 2620 if (NULL == strchr(he->h_name, '.') && he->h_addr_list != NULL) 2621 { 2622 he = sh_gethostbyaddr(he->h_addr_list[0], 2623 he->h_length, 2624 he->h_addrtype); 2625 } 2626 } 2615 canonical = sh_ipvx_canonical(claim, numeric, sizeof(numeric)); 2627 2616 2628 2617 /* copy canonical name into h_name 2629 2618 */ 2630 if (he != NULL && he->h_name != NULL) 2631 { 2632 sl_strlcpy(h_name, he->h_name, MAXHOSTNAMELEN + 1); 2619 if (canonical != NULL) 2620 { 2621 sl_strlcpy(h_name, canonical, MAXHOSTNAMELEN + 1); 2622 SH_FREE(canonical); 2633 2623 } 2634 2624 else … … 2642 2632 /* get canonical name of socket peer 2643 2633 */ 2644 he = sh_gethostbyaddr ((char *) &(addr_peer.sin_addr), 2645 sizeof(addr_peer.sin_addr), 2646 AF_INET); 2647 2648 if (he != NULL && he->h_name != NULL) 2649 { 2650 if (0 == sl_strcmp(he->h_name, _("localhost"))) 2634 canonical = sh_ipvx_addrtoname(addr_peer); 2635 2636 if (canonical) 2637 { 2638 if (0 == sl_strcmp(canonical, _("localhost"))) 2651 2639 sl_strlcpy(h_peer, sh.host.name, MAXHOSTNAMELEN + 1); 2652 2640 else 2653 sl_strlcpy(h_peer, he->h_name, MAXHOSTNAMELEN + 1); 2641 sl_strlcpy(h_peer, canonical, MAXHOSTNAMELEN + 1); 2642 SH_FREE(canonical); 2654 2643 } 2655 2644 else 2656 2645 { 2657 sl_strlcpy(tmp_peer_IP, 2658 inet_ntoa (*(struct in_addr *) &(addr_peer.sin_addr)), 2659 16); 2646 sh_ipvx_ntoa (tmp_peer_IP, sizeof(tmp_peer_IP), addr_peer); 2660 2647 sh_error_handle(lookup_err, FIL__, __LINE__, 0, MSG_TCP_RESPEER, 2661 2648 claim, tmp_peer_IP); … … 2663 2650 } 2664 2651 2665 sl_strlcpy(h_peer_IP, 2666 inet_ntoa (*(struct in_addr *) he->h_addr), 2667 16); 2652 sh_ipvx_ntoa (h_peer_IP, sizeof(h_peer_IP), addr_peer); 2668 2653 2669 2654 #if 0 … … 2676 2661 /* reverse lookup 2677 2662 */ 2678 if (0 != sl_strncmp(_("127."), 2679 inet_ntoa (*(struct in_addr *) &(addr_peer.sin_addr)), 2680 4)) 2681 { 2682 he = sh_gethostbyname(h_peer); 2683 2684 if (he != NULL) 2685 { 2686 for (p = he->h_addr_list; *p; ++p) 2687 { 2688 if (0 == memcmp (*p, &(addr_peer.sin_addr), 2689 sizeof(addr_peer.sin_addr))) 2690 break; 2691 } 2692 } 2693 if (he == NULL || *p == NULL) 2694 { 2695 sl_strlcpy(tmp_peer_IP, 2696 inet_ntoa (*(struct in_addr *) &(addr_peer.sin_addr)), 2697 16); 2698 sh_error_handle(lookup_err, FIL__, __LINE__, 0, MSG_TCP_LOOKERS, 2699 claim, h_peer, tmp_peer_IP); 2700 SL_RETURN ((0), _("check_addr")); 2701 } 2702 } 2703 2704 sh_tolower(h_peer); 2705 sh_tolower(h_name); 2663 if (0 == sh_ipvx_reverse_check_ok (h_peer, ServerPort, addr_peer)) 2664 { 2665 sh_ipvx_ntoa (tmp_peer_IP, sizeof(tmp_peer_IP), addr_peer); 2666 2667 sh_error_handle(lookup_err, FIL__, __LINE__, 0, MSG_TCP_LOOKERS, 2668 claim, h_peer, tmp_peer_IP); 2669 SL_RETURN ((0), _("check_addr")); 2670 } 2671 2672 /* Check whether claim and peer are identical 2673 */ 2674 2675 sh_tolower(h_peer); /* Canonical name of what the peer is */ 2676 sh_tolower(h_name); /* Canonical name of what the peer claims */ 2706 2677 2707 2678 if ((0 == sl_strcmp(h_peer, h_name)) || (0 == sl_strcmp(h_peer_IP, h_name))) … … 2709 2680 SL_RETURN ((0), _("check_addr")); 2710 2681 } 2682 #if !defined(USE_IPVX) 2711 2683 else 2712 2684 { 2713 i = 0; 2685 struct hostent * he = sh_gethostbyname(h_peer); 2686 int i = 0; 2687 int flag = 0; 2688 2714 2689 while (he->h_aliases[i] != NULL) 2715 2690 { … … 2725 2700 claim, h_peer); 2726 2701 } 2702 #endif 2727 2703 2728 2704 SL_RETURN ((0), _("check_addr")); … … 2742 2718 { 2743 2719 client_t * this_client; 2744 char peer_ip[16]; 2720 char peer_ip[SH_IP_BUF]; 2721 char numerical[SH_IP_BUF]; 2745 2722 char peer_name[MAXHOSTNAMELEN+1]; 2746 2723 char * search_string; 2747 struct sockaddr_in peer_addr; 2748 struct hostent * he;2749 char ** p = NULL;2724 2725 struct sh_sockaddr peer_addr; 2726 char * canonical; 2750 2727 2751 2728 SL_ENTER(_("search_register")); … … 2753 2730 if (UseSocketPeer == S_TRUE) 2754 2731 { 2755 peer_addr = conn->addr_peer; 2756 sl_strlcpy(peer_ip, 2757 inet_ntoa (*(struct in_addr *) &(peer_addr.sin_addr)), 16); 2732 memcpy(&peer_addr, &(conn->addr_peer), sizeof(struct sh_sockaddr)); 2733 sh_ipvx_ntoa (peer_ip, sizeof(peer_ip), &peer_addr); 2758 2734 2759 2735 /* get canonical name of socket peer 2760 2736 */ 2761 he = sh_gethostbyaddr ((char *) &(peer_addr.sin_addr), 2762 sizeof(peer_addr.sin_addr), 2763 AF_INET); 2764 2765 if (he != NULL && he->h_name != NULL) 2766 { 2767 if (0 == sl_strcmp(he->h_name, _("localhost"))) 2737 canonical = sh_ipvx_canonical(peer_ip, numerical, sizeof(numerical)); 2738 2739 if (canonical != NULL) 2740 { 2741 if (0 == sl_strcmp(canonical, _("localhost"))) 2768 2742 sl_strlcpy(peer_name, sh.host.name, MAXHOSTNAMELEN + 1); 2769 2743 else 2770 sl_strlcpy(peer_name, he->h_name, MAXHOSTNAMELEN + 1); 2771 2772 /* Reverse lookup 2773 */ 2774 if (0 != sl_strncmp(peer_ip, _("127."), 4)) 2775 { 2776 he = sh_gethostbyname(peer_name); 2777 2778 if (he != NULL) 2779 { 2780 for (p = he->h_addr_list; *p; ++p) 2781 { 2782 if (0 == memcmp (*p, &(peer_addr.sin_addr), 2783 sizeof(peer_addr.sin_addr))) 2784 break; 2785 } 2786 } 2787 if (he == NULL || *p == NULL) 2788 { 2789 /* 2790 sh_error_handle(lookup_err, FIL__, __LINE__, 0, 2791 MSG_TCP_LOOKERS, 2792 conn->buf[pos], peer_name, peer_ip); 2793 */ 2794 sl_strlcpy(peer_name, peer_ip, MAXHOSTNAMELEN + 1); 2795 } 2796 } 2797 } 2798 else 2744 sl_strlcpy(peer_name, canonical, MAXHOSTNAMELEN + 1); 2745 SH_FREE(canonical); 2746 } 2747 2748 if (0 == sh_ipvx_reverse_check_ok (peer_name, ServerPort, &peer_addr)) 2799 2749 { 2800 2750 sl_strlcpy(peer_name, peer_ip, MAXHOSTNAMELEN + 1); 2801 2751 } 2752 2802 2753 search_string = peer_name; 2803 2754 } … … 2806 2757 search_string = &(conn->buf[pos]); 2807 2758 2808 if (0 != check_addr (search_string, conn->addr_peer))2759 if (0 != check_addr (search_string, &(conn->addr_peer))) 2809 2760 { 2810 2761 sh_error_handle((-1), FIL__, __LINE__, 0, MSG_TCP_BADCONN, … … 3662 3613 */ 3663 3614 #if defined(SH_WITH_SERVER) && defined(HAVE_LIBPRELUDE) 3664 sh_error_set_peer_ip( inet_ntoa (*(struct in_addr *) &(conn->addr_peer.sin_addr)) ); 3615 { 3616 char peer_ip[SH_IP_BUF]; 3617 sh_ipvx_ntoa(peer_ip, sizeof(peer_ip), conn->addr_peer); 3618 sh_error_set_peer_ip( peer_ip ); 3619 } 3665 3620 #endif 3666 3621 sh_error_set_peer(sh_strip_domain (conn->peer)); … … 4684 4639 int errflag; 4685 4640 int rc; 4686 struct s ockaddr_inaddr;4641 struct sh_sockaddr addr; 4687 4642 #ifdef SH_USE_LIBWRAP 4688 4643 struct request_info request; … … 4697 4652 SL_ENTER(_("sh_forward_accept")); 4698 4653 4699 rc = retry_accept(FIL__, __LINE__, sock, 4700 (struct sockaddr *) &addr, &addrlen); 4654 rc = retry_accept(FIL__, __LINE__, sock, &addr, &addrlen); 4701 4655 4702 4656 if (rc >= 0) … … 4714 4668 4715 4669 #ifdef SH_USE_LIBWRAP 4716 sl_strlcpy(daemon, SH_INSTALL_NAME, 128);4670 sl_strlcpy(daemon, SH_INSTALL_NAME, sizeof(daemon)); 4717 4671 request_init(&request, RQ_DAEMON, daemon, RQ_FILE, rc, 0); 4718 4672 fromhost(&request); 4719 4673 if (!hosts_access(&request)) 4720 4674 { 4721 sl_strlcpy(errbuf, _("Refused connection from "), 128);4722 sl_strlcat(errbuf, eval_client(&request), 128);4675 sl_strlcpy(errbuf, _("Refused connection from "), sizeof(errbuf)); 4676 sl_strlcat(errbuf, eval_client(&request), sizeof(errbuf)); 4723 4677 4724 4678 sh_error_handle((-1), FIL__, __LINE__, 0, MSG_E_SUBGEN, … … 4731 4685 #endif 4732 4686 4733 memcpy (&(newconn->addr_peer), &addr, sizeof(struct s ockaddr_in));4687 memcpy (&(newconn->addr_peer), &addr, sizeof(struct sh_sockaddr)); 4734 4688 4735 4689 /* prepare for usage of connection … … 4781 4735 } 4782 4736 4783 static struct in_addr server_interface;4737 static struct sh_sockaddr server_interface; 4784 4738 static int use_server_interface = 0; 4785 4739 … … 4791 4745 return 0; 4792 4746 } 4793 if (0 == /*@-unrecog@*/inet_aton(str, &server_interface)/*@+unrecog@*/) 4747 4748 if (0 == sh_ipvx_aton(str, &server_interface)) 4794 4749 { 4795 4750 use_server_interface = 0; 4796 4751 return -1; 4797 4752 } 4753 4798 4754 use_server_interface = 1; 4799 4755 return 0; … … 4882 4838 #ifdef INET_SYSLOG 4883 4839 #define INET_SUSPEND_TIME 180 /* equal to 3 minutes */ 4884 #define SH_MINSOCK 34840 #define SH_MINSOCK_DEFAULT 3 4885 4841 int create_syslog_socket (int flag); 4886 4842 static int recv_syslog_socket (int fd); 4887 static int syslog_sock = -1; 4843 static int syslog_sock[SH_SOCKMAX] = { -1 }; 4844 static int syslog_sock_n = 0; 4888 4845 #else 4889 #define SH_MINSOCK 2 4890 #endif 4891 4846 #define SH_MINSOCK_DEFAULT 2 4847 #endif 4848 4849 static int SH_MINSOCK = SH_MINSOCK_DEFAULT; 4892 4850 extern int pf_unix_fd; 4893 4851 4894 4852 /* the tcp socket, and the function to establish it 4895 4853 */ 4896 static int sh_tcp_sock = -1; 4854 static int sh_tcp_sock[SH_SOCKMAX] = { -1 }; 4855 static int sh_tcp_sock_n = 0; 4856 4857 static int do_socket(int domain, int type, int protocol, 4858 struct sockaddr * sa, int salen) 4859 { 4860 int sock = -1; 4861 int errnum = 0; 4862 int flag = 1; /* non-zero to enable an option */ 4863 4864 /* create the socket, bind() it and listen() 4865 */ 4866 if ((sock = socket(domain, type, protocol)) < 0 ) 4867 { 4868 errnum = errno; 4869 sh_forward_printerr (_("socket"), errnum, server_port, __LINE__); 4870 return -1; 4871 } 4872 (void) retry_fcntl( FIL__, __LINE__, sock, F_SETFD, 1 ); 4873 4874 if ( setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, 4875 (void *) &flag, sizeof(flag)) < 0 ) 4876 { 4877 errnum = errno; 4878 sh_forward_printerr (_("setsockopt"), errnum, server_port, __LINE__); 4879 sl_close_fd (FIL__, __LINE__, sock); 4880 return -1; 4881 } 4882 4883 if ( bind(sock, (struct sockaddr *) sa, salen) < 0) 4884 { 4885 if (errno != EADDRINUSE) 4886 { 4887 errnum = errno; 4888 sh_forward_printerr (_("bind"), errnum, server_port, __LINE__); 4889 sl_close_fd (FIL__, __LINE__, sock); 4890 return -1; 4891 } 4892 else 4893 { 4894 sl_close_fd (FIL__, __LINE__, sock); 4895 return -2; 4896 } 4897 } 4898 4899 if ( retry_fcntl( FIL__, __LINE__, sock, F_SETFL, O_NONBLOCK ) < 0 ) 4900 { 4901 errnum = errno; 4902 sh_forward_printerr (_("fcntl"), errnum, server_port, __LINE__); 4903 sl_close_fd (FIL__, __LINE__, sock); 4904 return -1; 4905 } 4906 4907 if ( listen(sock, 64) < 0) 4908 { 4909 errnum = errno; 4910 sh_forward_printerr (_("listen"), errnum, server_port, __LINE__); 4911 sl_close_fd (FIL__, __LINE__, sock); 4912 return -1; 4913 } 4914 4915 return sock; 4916 } 4897 4917 4898 4918 int sh_create_tcp_socket (void) 4899 4919 { 4920 #if defined(USE_IPVX) 4921 struct addrinfo *ai; 4922 struct addrinfo *p; 4923 struct addrinfo hints; 4924 char port[32]; 4925 #else 4900 4926 struct sockaddr_in addr; 4901 4927 int addrlen = sizeof(addr); 4928 #endif 4902 4929 4903 4930 int sock = -1; 4904 int errnum = 0;4905 int flag = 1; /* non-zero to enable an option */4906 4931 4907 4932 SL_ENTER(_("sh_create_tcp_socket")); … … 4909 4934 sh_forward_printerr (NULL, 0, server_port, __LINE__); 4910 4935 4911 /* create the socket, bind() it and listen() 4912 */ 4913 if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0 ) 4914 { 4915 errnum = errno; 4916 sh_forward_printerr (_("socket"), errnum, server_port, __LINE__); 4917 SL_RETURN((-1), _("sl_create_tcp_socket")); 4918 } 4919 (void) retry_fcntl( FIL__, __LINE__, sock, F_SETFD, 1 ); 4920 4921 if ( setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, 4922 (void *) &flag, sizeof(flag)) < 0 ) 4923 { 4924 errnum = errno; 4925 sh_forward_printerr (_("setsockopt"), errnum, server_port, __LINE__); 4926 SL_RETURN((-1), _("sl_create_tcp_socket")); 4927 } 4928 4929 addr.sin_family = AF_INET; 4930 addr.sin_port = htons(server_port); 4936 #if defined(USE_IPVX) 4937 if (use_server_interface == 0) 4938 { 4939 memset (&hints, '\0', sizeof (hints)); 4940 hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG; 4941 hints.ai_socktype = SOCK_STREAM; 4942 sl_snprintf(port, sizeof(port), "%d", server_port); 4943 4944 if (getaddrinfo (NULL, port, &hints, &ai) != 0) 4945 { 4946 int errnum = errno; 4947 sh_forward_printerr (_("getaddrinfo"), errnum, server_port, __LINE__); 4948 sl_close_fd (FIL__, __LINE__, sock); 4949 SL_RETURN((-1), _("sl_create_tcp_socket")); 4950 } 4951 4952 p = ai; 4953 4954 while (p != NULL && sh_tcp_sock_n < SH_SOCKMAX) 4955 { 4956 sock = do_socket(p->ai_family, p->ai_socktype, p->ai_protocol, 4957 p->ai_addr, p->ai_addrlen); 4958 4959 if (sock >= 0) { 4960 if (sh_tcp_sock_n < SH_SOCKMAX) { 4961 sh_tcp_sock[sh_tcp_sock_n] = sock; 4962 ++sh_tcp_sock_n; 4963 } 4964 else { 4965 sl_close_fd (FIL__, __LINE__, sock); 4966 } 4967 } else if (sock == -1) { 4968 freeaddrinfo (ai); 4969 goto end; 4970 } 4971 p = p->ai_next; 4972 } 4973 4974 freeaddrinfo (ai); 4975 } 4976 else 4977 { 4978 sh_ipvx_set_port(&server_interface, server_port); 4979 4980 sock = do_socket(server_interface.ss_family, SOCK_STREAM, 0, 4981 sh_ipvx_sockaddr_cast(&server_interface), 4982 SH_SS_LEN(server_interface)); 4983 4984 if (sock >= 0) { 4985 sh_tcp_sock[0] = sock; 4986 sh_tcp_sock_n = 1; 4987 } 4988 } 4989 #else 4931 4990 if (use_server_interface == 0) 4932 4991 addr.sin_addr.s_addr = INADDR_ANY; 4933 4992 else 4934 memcpy(&addr.sin_addr, &server_interface, sizeof(struct in_addr)); 4993 memcpy(&addr, sh_ipvx_sockaddr_cast(&server_interface), addrlen); 4994 addr.sin_family = AF_INET; 4995 addr.sin_port = htons(server_port); 4935 4996 4936 if ( bind(sock, (struct sockaddr *) &addr, addrlen) < 0) 4937 { 4938 errnum = errno; 4939 sh_forward_printerr (_("bind"), errnum, server_port, __LINE__); 4940 SL_RETURN((-1), _("sl_create_tcp_socket")); 4941 } 4942 4943 if ( retry_fcntl( FIL__, __LINE__, sock, F_SETFL, O_NONBLOCK ) < 0 ) 4944 { 4945 errnum = errno; 4946 sh_forward_printerr (_("fcntl"), errnum, server_port, __LINE__); 4947 SL_RETURN((-1), _("sl_create_tcp_socket")); 4948 } 4949 4950 if ( listen(sock, 5) < 0) 4951 { 4952 errnum = errno; 4953 sh_forward_printerr (_("listen"), errnum, server_port, __LINE__); 4954 SL_RETURN((-1), _("sl_create_tcp_socket")); 4955 } 4956 4957 sh_tcp_sock = sock; 4958 4959 SL_RETURN((sock), _("sl_create_tcp_socket")); 4997 sock = do_socket(AF_INET, SOCK_STREAM, 0, (struct sockaddr *) &addr, addrlen); 4998 4999 if (sock >= 0) { 5000 sh_tcp_sock[0] = sock; 5001 sh_tcp_sock_n = 1; 5002 } 5003 5004 #endif 5005 5006 #if defined(USE_IPVX) 5007 end: 5008 #endif 5009 if (sh_tcp_sock_n > 1) 5010 SH_MINSOCK += (sh_tcp_sock_n - 1); 5011 5012 SL_RETURN((sh_tcp_sock_n), _("sl_create_tcp_socket")); 4960 5013 } 4961 5014 … … 4984 5037 int nowconn; 4985 5038 int status; 4986 int high_fd ;5039 int high_fd = -1; 4987 5040 register int i; 4988 5041 long dummy = 0; … … 5000 5053 5001 5054 int setsize_fd; 5055 5056 int sock_tcp[2]; 5057 int sock_unix; 5058 #ifdef INET_SYSLOG 5059 int sock_log[2]; 5060 #endif 5002 5061 5003 5062 SL_ENTER(_("sh_receive")); … … 5015 5074 aud_exit(FIL__, __LINE__, EXIT_FAILURE); 5016 5075 } 5017 sock = sh_tcp_sock; 5076 5077 sock = sh_tcp_sock[0]; 5018 5078 5019 5079 /* **************************************************************** … … 5031 5091 */ 5032 5092 maxconn = get_open_max() - 6; 5093 5033 5094 /* ugly fix for FreeBSD compiler warning; casting FD_SETSIZE in the 5034 5095 * conditional expression does not suppress the warning... */ … … 5079 5140 /* conns[0] is the listen() socket. Always in read mode. 5080 5141 */ 5081 conns[0].fd = sock; 5082 conns[0].state = CONN_READING; 5083 high_fd = sock; 5142 sock = 0; 5143 5144 sock_tcp[0] = 0; 5145 while (sock < sh_tcp_sock_n) 5146 { 5147 conns[sock].fd = sh_tcp_sock[sock]; 5148 conns[sock].state = CONN_READING; 5149 high_fd = (sh_tcp_sock[sock] > high_fd) ? sh_tcp_sock[sock] : high_fd; 5150 ++sock; 5151 } 5152 sock_tcp[1] = sock; 5084 5153 5085 conns[ 1].fd = pf_unix_fd;5086 conns[ 1].state = CONN_READING;5154 conns[sock].fd = pf_unix_fd; 5155 conns[sock].state = CONN_READING; 5087 5156 high_fd = (pf_unix_fd > high_fd) ? pf_unix_fd : high_fd; 5088 5157 5158 sock_unix = sock; 5159 5160 ++sock; 5161 5089 5162 #ifdef INET_SYSLOG 5090 conns[2].fd = -1; 5163 conns[sock].fd = -1; 5164 5091 5165 if ( sh_forward_printerr_final(1) < 0) 5092 5166 { … … 5095 5169 aud_exit(FIL__, __LINE__, EXIT_FAILURE); 5096 5170 } 5097 sock = syslog_sock; 5098 5099 if (sock >= 0) 5100 { 5101 conns[2].fd = sock; 5102 conns[2].state = CONN_READING; 5103 high_fd = (high_fd > conns[2].fd) ? high_fd : conns[2].fd; 5171 5172 sock_log[0] = sock; 5173 sock_log[1] = sock; 5174 5175 if (syslog_sock_n > 0) 5176 { 5177 int s2; 5178 for (s2 = 0; s2 < syslog_sock_n; ++s2) 5179 { 5180 conns[sock].fd = syslog_sock[s2]; 5181 conns[sock].state = CONN_READING; 5182 high_fd = (high_fd > conns[sock].fd) ? high_fd : conns[sock].fd; 5183 ++sock; 5184 } 5185 sock_log[1] = sock; 5186 5104 5187 } 5105 5188 #endif … … 5153 5236 5154 5237 (void) sh_readconf_read (); 5238 5155 5239 for (i = SH_MINSOCK; i < maxconn; ++i) 5156 5240 if (conns[i].state != CONN_FREE && … … 5230 5314 FD_ZERO( &readset ); 5231 5315 FD_ZERO( &writeset ); 5232 FD_SET(conns[0].fd, &readset ); 5233 high_fd = conns[0].fd; 5234 5235 if (conns[1].fd > -1) 5236 { 5237 FD_SET(conns[1].fd, &readset ); 5238 high_fd = (high_fd > conns[1].fd) ? high_fd : conns[1].fd; 5316 high_fd = conns[0].fd; 5317 5318 for (sock = sock_tcp[0]; sock < sock_tcp[1]; ++sock) 5319 { 5320 FD_SET(conns[sock].fd, &readset ); 5321 high_fd = (high_fd > conns[sock].fd) ? high_fd : conns[sock].fd; 5322 } 5323 5324 if (conns[sock_unix].fd > -1) 5325 { 5326 FD_SET(conns[sock_unix].fd, &readset ); 5327 high_fd = (high_fd > conns[sock_unix].fd) ? high_fd : conns[sock_unix].fd; 5239 5328 } 5240 5329 5241 5330 #ifdef INET_SYSLOG 5242 if (conns[2].fd > -1) 5243 { 5244 FD_SET(conns[2].fd, &readset ); 5245 high_fd = (high_fd > conns[2].fd) ? high_fd : conns[2].fd; 5331 for (sock = sock_log[0]; sock < sock_log[1]; ++sock) 5332 { 5333 if (conns[sock].fd > -1) 5334 { 5335 FD_SET(conns[sock].fd, &readset ); 5336 high_fd = (high_fd > conns[sock].fd) ? high_fd : conns[sock].fd; 5337 } 5246 5338 } 5247 5339 #endif … … 5405 5497 /* New connection. 5406 5498 */ 5407 if ( FD_ISSET(conns[0].fd , &readset )) /* a new connection */ 5408 { 5409 --num_sel; 5410 status = 0; 5411 if (nowconn < maxconn && sig_terminate == 0 && sig_termfast == 0) 5499 for (sock = sock_tcp[0]; sock < sock_tcp[1]; ++sock) 5500 { 5501 if ( FD_ISSET(conns[sock].fd , &readset )) /* a new connection */ 5412 5502 { 5413 i = SH_MINSOCK; 5414 while (i < maxconn) 5503 --num_sel; 5504 status = 0; 5505 if (nowconn < maxconn && sig_terminate == 0 && sig_termfast == 0) 5415 5506 { 5416 if (conns[i].state == CONN_FREE) 5507 /* Find a free slot to accept the connection 5508 */ 5509 i = SH_MINSOCK; 5510 while (i < maxconn) 5417 5511 { 5418 status = sh_forward_accept (conns[0].fd, &conns[i]); 5419 if (status == 0) 5512 if (conns[i].state == CONN_FREE) 5420 5513 { 5421 high_fd = 5422 (high_fd > conns[i].fd ? high_fd : conns[i].fd); 5423 ++server_status.conn_open; 5424 ++server_status.conn_total; 5425 server_status.last = time (NULL); 5514 /* Here we run the accept() and copy the peer to 5515 * the free slot. 5516 */ 5517 status = sh_forward_accept(conns[sock].fd, &conns[i]); 5518 5519 if (status == 0) 5520 { 5521 high_fd = 5522 (high_fd > conns[i].fd ? high_fd : conns[i].fd); 5523 ++server_status.conn_open; 5524 ++server_status.conn_total; 5525 server_status.last = time (NULL); 5526 } 5527 break; 5426 5528 } 5427 break;5529 ++i; 5428 5530 } 5429 ++i;5430 5531 } 5532 /* This re-runs select to accept data on the new 5533 * connection, rather than first dealing with old 5534 * connections. 5535 */ 5536 if (status == 0) 5537 continue; 5431 5538 } 5432 if (status == 0)5433 continue;5434 5539 } 5435 5540 5436 5541 /* check for commands on the socket 5437 5542 */ 5438 if (conns[ 1].fd > (-1) && FD_ISSET(conns[1].fd , &readset ))5543 if (conns[sock_unix].fd > (-1) && FD_ISSET(conns[sock_unix].fd , &readset )) 5439 5544 { 5440 5545 sh_socket_poll(); … … 5442 5547 5443 5548 #ifdef INET_SYSLOG 5444 if (conns[2].fd > (-1) && FD_ISSET(conns[2].fd , &readset )) 5445 { 5446 recv_syslog_socket (conns[2].fd); 5549 for (sock = sock_log[0]; sock < sock_log[1]; ++sock) 5550 { 5551 if (conns[sock].fd > (-1) && FD_ISSET(conns[sock].fd , &readset )) 5552 { 5553 recv_syslog_socket (conns[sock].fd); 5554 } 5447 5555 } 5448 5556 #endif … … 5503 5611 5504 5612 #ifdef INET_SYSLOG 5505 5506 #ifdef HAVE_INET_ATON5507 static char * my_inet_ntoa(struct in_addr in)5508 {5509 return inet_ntoa(in);5510 }5511 #else5512 static char * my_inet_ntoa(struct in_addr in)5513 {5514 unsigned char a, b, c, d;5515 static char foo[16];5516 char bar[4];5517 memcpy (bar, &(in.s_addr), 4); /* memory alignment (?) */5518 memcpy (&a, &bar[0], 1);5519 memcpy (&b, &bar[1], 1);5520 memcpy (&c, &bar[2], 1);5521 memcpy (&d, &bar[3], 1);5522 sprintf(foo, "%d.%d.%d.%d", /* known to fit */5523 (int) a, (int) b, (int) c, (int) d);5524 return foo;5525 }5526 #endif5527 5528 5613 5529 5614 /* Unlike Linux / FreeBSD, most systems don't define the stuff below … … 5675 5760 char errbuf[SH_ERRBUF_SIZE]; 5676 5761 5762 struct sh_sockaddr ss; 5763 struct sockaddr * sa = (struct sockaddr *) &from; 5764 char namebuf[SH_BUFSIZE]; 5765 5677 5766 /* The 6th argument in recvfrom is *socklen_t in Linux and *BSD, 5678 5767 * but *int everywhere else. Because socklen_t is unsigned int, there … … 5696 5785 res = recvfrom(fd, buf, 1047, 0, (struct sockaddr *) &from, &fromlen); 5697 5786 5787 sh_ipvx_save(&ss, sa->sa_family, &from); 5788 sh_ipvx_ntoa(namebuf, sizeof(namebuf), &ss); 5789 5698 5790 if (res > 0) 5699 5791 { … … 5715 5807 sh_error_handle((-1), FIL__, __LINE__, res, MSG_ERR_SYSLOG, 5716 5808 sh_error_message(res, errbuf, sizeof(errbuf)), 5717 my_inet_ntoa(from.sin_addr));5809 namebuf); 5718 5810 SL_RETURN( (-1), _("recv_syslog_socket")); 5719 5811 } 5720 5812 5721 TPT(( 0, FIL__, __LINE__, _("msg=<UDP message from %s>\n"), 5722 my_inet_ntoa(from.sin_addr))); 5813 TPT(( 0, FIL__, __LINE__, _("msg=<UDP message from %s>\n"), namebuf )); 5814 5723 5815 ptr = bptr; 5724 5816 i = 0; … … 5775 5867 sh_error_handle((-1), FIL__, __LINE__, res, MSG_ERR_SYSLOG, 5776 5868 sh_error_message(res, errbuf, sizeof(errbuf)), 5777 my_inet_ntoa(from.sin_addr));5869 namebuf); 5778 5870 5779 5871 /* don't accept anything the next 2 seconds … … 5790 5882 } 5791 5883 5792 /* callerFlag == S_TRUE means override the enable_syslog_socket flag 5793 */ 5794 int create_syslog_socket (int callerFlag) 5884 static int do_syslog_socket(int domain, int type, int protocol, 5885 struct sockaddr * sa, int salen) 5795 5886 { 5796 5887 int flag = 1; /* non-zero to enable an option */ … … 5798 5889 int errnum; 5799 5890 int res; 5891 5892 /* create the socket, bind() it and listen() 5893 */ 5894 sock = socket(domain, type, protocol); 5895 5896 if (sock < 0) 5897 { 5898 errnum = errno; 5899 sh_forward_printerr (_("syslog socket"), errnum, 514, __LINE__); 5900 return -1; 5901 } 5902 (void) retry_fcntl( FIL__, __LINE__, sock, F_SETFD, 1 ); 5903 5904 if ( setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, 5905 (void *) &flag, sizeof(flag)) < 0 ) 5906 { 5907 errnum = errno; 5908 sh_forward_printerr (_("syslog setsockopt SO_REUSEADDR"), 5909 errnum, 514, __LINE__); 5910 return -1; 5911 } 5912 5913 #if defined(SO_BSDCOMPAT) 5914 if ( setsockopt(sock, SOL_SOCKET, SO_BSDCOMPAT, 5915 (void *) &flag, sizeof(flag)) < 0 ) 5916 { 5917 errnum = errno; 5918 sh_forward_printerr (_("syslog setsockopt SO_BSDCOMPAT"), 5919 errnum, 514, __LINE__); 5920 return -1; 5921 } 5922 #endif 5923 5924 res = bind(sock, sa, salen); 5925 5926 if ( res < 0) 5927 { 5928 errnum = errno; 5929 sh_forward_printerr (_("syslog bind"), errnum, 514, __LINE__); 5930 sl_close_fd(FIL__, __LINE__, sock); 5931 return -1; 5932 } 5933 return sock; 5934 } 5935 5936 /* callerFlag == S_TRUE means override the enable_syslog_socket flag 5937 */ 5938 int create_syslog_socket (int callerFlag) 5939 { 5940 int sock; 5941 5942 #if defined(USE_IPVX) 5943 struct addrinfo *ai; 5944 struct addrinfo *p; 5945 struct addrinfo hints; 5946 #else 5800 5947 struct sockaddr_in addr; 5801 5948 int addrlen = sizeof(addr); 5949 #endif 5802 5950 5803 5951 SL_ENTER(_("create_syslog_socket")); … … 5811 5959 TPT(( 0, FIL__, __LINE__, _("msg=<close syslog socket>\n"))); 5812 5960 sl_close_fd(FIL__, __LINE__, syslog_sock); 5813 syslog_sock = -1;5961 syslog_sock[0] = -1; 5814 5962 } 5815 5963 SL_RETURN((-1), _("create_syslog_socket")); … … 5818 5966 sh_forward_printerr (NULL, 0, 514, __LINE__); 5819 5967 5820 /* create the socket, bind() it and listen() 5821 */ 5822 sock = socket(AF_INET, SOCK_DGRAM, 0); 5823 5824 if (sock < 0) 5825 { 5826 errnum = errno; 5827 sh_forward_printerr (_("syslog socket"), errnum, 514, __LINE__); 5828 SL_RETURN((-1), _("create_syslog_socket")); 5829 } 5830 (void) retry_fcntl( FIL__, __LINE__, sock, F_SETFD, 1 ); 5831 5832 if ( setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, 5833 (void *) &flag, sizeof(flag)) < 0 ) 5834 { 5835 errnum = errno; 5836 sh_forward_printerr (_("syslog setsockopt SO_REUSEADDR"), 5837 errnum, 514, __LINE__); 5838 SL_RETURN((-1), _("create_syslog_socket")); 5839 } 5840 5841 #if defined(SO_BSDCOMPAT) 5842 if ( setsockopt(sock, SOL_SOCKET, SO_BSDCOMPAT, 5843 (void *) &flag, sizeof(flag)) < 0 ) 5844 { 5845 errnum = errno; 5846 sh_forward_printerr (_("syslog setsockopt SO_BSDCOMPAT"), 5847 errnum, 514, __LINE__); 5848 SL_RETURN((-1), _("create_syslog_socket")); 5849 } 5850 #endif 5851 5968 #if !defined(USE_IPVX) 5969 5852 5970 memset(&addr, 0, sizeof(addr)); 5853 5971 addr.sin_family = AF_INET; 5854 5972 addr.sin_port = htons(514); 5855 5973 5856 res = bind(sock, (struct sockaddr *) &addr, addrlen); 5857 5858 if ( res < 0) 5974 do_syslog_socket(AF_INET, SOCK_DGRAM, 0, (struct sockaddr *) &addr, addrlen); 5975 5976 if (sock >= 0) { 5977 syslog_sock[0] = sock; 5978 syslog_sock_n = 1; 5979 } 5980 5981 #else 5982 memset (&hints, '\0', sizeof (hints)); 5983 hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG; 5984 hints.ai_socktype = SOCK_DGRAM; 5985 if (getaddrinfo (NULL, "syslog", &hints, &ai) != 0) 5859 5986 { 5860 5987 errnum = errno; 5861 sh_forward_printerr (_(" syslog bind"), errnum, 514, __LINE__);5862 sl_close_fd (FIL__, __LINE__, sock);5988 sh_forward_printerr (_("getaddrinfo"), errnum, 514, __LINE__); 5989 sl_close_fd (FIL__, __LINE__, sock); 5863 5990 SL_RETURN((-1), _("create_syslog_socket")); 5864 5991 } 5865 5866 syslog_sock = sock; 5867 5868 SL_RETURN((sock), _("create_syslog_socket")); 5992 5993 p = ai; 5994 5995 while (p != NULL && syslog_sock_n < SH_SOCKMAX) 5996 { 5997 sock = do_syslog_socket(p->ai_family, p->ai_socktype, p->ai_protocol, 5998 p->ai_addr, p->ai_addrlen); 5999 6000 if (sock >= 0) { 6001 if (syslog_sock_n < SH_SOCKMAX) { 6002 syslog_sock[syslog_sock_n] = sock; 6003 ++syslog_sock_n; 6004 } 6005 else { 6006 sl_close_fd (FIL__, __LINE__, sock); 6007 } 6008 } else if (sock == -1) { 6009 freeaddrinfo (ai); 6010 goto end; 6011 } 6012 p = p->ai_next; 6013 } 6014 freeaddrinfo (ai); 6015 #endif 6016 6017 end: 6018 if (syslog_sock_n > 1) 6019 SH_MINSOCK += (syslog_sock_n - 1); 6020 6021 SL_RETURN((syslog_sock_n), _("create_syslog_socket")); 5869 6022 } 5870 6023 /* #ifdef INET_SYSLOG */ -
trunk/src/sh_getopt.c
r294 r295 400 400 SH_DEFAULT_PORT, DEFAULT_IDENT); 401 401 ++num; 402 #endif 403 #if defined(USE_IPVX) 404 fputs (_(", IPv6 supported"), stdout); 402 405 #endif 403 406 -
trunk/src/sh_login_track.c
r290 r295 33 33 #include "sh_string.h" 34 34 #include "sh_tools.h" 35 #include "sh_ipvx.h" 35 36 #include "sh_error_min.h" 36 37 … … 809 810 char *p, *q; 810 811 811 if ( is_numeric(host))812 if (sh_ipvx_is_numeric(host)) 812 813 { 813 814 p = sh_util_strdup(host); -
trunk/src/sh_mail.c
r290 r295 62 62 #include "sh_mail_int.h" 63 63 #include "sh_nmail.h" 64 #include "sh_ipvx.h" 64 65 65 66 #undef FIL__ … … 1113 1114 (void) fflush(connFile); 1114 1115 1115 if (0 != is_numeric(sh.host.name))1116 if (0 != sh_ipvx_is_numeric(sh.host.name)) 1116 1117 { 1117 1118 sl_snprintf(error_msg, sizeof(error_msg), "HELO [%s]", … … 1125 1126 report_smtp(error_msg); 1126 1127 1127 if (0 != is_numeric(sh.host.name))1128 if (0 != sh_ipvx_is_numeric(sh.host.name)) 1128 1129 fprintf(connFile, _("HELO [%s]%c%c"), sh.host.name, 13, 10); 1129 1130 else … … 1150 1151 { 1151 1152 (void) sl_strlcat (this_address, "@", 256); 1152 if (0 != is_numeric(sh.host.name))1153 if (0 != sh_ipvx_is_numeric(sh.host.name)) 1153 1154 (void) sl_strlcat (this_address, _("example.com"), 256); 1154 1155 else … … 1866 1867 mx * result; 1867 1868 dnsrep * retval; 1869 char * address = NULL; 1868 1870 char errmsg[128]; 1869 size_t len;1870 1871 1871 1872 SL_ENTER(_("return_mx")); … … 1884 1885 else 1885 1886 { 1887 char numeric[SH_IP_BUF]; 1888 1886 1889 if (domain != NULL) 1887 1890 { … … 1904 1907 } 1905 1908 1906 SH_MUTEX_LOCK(mutex_resolv); 1907 1909 retval = NULL; 1908 1910 host = NULL; 1909 retval = NULL;1910 1911 1911 1912 if (domain != NULL) 1912 host = /*@-unrecog@*/sh_gethostbyname (domain)/*@+unrecog@*/;1913 1914 if ( host)1913 address = sh_ipvx_canonical(domain, numeric, sizeof(numeric)); 1914 1915 if (address) 1915 1916 { 1916 1917 result = SH_ALLOC (sizeof (mx)); … … 1919 1920 retval->count = 1; 1920 1921 result->pref = 0; 1921 /*@-type@*/ 1922 len = strlen (host->h_name) + 1; 1923 result->address = SH_ALLOC (len); 1924 sl_strlcpy (result->address, host->h_name, len); 1925 /*@+type@*/ 1926 } 1927 SH_MUTEX_UNLOCK(mutex_resolv); 1928 1929 if (!host) 1922 1923 result->address = address; 1924 } 1925 else 1930 1926 { 1931 1927 #ifdef FIL__ -
trunk/src/sh_port2proc.c
r292 r295 62 62 #include "sh_error_min.h" 63 63 #include "sh_pthread.h" 64 #include "sh_ipvx.h" 64 65 65 66 #define FIL__ _("sh_port2proc.c") … … 325 326 /* returns the command and fills the 'user' array 326 327 */ 327 static char * port2proc_query(char * file, int proto, 328 struct in_addr * saddr, int sport,328 static char * port2proc_query(char * file, int proto, int domain, 329 struct sh_sockaddr * saddr, int sport, 329 330 unsigned long * pid, char * user, size_t userlen) 330 331 { … … 338 339 { 339 340 char errmsg[256]; 341 char siface[SH_IP_BUF]; 342 sh_ipvx_ntoa(siface, sizeof(siface), saddr); 340 343 sl_snprintf(errmsg, sizeof(errmsg), 341 344 "query, file=%s, proto=%d, port=%d, iface=%s\n", 342 file, proto, sport, inet_ntoa(*saddr));345 file, proto, sport, siface); 343 346 fprintf(stderr, "%s", errmsg); 344 347 } … … 347 350 if (fd) 348 351 { 349 unsigned int n, i face, port, inode, istatus;352 unsigned int n, i, port, niface, inode, istatus; 350 353 char line[512]; 354 char iface[SH_IP_BUF]; 351 355 352 356 while (NULL != fgets(line, sizeof(line), fd)) … … 360 364 361 365 if (5 == sscanf(line, 362 "%u: % X:%X %*X:%*X %X %*X:%*X %*X:%*X %*X %*d %*d %u %*s",363 &n, &iface, &port, &istatus, &inode))366 "%u: %s:%X %*X:%*X %X %*X:%*X %*X:%*X %*X %*d %*d %u %*s", 367 &n, iface, &port, &istatus, &inode)) 364 368 { 365 struct in_addr haddr; 366 367 haddr.s_addr = (unsigned long)iface; 369 struct sockaddr_in addr4; 370 struct sockaddr_in6 addr6; 371 struct sh_sockaddr ss; 372 373 niface = 0; 374 375 switch (domain) 376 { 377 case AF_INET: 378 addr4.sin_addr.s_addr = (int) strtol(iface, NULL, 16); 379 niface = (unsigned int) addr4.sin_addr.s_addr; 380 sh_ipvx_save(&ss, AF_INET, (struct sockaddr *)&addr4); 381 break; 382 383 case AF_INET6: 384 sscanf(iface, 385 "%2hhx%2hhx%2hhx%2hhx%2hhx%2hhx%2hhx%2hhx%2hhx%2hhx%2hhx%2hhx%2hhx%2hhx%2hhx%2hhx", 386 &addr6.sin6_addr.s6_addr[3], &addr6.sin6_addr.s6_addr[2], &addr6.sin6_addr.s6_addr[1], &addr6.sin6_addr.s6_addr[0], 387 &addr6.sin6_addr.s6_addr[7], &addr6.sin6_addr.s6_addr[6], &addr6.sin6_addr.s6_addr[5], &addr6.sin6_addr.s6_addr[4], 388 &addr6.sin6_addr.s6_addr[11], &addr6.sin6_addr.s6_addr[10], &addr6.sin6_addr.s6_addr[9], &addr6.sin6_addr.s6_addr[8], 389 &addr6.sin6_addr.s6_addr[15], &addr6.sin6_addr.s6_addr[14], &addr6.sin6_addr.s6_addr[13], &addr6.sin6_addr.s6_addr[12]); 390 391 for (i = 0; i < 16; ++i) 392 { 393 if (0 != (unsigned int) addr6.sin6_addr.s6_addr[i]) 394 ++niface; 395 } 396 sh_ipvx_save(&ss, AF_INET6, (struct sockaddr *)&addr6); 397 break; 398 } 368 399 369 400 #ifdef DEBUG_P2P 370 401 { 371 char a[ 32];372 char b[ 32];373 374 s l_strlcpy(a, inet_ntoa(haddr), sizeof(a));375 s l_strlcpy(b, inet_ntoa(*saddr), sizeof(b));402 char a[SH_IP_BUF]; 403 char b[SH_IP_BUF]; 404 405 sh_ipvx_ntoa(a, sizeof(a), &ss); 406 sh_ipvx_ntoa(b, sizeof(b), &ss); 376 407 377 408 fprintf(stderr, " -> inode %u, iface/port %s,%u, status %u, searching %s,%u, %u\n", … … 392 423 #endif 393 424 394 if ((proto == IPPROTO_UDP || iface == 0 || haddr.s_addr == saddr->s_addr) && port == (unsigned int)sport) 425 if ((proto == IPPROTO_UDP || niface == 0 || 0 == sh_ipvx_cmp(&ss, saddr)) && 426 port == (unsigned int)sport) 395 427 { 396 428 struct sock_store * new = socklist; … … 445 477 /* returns the command and fills the 'user' array 446 478 */ 447 char * sh_port2proc_query(int proto, struct in_addr * saddr, int sport,479 char * sh_port2proc_query(int proto, struct sh_sockaddr * saddr, int sport, 448 480 unsigned long * pid, char * user, size_t userlen) 449 481 { 450 482 char file[32]; 451 483 char * ret; 484 452 485 if (proto == IPPROTO_TCP) 453 486 { 454 487 sl_strlcpy(file, _("/proc/net/tcp"), sizeof(file)); 455 return port2proc_query(file, proto, saddr, sport, pid, user, userlen); 488 ret = port2proc_query(file, proto, AF_INET, saddr, sport, pid, user, userlen); 489 490 if (ret[0] == '-' && ret[1] == '\0') 491 { 492 SH_FREE(ret); 493 sl_strlcpy(file, _("/proc/net/tcp6"), sizeof(file)); 494 ret = port2proc_query(file, proto, AF_INET6, saddr, sport, pid, user, userlen); 495 } 496 return ret; 456 497 } 457 498 else … … 459 500 char * ret; 460 501 sl_strlcpy(file, _("/proc/net/udp"), sizeof(file)); 461 ret = port2proc_query(file, proto, saddr, sport, pid, user, userlen); 502 ret = port2proc_query(file, proto, AF_INET, saddr, sport, pid, user, userlen); 503 462 504 if (ret[0] == '-' && ret[1] == '\0') 463 505 { 464 506 SH_FREE(ret); 465 507 sl_strlcpy(file, _("/proc/net/udp6"), sizeof(file)); 466 ret = port2proc_query(file, proto, saddr, sport, pid, user, userlen);508 ret = port2proc_query(file, proto, AF_INET6, saddr, sport, pid, user, userlen); 467 509 } 468 510 return ret; … … 541 583 542 584 static int opt_4 = 1; /* Show IPv4 sockets */ 543 static int opt_6 = 0; /* Show IPv6 sockets */585 static int opt_6 = 1; /* Show IPv6 sockets */ 544 586 static int opt_c = 0; /* Show connected sockets */ 545 587 static int opt_l = 1; /* Show listening sockets */ … … 852 894 } 853 895 854 char * sh_port2proc_query(int proto, struct in_addr * saddr, int sport,896 char * sh_port2proc_query(int proto, struct sh_sockaddr * saddr, int sport, 855 897 unsigned long * pid, char * user, size_t userlen) 856 898 { 857 899 int n, hash; 858 900 struct xfile *xf; 859 struct in_addr * haddr; 901 struct in_addr * haddr; 902 struct in6_addr * haddr6; 860 903 struct sock * s; 904 struct in6_addr anyaddr = IN6ADDR_ANY_INIT; 861 905 862 906 *pid = 0; … … 886 930 continue; 887 931 888 if (s->family != AF_INET /* && s->family != AF_INET6 */)932 if (s->family != AF_INET && s->family != AF_INET6) 889 933 continue; 890 934 891 if (sport != ntohs(((struct sockaddr_in *)(&s->laddr))->sin_port)) 935 if (s->family == AF_INET && 936 (sport != ntohs(((struct sockaddr_in *)(&s->laddr))->sin_port))) 892 937 continue; 893 938 894 haddr = &((struct sockaddr_in *)(&s->laddr))->sin_addr; 939 if (s->family == AF_INET6 && 940 (sport != ntohs(((struct sockaddr_in6 *)(&s->laddr))->sin6_port))) 941 continue; 942 943 if (s->family == AF_INET) 944 haddr = &((struct sockaddr_in *)(&s->laddr))->sin_addr; 945 if (s->family == AF_INET6) 946 haddr6 = &((struct sockaddr_in6 *)(&s->laddr))->sin6_addr; 947 895 948 896 949 /* fprintf(stderr, "FIXME: %s\n", inet_ntoa(*haddr)); */ 897 950 /* fprintf(stderr, "FIXME: %s\n", inet_ntoa(*saddr)); */ 898 951 899 if (haddr->s_addr == saddr->s_addr || inet_lnaof(*saddr) == INADDR_ANY || inet_lnaof(*haddr) == INADDR_ANY) 952 if ( (s->family == AF_INET && 953 (haddr->s_addr == (saddr->sin).sin_addr.s_addr || 954 sh_ipvx_isany(saddr) || 955 inet_lnaof(*haddr) == INADDR_ANY)) 956 || 957 (s->family == AF_INET6 && 958 (0 == memcmp(haddr6->s6_addr, &((saddr->sin6).sin6_addr.s6_addr), 16) || 959 0 == memcmp(haddr6->s6_addr, &(anyaddr.s6_addr), 16) || 960 sh_ipvx_isany(saddr) )) 961 ) 900 962 { 901 963 struct sock_store try; … … 975 1037 #include "samhain.h" 976 1038 #include "sh_utils.h" 977 978 char * sh_port2proc_query(int proto, struct in_addr * saddr, int sport, 1039 #include "sh_ipvx.h" 1040 1041 char * sh_port2proc_query(int proto, struct sh_sockaddr * saddr, int sport, 979 1042 unsigned long * pid, char * user, size_t userlen) 980 1043 { -
trunk/src/sh_portcheck.c
r290 r295 74 74 /* TIME_WAIT ? 60-240 seconds */ 75 75 76 /* the size of an interface string77 */78 #define SH_INTERFACE_SIZE 1679 80 #define SH_PORT_NOT 081 #define SH_PORT_REQ 182 #define SH_PORT_OPT 283 #define SH_PORT_IGN 384 #define SH_PORT_BLACKLIST 485 86 #define SH_PORT_MISS 087 #define SH_PORT_ISOK 188 #define SH_PORT_UNKN 289 90 #define SH_PORT_NOREPT 091 #define SH_PORT_REPORT 192 93 #define SH_PROTO_TCP 094 #define SH_PROTO_UDP 195 #define SH_PROTO_STR(a) (((a) == IPPROTO_TCP) ? _("tcp") : _("udp"))96 97 struct sh_portentry {98 int port;99 char interface[SH_INTERFACE_SIZE];100 char * service;101 char * error;102 int flag; /* required or not */103 int status; /* missing or not */104 struct sh_portentry * next;105 };106 107 static struct sh_portentry * portlist_tcp = NULL;108 static struct sh_portentry * portlist_udp = NULL;109 110 struct sh_port {111 int port;112 struct in_addr haddr;113 struct sh_port * next;114 };115 116 static struct sh_port * blacklist_tcp = NULL;117 static struct sh_port * blacklist_udp = NULL;118 119 #define SH_PORTCHK_INTERVAL 300120 121 static int sh_portchk_check_udp = 1;122 static int sh_portchk_active = 1;123 static int sh_portchk_interval = SH_PORTCHK_INTERVAL;124 76 #if !defined(TEST_ONLY) 125 77 … … 134 86 #include "sh_static.h" 135 87 #include "sh_pthread.h" 88 #include "sh_ipvx.h" 89 90 /* the size of an interface string 91 */ 92 #define SH_INTERFACE_SIZE SH_IP_BUF 93 94 #define SH_PORT_NOT 0 95 #define SH_PORT_REQ 1 96 #define SH_PORT_OPT 2 97 #define SH_PORT_IGN 3 98 #define SH_PORT_BLACKLIST 4 99 100 #define SH_PORT_MISS 0 101 #define SH_PORT_ISOK 1 102 #define SH_PORT_UNKN 2 103 104 #define SH_PORT_NOREPT 0 105 #define SH_PORT_REPORT 1 106 107 #define SH_PROTO_TCP 0 108 #define SH_PROTO_UDP 1 109 #define SH_PROTO_STR(a) (((a) == IPPROTO_TCP) ? _("tcp") : _("udp")) 110 111 struct sh_portentry { 112 int port; 113 char interface[SH_INTERFACE_SIZE]; 114 char * service; 115 char * error; 116 int flag; /* required or not */ 117 int status; /* missing or not */ 118 struct sh_portentry * next; 119 }; 120 121 static struct sh_portentry * portlist_tcp = NULL; 122 static struct sh_portentry * portlist_udp = NULL; 123 124 125 #define SH_PORTCHK_INTERVAL 300 126 127 static int sh_portchk_check_udp = 1; 128 static int sh_portchk_active = 1; 129 static int sh_portchk_interval = SH_PORTCHK_INTERVAL; 130 131 struct sh_port { 132 int port; 133 struct sh_sockaddr * paddr; 134 struct sh_port * next; 135 }; 136 137 static struct sh_port * blacklist_tcp = NULL; 138 static struct sh_port * blacklist_udp = NULL; 136 139 137 140 SH_MUTEX_STATIC(mutex_port_check, PTHREAD_MUTEX_INITIALIZER); … … 139 142 static int sh_portchk_severity = SH_ERR_SEVERE; 140 143 141 extern char * sh_port2proc_query(int proto, struct in_addr * saddr, int sport,144 extern char * sh_port2proc_query(int proto, struct sh_sockaddr * saddr, int sport, 142 145 unsigned long * pid, char * user, size_t userlen); 143 146 extern int sh_port2proc_prepare(); … … 168 171 /* verify whether port/interface is blacklisted (do not check) 169 172 */ 170 static int sh_portchk_is_blacklisted(int port, struct in_addrhaddr, int proto);173 static int sh_portchk_is_blacklisted(int port, struct sh_sockaddr * haddr, int proto); 171 174 172 175 #ifndef TEST_ONLY … … 379 382 380 383 static void sh_portchk_add_to_list (int proto, 381 int port, struct in_addr haddr,384 int port, struct sh_sockaddr * paddr, 382 385 char * service, 383 386 int flag, int status) … … 390 393 391 394 new->port = port; 392 s l_strlcpy (new->interface, inet_ntoa(haddr), SH_INTERFACE_SIZE);395 sh_ipvx_ntoa(new->interface, SH_INTERFACE_SIZE, paddr); 393 396 new->status = status; 394 397 new->flag = flag; … … 459 462 sh_portchk_kill_blacklist (head->next); 460 463 464 SH_FREE(head->paddr); 461 465 SH_FREE(head); 462 466 } … … 560 564 561 565 static struct sh_portentry * sh_portchk_get_from_list (int proto, int port, 562 struct in_addr haddr, char * service)566 struct sh_sockaddr * paddr, char * service) 563 567 { 564 568 struct sh_portentry * portlist; 565 char iface_all[8]; 566 567 sl_strlcpy (iface_all, _("0.0.0.0"), sizeof(iface_all)); 568 569 char str_addr[SH_IP_BUF]; 570 569 571 if (proto == IPPROTO_TCP) 570 572 portlist = portlist_tcp; … … 572 574 portlist = portlist_udp; 573 575 576 sh_ipvx_ntoa(str_addr, sizeof(str_addr), paddr); 577 574 578 if (service) 575 579 { … … 578 582 if (portlist->service && 579 583 0 == strcmp(service, portlist->service) && 580 ( 0 == strcmp(portlist->interface, inet_ntoa(haddr)) ||581 0 == strcmp(portlist->interface, iface_all)))584 ( 0 == strcmp(portlist->interface, str_addr) || 585 sh_ipvx_isany(paddr) )) 582 586 return portlist; 583 587 portlist = portlist->next; … … 589 593 { 590 594 if (port == portlist->port && 591 (0 == strcmp(portlist->interface, inet_ntoa(haddr))||592 0 == strcmp(portlist->interface, iface_all)))595 (0 == strcmp(portlist->interface, str_addr) || 596 sh_ipvx_isany(paddr) )) 593 597 return portlist; 594 598 portlist = portlist->next; … … 599 603 600 604 601 static void sh_portchk_cmp_to_list (int proto, int port, struct in_addr haddr, char * service)605 static void sh_portchk_cmp_to_list (int proto, int port, struct sh_sockaddr * paddr, char * service) 602 606 { 603 607 struct sh_portentry * portent; … … 605 609 606 610 607 portent = sh_portchk_get_from_list (proto, port, haddr, service);611 portent = sh_portchk_get_from_list (proto, port, paddr, service); 608 612 609 613 if (service) … … 614 618 unsigned long qpid; 615 619 char user[USER_MAX]; 620 char saddr[SH_IP_BUF]; 621 622 sh_ipvx_ntoa(saddr, sizeof(saddr), paddr); 616 623 617 624 snprintf (errbuf, sizeof(errbuf), _("port: %s:%d/%s (%s)"), 618 inet_ntoa(haddr), port, SH_PROTO_STR(proto), service);625 saddr, port, SH_PROTO_STR(proto), service); 619 626 #ifdef TEST_ONLY 620 627 fprintf(stderr, _("open port: %s:%d/%s (%s)\n"), 621 inet_ntoa(haddr), port, SH_PROTO_STR(proto), service);622 #else 623 path = sh_port2proc_query(proto, &haddr, port, &qpid, user, sizeof(user));628 saddr, port, SH_PROTO_STR(proto), service); 629 #else 630 path = sh_port2proc_query(proto, paddr, port, &qpid, user, sizeof(user)); 624 631 SH_MUTEX_LOCK(mutex_thread_nolog); 625 632 sh_error_handle(sh_portchk_severity, FIL__, __LINE__, 0, … … 631 638 * was not there, thus it is not in 'required' or 'optional' list 632 639 */ 633 sh_portchk_add_to_list (proto, port, haddr, service, SH_PORT_NOT, SH_PORT_ISOK);640 sh_portchk_add_to_list (proto, port, paddr, service, SH_PORT_NOT, SH_PORT_ISOK); 634 641 } 635 642 else if (portent->status == SH_PORT_MISS && portent->flag != SH_PORT_IGN) … … 638 645 unsigned long qpid; 639 646 char user[USER_MAX]; 647 char saddr[SH_IP_BUF]; 648 649 sh_ipvx_ntoa(saddr, sizeof(saddr), paddr); 640 650 641 651 snprintf (errbuf, sizeof(errbuf), _("port: %s:%d/%s (%s), was %d/%s"), 642 inet_ntoa(haddr), port, SH_PROTO_STR(proto), service, portent->port, SH_PROTO_STR(proto));652 saddr, port, SH_PROTO_STR(proto), service, portent->port, SH_PROTO_STR(proto)); 643 653 #ifdef TEST_ONLY 644 654 fprintf(stderr, _("service: %s\n"), errbuf); 645 655 #else 646 path = sh_port2proc_query(proto, &haddr, port, &qpid, user, sizeof(user));656 path = sh_port2proc_query(proto, paddr, port, &qpid, user, sizeof(user)); 647 657 SH_MUTEX_LOCK(mutex_thread_nolog); 648 658 sh_error_handle(sh_portchk_severity, FIL__, __LINE__, 0, … … 659 669 unsigned long qpid; 660 670 char user[USER_MAX]; 671 char saddr[SH_IP_BUF]; 672 673 sh_ipvx_ntoa(saddr, sizeof(saddr), paddr); 661 674 662 675 snprintf (errbuf, sizeof(errbuf), _("port: %s:%d/%s (%s), was %d/%s"), 663 inet_ntoa(haddr), port, SH_PROTO_STR(proto), service, portent->port, SH_PROTO_STR(proto));676 saddr, port, SH_PROTO_STR(proto), service, portent->port, SH_PROTO_STR(proto)); 664 677 #ifdef TEST_ONLY 665 678 fprintf(stderr, _("service: %s\n"), errbuf); 666 679 #else 667 path = sh_port2proc_query(proto, &haddr, port, &qpid, user, sizeof(user));680 path = sh_port2proc_query(proto, paddr, port, &qpid, user, sizeof(user)); 668 681 SH_MUTEX_LOCK(mutex_thread_nolog); 669 682 sh_error_handle(sh_portchk_severity, FIL__, __LINE__, 0, … … 687 700 unsigned long qpid; 688 701 char user[USER_MAX]; 702 char saddr[SH_IP_BUF]; 703 704 sh_ipvx_ntoa(saddr, sizeof(saddr), paddr); 689 705 690 706 snprintf (errbuf, sizeof(errbuf), _("port: %s:%d/%s (%s)"), 691 inet_ntoa(haddr), port, SH_PROTO_STR(proto), check_services(port, proto));707 saddr, port, SH_PROTO_STR(proto), check_services(port, proto)); 692 708 #ifdef TEST_ONLY 693 709 fprintf(stderr, _("open port: %s:%d/%s (%s)\n"), 694 inet_ntoa(haddr), port, SH_PROTO_STR(proto), check_services(port, proto));695 #else 696 path = sh_port2proc_query(proto, &haddr, port, &qpid, user, sizeof(user));710 saddr, port, SH_PROTO_STR(proto), check_services(port, proto)); 711 #else 712 path = sh_port2proc_query(proto, paddr, port, &qpid, user, sizeof(user)); 697 713 SH_MUTEX_LOCK(mutex_thread_nolog); 698 714 sh_error_handle(sh_portchk_severity, FIL__, __LINE__, 0, … … 704 720 /* was not there, thus it is not in 'required' or 'optional' list 705 721 */ 706 sh_portchk_add_to_list (proto, port, haddr, service, SH_PORT_NOT, SH_PORT_ISOK);722 sh_portchk_add_to_list (proto, port, paddr, service, SH_PORT_NOT, SH_PORT_ISOK); 707 723 } 708 724 else if (portent->status == SH_PORT_MISS && portent->flag != SH_PORT_IGN) … … 711 727 unsigned long qpid; 712 728 char user[USER_MAX]; 729 char saddr[SH_IP_BUF]; 730 731 sh_ipvx_ntoa(saddr, sizeof(saddr), paddr); 713 732 714 733 snprintf (errbuf, sizeof(errbuf), _("port: %s:%d/%s (%s)"), 715 inet_ntoa(haddr), port, SH_PROTO_STR(proto), check_services(port, proto));734 saddr, port, SH_PROTO_STR(proto), check_services(port, proto)); 716 735 #ifdef TEST_ONLY 717 736 fprintf(stderr, _("port : %s\n"), errbuf); 718 737 #else 719 path = sh_port2proc_query(proto, &haddr, port, &qpid, user, sizeof(user));738 path = sh_port2proc_query(proto, paddr, port, &qpid, user, sizeof(user)); 720 739 SH_MUTEX_LOCK(mutex_thread_nolog); 721 740 sh_error_handle(sh_portchk_severity, FIL__, __LINE__, 0, … … 799 818 } 800 819 801 static int check_port_udp_internal (int fd, int port, struct in_addr haddr) 802 { 803 struct sockaddr_in sinr; 804 /* struct in_addr haddr; */ 820 static int check_port_udp_internal (int fd, int port, struct sh_sockaddr * paddr) 821 { 805 822 int retval; 806 char * p ;823 char * p = NULL; 807 824 char buf[8]; 808 825 #ifndef TEST_ONLY … … 811 828 #endif 812 829 char errbuf[SH_ERRBUF_SIZE]; 813 814 /* inet_aton(interface, &haddr); */ 815 816 sinr.sin_family = AF_INET; 817 sinr.sin_port = htons (port); 818 sinr.sin_addr = haddr; 830 char ipbuf[SH_IP_BUF]; 831 832 sh_ipvx_set_port(paddr, port); 819 833 820 834 do { 821 retval = connect(fd, (struct sockaddr *) &sinr, sizeof(sinr));835 retval = connect(fd, sh_ipvx_sockaddr_cast(paddr), SH_SSP_LEN(paddr)); 822 836 } while (retval < 0 && (errno == EINTR || errno == EINPROGRESS)); 823 837 … … 828 842 perror(_("connect")); 829 843 #else 844 sh_ipvx_ntoa(ipbuf, sizeof(ipbuf), paddr); 845 830 846 nerr = errno; 831 847 sl_snprintf(errmsg, sizeof(errmsg), _("check port: %5d/udp on %15s: %s"), 832 port, i net_ntoa(haddr), sh_error_message(errno, errbuf, sizeof(errbuf)));848 port, ipbuf, sh_error_message(errno, errbuf, sizeof(errbuf))); 833 849 SH_MUTEX_LOCK(mutex_thread_nolog); 834 850 sh_error_handle((-1), FIL__, __LINE__, nerr, MSG_E_SUBGEN, … … 845 861 if (retval == -1 && errno == ECONNREFUSED) 846 862 { 863 sh_ipvx_ntoa(ipbuf, sizeof(ipbuf), paddr); 847 864 if (portchk_debug) 848 865 fprintf(stderr, _("check port: %5d/udp on %15s established/time_wait\n"), 849 port, i net_ntoa(haddr));866 port, ipbuf); 850 867 } 851 868 else … … 859 876 if (retval == -1 && errno == ECONNREFUSED) 860 877 { 878 sh_ipvx_ntoa(ipbuf, sizeof(ipbuf), paddr); 861 879 if (portchk_debug) 862 880 fprintf(stderr, _("check port: %5d/udp on %15s established/time_wait\n"), 863 port, i net_ntoa(haddr));881 port, ipbuf); 864 882 } 865 883 else if (retval != -1) … … 867 885 /* Try to get service name from portmap 868 886 */ 869 p = check_rpc_list (port, &sinr, IPPROTO_UDP); 887 if (paddr->ss_family == AF_INET) 888 { 889 p = check_rpc_list (port, (struct sockaddr_in *) sh_ipvx_sockaddr_cast(paddr), IPPROTO_UDP); 890 } 870 891 871 sh_portchk_cmp_to_list (IPPROTO_UDP, port, haddr, p ? p : NULL);892 sh_portchk_cmp_to_list (IPPROTO_UDP, port, paddr, p ? p : NULL); 872 893 873 894 /* If not an RPC service, try to get name from /etc/services … … 877 898 878 899 if (portchk_debug) 879 fprintf(stderr, _("check port: %5d/udp on %15s open %s\n"), 880 port, inet_ntoa(haddr), p); 900 { 901 sh_ipvx_ntoa(ipbuf, sizeof(ipbuf), paddr); 902 fprintf(stderr, _("check port: %5d/udp on %15s open %s\n"), 903 port, ipbuf, p); 904 } 881 905 882 906 } … … 887 911 } 888 912 889 static int check_port_tcp_internal (int fd, int port, struct in_addr haddr) 890 { 891 struct sockaddr_in sinr; 892 /* struct in_addr haddr; */ 913 static int check_port_tcp_internal (int fd, int port, struct sh_sockaddr * paddr) 914 { 893 915 int retval; 894 916 int flags; 895 char * p ;917 char * p = NULL; 896 918 #ifndef TEST_ONLY 897 919 char errmsg[256]; … … 899 921 #endif 900 922 char errbuf[SH_ERRBUF_SIZE]; 901 902 /* inet_aton(interface, &haddr); */ 903 904 sinr.sin_family = AF_INET; 905 sinr.sin_port = htons (port); 906 sinr.sin_addr = haddr; 923 char ipbuf[SH_IP_BUF]; 924 925 sh_ipvx_set_port(paddr, port); 907 926 908 927 do { 909 retval = connect(fd, (struct sockaddr *) &sinr, sizeof(sinr));928 retval = connect(fd, sh_ipvx_sockaddr_cast(paddr), SH_SSP_LEN(paddr)); 910 929 } while (retval < 0 && (errno == EINTR || errno == EINPROGRESS)); 911 930 … … 913 932 { 914 933 if (portchk_debug) 915 fprintf(stderr, _("check port: %5d on %15s established/time_wait\n"), 916 port, inet_ntoa(haddr)); 934 { 935 sh_ipvx_ntoa(ipbuf, sizeof(ipbuf), paddr); 936 fprintf(stderr, _("check port: %5d on %15s established/time_wait\n"), 937 port, ipbuf); 938 } 917 939 } 918 940 else if (retval == -1) … … 922 944 perror(_("connect")); 923 945 #else 946 sh_ipvx_ntoa(ipbuf, sizeof(ipbuf), paddr); 924 947 nerr = errno; 925 948 sl_snprintf(errmsg, sizeof(errmsg), _("check port: %5d/tcp on %15s: %s"), 926 port, i net_ntoa(haddr), sh_error_message(errno, errbuf, sizeof(errbuf)));949 port, ipbuf, sh_error_message(errno, errbuf, sizeof(errbuf))); 927 950 SH_MUTEX_LOCK(mutex_thread_nolog); 928 951 sh_error_handle((-1), FIL__, __LINE__, nerr, MSG_E_SUBGEN, … … 935 958 /* Try to get service name from portmap 936 959 */ 937 p = check_rpc_list (port, &sinr, IPPROTO_TCP); 938 939 sh_portchk_cmp_to_list (IPPROTO_TCP, port, haddr, p ? p : NULL); 960 if (paddr->ss_family == AF_INET) 961 { 962 p = check_rpc_list (port, (struct sockaddr_in *) sh_ipvx_sockaddr_cast(paddr), IPPROTO_TCP); 963 } 964 965 sh_portchk_cmp_to_list (IPPROTO_TCP, port, paddr, p ? p : NULL); 940 966 941 967 /* If not an RPC service, try to get name from /etc/services … … 945 971 946 972 if (portchk_debug) 947 fprintf(stderr, _("check port: %5d on %15s open %s\n"), 948 port, inet_ntoa(haddr), p); 973 { 974 sh_ipvx_ntoa(ipbuf, sizeof(ipbuf), paddr); 975 fprintf(stderr, _("check port: %5d on %15s open %s\n"), 976 port, ipbuf, p); 977 } 949 978 950 979 #if !defined(O_NONBLOCK) … … 1011 1040 1012 1041 struct portchk_interfaces { 1013 struct in_addr iface[SH_IFACE_MAX];1042 struct sh_sockaddr iface[SH_IFACE_MAX]; 1014 1043 int used; 1015 1044 }; … … 1026 1055 static int sh_portchk_init_internal (void) 1027 1056 { 1028 struct hostent * hent;1029 1057 volatile int i; /* might be clobbered by âlongjmpâ or âvforkâ*/ 1030 1058 char errbuf[256]; 1059 #if defined(USE_IPVX) 1060 struct addrinfo hints; 1061 struct addrinfo *res; 1062 #else 1063 struct hostent * hent; 1064 #endif 1065 char ipbuf[SH_IP_BUF]; 1031 1066 1032 1067 if (portchk_debug) … … 1045 1080 iface_initialized = 1; 1046 1081 } 1047 1082 1083 #if !defined(USE_IPVX) 1048 1084 SH_MUTEX_LOCK(mutex_resolv); 1049 1085 hent = sh_gethostbyname(portchk_hostname); … … 1051 1087 while (hent && hent->h_addr_list[i] && (iface_list.used < SH_IFACE_MAX)) 1052 1088 { 1053 memcpy (&(iface_list.iface[iface_list.used].s_addr), hent->h_addr_list[i], sizeof(in_addr_t)); 1089 struct sockaddr_in sin; 1090 1091 memcpy(&(sin.sin_addr.s_addr), hent->h_addr_list[i], sizeof(in_addr_t)); 1092 sh_ipvx_save(&(iface_list.iface[iface_list.used]), 1093 AF_INET, (struct sockaddr *)&sin); 1054 1094 ++iface_list.used; 1055 1095 ++i; 1056 1096 } 1057 1097 SH_MUTEX_UNLOCK(mutex_resolv); 1098 #else 1099 memset(&hints, '\0', sizeof(hints)); 1100 hints.ai_family = PF_UNSPEC; 1101 hints.ai_flags = AI_ADDRCONFIG; 1102 1103 if (0 == getaddrinfo(portchk_hostname, NULL, &hints, &res)) 1104 { 1105 struct addrinfo *p = res; 1106 1107 while ((p != NULL) && (iface_list.used < SH_IFACE_MAX)) 1108 { 1109 sh_ipvx_save(&(iface_list.iface[iface_list.used]), 1110 p->ai_family, p->ai_addr); 1111 ++iface_list.used; 1112 p = p->ai_next; 1113 } 1114 freeaddrinfo(res); 1115 } 1116 #endif 1058 1117 1059 1118 for (i = 0; i < iface_list.used; ++i) 1060 1119 { 1061 sl_snprintf(errbuf, sizeof(errbuf), _("interface: %s"), 1062 inet_ntoa(iface_list.iface[i])); 1120 sh_ipvx_ntoa(ipbuf, sizeof(ipbuf), &(iface_list.iface[i])); 1121 sl_snprintf(errbuf, sizeof(errbuf), _("interface: %s"), ipbuf); 1122 1063 1123 SH_MUTEX_LOCK(mutex_thread_nolog); 1064 1124 sh_error_handle(SH_ERR_INFO, FIL__, __LINE__, 0, MSG_E_SUBGEN, … … 1136 1196 #endif 1137 1197 1138 static int check_port_generic (int port, int type, int protocol)1198 static int check_port_generic (int port, int domain, int type, int protocol) 1139 1199 { 1140 1200 volatile int i = 0; 1141 1201 int sock = -1; 1142 1202 int flag = 1; /* non-zero to enable an option */ 1143 struct in_addr haddr;1203 struct sh_sockaddr paddr; 1144 1204 char errbuf[SH_ERRBUF_SIZE]; 1145 1205 … … 1148 1208 while (i < iface_list.used) 1149 1209 { 1150 haddr.s_addr = iface_list.iface[i].s_addr; 1151 1152 if (0 != sh_portchk_is_blacklisted(port, haddr, protocol)) 1153 { 1154 ++i; continue; 1155 } 1156 1157 if ((sock = socket(AF_INET, type, protocol)) < 0 ) 1210 memcpy(&paddr, &(iface_list.iface[i]), sizeof(paddr)); 1211 1212 if (paddr.ss_family != domain) 1213 { 1214 ++i; 1215 continue; 1216 } 1217 1218 if (0 != sh_portchk_is_blacklisted(port, &paddr, protocol)) 1219 { 1220 ++i; 1221 continue; 1222 } 1223 1224 if ((sock = socket(paddr.ss_family, type, protocol)) < 0 ) 1158 1225 { 1159 1226 ++i; … … 1187 1254 1188 1255 if (protocol == IPPROTO_TCP) 1189 check_port_tcp_internal(sock, port, haddr);1256 check_port_tcp_internal(sock, port, &paddr); 1190 1257 else 1191 check_port_udp_internal(sock, port, haddr);1258 check_port_udp_internal(sock, port, &paddr); 1192 1259 1193 1260 ++i; … … 1199 1266 1200 1267 1201 static int check_port_udp (int port )1202 { 1203 return check_port_generic(port, SOCK_DGRAM, IPPROTO_UDP);1204 } 1205 1206 static int check_port_tcp (int port )1207 { 1208 return check_port_generic(port, SOCK_STREAM, IPPROTO_TCP);1209 } 1210 1211 1212 1213 static int sh_portchk_scan_ports_generic (int min_port, int max_port_arg, int type, int protocol)1268 static int check_port_udp (int port, int domain) 1269 { 1270 return check_port_generic(port, domain, SOCK_DGRAM, IPPROTO_UDP); 1271 } 1272 1273 static int check_port_tcp (int port, int domain) 1274 { 1275 return check_port_generic(port, domain, SOCK_STREAM, IPPROTO_TCP); 1276 } 1277 1278 1279 static int sh_portchk_scan_ports_generic (int min_port, int max_port_arg, 1280 int domain, int type, int protocol) 1214 1281 { 1215 1282 /* … … 1224 1291 int flag = 1; /* non-zero to enable an option */ 1225 1292 1226 struct sockaddr_in addr; 1227 int addrlen = sizeof(addr); 1293 struct sockaddr_in addr4; 1294 struct sockaddr_in6 addr6; 1295 1296 int addrlen4 = sizeof(addr4); 1297 int addrlen6 = sizeof(addr6); 1298 1299 struct in6_addr anyaddr = IN6ADDR_ANY_INIT; 1300 1228 1301 char errbuf[SH_ERRBUF_SIZE]; 1229 1302 … … 1235 1308 for (port = min_port; port <= max_port; ++port) 1236 1309 { 1237 if ((sock = socket( AF_INET, type, protocol)) < 0 )1310 if ((sock = socket(domain, type, protocol)) < 0 ) 1238 1311 { 1239 1312 #ifdef TEST_ONLY … … 1263 1336 } 1264 1337 1265 addr.sin_family = AF_INET; 1266 addr.sin_port = htons(port); 1267 addr.sin_addr.s_addr = INADDR_ANY; 1268 1269 retval = bind (sock, (struct sockaddr *) &addr, addrlen); 1338 if (domain == AF_INET) 1339 { 1340 addr4.sin_family = AF_INET; 1341 addr4.sin_port = htons(port); 1342 addr4.sin_addr.s_addr = INADDR_ANY; 1343 retval = bind (sock, (struct sockaddr *) &addr4, addrlen4); 1344 } 1345 else 1346 { 1347 addr6.sin6_family = AF_INET6; 1348 addr6.sin6_port = htons(port); 1349 memcpy(&(addr6.sin6_addr.s6_addr), &anyaddr, sizeof(anyaddr)); 1350 retval = bind (sock, (struct sockaddr *) &addr6, addrlen6); 1351 } 1270 1352 1271 1353 if (retval == 0) … … 1282 1364 */ 1283 1365 if (protocol == IPPROTO_TCP) 1284 check_port_tcp(port );1366 check_port_tcp(port, domain); 1285 1367 else 1286 check_port_udp(port );1368 check_port_udp(port, domain); 1287 1369 } 1288 1370 else … … 1306 1388 static int sh_portchk_scan_ports_tcp (int min_port, int max_port) 1307 1389 { 1308 return sh_portchk_scan_ports_generic (min_port, max_port, SOCK_STREAM, IPPROTO_TCP); 1390 #if defined(USE_IPVX) 1391 sh_portchk_scan_ports_generic (min_port, max_port, AF_INET6, 1392 SOCK_STREAM, IPPROTO_TCP); 1393 #endif 1394 return sh_portchk_scan_ports_generic (min_port, max_port, AF_INET, 1395 SOCK_STREAM, IPPROTO_TCP); 1309 1396 } 1310 1397 1311 1398 static int sh_portchk_scan_ports_udp (int min_port, int max_port) 1312 1399 { 1313 return sh_portchk_scan_ports_generic (min_port, max_port, SOCK_DGRAM, IPPROTO_UDP); 1400 #if defined(USE_IPVX) 1401 sh_portchk_scan_ports_generic (min_port, max_port, AF_INET6, 1402 SOCK_DGRAM, IPPROTO_UDP); 1403 #endif 1404 return sh_portchk_scan_ports_generic (min_port, max_port, AF_INET, 1405 SOCK_DGRAM, IPPROTO_UDP); 1314 1406 } 1315 1407 … … 1320 1412 static int sh_portchk_add_interface (const char * str) 1321 1413 { 1322 struct in_addr haddr;1414 struct sh_sockaddr saddr; 1323 1415 char errbuf[256]; 1324 1416 char buf[64]; … … 1338 1430 if (*str) 1339 1431 { 1432 char ipbuf[SH_IP_BUF]; 1340 1433 unsigned int i = 0; 1341 while (*str && i < (sizeof(buf)-1) && *str != ',' && *str != ' ' && *str != '\t') 1434 while (*str && i < (sizeof(buf)-1) && 1435 *str != ',' && *str != ' ' && *str != '\t') 1342 1436 { 1343 1437 buf[i] = *str; ++str; ++i; … … 1345 1439 buf[i] = '\0'; 1346 1440 1347 if (0 == inet_aton(buf, &haddr))1441 if (0 == sh_ipvx_aton(buf, &saddr)) 1348 1442 return -1; 1349 1443 … … 1351 1445 return -1; 1352 1446 1353 sl_snprintf(errbuf, sizeof(errbuf), _("interface: %s"), inet_ntoa(haddr)); 1447 sh_ipvx_ntoa(ipbuf, sizeof(ipbuf), &saddr); 1448 sl_snprintf(errbuf, sizeof(errbuf), _("interface: %s"), ipbuf); 1354 1449 SH_MUTEX_LOCK(mutex_thread_nolog); 1355 1450 sh_error_handle(SH_ERR_INFO, FIL__, __LINE__, 0, MSG_E_SUBGEN, … … 1357 1452 SH_MUTEX_UNLOCK(mutex_thread_nolog); 1358 1453 1359 memcpy (&(iface_list.iface[iface_list.used] .s_addr), &(haddr.s_addr), sizeof(in_addr_t));1454 memcpy (&(iface_list.iface[iface_list.used]), &(saddr), sizeof(saddr)); 1360 1455 ++iface_list.used; 1361 1456 } … … 1367 1462 /* verify whether port/interface is blacklisted (do not check) 1368 1463 */ 1369 static int sh_portchk_is_blacklisted(int port, struct in_addr haddr, int proto) 1464 static int sh_portchk_is_blacklisted(int port, struct sh_sockaddr * saddr, 1465 int proto) 1370 1466 { 1371 1467 struct sh_port * head; … … 1380 1476 if (head->port == port) 1381 1477 { 1382 if ((head->haddr.s_addr == 0) || (head->haddr.s_addr == haddr.s_addr)) 1478 if (sh_ipvx_isany(head->paddr) || 1479 0 == sh_ipvx_cmp(head->paddr, saddr)) 1383 1480 return 1; 1384 1481 else … … 1391 1488 1392 1489 1393 static int sh_portchk_blacklist(int port, struct in_addr haddr, int proto)1490 static int sh_portchk_blacklist(int port, struct sh_sockaddr * saddr, int proto) 1394 1491 { 1395 1492 struct sh_port * black; … … 1405 1502 while (black) 1406 1503 { 1407 if (black->port == port && head->haddr.s_addr == haddr.s_addr) 1504 if (black->port == port && 1505 0 == sh_ipvx_cmp(head->paddr, saddr)) 1408 1506 return -1; 1409 1507 black = black->next; 1410 1508 } 1509 1411 1510 black = SH_ALLOC (sizeof(struct sh_port)); 1511 black->paddr = SH_ALLOC (sizeof(struct sh_sockaddr)); 1412 1512 black->port = port; 1413 black->haddr.s_addr = haddr.s_addr;1513 memcpy(black->paddr, saddr, sizeof(struct sh_sockaddr)); 1414 1514 black->next = head; 1415 1515 … … 1424 1524 /* Subroutine to add a required or optional port/service 1425 1525 */ 1426 static int sh_portchk_add_required_port_generic (char * service, char * interface, int type) 1526 static int sh_portchk_add_required_port_generic (char * service, 1527 char * interface, int type) 1427 1528 { 1428 1529 char buf[256]; … … 1431 1532 char * endptr; 1432 1533 unsigned long int port; 1433 struct in_addr haddr;1534 struct sh_sockaddr saddr; 1434 1535 struct sh_portentry * portent; 1435 1536 1436 if (0 == inet_aton(interface, &haddr))1537 if (0 == sh_ipvx_aton(interface, &saddr)) 1437 1538 return -1; 1438 1539 … … 1455 1556 */ 1456 1557 if (*endptr == '\0' && port <= 65535 && type == SH_PORT_BLACKLIST) 1457 return (sh_portchk_blacklist(port, haddr, proto));1558 return (sh_portchk_blacklist(port, &saddr, proto)); 1458 1559 1459 1560 if (*endptr != '\0') 1460 1561 { 1461 portent = sh_portchk_get_from_list (proto, -1, haddr, buf);1562 portent = sh_portchk_get_from_list (proto, -1, &saddr, buf); 1462 1563 if (!portent) 1463 sh_portchk_add_to_list (proto, -1, haddr, buf, type, SH_PORT_UNKN);1564 sh_portchk_add_to_list (proto, -1, &saddr, buf, type, SH_PORT_UNKN); 1464 1565 else 1465 1566 { … … 1477 1578 else if (port <= 65535) 1478 1579 { 1479 portent = sh_portchk_get_from_list (proto, port, haddr, NULL);1580 portent = sh_portchk_get_from_list (proto, port, &saddr, NULL); 1480 1581 if (!portent) 1481 sh_portchk_add_to_list (proto, port, haddr, NULL, type, SH_PORT_UNKN);1582 sh_portchk_add_to_list (proto, port, &saddr, NULL, type, SH_PORT_UNKN); 1482 1583 else 1483 1584 { … … 1669 1770 { 1670 1771 #if defined(SH_USE_PORTCHECK) && (defined(SH_WITH_CLIENT) || defined(SH_STANDALONE)) 1671 struct in_addrhaddr_local;1772 struct sh_sockaddr haddr_local; 1672 1773 struct sh_portentry * portent; 1673 1774 char buf[256]; … … 1704 1805 CuAssertTrue(tc, 0 == strcmp(buf, "daytime")); 1705 1806 1706 CuAssertTrue(tc, 0 != inet_aton("127.0.0.1", &haddr_local));1707 1708 sh_portchk_add_to_list (IPPROTO_TCP, 8000, haddr_local, NULL, SH_PORT_NOT, SH_PORT_UNKN);1709 1710 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, haddr_local, NULL);1807 CuAssertTrue(tc, 0 != sh_ipvx_aton("127.0.0.1", &haddr_local)); 1808 1809 sh_portchk_add_to_list (IPPROTO_TCP, 8000, &haddr_local, NULL, SH_PORT_NOT, SH_PORT_UNKN); 1810 1811 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, &haddr_local, NULL); 1711 1812 CuAssertPtrNotNull(tc, portent); 1712 1813 … … 1720 1821 CuAssertTrue(tc, NULL == portlist_tcp); 1721 1822 1722 sh_portchk_add_to_list (IPPROTO_TCP, 8000, haddr_local, NULL, SH_PORT_REQ, SH_PORT_UNKN);1723 sh_portchk_add_to_list (IPPROTO_TCP, 8001, haddr_local, NULL, SH_PORT_NOT, SH_PORT_UNKN);1724 sh_portchk_add_to_list (IPPROTO_TCP, 8002, haddr_local, NULL, SH_PORT_REQ, SH_PORT_UNKN);1725 sh_portchk_add_to_list (IPPROTO_TCP, 8003, haddr_local, NULL, SH_PORT_NOT, SH_PORT_UNKN);1726 sh_portchk_add_to_list (IPPROTO_TCP, 8004, haddr_local, NULL, SH_PORT_IGN, SH_PORT_UNKN);1727 sh_portchk_add_to_list (IPPROTO_TCP, -1, haddr_local, "foo1", SH_PORT_NOT, SH_PORT_UNKN);1728 sh_portchk_add_to_list (IPPROTO_TCP, -1, haddr_local, "foo2", SH_PORT_REQ, SH_PORT_UNKN);1729 sh_portchk_add_to_list (IPPROTO_TCP, -1, haddr_local, "foo3", SH_PORT_NOT, SH_PORT_UNKN);1730 sh_portchk_add_to_list (IPPROTO_TCP, -1, haddr_local, "foo4", SH_PORT_REQ, SH_PORT_UNKN);1731 sh_portchk_add_to_list (IPPROTO_TCP, -1, haddr_local, "foo5", SH_PORT_IGN, SH_PORT_UNKN);1823 sh_portchk_add_to_list (IPPROTO_TCP, 8000, &haddr_local, NULL, SH_PORT_REQ, SH_PORT_UNKN); 1824 sh_portchk_add_to_list (IPPROTO_TCP, 8001, &haddr_local, NULL, SH_PORT_NOT, SH_PORT_UNKN); 1825 sh_portchk_add_to_list (IPPROTO_TCP, 8002, &haddr_local, NULL, SH_PORT_REQ, SH_PORT_UNKN); 1826 sh_portchk_add_to_list (IPPROTO_TCP, 8003, &haddr_local, NULL, SH_PORT_NOT, SH_PORT_UNKN); 1827 sh_portchk_add_to_list (IPPROTO_TCP, 8004, &haddr_local, NULL, SH_PORT_IGN, SH_PORT_UNKN); 1828 sh_portchk_add_to_list (IPPROTO_TCP, -1, &haddr_local, "foo1", SH_PORT_NOT, SH_PORT_UNKN); 1829 sh_portchk_add_to_list (IPPROTO_TCP, -1, &haddr_local, "foo2", SH_PORT_REQ, SH_PORT_UNKN); 1830 sh_portchk_add_to_list (IPPROTO_TCP, -1, &haddr_local, "foo3", SH_PORT_NOT, SH_PORT_UNKN); 1831 sh_portchk_add_to_list (IPPROTO_TCP, -1, &haddr_local, "foo4", SH_PORT_REQ, SH_PORT_UNKN); 1832 sh_portchk_add_to_list (IPPROTO_TCP, -1, &haddr_local, "foo5", SH_PORT_IGN, SH_PORT_UNKN); 1732 1833 1733 1834 sh_portchk_check_list (&portlist_tcp, IPPROTO_TCP, SH_PORT_NOREPT); … … 1735 1836 CuAssertPtrNotNull(tc, portlist_tcp); 1736 1837 1737 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, haddr_local, NULL);1838 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, &haddr_local, NULL); 1738 1839 CuAssertPtrNotNull(tc, portent); 1739 1840 1740 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8001, haddr_local, NULL);1841 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8001, &haddr_local, NULL); 1741 1842 CuAssertTrue(tc, NULL == portent); 1742 1843 1743 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8002, haddr_local, NULL);1844 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8002, &haddr_local, NULL); 1744 1845 CuAssertPtrNotNull(tc, portent); 1745 1846 1746 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8003, haddr_local, NULL);1847 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8003, &haddr_local, NULL); 1747 1848 CuAssertTrue(tc, NULL == portent); 1748 1849 1749 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8004, haddr_local, NULL);1850 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8004, &haddr_local, NULL); 1750 1851 CuAssertPtrNotNull(tc, portent); 1751 1852 1752 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, haddr_local, "foo1");1853 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, &haddr_local, "foo1"); 1753 1854 CuAssertTrue(tc, NULL == portent); 1754 1855 1755 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, haddr_local, "foo2");1856 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, &haddr_local, "foo2"); 1756 1857 CuAssertPtrNotNull(tc, portent); 1757 1858 CuAssertTrue(tc, 0 == strcmp(portent->service, "foo2")); 1758 1859 1759 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, haddr_local, "foo3");1860 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, &haddr_local, "foo3"); 1760 1861 CuAssertTrue(tc, NULL == portent); 1761 1862 1762 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, haddr_local, "foo4");1863 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, &haddr_local, "foo4"); 1763 1864 CuAssertPtrNotNull(tc, portent); 1764 1865 CuAssertTrue(tc, 0 == strcmp(portent->service, "foo4")); 1765 1866 1766 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, haddr_local, "foo5");1867 portent = sh_portchk_get_from_list(IPPROTO_TCP, 8000, &haddr_local, "foo5"); 1767 1868 CuAssertPtrNotNull(tc, portent); 1768 1869 CuAssertTrue(tc, 0 == strcmp(portent->service, "foo5")); 1769 1870 1770 CuAssertTrue(tc, 0 == sh_portchk_blacklist(666, haddr_local, IPPROTO_TCP));1771 CuAssertTrue(tc, 0 != sh_portchk_blacklist(666, haddr_local, IPPROTO_TCP));1772 CuAssertTrue(tc, 0 == sh_portchk_blacklist(667, haddr_local, IPPROTO_TCP));1773 CuAssertTrue(tc, 0 == sh_portchk_blacklist(668, haddr_local, IPPROTO_TCP));1774 CuAssertTrue(tc, 0 == sh_portchk_blacklist(666, haddr_local, IPPROTO_UDP));1775 CuAssertTrue(tc, 0 != sh_portchk_blacklist(666, haddr_local, IPPROTO_UDP));1776 CuAssertTrue(tc, 0 == sh_portchk_blacklist(667, haddr_local, IPPROTO_UDP));1777 CuAssertTrue(tc, 0 == sh_portchk_blacklist(668, haddr_local, IPPROTO_UDP));1778 1779 CuAssertTrue(tc, 0 != sh_portchk_is_blacklisted(668, haddr_local, IPPROTO_UDP));1780 CuAssertTrue(tc, 0 != sh_portchk_is_blacklisted(667, haddr_local, IPPROTO_UDP));1781 CuAssertTrue(tc, 0 != sh_portchk_is_blacklisted(666, haddr_local, IPPROTO_UDP));1782 CuAssertTrue(tc, 0 == sh_portchk_is_blacklisted(665, haddr_local, IPPROTO_UDP));1783 1784 CuAssertTrue(tc, 0 != sh_portchk_is_blacklisted(668, haddr_local, IPPROTO_TCP));1785 CuAssertTrue(tc, 0 != sh_portchk_is_blacklisted(667, haddr_local, IPPROTO_TCP));1786 CuAssertTrue(tc, 0 != sh_portchk_is_blacklisted(666, haddr_local, IPPROTO_TCP));1787 CuAssertTrue(tc, 0 == sh_portchk_is_blacklisted(665, haddr_local, IPPROTO_TCP));1871 CuAssertTrue(tc, 0 == sh_portchk_blacklist(666, &haddr_local, IPPROTO_TCP)); 1872 CuAssertTrue(tc, 0 != sh_portchk_blacklist(666, &haddr_local, IPPROTO_TCP)); 1873 CuAssertTrue(tc, 0 == sh_portchk_blacklist(667, &haddr_local, IPPROTO_TCP)); 1874 CuAssertTrue(tc, 0 == sh_portchk_blacklist(668, &haddr_local, IPPROTO_TCP)); 1875 CuAssertTrue(tc, 0 == sh_portchk_blacklist(666, &haddr_local, IPPROTO_UDP)); 1876 CuAssertTrue(tc, 0 != sh_portchk_blacklist(666, &haddr_local, IPPROTO_UDP)); 1877 CuAssertTrue(tc, 0 == sh_portchk_blacklist(667, &haddr_local, IPPROTO_UDP)); 1878 CuAssertTrue(tc, 0 == sh_portchk_blacklist(668, &haddr_local, IPPROTO_UDP)); 1879 1880 CuAssertTrue(tc, 0 != sh_portchk_is_blacklisted(668, &haddr_local, IPPROTO_UDP)); 1881 CuAssertTrue(tc, 0 != sh_portchk_is_blacklisted(667, &haddr_local, IPPROTO_UDP)); 1882 CuAssertTrue(tc, 0 != sh_portchk_is_blacklisted(666, &haddr_local, IPPROTO_UDP)); 1883 CuAssertTrue(tc, 0 == sh_portchk_is_blacklisted(665, &haddr_local, IPPROTO_UDP)); 1884 1885 CuAssertTrue(tc, 0 != sh_portchk_is_blacklisted(668, &haddr_local, IPPROTO_TCP)); 1886 CuAssertTrue(tc, 0 != sh_portchk_is_blacklisted(667, &haddr_local, IPPROTO_TCP)); 1887 CuAssertTrue(tc, 0 != sh_portchk_is_blacklisted(666, &haddr_local, IPPROTO_TCP)); 1888 CuAssertTrue(tc, 0 == sh_portchk_is_blacklisted(665, &haddr_local, IPPROTO_TCP)); 1788 1889 #else 1789 1890 (void) tc; /* fix compiler warning */ -
trunk/src/sh_registry.c
r294 r295 447 447 } 448 448 449 #if !defined(KEY_WOW64_64KEY) 450 #define KEY_WOW64_64KEY 0x0100; 451 #endif 452 #if !defined(KEY_WOW64_32KEY) 453 #define KEY_WOW64_32KEY 0x0200; 454 #endif 449 455 450 456 … … 790 796 791 797 792 int CheckThisSubkey (HKEY key, char * subkey, char * path, int isSingle) 798 int CheckThisSubkey (HKEY key, char * subkey, char * path, int isSingle, 799 int view) 793 800 { 794 801 HKEY hTestKey; … … 826 833 subkey, 827 834 0, 828 KEY_READ,835 (KEY_READ | view), 829 836 &hTestKey) == ERROR_SUCCESS 830 837 ) … … 867 874 char path[20] = ""; 868 875 int pos = 0; 876 int retval = -1; 869 877 870 878 if (0 == strncmp(key, _("HKEY_CLASSES_ROOT"), 17)) … … 924 932 return -1; 925 933 } 926 927 return CheckThisSubkey (topKey, subkey, path, isSingle); 934 935 /************************ 936 if (ShCheckBothViews) 937 { 938 CheckThisSubkey (topKey, subkey, path, isSingle, KEY_WOW64_32KEY); 939 return CheckThisSubkey (topKey, subkey, path, isSingle, KEY_WOW64_64KEY); 940 } 941 *************************/ 942 943 return CheckThisSubkey (topKey, subkey, path, isSingle, 0); 928 944 } 929 945 -
trunk/src/sh_socket.c
r272 r295 557 557 char message[SH_MAXMSG]; 558 558 struct sockaddr_un name; 559 int size; 559 ACCEPT_TYPE_ARG3 size = sizeof(name); 560 560 561 int nbytes; 561 562 int talkfd; … … 636 637 * 'name' is the address of the sender socket 637 638 */ 638 size = sizeof (name); 639 talkfd = retry_accept(FIL__, __LINE__, 640 pf_unix_fd, (struct sockaddr *) & name, &size); 639 do { 640 talkfd = accept(pf_unix_fd, (struct sockaddr *) &name, &size); 641 } while (talkfd < 0 && errno == EINTR); 642 641 643 if ((talkfd < 0) && (errno == EAGAIN)) 642 644 { -
trunk/src/sh_tools.c
r252 r295 89 89 #include "sh_static.h" 90 90 #include "sh_pthread.h" 91 #include "sh_ipvx.h" 91 92 92 93 #undef FIL__ … … 127 128 int sh_tools_iface_is_present(char *str) 128 129 { 130 #if defined(USE_IPVX) 131 struct addrinfo *ai; 132 struct addrinfo hints; 133 int res; 134 135 memset (&hints, '\0', sizeof (hints)); 136 hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG; 137 hints.ai_socktype = SOCK_STREAM; 138 res = getaddrinfo (str, _("2543"), &hints, &ai); 139 140 if (res == 0) 141 { 142 struct addrinfo *p = ai; 143 while (p != NULL) 144 { 145 int fd = socket (p->ai_family, p->ai_socktype, 146 p->ai_protocol); 147 148 if (fd < 0) 149 { 150 freeaddrinfo (ai); 151 return 0; 152 } 153 154 if (bind (fd, p->ai_addr, p->ai_addrlen) != 0) 155 { 156 /* bind() fails for access reasons, iface exists 157 */ 158 if (errno == EACCES || errno == EADDRINUSE) 159 { 160 sl_close_fd (FIL__, __LINE__, fd); 161 freeaddrinfo (ai); 162 return 1; 163 } 164 165 sl_close_fd (FIL__, __LINE__, fd); 166 freeaddrinfo (ai); 167 return 0; 168 } 169 170 sl_close_fd (FIL__, __LINE__, fd); 171 freeaddrinfo (ai); 172 return 1; 173 /* p = p->ai_next; */ 174 } 175 } 176 #else 129 177 struct sockaddr_in sin; 130 178 int sd; … … 158 206 return 1; 159 207 } 208 #endif 160 209 return 0; 161 210 } … … 428 477 } 429 478 430 int is_numeric (const char * address)431 {432 int j;433 int len = sl_strlen(address);434 435 for (j = 0; j < len; ++j)436 if ( (address[j] < '0' || address[j] > '9') && address[j] != '.')437 return (1 == 0);438 return (1 == 1);439 }440 441 479 #if defined (SH_WITH_SERVER) 442 480 … … 468 506 typedef struct _sin_cache { 469 507 char * address; 470 struct s ockaddr_in sin;508 struct sh_sockaddr saddr; 471 509 struct _sin_cache * next; 472 510 } sin_cache; … … 503 541 } 504 542 543 #if !defined(USE_IPVX) 505 544 int connect_port (char * address, int port, 506 545 char * ecall, int * errnum, char * errmsg, int errsiz) … … 537 576 address, sl_strlen(address))) 538 577 { 539 memcpy (&sinr, &( check_cache->sin), sizeof(struct sockaddr_in));578 memcpy (&sinr, &((check_cache->saddr).sin), sizeof(struct sockaddr_in)); 540 579 sinr.sin_family = AF_INET; 541 580 sinr.sin_port = htons (port); … … 657 696 check_cache->address = SH_ALLOC(sl_strlen(address) + 1); 658 697 sl_strlcpy (check_cache->address, address, sl_strlen(address) + 1); 659 memcpy(&(check_cache->sin), &sinr, sizeof(struct sockaddr_in)); 698 699 sh_ipvx_save(&(check_cache->saddr), AF_INET, (struct sockaddr *) &sinr); 700 660 701 ++cached_addr; 661 702 … … 710 751 SL_RETURN(retval, _("connect_port")); 711 752 } 753 #else 754 int connect_port (char * address, int port, 755 char * ecall, int * errnum, char * errmsg, int errsiz) 756 { 757 struct sockaddr_in *sin; 758 struct sockaddr_in6 *sin6; 759 struct sh_sockaddr ss; 760 sin_cache * check_cache = conn_cache; 761 int cached = 0; 762 int fail = 0; 763 int fd = -1; 764 int status = 0; 765 766 int retval; 767 char errbuf[SH_ERRBUF_SIZE]; 768 769 SL_ENTER(_("connect_port")); 770 771 /* paranoia -- should not happen 772 */ 773 if (cached_addr > 128) 774 delete_cache(); 775 776 if (check_cache != NULL) 777 { 778 while (check_cache && check_cache->address) 779 { 780 if ( 0 == sl_strncmp(check_cache->address, 781 address, sl_strlen(address))) 782 { 783 memcpy (&ss, &(check_cache->saddr), sizeof(struct sh_sockaddr)); 784 switch (ss.ss_family) 785 { 786 case AF_INET: 787 sin = &(ss.sin); 788 sin->sin_port = htons (port); 789 case AF_INET6: 790 sin6 = &(ss.sin6); 791 sin6->sin6_port = htons (port); 792 } 793 cached = 1; 794 break; 795 } 796 if (check_cache->next) 797 check_cache = check_cache->next; 798 else 799 check_cache = NULL; 800 } 801 } 802 803 if (cached != 0) 804 { 805 fd = socket(ss.ss_family, SOCK_STREAM, 0); 806 if (fd < 0) 807 { 808 status = errno; 809 fail = (-1); 810 sl_strlcpy(ecall, _("socket"), SH_MINIBUF); 811 *errnum = status; 812 sl_strlcpy(errmsg, sh_error_message (status, errbuf, sizeof(errbuf)), errsiz); 813 sl_strlcat(errmsg, _(", address "), errsiz); 814 sl_strlcat(errmsg, address, errsiz); 815 } 816 817 818 if (fail != (-1)) 819 { 820 int addrlen = SH_SS_LEN(ss); 821 822 if ( retry_connect(FIL__, __LINE__, fd, 823 sh_ipvx_sockaddr_cast(&ss), addrlen) < 0) 824 { 825 status = errno; 826 sl_strlcpy(ecall, _("connect"), SH_MINIBUF); 827 *errnum = status; 828 sl_strlcpy(errmsg, sh_error_message (status, errbuf, sizeof(errbuf)), errsiz); 829 sl_strlcat(errmsg, _(", address "), errsiz); 830 sl_strlcat(errmsg, address, errsiz); 831 sl_close_fd(FIL__, __LINE__, fd); 832 fail = (-1); 833 } 834 } 835 836 if (fail != 0) 837 { 838 delete_cache(); 839 cached = 0; 840 } 841 } 842 843 if (cached == 0) 844 { 845 int res; 846 char sport[32]; 847 struct addrinfo *ai; 848 struct addrinfo hints; 849 850 memset (&hints, '\0', sizeof (hints)); 851 hints.ai_flags = AI_ADDRCONFIG; 852 #if defined(AI_CANONNAME) 853 hints.ai_flags |= AI_CANONNAME; 854 #endif 855 hints.ai_socktype = SOCK_STREAM; 856 sl_snprintf(sport, sizeof(sport), "%d", port); 857 858 res = getaddrinfo (address, sport, &hints, &ai); 859 if (res != 0) 860 { 861 fail = (-1); 862 status = errno; 863 sl_strlcpy(ecall, _("getaddrinfo"), SH_MINIBUF); 864 *errnum = status; 865 sl_strlcpy(errmsg, gai_strerror (res), errsiz); 866 sl_strlcat(errmsg, _(", address "), errsiz); 867 sl_strlcat(errmsg, address, errsiz); 868 } 869 870 if (fail != (-1) && (DoReverseLookup == S_TRUE) && !sh_ipvx_is_numeric(address)) 871 { 872 struct addrinfo *p = ai; 873 int success = 0; 874 char hostname[SH_BUFSIZE]; 875 const char * canonical; 876 877 #if defined(AI_CANONNAME) 878 if (ai->ai_canonname && strlen(ai->ai_canonname) > 0) 879 { 880 canonical = ai->ai_canonname; 881 } 882 else 883 { 884 canonical = address; 885 } 886 #else 887 canonical = address; 888 #endif 889 890 while (p != NULL) 891 { 892 int e = getnameinfo (p->ai_addr, p->ai_addrlen, 893 hostname, sizeof(hostname), 894 NULL, 0, NI_NAMEREQD); 895 896 if (e == 0) 897 { 898 if (sl_strcasecmp(hostname, canonical) == 0) 899 { 900 success = 1; 901 break; 902 } 903 } 904 905 p = p->ai_next; 906 } 907 908 if (success == 0) 909 { 910 sl_strlcpy(ecall, _("strcmp"), SH_MINIBUF); 911 sl_strlcpy(errmsg, _("Reverse lookup failed: "), 912 errsiz); 913 sl_strlcat(errmsg, address, errsiz); 914 fail = -1; 915 freeaddrinfo (ai); 916 } 917 } 918 919 if (fail != (-1)) 920 { 921 struct addrinfo *p = ai; 922 923 while (p != NULL) 924 { 925 fd = socket(p->ai_family, p->ai_socktype, 926 p->ai_protocol); 927 928 if (fd != (-1)) 929 { 930 if (retry_connect(FIL__, __LINE__, fd, 931 p->ai_addr, p->ai_addrlen) >= 0) 932 { 933 /* put it into the cache 934 */ 935 check_cache = SH_ALLOC(sizeof(sin_cache)); 936 check_cache->address = SH_ALLOC(sl_strlen(address) + 1); 937 sl_strlcpy (check_cache->address, address, sl_strlen(address) + 1); 938 939 sh_ipvx_save(&(check_cache->saddr), p->ai_family, p->ai_addr); 940 941 ++cached_addr; 942 943 if (conn_cache) 944 { 945 if (conn_cache->next) 946 check_cache->next = conn_cache->next; 947 else 948 check_cache->next = NULL; 949 conn_cache->next = check_cache; 950 } 951 else 952 { 953 check_cache->next = NULL; 954 conn_cache = check_cache; 955 } 956 957 freeaddrinfo (ai); 958 goto end; 959 } 960 status = errno; 961 sl_close_fd(FIL__, __LINE__, fd); 962 } 963 else 964 { 965 status = errno; 966 } 967 p = p->ai_next; 968 } 969 fail = (-1); 970 freeaddrinfo (ai); 971 972 sl_strlcpy(ecall, _("connect"), SH_MINIBUF); 973 *errnum = status; 974 sl_strlcpy(errmsg, sh_error_message (status, errbuf, sizeof(errbuf)), errsiz); 975 sl_strlcat(errmsg, _(", address "), errsiz); 976 sl_strlcat(errmsg, address, errsiz); 977 } 978 } 979 980 end: 981 retval = (fail < 0) ? (-1) : fd; 982 SL_RETURN(retval, _("connect_port")); 983 984 } 985 #endif 712 986 713 987 int connect_port_2 (char * address1, char * address2, int port, -
trunk/src/sh_unix.c
r294 r295 98 98 #include "sh_hash.h" 99 99 #include "sh_tools.h" 100 #include "sh_ipvx.h" 100 101 #include "sh_tiger.h" 101 102 #include "sh_prelink.h" … … 1605 1606 { 1606 1607 struct utsname buf; 1607 struct hostent * he1;1608 1608 int i; 1609 1609 int ddot; … … 1611 1611 char * p; 1612 1612 char hostname[256]; 1613 char numeric[SH_IP_BUF]; 1614 char * canonical; 1613 1615 1614 1616 … … 1656 1658 } 1657 1659 1658 SH_MUTEX_LOCK(mutex_resolv); 1659 he1 = sh_gethostbyname(hostname); 1660 1661 if (he1 != NULL) 1662 { 1663 sl_strlcpy (sh.host.name, sh_unix_h_name(he1), SH_PATHBUF); 1664 sh_tolower (sh.host.name); 1665 } 1666 SH_MUTEX_UNLOCK(mutex_resolv); 1667 1668 if (he1 == NULL) 1669 { 1670 dlog(1, FIL__, __LINE__, 1671 _("According to uname, your nodename is %s, but your resolver\nlibrary cannot resolve this nodename to a FQDN. For more information, see the entry about self-resolving under 'Most frequently' in the FAQ that you will find in the docs/ subdirectory.\n"), 1672 hostname); 1660 canonical = sh_ipvx_canonical(hostname, numeric, sizeof(numeric)); 1661 1662 if (canonical == NULL) 1663 { 1673 1664 sl_strlcpy (sh.host.name, hostname, SH_PATHBUF); 1674 1665 sh_tolower (sh.host.name); 1675 1666 } 1676 1667 else 1668 { 1669 sl_strlcpy (sh.host.name, canonical, SH_PATHBUF); 1670 SH_FREE(canonical); 1671 } 1677 1672 1678 1673 /* check whether it looks like a FQDN … … 1683 1678 if (sh.host.name[i] == '.') ++ddot; 1684 1679 1685 if (ddot == 0 && he1 != NULL)1680 if (ddot == 0) 1686 1681 { 1687 1682 dlog(1, FIL__, __LINE__, 1688 1683 _("According to uname, your nodename is %s, but your resolver\nlibrary cannot resolve this nodename to a FQDN.\nRather, it resolves this to %s.\nFor more information, see the entry about self-resolving under\n'Most frequently' in the FAQ that you will find in the docs/ subdirectory.\n"), 1689 1684 hostname, sh.host.name); 1690 sl_strlcpy (sh.host.name, 1691 inet_ntoa (*(struct in_addr *) he1->h_addr), 1692 SH_PATHBUF); 1685 sl_strlcpy (sh.host.name, numeric, SH_PATHBUF); 1693 1686 SL_RET0(_("sh_unix_localhost")); 1694 1687 } 1695 1688 1696 if ( is_numeric(sh.host.name))1689 if (sh_ipvx_is_numeric(sh.host.name)) 1697 1690 { 1698 1691 dlog(1, FIL__, __LINE__, … … 1717 1710 struct utsname buf; 1718 1711 #endif 1719 struct hostent * he1;1720 1712 int i; 1721 1713 int ddot; 1722 1714 int len; 1723 1715 char hostname[1024]; 1724 1716 char numeric[SH_IP_BUF]; 1717 char * canonical; 1725 1718 1726 1719 SL_ENTER(_("sh_unix_localhost")); … … 1737 1730 hostname[1023] = '\0'; 1738 1731 1739 SH_MUTEX_LOCK(mutex_resolv); 1740 he1 = sh_gethostbyname(hostname); 1741 1742 if (he1 != NULL) 1743 { 1744 sl_strlcpy (sh.host.name, sh_unix_h_name(he1), SH_PATHBUF); 1732 canonical = sh_ipvx_canonical(hostname, numeric, sizeof(numeric)); 1733 1734 if (canonical == NULL) 1735 { 1736 sl_strlcpy (sh.host.name, hostname, SH_PATHBUF); 1745 1737 sh_tolower (sh.host.name); 1746 1738 } 1747 SH_MUTEX_UNLOCK(mutex_resolv); 1748 1749 if (he1 == NULL) 1750 { 1751 dlog(1, FIL__, __LINE__, 1752 _("According to gethostname, your nodename is %s, but your resolver\nlibrary cannot resolve this nodename to a FQDN.\nFor more information, see the entry about self-resolving under\n'Most frequently' in the FAQ that you will find in the docs/ subdirectory.\n"), 1753 hostname); 1754 sl_strlcpy (sh.host.name, _("localhost"), SH_PATHBUF); 1755 SL_RET0(_("sh_unix_localhost")); 1739 else 1740 { 1741 sl_strlcpy (sh.host.name, canonical, SH_PATHBUF); 1742 SH_FREE(canonical); 1756 1743 } 1757 1744 … … 1767 1754 _("According to uname, your nodename is %s, but your resolver\nlibrary cannot resolve this nodename to a FQDN.\nRather, it resolves this to %s.\nFor more information, see the entry about self-resolving under\n'Most frequently' in the FAQ that you will find in the docs/ subdirectory.\n"), 1768 1755 hostname, sh.host.name); 1769 sl_strlcpy (sh.host.name, 1770 inet_ntoa (*(struct in_addr *) he1->h_addr), 1771 SH_PATHBUF); 1756 sl_strlcpy (sh.host.name, numeric, SH_PATHBUF); 1772 1757 SL_RET0(_("sh_unix_localhost")); 1773 1758 } 1774 1759 1775 if ( is_numeric(sh.host.name))1760 if (sh_ipvx_is_numeric(sh.host.name)) 1776 1761 { 1777 1762 dlog(1, FIL__, __LINE__, -
trunk/src/sh_utmp.c
r290 r295 179 179 char name[UT_NAMESIZE+1]; 180 180 char ut_host[UT_HOSTSIZE+1]; 181 char ut_ship[ 16]; /* IP address */181 char ut_ship[SH_IP_BUF]; /* IP address */ 182 182 time_t time; 183 183 struct log_user * next; … … 454 454 455 455 #ifdef HAVE_UTADDR 456 #ifdef HAVE_INET_ATON 457 static char * my_inet_ntoa(struct in_addr in) 458 { 459 return /*@-unrecog@*/inet_ntoa(in)/*@+unrecog@*/; 460 } 461 #else 462 static char * my_inet_ntoa(struct in_addr in) 463 { 464 unsigned char a, b, c, d; 465 static char foo[16]; 466 char bar[4]; 467 memcpy (bar, &(in.s_addr), 4); /* memory alignment (?) */ 468 memcpy (&a, &bar[0], 1); 469 memcpy (&b, &bar[1], 1); 470 memcpy (&c, &bar[2], 1); 471 memcpy (&d, &bar[3], 1); 472 sprintf(foo, _("%d.%d.%d.%d"), /* known to fit */ 473 (int) a, (int) b, (int) c, (int) d); 474 return foo; 456 #ifdef HAVE_UTADDR_V6 457 static char * my_inet_ntoa(SINT32 * ut_addr_v6, char * buf, size_t buflen) 458 { 459 struct in_addr in; 460 461 buf[0] = '\0'; 462 463 if (0 == (ut_addr_v6[1] + ut_addr_v6[2] + ut_addr_v6[3])) 464 { 465 memcpy(&in, ut_addr_v6, sizeof(struct in_addr)); 466 sl_strlcpy(buf, inet_ntoa(in), buflen); 467 } 468 else 469 { 470 inet_ntop(AF_INET6, ut_addr_v6, buf, buflen); 471 } 472 return buf; 473 } 474 #else 475 static char * my_inet_ntoa(SINT32 ut_addr, char * buf, size_t buflen) 476 { 477 struct in_addr in; 478 479 buf[0] = '\0'; 480 481 memcpy(&in, ut_addr, sizeof(struct in_addr)); 482 sl_strlcpy(buf, inet_ntoa(in), buflen); 483 return buf; 475 484 } 476 485 #endif … … 915 924 #endif 916 925 #ifdef HAVE_UTADDR 917 /*@-type@*//* ut_addr does exist !!! */ 918 { 919 struct in_addr saddr; 920 memcpy (&saddr, &(ut->ut_addr), sizeof(struct in_addr)); 921 (void) sl_strlcpy((char*)(user->ut_ship), 922 my_inet_ntoa(saddr), 16); 923 } 924 /*@+type@*/ 926 #ifdef HAVE_UTADDR_V6 927 my_inet_ntoa(ut->ut_addr_v6, user->ut_ship, SH_IP_BUF); 928 #else 929 my_inet_ntoa(ut->ut_addr, user->ut_ship, SH_IP_BUF); 930 #endif 925 931 #endif 926 932 user->time = ut->ut_time; … … 1059 1065 #endif 1060 1066 #ifdef HAVE_UTADDR 1061 sl_strlcpy(user->ut_ship,my_inet_ntoa((struct in_addr)ut->ut_addr),16); 1067 #ifdef HAVE_UTADDR_V6 1068 my_inet_ntoa(ut->ut_addr_v6, user->ut_ship, SH_IP_BUF); 1069 #else 1070 my_inet_ntoa(ut->ut_addr, user->ut_ship, SH_IP_BUF); 1071 #endif 1062 1072 #endif 1063 1073 user->time = ut->ut_time; -
trunk/test/testrun_1e.sh
r212 r295 20 20 # 21 21 22 BUILDOPTS="--quiet $TRUST --enable- xml-log --enable-port-check --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"22 BUILDOPTS="--quiet $TRUST --enable-debug=gdb --enable-xml-log --enable-port-check --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file" 23 23 export BUILDOPTS 24 24
Note:
See TracChangeset
for help on using the changeset viewer.
