[src/trunk]: src/usr.sbin/lpr/lpd If hosts.lpd contains '+', don't insist on ...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/usr.sbin/lpr/lpd If hosts.lpd contains '+', don't insist on ...
From: is <is%NetBSD.org@localhost>
Date: Mon, 06 Apr 2020 21:33:42 +0000

details:   https://anonhg.NetBSD.org/src/rev/60ba15dfda01
branches:  trunk
changeset: 771101:60ba15dfda01
user:      is <is%NetBSD.org@localhost>
date:      Wed Nov 09 12:45:58 2011 +0000

description:
If hosts.lpd contains '+', don't insist on reverse DNS == forward DNS.

diffstat:

 usr.sbin/lpr/lpd/lpd.8 |   8 ++++-
 usr.sbin/lpr/lpd/lpd.c |  62 +++++++++++++++++++++++++++++++++++++------------
 2 files changed, 52 insertions(+), 18 deletions(-)

diffs (138 lines):

diff -r 802f6019d168 -r 60ba15dfda01 usr.sbin/lpr/lpd/lpd.8
--- a/usr.sbin/lpr/lpd/lpd.8    Wed Nov 09 07:40:27 2011 +0000
+++ b/usr.sbin/lpr/lpd/lpd.8    Wed Nov 09 12:45:58 2011 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: lpd.8,v 1.33 2006/01/22 21:31:17 wiz Exp $
+.\"    $NetBSD: lpd.8,v 1.34 2011/11/09 12:45:58 is Exp $
 .\"
 .\" Copyright (c) 1983, 1991, 1993
 .\"    The Regents of the University of California.  All rights reserved.
@@ -176,7 +176,11 @@
 the file
 .Pa /etc/hosts.equiv
 or
-.Pa /etc/hosts.lpd .
+.Pa /etc/hosts.lpd 
+unless there is a line consisting of '+', in which case any host
+will be accepted that passes the 
+.Xr hosts_access 5
+test and has reverse resolving set up.
 Lastly, if the
 .Li rs
 capability is specified in the
diff -r 802f6019d168 -r 60ba15dfda01 usr.sbin/lpr/lpd/lpd.c
--- a/usr.sbin/lpr/lpd/lpd.c    Wed Nov 09 07:40:27 2011 +0000
+++ b/usr.sbin/lpr/lpd/lpd.c    Wed Nov 09 12:45:58 2011 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: lpd.c,v 1.56 2011/08/30 19:27:37 joerg Exp $   */
+/*     $NetBSD: lpd.c,v 1.57 2011/11/09 12:45:58 is Exp $      */
 
 /*
  * Copyright (c) 1983, 1993, 1994
@@ -41,7 +41,7 @@
 #if 0
 static char sccsid[] = "@(#)lpd.c      8.7 (Berkeley) 5/10/95";
 #else
-__RCSID("$NetBSD: lpd.c,v 1.56 2011/08/30 19:27:37 joerg Exp $");
+__RCSID("$NetBSD: lpd.c,v 1.57 2011/11/09 12:45:58 is Exp $");
 #endif
 #endif /* not lint */
 
@@ -133,6 +133,7 @@
 static void            chkhost(struct sockaddr *, int);
 __dead static void     usage(void);
 static struct pollfd   *socksetup(int, int, const char *, int *);
+static void            chkplushost(int, FILE *, char*);
 
 uid_t  uid, euid;
 int child_count;
@@ -362,6 +363,35 @@
        }
 }
 
+/*
+ * If there was a forward/backward name resolution mismatch, check
+ * that there's a '+' entry in fhost.
+ */
+
+void
+chkplushost(int good, FILE *fhost, char *hst)
+{
+       int c1, c2, c3;
+
+       if (good) {
+               return;
+       }
+
+       rewind(fhost);
+       while (EOF != (c1 = fgetc(fhost))) {
+               if (c1 == '+') {
+                       c2 = fgetc(fhost);
+                       if (c2 == ' ' || c2 == '\t' || c2 == '\n') {
+                               return;
+                       }
+               }
+               do {
+                       c3 = fgetc(fhost);
+               } while (c3 != EOF && c3 != '\n');
+       }
+       fatal("address for your hostname (%s) not matched", hst);
+}
+
 static void
 reapchild(int signo)
 {
@@ -606,25 +636,23 @@
                fatal("Cannot print address");
 
        /* Check for spoof, ala rlogind */
+       good = 0;
        memset(&hints, 0, sizeof(hints));
        hints.ai_family = PF_UNSPEC;
        hints.ai_socktype = SOCK_DGRAM; /*dummy*/
        error = getaddrinfo(fromb, NULL, &hints, &res);
-       if (error) {
-               fatal("hostname for your address (%s) unknown: %s", hst,
-                   gai_strerror(error));
+       if (!error) {
+               for (r = res; good == 0 && r; r = r->ai_next) {
+                       error = getnameinfo(r->ai_addr, r->ai_addrlen,
+                                   ip, sizeof(ip), NULL, 0, NI_NUMERICHOST);
+                       if (!error && !strcmp(hst, ip))
+                               good = 1;
+               }
+               if (res)
+                       freeaddrinfo(res);
        }
-       good = 0;
-       for (r = res; good == 0 && r; r = r->ai_next) {
-               error = getnameinfo(r->ai_addr, r->ai_addrlen, ip, sizeof(ip),
-                                   NULL, 0, NI_NUMERICHOST);
-               if (!error && !strcmp(hst, ip))
-                       good = 1;
-       }
-       if (res)
-               freeaddrinfo(res);
-       if (good == 0)
-               fatal("address for your hostname (%s) not matched", hst);
+
+       /* complain about !good later in chkplushost if needed. */
 
        setproctitle("serving %s", from);
 
@@ -639,6 +667,7 @@
        hostf = fopen(_PATH_HOSTSEQUIV, "r");
        if (hostf) {
                if (__ivaliduser_sa(hostf, f, f->sa_len, DUMMY, DUMMY) == 0) {
+                       chkplushost(good, hostf, hst);
                        (void)fclose(hostf);
                        return;
                }
@@ -647,6 +676,7 @@
        hostf = fopen(_PATH_HOSTSLPD, "r");
        if (hostf) {
                if (__ivaliduser_sa(hostf, f, f->sa_len, DUMMY, DUMMY) == 0) {
+                       chkplushost(good, hostf, hst);
                        (void)fclose(hostf);
                        return;
                }

Prev by Date: [src/trunk]: src/usr.sbin/lpr/lpd Use Sq, and remove trailing whitespace.
Next by Date: [src/trunk]: src/tests/lib/libc/regex add a large timeout for libtre
Previous by Thread: [src/trunk]: src/usr.sbin/lpr/lpd Use Sq, and remove trailing whitespace.
Next by Thread: [src/trunk]: src/tests/lib/libc/regex add a large timeout for libtre
Indexes:

Home | Main Index | Thread Index | Old Index