2012-04-22 04:21:26 +02:00
|
|
|
--- hosts_access.c.orig
|
2008-10-13 18:39:38 +02:00
|
|
|
+++ hosts_access.c
|
2012-04-22 04:21:26 +02:00
|
|
|
@@ -63,6 +63,7 @@ static char sep[] = ", \t\r\n";
|
2008-10-13 18:39:38 +02:00
|
|
|
|
|
|
|
#define YES 1
|
|
|
|
#define NO 0
|
|
|
|
+#define ERR -1
|
|
|
|
|
|
|
|
/*
|
|
|
|
* These variables are globally visible so that they can be redirected in
|
2012-04-22 04:21:26 +02:00
|
|
|
@@ -125,7 +126,6 @@ int hosts_access(request)
|
2008-10-13 18:39:38 +02:00
|
|
|
struct request_info *request;
|
|
|
|
{
|
|
|
|
int verdict;
|
|
|
|
-
|
|
|
|
/*
|
|
|
|
* If the (daemon, client) pair is matched by an entry in the file
|
|
|
|
* /etc/hosts.allow, access is granted. Otherwise, if the (daemon,
|
2012-04-22 04:21:26 +02:00
|
|
|
@@ -148,9 +148,9 @@ struct request_info *request;
|
2008-10-13 18:39:38 +02:00
|
|
|
return (verdict == AC_PERMIT);
|
|
|
|
if (table_match(hosts_allow_table, request) == YES)
|
|
|
|
return (YES);
|
|
|
|
- if (table_match(hosts_deny_table, request))
|
|
|
|
- return (NO);
|
|
|
|
- return (YES);
|
|
|
|
+ if (table_match(hosts_deny_table, request) == NO)
|
|
|
|
+ return (YES);
|
|
|
|
+ return (NO);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* table_match - match table entries with (daemon, client) pair */
|
2012-04-22 04:21:26 +02:00
|
|
|
@@ -194,6 +194,7 @@ struct request_info *request;
|
2008-10-13 18:39:38 +02:00
|
|
|
(void) fclose(fp);
|
|
|
|
} else if (errno != ENOENT) {
|
|
|
|
tcpd_warn("cannot open %s: %m", table);
|
|
|
|
+ match = ERR;
|
|
|
|
}
|
|
|
|
if (match == YES) {
|
|
|
|
if (hosts_access_verbose > 1)
|