mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-25 04:43:33 +00:00
Add "identify" daemon wrapper. Allows one to add ident lookup and logging
to arbitrary daemons (like telnetd or fingerd).
This commit is contained in:
parent
53b6f388ef
commit
fb4a5e4afa
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=17563
17
security/identify/Makefile
Normal file
17
security/identify/Makefile
Normal file
@ -0,0 +1,17 @@
|
||||
# New ports collection makefile for: identify
|
||||
# Version required: 0.7
|
||||
# Date created: 13 March 1999
|
||||
# Whom: nsayer@quack.kfu.com
|
||||
#
|
||||
# $Id:$
|
||||
#
|
||||
|
||||
DISTNAME= identify-0.7
|
||||
CATEGORIES= devel net security
|
||||
MASTER_SITES= ftp://ftp.lysator.liu.se/pub/ident/tools/
|
||||
|
||||
MAINTAINER= nsayer@quack.kfu.com
|
||||
|
||||
BUILD_DEPEND= ${PORTSDIR}/security/libident
|
||||
|
||||
.include <bsd.port.mk>
|
1
security/identify/distinfo
Normal file
1
security/identify/distinfo
Normal file
@ -0,0 +1 @@
|
||||
MD5 (identify-0.7.tar.gz) = d3a20abd96027e2d5ac2de0de842e9a1
|
16
security/identify/files/patch-aa
Normal file
16
security/identify/files/patch-aa
Normal file
@ -0,0 +1,16 @@
|
||||
--- Makefile.orig Mon Jul 20 09:01:27 1992
|
||||
+++ Makefile Fri Apr 2 10:50:40 1999
|
||||
@@ -1,2 +1,11 @@
|
||||
-identify: identify.c
|
||||
- $(CC) -o identify identify.c -lauthuser
|
||||
+
|
||||
+CFLAGS+= -I/usr/local/include -L/usr/local/lib
|
||||
+
|
||||
+all: identify
|
||||
+
|
||||
+install: identify
|
||||
+ install identify ${PREFIX}/libexec
|
||||
+ install README ${PREFIX}/share/doc/identify
|
||||
+
|
||||
+identify: identify.o
|
||||
+ $(CC) $(CFLAGS) -o identify identify.o -lident
|
132
security/identify/files/patch-ab
Normal file
132
security/identify/files/patch-ab
Normal file
@ -0,0 +1,132 @@
|
||||
--- identify.c.orig Tue Feb 2 01:51:57 1993
|
||||
+++ identify.c Fri Apr 2 10:57:28 1999
|
||||
@@ -11,7 +11,7 @@
|
||||
#include <stdio.h>
|
||||
#include <signal.h>
|
||||
#include <syslog.h>
|
||||
-#include <authuser.h>
|
||||
+#include <ident.h>
|
||||
#include <netdb.h>
|
||||
#include <sys/types.h>
|
||||
#include <netinet/in.h>
|
||||
@@ -33,57 +33,43 @@
|
||||
int noidentify = 0;
|
||||
int bits = 0;
|
||||
int reject_flag = 0;
|
||||
-unsigned long inlocal;
|
||||
-unsigned long inremote;
|
||||
+struct in_addr inlocal;
|
||||
+struct in_addr inremote;
|
||||
int timeout = 120;
|
||||
-int rtimeout = 30;
|
||||
-
|
||||
-static char *host_address(ad)
|
||||
- unsigned long ad;
|
||||
-{
|
||||
- int a, b, c, d;
|
||||
- static char addr[20];
|
||||
-
|
||||
- d = ad % 256;
|
||||
- ad /= 256;
|
||||
- c = ad % 256;
|
||||
- ad /= 256;
|
||||
- b = ad % 256;
|
||||
- a = ad / 256;
|
||||
- sprintf(addr, "%d.%d.%d.%d", a, b, c, d);
|
||||
-
|
||||
- return addr;
|
||||
-}
|
||||
-
|
||||
|
||||
char *ident_get_identifier(fd, host, len)
|
||||
int fd;
|
||||
char *host;
|
||||
int len;
|
||||
{
|
||||
- unsigned short local;
|
||||
- unsigned short remote;
|
||||
-
|
||||
+ struct sockaddr_in sa;
|
||||
+ int l;
|
||||
|
||||
- if (auth_fd2(fd, &inlocal, &inremote,
|
||||
- &local, &remote) == -1)
|
||||
+ l=sizeof(sa);
|
||||
+ if (getsockname(fd,(struct sockaddr *)&sa,&l)<0)
|
||||
{
|
||||
if (debug)
|
||||
- perror("auth_fd2");
|
||||
-
|
||||
+ perror("getsockname()");
|
||||
return NULL;
|
||||
}
|
||||
+ inlocal=sa.sin_addr;
|
||||
+ if (getpeername(fd,(struct sockaddr *)&sa,&l)<0)
|
||||
+ {
|
||||
+ if (debug)
|
||||
+ perror("getpeername()");
|
||||
+ return NULL;
|
||||
+ }
|
||||
+ inremote=sa.sin_addr;
|
||||
|
||||
if (host)
|
||||
{
|
||||
struct hostent *hp;
|
||||
|
||||
-
|
||||
- hp = gethostbyaddr(&inremote,sizeof(struct in_addr),AF_INET);
|
||||
+ hp = gethostbyaddr((const char *)&inremote,sizeof(struct in_addr),AF_INET);
|
||||
if (hp)
|
||||
strncpy(host, hp->h_name, len);
|
||||
else
|
||||
- strncpy(host, host_address(inremote), len);
|
||||
+ strncpy(host, inet_ntoa(inremote), len);
|
||||
|
||||
host[len] = '\0';
|
||||
}
|
||||
@@ -91,16 +77,7 @@
|
||||
if (noidentify)
|
||||
return NULL;
|
||||
else
|
||||
- if (timeout)
|
||||
- {
|
||||
- if (rtimeout)
|
||||
- return auth_tcpuser4(inlocal, inremote, local, remote, timeout,
|
||||
- rtimeout);
|
||||
- else
|
||||
- return auth_tcpuser3(inlocal, inremote, local, remote, timeout);
|
||||
- }
|
||||
- else
|
||||
- return auth_tcpuser2(inlocal, inremote, local, remote);
|
||||
+ return ident_id(fd,timeout);
|
||||
}
|
||||
|
||||
|
||||
@@ -128,10 +105,6 @@
|
||||
timeout = atoi(argv[i]+2);
|
||||
break;
|
||||
|
||||
- case 'T':
|
||||
- rtimeout = atoi(argv[i]+2);
|
||||
- break;
|
||||
-
|
||||
case 'R':
|
||||
if (!argv[i][2])
|
||||
reject_flag = 1;
|
||||
@@ -241,13 +214,13 @@
|
||||
}
|
||||
}
|
||||
|
||||
- if ((bits && (inremote >> bits != inlocal >> bits)) ||
|
||||
+ if ((bits && (htonl(inremote.s_addr) >> bits != htonl(inlocal.s_addr) >> bits)) ||
|
||||
(reject_flag && !id))
|
||||
{
|
||||
if (id)
|
||||
- syslog(priority, "Rejecting from %s@%s", id, host_address(inremote));
|
||||
+ syslog(priority, "Rejecting from %s@%s", id, inet_ntoa(inremote));
|
||||
else
|
||||
- syslog(priority, "Rejecting from %s", host_address(inremote));
|
||||
+ syslog(priority, "Rejecting from %s", inet_ntoa(inremote));
|
||||
exit(1);
|
||||
}
|
||||
|
1
security/identify/pkg-comment
Normal file
1
security/identify/pkg-comment
Normal file
@ -0,0 +1 @@
|
||||
Client side ident protocol daemon wrapper
|
3
security/identify/pkg-descr
Normal file
3
security/identify/pkg-descr
Normal file
@ -0,0 +1,3 @@
|
||||
This is a wrapper for daemons that live under inetd. It will do
|
||||
an ident lookup and log the result, handing off the file descriptor
|
||||
to the real daemon first.
|
2
security/identify/pkg-plist
Normal file
2
security/identify/pkg-plist
Normal file
@ -0,0 +1,2 @@
|
||||
libexec/identify
|
||||
share/doc/identify/README
|
Loading…
Reference in New Issue
Block a user