1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-25 04:43:33 +00:00

Add "identify" daemon wrapper. Allows one to add ident lookup and logging

to arbitrary daemons (like telnetd or fingerd).
This commit is contained in:
Nick Sayer 1999-04-02 19:07:30 +00:00
parent 53b6f388ef
commit fb4a5e4afa
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=17563
7 changed files with 172 additions and 0 deletions

View File

@ -0,0 +1,17 @@
# New ports collection makefile for: identify
# Version required: 0.7
# Date created: 13 March 1999
# Whom: nsayer@quack.kfu.com
#
# $Id:$
#
DISTNAME= identify-0.7
CATEGORIES= devel net security
MASTER_SITES= ftp://ftp.lysator.liu.se/pub/ident/tools/
MAINTAINER= nsayer@quack.kfu.com
BUILD_DEPEND= ${PORTSDIR}/security/libident
.include <bsd.port.mk>

View File

@ -0,0 +1 @@
MD5 (identify-0.7.tar.gz) = d3a20abd96027e2d5ac2de0de842e9a1

View File

@ -0,0 +1,16 @@
--- Makefile.orig Mon Jul 20 09:01:27 1992
+++ Makefile Fri Apr 2 10:50:40 1999
@@ -1,2 +1,11 @@
-identify: identify.c
- $(CC) -o identify identify.c -lauthuser
+
+CFLAGS+= -I/usr/local/include -L/usr/local/lib
+
+all: identify
+
+install: identify
+ install identify ${PREFIX}/libexec
+ install README ${PREFIX}/share/doc/identify
+
+identify: identify.o
+ $(CC) $(CFLAGS) -o identify identify.o -lident

View File

@ -0,0 +1,132 @@
--- identify.c.orig Tue Feb 2 01:51:57 1993
+++ identify.c Fri Apr 2 10:57:28 1999
@@ -11,7 +11,7 @@
#include <stdio.h>
#include <signal.h>
#include <syslog.h>
-#include <authuser.h>
+#include <ident.h>
#include <netdb.h>
#include <sys/types.h>
#include <netinet/in.h>
@@ -33,57 +33,43 @@
int noidentify = 0;
int bits = 0;
int reject_flag = 0;
-unsigned long inlocal;
-unsigned long inremote;
+struct in_addr inlocal;
+struct in_addr inremote;
int timeout = 120;
-int rtimeout = 30;
-
-static char *host_address(ad)
- unsigned long ad;
-{
- int a, b, c, d;
- static char addr[20];
-
- d = ad % 256;
- ad /= 256;
- c = ad % 256;
- ad /= 256;
- b = ad % 256;
- a = ad / 256;
- sprintf(addr, "%d.%d.%d.%d", a, b, c, d);
-
- return addr;
-}
-
char *ident_get_identifier(fd, host, len)
int fd;
char *host;
int len;
{
- unsigned short local;
- unsigned short remote;
-
+ struct sockaddr_in sa;
+ int l;
- if (auth_fd2(fd, &inlocal, &inremote,
- &local, &remote) == -1)
+ l=sizeof(sa);
+ if (getsockname(fd,(struct sockaddr *)&sa,&l)<0)
{
if (debug)
- perror("auth_fd2");
-
+ perror("getsockname()");
return NULL;
}
+ inlocal=sa.sin_addr;
+ if (getpeername(fd,(struct sockaddr *)&sa,&l)<0)
+ {
+ if (debug)
+ perror("getpeername()");
+ return NULL;
+ }
+ inremote=sa.sin_addr;
if (host)
{
struct hostent *hp;
-
- hp = gethostbyaddr(&inremote,sizeof(struct in_addr),AF_INET);
+ hp = gethostbyaddr((const char *)&inremote,sizeof(struct in_addr),AF_INET);
if (hp)
strncpy(host, hp->h_name, len);
else
- strncpy(host, host_address(inremote), len);
+ strncpy(host, inet_ntoa(inremote), len);
host[len] = '\0';
}
@@ -91,16 +77,7 @@
if (noidentify)
return NULL;
else
- if (timeout)
- {
- if (rtimeout)
- return auth_tcpuser4(inlocal, inremote, local, remote, timeout,
- rtimeout);
- else
- return auth_tcpuser3(inlocal, inremote, local, remote, timeout);
- }
- else
- return auth_tcpuser2(inlocal, inremote, local, remote);
+ return ident_id(fd,timeout);
}
@@ -128,10 +105,6 @@
timeout = atoi(argv[i]+2);
break;
- case 'T':
- rtimeout = atoi(argv[i]+2);
- break;
-
case 'R':
if (!argv[i][2])
reject_flag = 1;
@@ -241,13 +214,13 @@
}
}
- if ((bits && (inremote >> bits != inlocal >> bits)) ||
+ if ((bits && (htonl(inremote.s_addr) >> bits != htonl(inlocal.s_addr) >> bits)) ||
(reject_flag && !id))
{
if (id)
- syslog(priority, "Rejecting from %s@%s", id, host_address(inremote));
+ syslog(priority, "Rejecting from %s@%s", id, inet_ntoa(inremote));
else
- syslog(priority, "Rejecting from %s", host_address(inremote));
+ syslog(priority, "Rejecting from %s", inet_ntoa(inremote));
exit(1);
}

View File

@ -0,0 +1 @@
Client side ident protocol daemon wrapper

View File

@ -0,0 +1,3 @@
This is a wrapper for daemons that live under inetd. It will do
an ident lookup and log the result, handing off the file descriptor
to the real daemon first.

View File

@ -0,0 +1,2 @@
libexec/identify
share/doc/identify/README