diff options
Diffstat (limited to 'meta/recipes-extended/tcp-wrappers/tcp-wrappers-7.6/05_wildcard_matching.patch')
-rw-r--r-- | meta/recipes-extended/tcp-wrappers/tcp-wrappers-7.6/05_wildcard_matching.patch | 103 |
1 files changed, 103 insertions, 0 deletions
diff --git a/meta/recipes-extended/tcp-wrappers/tcp-wrappers-7.6/05_wildcard_matching.patch b/meta/recipes-extended/tcp-wrappers/tcp-wrappers-7.6/05_wildcard_matching.patch new file mode 100644 index 0000000000..a168f6d5a5 --- /dev/null +++ b/meta/recipes-extended/tcp-wrappers/tcp-wrappers-7.6/05_wildcard_matching.patch | |||
@@ -0,0 +1,103 @@ | |||
1 | See https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=17847 | ||
2 | |||
3 | diff -ruN tcp_wrappers_7.6.orig/hosts_access.5 tcp_wrappers_7.6/hosts_access.5 | ||
4 | --- tcp_wrappers_7.6.orig/hosts_access.5 2004-04-10 18:54:33.000000000 +0200 | ||
5 | +++ tcp_wrappers_7.6/hosts_access.5 2004-04-10 18:54:27.000000000 +0200 | ||
6 | @@ -89,6 +89,10 @@ | ||
7 | bitwise AND of the address and the `mask\'. For example, the net/mask | ||
8 | pattern `131.155.72.0/255.255.254.0\' matches every address in the | ||
9 | range `131.155.72.0\' through `131.155.73.255\'. | ||
10 | +.IP \(bu | ||
11 | +Wildcards `*\' and `?\' can be used to match hostnames or IP addresses. This | ||
12 | +method of matching cannot be used in conjunction with `net/mask\' matching, | ||
13 | +hostname matching beginning with `.\' or IP address matching ending with `.\'. | ||
14 | .SH WILDCARDS | ||
15 | The access control language supports explicit wildcards: | ||
16 | .IP ALL | ||
17 | diff -ruN tcp_wrappers_7.6.orig/hosts_access.c tcp_wrappers_7.6/hosts_access.c | ||
18 | --- tcp_wrappers_7.6.orig/hosts_access.c 1997-02-12 02:13:23.000000000 +0100 | ||
19 | +++ tcp_wrappers_7.6/hosts_access.c 2004-04-10 18:52:21.000000000 +0200 | ||
20 | @@ -289,6 +289,11 @@ | ||
21 | { | ||
22 | int n; | ||
23 | |||
24 | +#ifndef DISABLE_WILDCARD_MATCHING | ||
25 | + if (strchr(tok, '*') || strchr(tok,'?')) { /* contains '*' or '?' */ | ||
26 | + return (match_pattern_ylo(string,tok)); | ||
27 | + } else | ||
28 | +#endif | ||
29 | if (tok[0] == '.') { /* suffix */ | ||
30 | n = strlen(string) - strlen(tok); | ||
31 | return (n > 0 && STR_EQ(tok, string + n)); | ||
32 | @@ -329,3 +334,71 @@ | ||
33 | } | ||
34 | return ((addr & mask) == net); | ||
35 | } | ||
36 | + | ||
37 | +#ifndef DISABLE_WILDCARD_MATCHING | ||
38 | +/* Note: this feature has been adapted in a pretty straightforward way | ||
39 | + from Tatu Ylonen's last SSH version under free license by | ||
40 | + Pekka Savola <pekkas@netcore.fi>. | ||
41 | + | ||
42 | + Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | ||
43 | +*/ | ||
44 | + | ||
45 | +/* Returns true if the given string matches the pattern (which may contain | ||
46 | + ? and * as wildcards), and zero if it does not match. */ | ||
47 | + | ||
48 | +int match_pattern_ylo(const char *s, const char *pattern) | ||
49 | +{ | ||
50 | + while (1) | ||
51 | + { | ||
52 | + /* If at end of pattern, accept if also at end of string. */ | ||
53 | + if (!*pattern) | ||
54 | + return !*s; | ||
55 | + | ||
56 | + /* Process '*'. */ | ||
57 | + if (*pattern == '*') | ||
58 | + { | ||
59 | + /* Skip the asterisk. */ | ||
60 | + pattern++; | ||
61 | + | ||
62 | + /* If at end of pattern, accept immediately. */ | ||
63 | + if (!*pattern) | ||
64 | + return 1; | ||
65 | + | ||
66 | + /* If next character in pattern is known, optimize. */ | ||
67 | + if (*pattern != '?' && *pattern != '*') | ||
68 | + { | ||
69 | + /* Look instances of the next character in pattern, and try | ||
70 | + to match starting from those. */ | ||
71 | + for (; *s; s++) | ||
72 | + if (*s == *pattern && | ||
73 | + match_pattern_ylo(s + 1, pattern + 1)) | ||
74 | + return 1; | ||
75 | + /* Failed. */ | ||
76 | + return 0; | ||
77 | + } | ||
78 | + | ||
79 | + /* Move ahead one character at a time and try to match at each | ||
80 | + position. */ | ||
81 | + for (; *s; s++) | ||
82 | + if (match_pattern_ylo(s, pattern)) | ||
83 | + return 1; | ||
84 | + /* Failed. */ | ||
85 | + return 0; | ||
86 | + } | ||
87 | + | ||
88 | + /* There must be at least one more character in the string. If we are | ||
89 | + at the end, fail. */ | ||
90 | + if (!*s) | ||
91 | + return 0; | ||
92 | + | ||
93 | + /* Check if the next character of the string is acceptable. */ | ||
94 | + if (*pattern != '?' && *pattern != *s) | ||
95 | + return 0; | ||
96 | + | ||
97 | + /* Move to the next character, both in string and in pattern. */ | ||
98 | + s++; | ||
99 | + pattern++; | ||
100 | + } | ||
101 | + /*NOTREACHED*/ | ||
102 | +} | ||
103 | +#endif /* DISABLE_WILDCARD_MATCHING */ | ||