diff options
| author | Lennart Poettering <lennart@poettering.net> | 2010-06-16 15:41:29 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2010-06-16 15:41:29 +0200 |
| commit | 0213c3f8102bdc934c629d11a44ca0b408762287 (patch) | |
| tree | 743fcd1210de5bf35a271b64d5103487fc5f7ad4 /src/tcpwrap.c | |
| parent | 18c78fb1af5415bb6f87d9c7cae1f9c60e14ae24 (diff) | |
socket: add optional libwrap support
Diffstat (limited to 'src/tcpwrap.c')
| -rw-r--r-- | src/tcpwrap.c | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/src/tcpwrap.c b/src/tcpwrap.c new file mode 100644 index 0000000000..579aad56e9 --- /dev/null +++ b/src/tcpwrap.c @@ -0,0 +1,66 @@ +/*-*- Mode: C; c-basic-offset: 8 -*-*/ + +/*** + This file is part of systemd. + + Copyright 2010 Lennart Poettering + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <sys/socket.h> +#include <sys/un.h> + +#ifdef HAVE_LIBWRAP +#include <tcpd.h> +#endif + +#include "tcpwrap.h" +#include "log.h" + +bool socket_tcpwrap(int fd, const char *name) { +#ifdef HAVE_LIBWRAP + struct request_info req; + union { + struct sockaddr sa; + struct sockaddr_in in; + struct sockaddr_in6 in6; + struct sockaddr_un un; + struct sockaddr_storage storage; + } sa_union; + socklen_t l = sizeof(sa_union); + + if (getsockname(fd, &sa_union.sa, &l) < 0) + return true; + + if (sa_union.sa.sa_family != AF_INET && + sa_union.sa.sa_family != AF_INET6) + return true; + + request_init(&req, + RQ_DAEMON, name, + RQ_FILE, fd, + NULL); + + fromhost(&req); + + if (!hosts_access(&req)) { + log_warning("Connection refused by tcpwrap."); + return false; + } + + log_debug("Connection accepted by tcpwrap."); +#endif + return true; +} |