source: trunk/third/tcp_wrappers/tcpd.h @ 11717

Revision 11717, 7.7 KB checked in by danw, 26 years ago (diff)
This commit was generated by cvs2svn to compensate for changes in r11716, which included commits to RCS files with non-trunk default branches.
Line 
1 /*
2  * @(#) tcpd.h 1.5 96/03/19 16:22:24
3  *
4  * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
5  */
6
7/* Structure to describe one communications endpoint. */
8
9#define STRING_LENGTH   128             /* hosts, users, processes */
10
11struct host_info {
12    char    name[STRING_LENGTH];        /* access via eval_hostname(host) */
13    char    addr[STRING_LENGTH];        /* access via eval_hostaddr(host) */
14    struct sockaddr_in *sin;            /* socket address or 0 */
15    struct t_unitdata *unit;            /* TLI transport address or 0 */
16    struct request_info *request;       /* for shared information */
17};
18
19/* Structure to describe what we know about a service request. */
20
21struct request_info {
22    int     fd;                         /* socket handle */
23    char    user[STRING_LENGTH];        /* access via eval_user(request) */
24    char    daemon[STRING_LENGTH];      /* access via eval_daemon(request) */
25    char    pid[10];                    /* access via eval_pid(request) */
26    struct host_info client[1];         /* client endpoint info */
27    struct host_info server[1];         /* server endpoint info */
28    void  (*sink) ();                   /* datagram sink function or 0 */
29    void  (*hostname) ();               /* address to printable hostname */
30    void  (*hostaddr) ();               /* address to printable address */
31    void  (*cleanup) ();                /* cleanup function or 0 */
32    struct netconfig *config;           /* netdir handle */
33};
34
35/* Common string operations. Less clutter should be more readable. */
36
37#define STRN_CPY(d,s,l) { strncpy((d),(s),(l)); (d)[(l)-1] = 0; }
38
39#define STRN_EQ(x,y,l)  (strncasecmp((x),(y),(l)) == 0)
40#define STRN_NE(x,y,l)  (strncasecmp((x),(y),(l)) != 0)
41#define STR_EQ(x,y)     (strcasecmp((x),(y)) == 0)
42#define STR_NE(x,y)     (strcasecmp((x),(y)) != 0)
43
44 /*
45  * Initially, all above strings have the empty value. Information that
46  * cannot be determined at runtime is set to "unknown", so that we can
47  * distinguish between `unavailable' and `not yet looked up'. A hostname
48  * that we do not believe in is set to "paranoid".
49  */
50
51#define STRING_UNKNOWN  "unknown"       /* lookup failed */
52#define STRING_PARANOID "paranoid"      /* hostname conflict */
53
54extern char unknown[];
55extern char paranoid[];
56
57#define HOSTNAME_KNOWN(s) (STR_NE((s),unknown) && STR_NE((s),paranoid))
58
59#define NOT_INADDR(s) (s[strspn(s,"01234567890./")] != 0)
60
61/* Global functions. */
62
63#if defined(TLI) || defined(PTX) || defined(TLI_SEQUENT)
64extern void fromhost();                 /* get/validate client host info */
65#else
66#define fromhost sock_host              /* no TLI support needed */
67#endif
68
69extern int hosts_access();              /* access control */
70extern void shell_cmd();                /* execute shell command */
71extern char *percent_x();               /* do %<char> expansion */
72extern void rfc931();                   /* client name from RFC 931 daemon */
73extern void clean_exit();               /* clean up and exit */
74extern void refuse();                   /* clean up and exit */
75extern char *xgets();                   /* fgets() on steroids */
76extern char *split_at();                /* strchr() and split */
77extern unsigned long dot_quad_addr();   /* restricted inet_addr() */
78
79/* Global variables. */
80
81extern int allow_severity;              /* for connection logging */
82extern int deny_severity;               /* for connection logging */
83extern char *hosts_allow_table;         /* for verification mode redirection */
84extern char *hosts_deny_table;          /* for verification mode redirection */
85extern int hosts_access_verbose;        /* for verbose matching mode */
86extern int rfc931_timeout;              /* user lookup timeout */
87extern int resident;                    /* > 0 if resident process */
88
89 /*
90  * Routines for controlled initialization and update of request structure
91  * attributes. Each attribute has its own key.
92  */
93
94#ifdef __STDC__
95extern struct request_info *request_init(struct request_info *,...);
96extern struct request_info *request_set(struct request_info *,...);
97#else
98extern struct request_info *request_init();     /* initialize request */
99extern struct request_info *request_set();      /* update request structure */
100#endif
101
102#define RQ_FILE         1               /* file descriptor */
103#define RQ_DAEMON       2               /* server process (argv[0]) */
104#define RQ_USER         3               /* client user name */
105#define RQ_CLIENT_NAME  4               /* client host name */
106#define RQ_CLIENT_ADDR  5               /* client host address */
107#define RQ_CLIENT_SIN   6               /* client endpoint (internal) */
108#define RQ_SERVER_NAME  7               /* server host name */
109#define RQ_SERVER_ADDR  8               /* server host address */
110#define RQ_SERVER_SIN   9               /* server endpoint (internal) */
111
112 /*
113  * Routines for delayed evaluation of request attributes. Each attribute
114  * type has its own access method. The trivial ones are implemented by
115  * macros. The other ones are wrappers around the transport-specific host
116  * name, address, and client user lookup methods. The request_info and
117  * host_info structures serve as caches for the lookup results.
118  */
119
120extern char *eval_user();               /* client user */
121extern char *eval_hostname();           /* printable hostname */
122extern char *eval_hostaddr();           /* printable host address */
123extern char *eval_hostinfo();           /* host name or address */
124extern char *eval_client();             /* whatever is available */
125extern char *eval_server();             /* whatever is available */
126#define eval_daemon(r)  ((r)->daemon)   /* daemon process name */
127#define eval_pid(r)     ((r)->pid)      /* process id */
128
129/* Socket-specific methods, including DNS hostname lookups. */
130
131extern void sock_host();                /* look up endpoint addresses */
132extern void sock_hostname();            /* translate address to hostname */
133extern void sock_hostaddr();            /* address to printable address */
134#define sock_methods(r) \
135        { (r)->hostname = sock_hostname; (r)->hostaddr = sock_hostaddr; }
136
137/* The System V Transport-Level Interface (TLI) interface. */
138
139#if defined(TLI) || defined(PTX) || defined(TLI_SEQUENT)
140extern void tli_host();                 /* look up endpoint addresses etc. */
141#endif
142
143 /*
144  * Problem reporting interface. Additional file/line context is reported
145  * when available. The jump buffer (tcpd_buf) is not declared here, or
146  * everyone would have to include <setjmp.h>.
147  */
148
149#ifdef __STDC__
150extern void tcpd_warn(char *, ...);     /* report problem and proceed */
151extern void tcpd_jump(char *, ...);     /* report problem and jump */
152#else
153extern void tcpd_warn();
154extern void tcpd_jump();
155#endif
156
157struct tcpd_context {
158    char   *file;                       /* current file */
159    int     line;                       /* current line */
160};
161extern struct tcpd_context tcpd_context;
162
163 /*
164  * While processing access control rules, error conditions are handled by
165  * jumping back into the hosts_access() routine. This is cleaner than
166  * checking the return value of each and every silly little function. The
167  * (-1) returns are here because zero is already taken by longjmp().
168  */
169
170#define AC_PERMIT       1               /* permit access */
171#define AC_DENY         (-1)            /* deny_access */
172#define AC_ERROR        AC_DENY         /* XXX */
173
174 /*
175  * In verification mode an option function should just say what it would do,
176  * instead of really doing it. An option function that would not return
177  * should clear the dry_run flag to inform the caller of this unusual
178  * behavior.
179  */
180
181extern void process_options();          /* execute options */
182extern int dry_run;                     /* verification flag */
183
184/* Bug workarounds. */
185
186#ifdef INET_ADDR_BUG                    /* inet_addr() returns struct */
187#define inet_addr fix_inet_addr
188extern long fix_inet_addr();
189#endif
190
191#ifdef BROKEN_FGETS                     /* partial reads from sockets */
192#define fgets fix_fgets
193extern char *fix_fgets();
194#endif
195
196#ifdef RECVFROM_BUG                     /* no address family info */
197#define recvfrom fix_recvfrom
198extern int fix_recvfrom();
199#endif
200
201#ifdef GETPEERNAME_BUG                  /* claims success with UDP */
202#define getpeername fix_getpeername
203extern int fix_getpeername();
204#endif
205
206#ifdef SOLARIS_24_GETHOSTBYNAME_BUG     /* lists addresses as aliases */
207#define gethostbyname fix_gethostbyname
208extern struct hostent *fix_gethostbyname();
209#endif
210
211#ifdef USE_STRSEP                       /* libc calls strtok() */
212#define strtok  fix_strtok
213extern char *fix_strtok();
214#endif
215
216#ifdef LIBC_CALLS_STRTOK                /* libc calls strtok() */
217#define strtok  my_strtok
218extern char *my_strtok();
219#endif
Note: See TracBrowser for help on using the repository browser.