diff options
author | Nick Sayer <nsayer@FreeBSD.org> | 1999-04-02 19:07:30 +0000 |
---|---|---|
committer | Nick Sayer <nsayer@FreeBSD.org> | 1999-04-02 19:07:30 +0000 |
commit | fb4a5e4afa110cf37e1a25d9b3a65a58c39ee029 (patch) | |
tree | e07875ca6e83250e0df6244ab211925cab536c43 /security/identify | |
parent | 53b6f388ef2955b697592514ecc1e47a9353490e (diff) | |
download | ports-fb4a5e4afa110cf37e1a25d9b3a65a58c39ee029.tar.gz ports-fb4a5e4afa110cf37e1a25d9b3a65a58c39ee029.zip |
Add "identify" daemon wrapper. Allows one to add ident lookup and logging
to arbitrary daemons (like telnetd or fingerd).
Notes
Notes:
svn path=/head/; revision=17563
Diffstat (limited to 'security/identify')
-rw-r--r-- | security/identify/Makefile | 17 | ||||
-rw-r--r-- | security/identify/distinfo | 1 | ||||
-rw-r--r-- | security/identify/files/patch-aa | 16 | ||||
-rw-r--r-- | security/identify/files/patch-ab | 132 | ||||
-rw-r--r-- | security/identify/pkg-comment | 1 | ||||
-rw-r--r-- | security/identify/pkg-descr | 3 | ||||
-rw-r--r-- | security/identify/pkg-plist | 2 |
7 files changed, 172 insertions, 0 deletions
diff --git a/security/identify/Makefile b/security/identify/Makefile new file mode 100644 index 000000000000..99f262cf16a9 --- /dev/null +++ b/security/identify/Makefile @@ -0,0 +1,17 @@ +# New ports collection makefile for: identify +# Version required: 0.7 +# Date created: 13 March 1999 +# Whom: nsayer@quack.kfu.com +# +# $Id:$ +# + +DISTNAME= identify-0.7 +CATEGORIES= devel net security +MASTER_SITES= ftp://ftp.lysator.liu.se/pub/ident/tools/ + +MAINTAINER= nsayer@quack.kfu.com + +BUILD_DEPEND= ${PORTSDIR}/security/libident + +.include <bsd.port.mk> diff --git a/security/identify/distinfo b/security/identify/distinfo new file mode 100644 index 000000000000..6f8acddc9882 --- /dev/null +++ b/security/identify/distinfo @@ -0,0 +1 @@ +MD5 (identify-0.7.tar.gz) = d3a20abd96027e2d5ac2de0de842e9a1 diff --git a/security/identify/files/patch-aa b/security/identify/files/patch-aa new file mode 100644 index 000000000000..7338d0a1fa8d --- /dev/null +++ b/security/identify/files/patch-aa @@ -0,0 +1,16 @@ +--- Makefile.orig Mon Jul 20 09:01:27 1992 ++++ Makefile Fri Apr 2 10:50:40 1999 +@@ -1,2 +1,11 @@ +-identify: identify.c +- $(CC) -o identify identify.c -lauthuser ++ ++CFLAGS+= -I/usr/local/include -L/usr/local/lib ++ ++all: identify ++ ++install: identify ++ install identify ${PREFIX}/libexec ++ install README ${PREFIX}/share/doc/identify ++ ++identify: identify.o ++ $(CC) $(CFLAGS) -o identify identify.o -lident diff --git a/security/identify/files/patch-ab b/security/identify/files/patch-ab new file mode 100644 index 000000000000..bd6878e20238 --- /dev/null +++ b/security/identify/files/patch-ab @@ -0,0 +1,132 @@ +--- identify.c.orig Tue Feb 2 01:51:57 1993 ++++ identify.c Fri Apr 2 10:57:28 1999 +@@ -11,7 +11,7 @@ + #include <stdio.h> + #include <signal.h> + #include <syslog.h> +-#include <authuser.h> ++#include <ident.h> + #include <netdb.h> + #include <sys/types.h> + #include <netinet/in.h> +@@ -33,57 +33,43 @@ + int noidentify = 0; + int bits = 0; + int reject_flag = 0; +-unsigned long inlocal; +-unsigned long inremote; ++struct in_addr inlocal; ++struct in_addr inremote; + int timeout = 120; +-int rtimeout = 30; +- +-static char *host_address(ad) +- unsigned long ad; +-{ +- int a, b, c, d; +- static char addr[20]; +- +- d = ad % 256; +- ad /= 256; +- c = ad % 256; +- ad /= 256; +- b = ad % 256; +- a = ad / 256; +- sprintf(addr, "%d.%d.%d.%d", a, b, c, d); +- +- return addr; +-} +- + + char *ident_get_identifier(fd, host, len) + int fd; + char *host; + int len; + { +- unsigned short local; +- unsigned short remote; +- ++ struct sockaddr_in sa; ++ int l; + +- if (auth_fd2(fd, &inlocal, &inremote, +- &local, &remote) == -1) ++ l=sizeof(sa); ++ if (getsockname(fd,(struct sockaddr *)&sa,&l)<0) + { + if (debug) +- perror("auth_fd2"); +- ++ perror("getsockname()"); + return NULL; + } ++ inlocal=sa.sin_addr; ++ if (getpeername(fd,(struct sockaddr *)&sa,&l)<0) ++ { ++ if (debug) ++ perror("getpeername()"); ++ return NULL; ++ } ++ inremote=sa.sin_addr; + + if (host) + { + struct hostent *hp; + +- +- hp = gethostbyaddr(&inremote,sizeof(struct in_addr),AF_INET); ++ hp = gethostbyaddr((const char *)&inremote,sizeof(struct in_addr),AF_INET); + if (hp) + strncpy(host, hp->h_name, len); + else +- strncpy(host, host_address(inremote), len); ++ strncpy(host, inet_ntoa(inremote), len); + + host[len] = '\0'; + } +@@ -91,16 +77,7 @@ + if (noidentify) + return NULL; + else +- if (timeout) +- { +- if (rtimeout) +- return auth_tcpuser4(inlocal, inremote, local, remote, timeout, +- rtimeout); +- else +- return auth_tcpuser3(inlocal, inremote, local, remote, timeout); +- } +- else +- return auth_tcpuser2(inlocal, inremote, local, remote); ++ return ident_id(fd,timeout); + } + + +@@ -128,10 +105,6 @@ + timeout = atoi(argv[i]+2); + break; + +- case 'T': +- rtimeout = atoi(argv[i]+2); +- break; +- + case 'R': + if (!argv[i][2]) + reject_flag = 1; +@@ -241,13 +214,13 @@ + } + } + +- if ((bits && (inremote >> bits != inlocal >> bits)) || ++ if ((bits && (htonl(inremote.s_addr) >> bits != htonl(inlocal.s_addr) >> bits)) || + (reject_flag && !id)) + { + if (id) +- syslog(priority, "Rejecting from %s@%s", id, host_address(inremote)); ++ syslog(priority, "Rejecting from %s@%s", id, inet_ntoa(inremote)); + else +- syslog(priority, "Rejecting from %s", host_address(inremote)); ++ syslog(priority, "Rejecting from %s", inet_ntoa(inremote)); + exit(1); + } + diff --git a/security/identify/pkg-comment b/security/identify/pkg-comment new file mode 100644 index 000000000000..cf38e474c8ae --- /dev/null +++ b/security/identify/pkg-comment @@ -0,0 +1 @@ +Client side ident protocol daemon wrapper diff --git a/security/identify/pkg-descr b/security/identify/pkg-descr new file mode 100644 index 000000000000..488fd7499d0b --- /dev/null +++ b/security/identify/pkg-descr @@ -0,0 +1,3 @@ +This is a wrapper for daemons that live under inetd. It will do +an ident lookup and log the result, handing off the file descriptor +to the real daemon first. diff --git a/security/identify/pkg-plist b/security/identify/pkg-plist new file mode 100644 index 000000000000..706f6eb75a25 --- /dev/null +++ b/security/identify/pkg-plist @@ -0,0 +1,2 @@ +libexec/identify +share/doc/identify/README |