mirror of
https://github.com/gophernicus/gophernicus.git
synced 2024-12-04 14:46:37 -05:00
Added optional support for TCP wrappers
This commit is contained in:
parent
a064e01979
commit
04bbad7e28
20
INSTALL
20
INSTALL
@ -27,6 +27,23 @@ hostname (the one set with -h <hostname>) directory available
|
||||
(mkdir /var/gopher/$HOSTNAME).
|
||||
|
||||
|
||||
Compiling with TCP wrappers
|
||||
===========================
|
||||
|
||||
Gophernicus uses no extra libraries... well... except libwrap
|
||||
(TCP wrappers) if it is installed with headers in default Unix
|
||||
directories at the time of compiling. If you have the headers
|
||||
installed and don't want wrapper support, run 'make generic'
|
||||
instead of just 'make', and if you have wrappers installed in
|
||||
non-standard place and want to force compile with wrappers
|
||||
just run 'make withwrap'.
|
||||
|
||||
For configuring IP access lists with TCP wrappers, take a look
|
||||
at the files /etc/hosts.allow and /etc/hosts.deny (because the
|
||||
manual pages suck). Use the daemon name 'in.gophernicus' to
|
||||
make your access lists.
|
||||
|
||||
|
||||
Running with traditional inetd superserver
|
||||
==========================================
|
||||
|
||||
@ -49,6 +66,9 @@ of "sudo make install" you should just install the deb with
|
||||
"dpkg -i ../gophernicus_*.deb" after which It Should Just
|
||||
Work(tm).
|
||||
|
||||
If you need TCP wrappers support on Debian/Ubuntu, please
|
||||
install libwrap0-dev before compiling.
|
||||
|
||||
|
||||
Cross-compiling
|
||||
===============
|
||||
|
14
Makefile
14
Makefile
@ -52,19 +52,25 @@ IPCRM = /usr/bin/ipcrm
|
||||
#
|
||||
all:
|
||||
@case `uname` in \
|
||||
Darwin) $(MAKE) ROOT="$(OSXROOT)" DESTDIR="$(OSXDEST)" $(BINARY); ;; \
|
||||
Haiku) $(MAKE) EXTRA_LDFLAGS="-lnetwork" $(BINARY); ;; \
|
||||
*) $(MAKE) $(BINARY); ;; \
|
||||
Darwin) $(MAKE) ROOT="$(OSXROOT)" DESTDIR="$(OSXDEST)" $(BINARY); ;; \
|
||||
Haiku) $(MAKE) EXTRA_LDFLAGS="-lnetwork" $(BINARY); ;; \
|
||||
*) if [ -f "/usr/include/tcpd.h" ]; then $(MAKE) withwrap; else $(MAKE) $(BINARY); fi; ;; \
|
||||
esac
|
||||
|
||||
generic: $(BINARY)
|
||||
|
||||
withwrap:
|
||||
$(MAKE) EXTRA_CFLAGS="-DHAVE_LIBWRAP" EXTRA_LDFLAGS="-lwrap" $(BINARY)
|
||||
|
||||
|
||||
#
|
||||
# Special targets
|
||||
#
|
||||
deb: ChangeLog
|
||||
dpkg-buildpackage -rfakeroot -uc -us
|
||||
@echo
|
||||
@echo "Debian package building can haz borken, plz wait some moar..."
|
||||
@echo
|
||||
@#dpkg-buildpackage -rfakeroot -uc -us
|
||||
|
||||
ChangeLog:
|
||||
if [ -d .git ]; then \
|
||||
|
@ -329,7 +329,7 @@ char *get_local_address(void)
|
||||
#endif
|
||||
|
||||
/* Nothing works... I'm out of ideas */
|
||||
return DEFAULT_ADDR;
|
||||
return UNKNOWN_ADDR;
|
||||
}
|
||||
|
||||
|
||||
@ -374,7 +374,7 @@ char *get_peer_address(void)
|
||||
#endif
|
||||
|
||||
/* Nothing works... I'm out of ideas */
|
||||
return DEFAULT_ADDR;
|
||||
return UNKNOWN_ADDR;
|
||||
}
|
||||
|
||||
|
||||
@ -498,6 +498,13 @@ int main(int argc, char *argv[])
|
||||
/* Open syslog() */
|
||||
if (st.opt_syslog) openlog(self, LOG_PID, LOG_DAEMON);
|
||||
|
||||
/* Check if TCP wrappers have something to say about this connection */
|
||||
#ifdef HAVE_LIBWRAP
|
||||
if (sstrncmp(st.req_remote_addr, UNKNOWN_ADDR) != MATCH &&
|
||||
hosts_ctl(self, STRING_UNKNOWN, st.req_remote_addr, STRING_UNKNOWN) == WRAP_DENIED)
|
||||
die(&st, ERR_ACCESS, "Refused connection");
|
||||
#endif
|
||||
|
||||
/* Make sure the computer is turned on */
|
||||
#ifdef __HAIKU__
|
||||
if (is_computer_on() != TRUE)
|
||||
|
@ -48,6 +48,7 @@
|
||||
#define HAVE_POPEN /* popen() */
|
||||
#undef HAVE_STRLCPY /* strlcpy() from OpenBSD */
|
||||
#undef HAVE_SENDFILE /* sendfile() in Linux & others */
|
||||
/* #undef HAVE_LIBWRAP autodetected, don't enable here */
|
||||
|
||||
/* Linux */
|
||||
#ifdef __linux
|
||||
@ -130,6 +131,10 @@ size_t strlcpy(char *dst, const char *src, size_t siz);
|
||||
size_t strlcat(char *dst, const char *src, size_t siz);
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_LIBWRAP
|
||||
#include <tcpd.h>
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Compile-time configuration
|
||||
*/
|
||||
@ -148,6 +153,8 @@ size_t strlcat(char *dst, const char *src, size_t siz);
|
||||
#define ERROR -1
|
||||
|
||||
#define MATCH 0
|
||||
#define WRAP_DENIED 0
|
||||
|
||||
|
||||
/* Gopher filetypes */
|
||||
#define TYPE_TEXT '0'
|
||||
@ -188,11 +195,11 @@ size_t strlcat(char *dst, const char *src, size_t siz);
|
||||
#define DEFAULT_TAG "gophertag"
|
||||
#define DEFAULT_CGI "/cgi-bin/"
|
||||
#define DEFAULT_USERDIR "public_gopher"
|
||||
#define DEFAULT_ADDR "unknown"
|
||||
#define DEFAULT_WIDTH 76
|
||||
#define DEFAULT_CHARSET US_ASCII
|
||||
#define MIN_WIDTH 33
|
||||
#define MAX_WIDTH 200
|
||||
#define UNKNOWN_ADDR "unknown"
|
||||
|
||||
/* Session defaults */
|
||||
#define DEFAULT_SESSION_TIMEOUT 1800
|
||||
|
Loading…
Reference in New Issue
Block a user