From john@sentinel.pakprotector.com  Wed Jan 10 04:12:34 2001
Return-Path: <john@sentinel.pakprotector.com>
Received: from nhj.nlc.net.au (nhj.nlc.net.au [203.24.133.1])
	by hub.freebsd.org (Postfix) with SMTP id 868F237B400
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 10 Jan 2001 04:12:33 -0800 (PST)
Received: (qmail 20718 invoked from network); 10 Jan 2001 23:12:31 +1100
Received: from pacer.nlc.net.au (HELO sentinel.pakprotector.com) (203.24.133.16)
  by hub.freebsd.org with SMTP; 10 Jan 2001 23:12:31 +1100
Received: (from john@localhost)
	by sentinel.pakprotector.com (8.11.1/8.11.1) id f0ACCLp11358;
	Wed, 10 Jan 2001 23:12:21 +1100 (EST)
	(envelope-from john)
Message-Id: <200101101212.f0ACCLp11358@sentinel.pakprotector.com>
Date: Wed, 10 Jan 2001 23:12:21 +1100 (EST)
From: john@pakprotector.com
Reply-To: john@pakprotector.com
To: FreeBSD-gnats-submit@freebsd.org
Subject: Tcp_wrappers is missing some syslog facility names.
X-Send-Pr-Version: 3.2

>Number:         24218
>Category:       bin
>Synopsis:       Tcp_wrappers is missing some syslog facility names.
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    dwmalone
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jan 10 04:20:01 PST 2001
>Closed-Date:    Mon Mar 5 05:06:48 PST 2001
>Last-Modified:  Mon Mar 05 05:07:10 PST 2001
>Originator:     John Saunders
>Release:        FreeBSD 4.2-STABLE i386
>Organization:
NORTHLINK COMMUNICATIONS
>Environment:

FreeBSD sentinel.pakprotector.com 4.2-STABLE FreeBSD 4.2-STABLE #0: Wed Jan  3 00:13:09 EST 2001     root@pacer.pakprotector.com:/usr/obj/usr/src/sys/SENTINEL  i386

>Description:

The include file /usr/include/syslog.h defines all of the
supported syslog facilities and severity. The tcp_wrappers
package which is linked into inetd (and probably others)
contains textual strings to represent the facilities and
severities for use in the "severity [facility.]severity"
option in /etc/hosts.allow.

However the file /usr/src/contrib/tcp_wrappers/options.c,
which contains these strings, is missing a number of them.
This prevents full control over where tcp_wrapper syslog
messages are sent.

>How-To-Repeat:

N/A.

>Fix:

--- options.c.orig	Wed Jan 10 23:08:07 2001
+++ options.c	Wed Jan 10 23:10:59 2001
@@ -473,6 +473,18 @@
 #ifdef LOG_CRON
     "cron", LOG_CRON,
 #endif
+#ifdef LOG_AUTHPRIV
+    "authpriv", LOG_AUTHPRIV,
+#endif
+#ifdef LOG_FTP
+    "ftp", LOG_FTP,
+#endif
+#ifdef LOG_NTP
+    "ntp", LOG_NTP,
+#endif
+#ifdef LOG_SECURITY
+    "security", LOG_SECURITY,
+#endif
 #ifdef LOG_LOCAL0
     "local0", LOG_LOCAL0,
 #endif


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->dwmalone 
Responsible-Changed-By: dwmalone 
Responsible-Changed-When: Wed Jan 10 04:21:31 PST 2001 
Responsible-Changed-Why:  
I'll have a look at this one. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=24218 

From: David Malone <dwmalone@maths.tcd.ie>
To: john@pakprotector.com
Cc: FreeBSD-gnats-submit@freebsd.org, markm@freebsd.org
Subject: Re: bin/24218: Tcp_wrappers is missing some syslog facility names.
Date: Sat, 13 Jan 2001 01:22:34 +0000

 On Wed, Jan 10, 2001 at 11:12:21PM +1100, john@pakprotector.com wrote:
 
 > >Synopsis:       Tcp_wrappers is missing some syslog facility names.
 
 It turns out that syslog.h provides a magic way of doing this, if
 you define SYSLOG_NAMES. This magic is already used by natd, syslogd
 and logger.
 
 The patch needed to make tcp wrappers use this magic seems remarkably 
 simple and would mean that we don't need to make any changes to
 the tcp wrappers code to keep up in future.
 
 I wonder if Mark could review the change? The only disadvantage I
 can see is that it takes the code off the vendor branch - but we'd
 have to do that anyway to provide access to the new syslog facility
 names.
 
         David.
 
 
 Index: options.c
 ===================================================================
 RCS file: /cvs/FreeBSD-CVS/src/contrib/tcp_wrappers/options.c,v
 retrieving revision 1.1.1.1
 diff -u -r1.1.1.1 options.c
 --- options.c	1999/03/14 17:13:19	1.1.1.1
 +++ options.c	2001/01/13 01:12:02
 @@ -41,6 +41,7 @@
  #include <netinet/in.h>
  #include <netdb.h>
  #include <stdio.h>
 +#define SYSLOG_NAMES
  #include <syslog.h>
  #include <pwd.h>
  #include <grp.h>
 @@ -435,110 +436,17 @@
  	tcpd_jump("memory allocation failure");
  }
  
 - /*
 -  * The severity option goes last because it comes with a huge amount of ugly
 -  * #ifdefs and tables.
 -  */
 -
 -struct syslog_names {
 -    char   *name;
 -    int     value;
 -};
 -
 -static struct syslog_names log_fac[] = {
 -#ifdef LOG_KERN
 -    "kern", LOG_KERN,
 -#endif
 -#ifdef LOG_USER
 -    "user", LOG_USER,
 -#endif
 -#ifdef LOG_MAIL
 -    "mail", LOG_MAIL,
 -#endif
 -#ifdef LOG_DAEMON
 -    "daemon", LOG_DAEMON,
 -#endif
 -#ifdef LOG_AUTH
 -    "auth", LOG_AUTH,
 -#endif
 -#ifdef LOG_LPR
 -    "lpr", LOG_LPR,
 -#endif
 -#ifdef LOG_NEWS
 -    "news", LOG_NEWS,
 -#endif
 -#ifdef LOG_UUCP
 -    "uucp", LOG_UUCP,
 -#endif
 -#ifdef LOG_CRON
 -    "cron", LOG_CRON,
 -#endif
 -#ifdef LOG_LOCAL0
 -    "local0", LOG_LOCAL0,
 -#endif
 -#ifdef LOG_LOCAL1
 -    "local1", LOG_LOCAL1,
 -#endif
 -#ifdef LOG_LOCAL2
 -    "local2", LOG_LOCAL2,
 -#endif
 -#ifdef LOG_LOCAL3
 -    "local3", LOG_LOCAL3,
 -#endif
 -#ifdef LOG_LOCAL4
 -    "local4", LOG_LOCAL4,
 -#endif
 -#ifdef LOG_LOCAL5
 -    "local5", LOG_LOCAL5,
 -#endif
 -#ifdef LOG_LOCAL6
 -    "local6", LOG_LOCAL6,
 -#endif
 -#ifdef LOG_LOCAL7
 -    "local7", LOG_LOCAL7,
 -#endif
 -    0,
 -};
 -
 -static struct syslog_names log_sev[] = {
 -#ifdef LOG_EMERG
 -    "emerg", LOG_EMERG,
 -#endif
 -#ifdef LOG_ALERT
 -    "alert", LOG_ALERT,
 -#endif
 -#ifdef LOG_CRIT
 -    "crit", LOG_CRIT,
 -#endif
 -#ifdef LOG_ERR
 -    "err", LOG_ERR,
 -#endif
 -#ifdef LOG_WARNING
 -    "warning", LOG_WARNING,
 -#endif
 -#ifdef LOG_NOTICE
 -    "notice", LOG_NOTICE,
 -#endif
 -#ifdef LOG_INFO
 -    "info", LOG_INFO,
 -#endif
 -#ifdef LOG_DEBUG
 -    "debug", LOG_DEBUG,
 -#endif
 -    0,
 -};
 -
  /* severity_map - lookup facility or severity value */
  
  static int severity_map(table, name)
 -struct syslog_names *table;
 +CODE   *table;
  char   *name;
  {
 -    struct syslog_names *t;
 +    CODE *t;
  
 -    for (t = table; t->name; t++)
 -	if (STR_EQ(t->name, name))
 -	    return (t->value);
 +    for (t = table; t->c_name; t++)
 +	if (STR_EQ(t->c_name, name))
 +	    return (t->c_val);
      tcpd_jump("bad syslog facility or severity: \"%s\"", name);
      /* NOTREACHED */
  }
 @@ -554,8 +462,8 @@
      char   *level = split_at(value, '.');
  
      allow_severity = deny_severity = level ?
 -	severity_map(log_fac, value) | severity_map(log_sev, level) :
 -	severity_map(log_sev, value);
 +	severity_map(facilitynames, value) | severity_map(prioritynames, level)
 +	: severity_map(prioritynames, value);
  }
  
  /* get_field - return pointer to next field in string */
 

From: Mark Murray <mark@grondar.za>
To: David Malone <dwmalone@maths.tcd.ie>
Cc: john@pakprotector.com, FreeBSD-gnats-submit@freebsd.org,
	markm@freebsd.org
Subject: Re: bin/24218: Tcp_wrappers is missing some syslog facility names. 
Date: Sat, 13 Jan 2001 10:43:49 +0200

 > On Wed, Jan 10, 2001 at 11:12:21PM +1100, john@pakprotector.com wrote:
 > 
 > > >Synopsis:       Tcp_wrappers is missing some syslog facility names.
 > 
 > It turns out that syslog.h provides a magic way of doing this, if
 > you define SYSLOG_NAMES. This magic is already used by natd, syslogd
 > and logger.
 
 Cool! :-)
 
 > The patch needed to make tcp wrappers use this magic seems remarkably 
 > simple and would mean that we don't need to make any changes to
 > the tcp wrappers code to keep up in future.
 
 Is this "mainstream" TCP_Wrappers code? Will the next import of TCPW
 have it?
 
 > I wonder if Mark could review the change? The only disadvantage I
 > can see is that it takes the code off the vendor branch - but we'd
 > have to do that anyway to provide access to the new syslog facility
 > names.
 
 Looks good to me, by a quick eyeball check! Want me to take it further
 than that?
 
 If the code is not "mainstream", then it may be an idea to try to sell
 it to Wietse Venema, and get is back in the next vendor import.
 
 M
 
 > ===================================================================
 > RCS file: /cvs/FreeBSD-CVS/src/contrib/tcp_wrappers/options.c,v
 
 -- 
 Mark Murray
 Warning: this .sig is umop ap!sdn
 

From: David Malone <dwmalone@maths.tcd.ie>
To: Mark Murray <mark@grondar.za>
Cc: john@pakprotector.com, FreeBSD-gnats-submit@freebsd.org
Subject: Re: bin/24218: Tcp_wrappers is missing some syslog facility names. 
Date: Sat, 13 Jan 2001 11:58:42 +0000

 > Is this "mainstream" TCP_Wrappers code? Will the next import of TCPW
 > have it?
 
 Nope - Is Wietse working on a new version? The only update to the
 tcp wrappers I've seen in the last few years was the support for
 IPv6.
 
 > Looks good to me, by a quick eyeball check! Want me to take it further
 > than that?
 
 I'll do a buildworld with the patch, just to be careful.
 
 > If the code is not "mainstream", then it may be an idea to try to sell
 > it to Wietse Venema, and get is back in the next vendor import.
 
 Unfortunately, the syslog.h magic seems to be a BSDism (and by
 extension shows up in some Linux versions of syslog.h). It's doesn't
 seem to show up in AIX, Solaris or get mentioned in the SUSv2.  I
 guess Wietse wouldn't be interested as it's using a vendor specific
 feature he's unlikely to want to take it into the generic code
 base.
 
 	David.
 

From: Mark Murray <mark@grondar.za>
To: David Malone <dwmalone@maths.tcd.ie>
Cc: john@pakprotector.com, FreeBSD-gnats-submit@freebsd.org
Subject: Re: bin/24218: Tcp_wrappers is missing some syslog facility names. 
Date: Sat, 13 Jan 2001 14:09:37 +0200

 > > If the code is not "mainstream", then it may be an idea to try to sell
 > > it to Wietse Venema, and get is back in the next vendor import.
 > 
 > Unfortunately, the syslog.h magic seems to be a BSDism (and by
 > extension shows up in some Linux versions of syslog.h). It's doesn't
 > seem to show up in AIX, Solaris or get mentioned in the SUSv2.  I
 > guess Wietse wouldn't be interested as it's using a vendor specific
 > feature he's unlikely to want to take it into the generic code
 > base.
 
 No problem. As long as it is as clean as possible from a diff(1)
 point of view (it seems to be), then it should be OK! :-)
 
 M
 -- 
 Mark Murray
 Warning: this .sig is umop ap!sdn
 
State-Changed-From-To: open->closed 
State-Changed-By: dwmalone 
State-Changed-When: Mon Mar 5 05:06:48 PST 2001 
State-Changed-Why:  
Fixed in -current adn RELENG_4. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=24218 
>Unformatted:
