From 7a62818ffdfbdef76784acb8b2e90e7cc14333f0 Mon Sep 17 00:00:00 2001 From: Davide Camurri Date: Wed, 20 Jan 2010 21:04:07 +0100 Subject: client: optionally use libwrap --- Makefile.am | 2 ++ NEWS | 1 + configure.ac | 2 ++ m4/libwrap.m4 | 37 +++++++++++++++++++++++++++++++++++++ src/client_new.c | 30 ++++++++++++++++++++++++++++++ 5 files changed, 72 insertions(+) create mode 100644 m4/libwrap.m4 diff --git a/Makefile.am b/Makefile.am index 1197483e9..539d583ff 100644 --- a/Makefile.am +++ b/Makefile.am @@ -9,6 +9,7 @@ bin_PROGRAMS = src/mpd src_mpd_CFLAGS = $(AM_CFLAGS) $(MPD_CFLAGS) src_mpd_CPPFLAGS = $(AM_CPPFLAGS) \ + $(LIBWRAP_CFLAGS) \ $(SQLITE_CFLAGS) \ $(ARCHIVE_CFLAGS) \ $(INPUT_CFLAGS) \ @@ -18,6 +19,7 @@ src_mpd_CPPFLAGS = $(AM_CPPFLAGS) \ $(FILTER_CFLAGS) \ $(OUTPUT_CFLAGS) src_mpd_LDADD = $(MPD_LIBS) \ + $(LIBWRAP_LDFLAGS) \ $(SQLITE_LIBS) \ $(ARCHIVE_LIBS) \ $(INPUT_LIBS) \ diff --git a/NEWS b/NEWS index ecb713133..7cc25808e 100644 --- a/NEWS +++ b/NEWS @@ -86,6 +86,7 @@ ver 0.16 (20??/??/??) * build with large file support by default * added test suite ("make check") * require GLib 2.12 +* added libwrap support ver 0.15.8 (2010/01/17) diff --git a/configure.ac b/configure.ac index 65d59ec4c..d5bc118e3 100644 --- a/configure.ac +++ b/configure.ac @@ -205,6 +205,8 @@ dnl ## dnl misc libraries dnl ## +AC_CHECK_LIBWRAP + AC_ARG_ENABLE(cue, AS_HELP_STRING([--enable-cue], [enable support for libcue support]),, diff --git a/m4/libwrap.m4 b/m4/libwrap.m4 new file mode 100644 index 000000000..000b0bab2 --- /dev/null +++ b/m4/libwrap.m4 @@ -0,0 +1,37 @@ +dnl +dnl Usage: +dnl AC_CHECK_LIBWRAP([ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) +dnl + +AC_DEFUN([AC_CHECK_LIBWRAP], + [dnl start + + AC_ARG_ENABLE([libwrap], + [AS_HELP_STRING([--disable-libwrap], + [use libwrap (default enabled)])], , + [ + AC_CHECK_HEADERS([tcpd.h], + [], + [AC_MSG_ERROR([tpcd.h libwrap header not found])] + $3) + + AC_CHECK_LIB([wrap], + [request_init], + [], + [AC_MSG_ERROR([libwrap not found !])] + $3) + + AC_DEFINE(HAVE_LIBWRAP, 1, [define to enable libwrap library]) + + LIBWRAP_CFLAGS="" + LIBWRAP_LDFLAGS="-lwrap" + + AC_SUBST([LIBWRAP_CFLAGS]) + AC_SUBST([LIBWRAP_LDFLAGS]) + + dnl ACTION-IF-FOUND + $2 + + ]) dnl AC_ARG_ENABLE + +]) dnl AC_DEFUN diff --git a/src/client_new.c b/src/client_new.c index fd406506f..beb8e14b7 100644 --- a/src/client_new.c +++ b/src/client_new.c @@ -26,6 +26,11 @@ #include #include +#ifdef HAVE_LIBWRAP +#include +#endif + + #define LOG_LEVEL_SECURE G_LOG_LEVEL_INFO static const char GREETING[] = "OK MPD " PROTOCOL_VERSION "\n"; @@ -38,6 +43,31 @@ void client_new(int fd, const struct sockaddr *sa, size_t sa_length, int uid) assert(fd >= 0); +#ifdef HAVE_LIBWRAP + if (sa->sa_family != AF_UNIX) { + char *hostaddr = sockaddr_to_string(sa, sa_length, NULL); + const char *progname = g_get_prgname(); + + struct request_info req; + request_init(&req, RQ_FILE, fd, RQ_DAEMON, progname, 0); + + fromhost(&req); + + if (!hosts_access(&req)) { + /* tcp wrappers says no */ + g_log(G_LOG_DOMAIN, LOG_LEVEL_SECURE, + "libwrap refused connection (libwrap=%s) from %s", + progname, hostaddr); + + g_free(hostaddr); + close(fd); + return; + } + + g_free(hostaddr); + } +#endif /* HAVE_WRAP */ + if (client_list_is_full()) { g_warning("Max Connections Reached!"); close(fd); -- cgit v1.2.3