From 4e83b79d2b5795120c7763970c974e4dcc8c915a Mon Sep 17 00:00:00 2001
From: Tim Phipps <mpd@phipps-hutton.freeserve.co.uk>
Date: Sun, 6 Jun 2010 21:53:24 +0200
Subject: output/httpd: add libwrap support

libwrap support is in MPD but only for the control port.  This patch
adds support for the http port.  The code is copied from
src/client_new.c
---
 src/output/httpd_output_plugin.c | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

(limited to 'src/output')

diff --git a/src/output/httpd_output_plugin.c b/src/output/httpd_output_plugin.c
index d61570557..140ea7d82 100644
--- a/src/output/httpd_output_plugin.c
+++ b/src/output/httpd_output_plugin.c
@@ -41,6 +41,10 @@
 #include <unistd.h>
 #include <errno.h>
 
+#ifdef HAVE_LIBWRAP
+#include <tcpd.h>
+#endif
+
 #undef G_LOG_DOMAIN
 #define G_LOG_DOMAIN "httpd_output"
 
@@ -208,6 +212,30 @@ httpd_listen_in_event(G_GNUC_UNUSED GIOChannel *source,
 
 	fd = accept_cloexec_nonblock(httpd->fd, (struct sockaddr*)&sa,
 				     &sa_length);
+#ifdef HAVE_LIBWRAP
+	struct sockaddr *sa_p = (struct sockaddr *)&sa;
+	if (sa_p->sa_family != AF_UNIX) {
+          char *hostaddr = sockaddr_to_string(sa_p, sa_length, NULL);
+		const char *progname = g_get_prgname();
+
+		struct request_info req;
+		request_init(&req, RQ_FILE, fd, RQ_DAEMON, progname, 0);
+
+		fromhost(&req);
+
+		if (!hosts_access(&req)) {
+			/* tcp wrappers says no */
+			g_warning("libwrap refused connection (libwrap=%s) from %s",
+			      progname, hostaddr);
+			g_free(hostaddr);
+			close(fd);
+			g_mutex_unlock(httpd->mutex);
+			return true;
+		}
+
+		g_free(hostaddr);
+	}
+#endif	/* HAVE_WRAP */
 	if (fd >= 0) {
 		/* can we allow additional client */
 		if (httpd->open &&
-- 
cgit v1.2.3