← Back to branch summary

~ubuntu-branches/ubuntu/utopic/audit/utopic

« back to all changes in this revision

Viewing changes to src/auditd-listen.c

  • Committer: Bazaar Package Importer
  • Author(s): Philipp Matthias Hahn
  • Date: 2009-04-07 00:03:54 UTC
  • mfrom: (1.2.6 upstream)
  • mto: This revision was merged to the branch mainline in revision 16.
  • Revision ID: james.westby@ubuntu.com-20090407000354-ny4m29eckoycogz5
Tags: 1.7.12-1
http://bugs.debian.org/522026
http://bugs.debian.org/513937
* New upstream release. (Closes: #522026)
* Fix "typo in long description: (Closes: #513937)
* debian/control:
  - Bump Standards-Version: 3.8.0

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/auditd-listen.c
76
76
static int listen_socket;
77
77
static struct ev_io tcp_listen_watcher;
78
78
static int min_port, max_port;
 
79
static int use_libwrap = 1;
79
80
#ifdef USE_GSSAPI
80
81
/* This is used to hold our own private key.  */
81
82
static gss_cred_id_t server_creds;
715
716
                return;
716
717
        }
717
718
 
718
 
        if (auditd_tcpd_check(afd)) {
719
 
                close (afd);
720
 
                audit_msg(LOG_ERR, "TCP connection from %s rejected",
721
 
                                sockaddr_to_ip (&aaddr));
722
 
                snprintf(emsg, sizeof(emsg),
723
 
                        "addr=%s port=%d res=no", sockaddr_to_ip (&aaddr),
724
 
                        ntohs (aaddr.sin_port));
725
 
                send_audit_event(AUDIT_DAEMON_ACCEPT, emsg);
726
 
                return;
 
719
        if (use_libwrap) {
 
720
                if (auditd_tcpd_check(afd)) {
 
721
                        close (afd);
 
722
                        audit_msg(LOG_ERR, "TCP connection from %s rejected",
 
723
                                        sockaddr_to_ip (&aaddr));
 
724
                        snprintf(emsg, sizeof(emsg),
 
725
                                "addr=%s port=%d res=no",
 
726
                                sockaddr_to_ip (&aaddr),
 
727
                                ntohs (aaddr.sin_port));
 
728
                        send_audit_event(AUDIT_DAEMON_ACCEPT, emsg);
 
729
                        return;
 
730
                }
727
731
        }
728
 
 
729
732
        uaddr = (unsigned char *)&aaddr.sin_addr;
730
733
 
731
734
        /* Verify it's coming from an authorized port.  We assume the firewall
824
827
        setsockopt(listen_socket, SOL_SOCKET, SO_REUSEADDR,
825
828
                        (char *)&one, sizeof (int));
826
829
 
827
 
        if ( bind ( listen_socket, (struct sockaddr *)&address, sizeof(address)) ) {
 
830
        if (bind(listen_socket, (struct sockaddr *)&address, sizeof(address))){
828
831
                audit_msg(LOG_ERR,
829
832
                        "Cannot bind tcp listener socket to port %ld",
830
833
                        config->tcp_listen_port);
841
844
                        listen_socket, EV_READ);
842
845
        ev_io_start (loop, &tcp_listen_watcher);
843
846
 
 
847
        use_libwrap = config->use_libwrap;
844
848
        min_port = config->tcp_client_min_port;
845
849
        max_port = config->tcp_client_max_port;
846
850
        auditd_set_ports(config->tcp_client_min_port,