usr/src/lib/libwrap/workarounds.c

   1 /*
   2  * Copyright 2001 Sun Microsystems, Inc.  All rights reserved.
   3  * Use is subject to license terms.
   4  */
   5 #pragma ident   "%Z%%M% %I%     %E% SMI"
   6
   7  /*
   8   * Workarounds for known system software bugs. This module provides wrappers
   9   * around library functions and system calls that are known to have problems
  10   * on some systems. Most of these workarounds won't do any harm on regular
  11   * systems.
  12   *
  13   * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
  14   */
  15
  16 #ifndef lint
  17 char    sccsid[] = "@(#) workarounds.c 1.6 96/03/19 16:22:25";
  18 #endif
  19
  20 #include <sys/types.h>
  21 #include <sys/param.h>
  22 #include <sys/socket.h>
  23 #include <netinet/in.h>
  24 #include <arpa/inet.h>
  25 #include <netdb.h>
  26 #include <errno.h>
  27 #include <stdio.h>
  28 #include <syslog.h>
  29 #include <string.h>
  30
  31 extern int errno;
  32
  33 #include "tcpd.h"
  34
  35  /*
  36   * Some AIX versions advertise a too small MAXHOSTNAMELEN value (32).
  37   * Result: long hostnames would be truncated, and connections would be
  38   * dropped because of host name verification failures. Adrian van Bloois
  39   * (A.vanBloois@info.nic.surfnet.nl) figured out what was the problem.
  40   */
  41
  42 #if (MAXHOSTNAMELEN < 64)
  43 #undef MAXHOSTNAMELEN
  44 #endif
  45
  46 /* In case not defined in <sys/param.h>. */
  47
  48 #ifndef MAXHOSTNAMELEN
  49 #define MAXHOSTNAMELEN  256             /* storage for host name */
  50 #endif
  51
  52  /*
  53   * Some DG/UX inet_addr() versions return a struct/union instead of a long.
  54   * You have this problem when the compiler complains about illegal lvalues
  55   * or something like that. The following code fixes this mutant behaviour.
  56   * It should not be enabled on "normal" systems.
  57   *
  58   * Bug reported by ben@piglet.cr.usgs.gov (Rev. Ben A. Mesander).
  59   */
  60
  61 #ifdef INET_ADDR_BUG
  62
  63 #undef inet_addr
  64
  65 long    fix_inet_addr(string)
  66 char   *string;
  67 {
  68     return (inet_addr(string).s_addr);
  69 }
  70
  71 #endif /* INET_ADDR_BUG */
  72
  73  /*
  74   * With some System-V versions, the fgets() library function does not
  75   * account for partial reads from e.g. sockets. The result is that fgets()
  76   * gives up too soon, causing username lookups to fail. Problem first
  77   * reported for IRIX 4.0.5, by Steve Kotsopoulos <steve@ecf.toronto.edu>.
  78   * The following code works around the problem. It does no harm on "normal"
  79   * systems.
  80   */
  81
  82 #ifdef BROKEN_FGETS
  83
  84 #undef fgets
  85
  86 char   *fix_fgets(buf, len, fp)
  87 char   *buf;
  88 int     len;
  89 FILE   *fp;
  90 {
  91     char   *cp = buf;
  92     int     c;
  93
  94     /*
  95      * Copy until the buffer fills up, until EOF, or until a newline is
  96      * found.
  97      */
  98     while (len > 1 && (c = getc(fp)) != EOF) {
  99         len--;
 100         *cp++ = c;
 101         if (c == '\n')
 102             break;
 103     }
 104
 105     /*
 106      * Return 0 if nothing was read. This is correct even when a silly buffer
 107      * length was specified.
 108      */
 109     if (cp > buf) {
 110         *cp = 0;
 111         return (buf);
 112     } else {
 113         return (0);
 114     }
 115 }
 116
 117 #endif /* BROKEN_FGETS */
 118
 119  /*
 120   * With early SunOS 5 versions, recvfrom() does not completely fill in the
 121   * source address structure when doing a non-destructive read. The following
 122   * code works around the problem. It does no harm on "normal" systems.
 123   */
 124
 125 #ifdef RECVFROM_BUG
 126
 127 #undef recvfrom
 128
 129 int     fix_recvfrom(sock, buf, buflen, flags, from, fromlen)
 130 int     sock;
 131 char   *buf;
 132 int     buflen;
 133 int     flags;
 134 struct sockaddr *from;
 135 int    *fromlen;
 136 {
 137     int     ret;
 138
 139     /* Assume that both ends of a socket belong to the same address family. */
 140
 141     if ((ret = recvfrom(sock, buf, buflen, flags, from, fromlen)) >= 0) {
 142         if (from->sa_family == 0) {
 143             struct sockaddr my_addr;
 144             int     my_addr_len = sizeof(my_addr);
 145
 146             if (getsockname(0, &my_addr, &my_addr_len)) {
 147                 tcpd_warn("getsockname: %m");
 148             } else {
 149                 from->sa_family = my_addr.sa_family;
 150             }
 151         }
 152     }
 153     return (ret);
 154 }
 155
 156 #endif /* RECVFROM_BUG */
 157
 158  /*
 159   * The Apollo SR10.3 and some SYSV4 getpeername(2) versions do not return an
 160   * error in case of a datagram-oriented socket. Instead, they claim that all
 161   * UDP requests come from address 0.0.0.0. The following code works around
 162   * the problem. It does no harm on "normal" systems.
 163   */
 164
 165 #ifdef GETPEERNAME_BUG
 166
 167 #undef getpeername
 168
 169 int     fix_getpeername(sock, sa, len)
 170 int     sock;
 171 struct sockaddr *sa;
 172 int    *len;
 173 {
 174     int     ret;
 175     struct sockaddr_in *sin = (struct sockaddr_in *) sa;
 176
 177     if ((ret = getpeername(sock, sa, len)) >= 0
 178         && sa->sa_family == AF_INET
 179         && sin->sin_addr.s_addr == 0) {
 180         errno = ENOTCONN;
 181         return (-1);
 182     } else {
 183         return (ret);
 184     }
 185 }
 186
 187 #endif /* GETPEERNAME_BUG */
 188
 189  /*
 190   * According to Karl Vogel (vogelke@c-17igp.wpafb.af.mil) some Pyramid
 191   * versions have no yp_default_domain() function. We use getdomainname()
 192   * instead.
 193   */
 194
 195 #ifdef USE_GETDOMAIN
 196
 197 int     yp_get_default_domain(ptr)
 198 char  **ptr;
 199 {
 200     static char mydomain[MAXHOSTNAMELEN];
 201
 202     *ptr = mydomain;
 203     return (getdomainname(mydomain, MAXHOSTNAMELEN));
 204 }
 205
 206 #endif /* USE_GETDOMAIN */
 207
 208 #ifndef INADDR_NONE
 209 #define INADDR_NONE 0xffffffff
 210 #endif
 211
 212  /*
 213   * Solaris 2.4 gethostbyname() has problems with multihomed hosts. When
 214   * doing DNS through NIS, only one host address ends up in the address list.
 215   * All other addresses end up in the hostname alias list, interspersed with
 216   * copies of the official host name. This would wreak havoc with tcpd's
 217   * hostname double checks. Below is a workaround that should do no harm when
 218   * accidentally left in. A side effect of the workaround is that address
 219   * list members are no longer properly aligned for structure access.
 220   */
 221
 222 #ifdef SOLARIS_24_GETHOSTBYNAME_BUG
 223
 224 #undef gethostbyname
 225
 226 struct hostent *fix_gethostbyname(name)
 227 char   *name;
 228 {
 229     struct hostent *hp;
 230     struct in_addr addr;
 231     char  **o_addr_list;
 232     char  **o_aliases;
 233     char  **n_addr_list;
 234     int     broken_gethostbyname = 0;
 235
 236     if ((hp = gethostbyname(name)) && !hp->h_addr_list[1] && hp->h_aliases[1]) {
 237         for (o_aliases = n_addr_list = hp->h_aliases; *o_aliases; o_aliases++) {
 238             if ((addr.s_addr = inet_addr(*o_aliases)) != INADDR_NONE) {
 239                 memcpy(*n_addr_list++, (char *) &addr, hp->h_length);
 240                 broken_gethostbyname = 1;
 241             }
 242         }
 243         if (broken_gethostbyname) {
 244             o_addr_list = hp->h_addr_list;
 245             memcpy(*n_addr_list++, *o_addr_list, hp->h_length);
 246             *n_addr_list = 0;
 247             hp->h_addr_list = hp->h_aliases;
 248             hp->h_aliases = o_addr_list + 1;
 249         }
 250     }
 251     return (hp);
 252 }
 253
 254 #endif /* SOLARIS_24_GETHOSTBYNAME_BUG */
 255
 256  /*
 257   * Horror! Some FreeBSD 2.0 libc routines call strtok(). Since tcpd depends
 258   * heavily on strtok(), strange things may happen. Workaround: use our
 259   * private strtok(). This has been fixed in the meantime.
 260   */
 261
 262 #ifdef USE_STRSEP
 263
 264 char   *fix_strtok(buf, sep)
 265 char   *buf;
 266 char   *sep;
 267 {
 268     static char *state;
 269     char   *result;
 270
 271     if (buf)
 272         state = buf;
 273     while ((result = strsep(&state, sep)) && result[0] == 0)
 274          /* void */ ;
 275     return (result);
 276 }
 277
 278 #endif /* USE_STRSEP */
 279
 280  /*
 281   * IRIX 5.3 (and possibly earlier versions, too) library routines call the
 282   * non-reentrant strtok() library routine, causing hosts to slip through
 283   * allow/deny filters. Workaround: don't rely on the vendor and use our own
 284   * strtok() function. FreeBSD 2.0 has a similar problem (fixed in 2.0.5).
 285   */
 286
 287 #ifdef LIBC_CALLS_STRTOK
 288
 289 char   *my_strtok(buf, sep)
 290 char   *buf;
 291 char   *sep;
 292 {
 293     static char *state;
 294     char   *result;
 295
 296     if (buf)
 297         state = buf;
 298
 299     /*
 300      * Skip over separator characters and detect end of string.
 301      */
 302     if (*(state += strspn(state, sep)) == 0)
 303         return (0);
 304
 305     /*
 306      * Skip over non-separator characters and terminate result.
 307      */
 308     result = state;
 309     if (*(state += strcspn(state, sep)) != 0)
 310         *state++ = 0;
 311     return (result);
 312 }
 313
 314 #endif /* LIBC_CALLS_STRTOK */