From wietse@porcupine.org Thu Nov 20 18:34:21 1997
Received: by spike.porcupine.org
id SAA19835; Thu, 20 Nov 1997 18:34:21 -0500 (EST)
Message-Id: <199711202334.SAA19835@spike.porcupine.org>
Subject: tcp-wrappers-announce: sendmail-8.8.8 bug workaround
To: tcp-wrappers-announce@wzv.win.tue.nl
Date: Thu, 20 Nov 1997 18:34:21 -0500 (EST)
Cc: wietse@wzv.win.tue.nl (Wietse Venema)
From: wietse@wzv.win.tue.nl (Wietse Venema)
Organization: Wietse Venema on sabattical leave, White Plains, NY, USA
X-Time-Zone: USA EST, 6 hours behind central European time
X-Mailer: ELM [version 2.4ME+ PL15 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Status: RO
This workaround is of interest for sites that use sendmail with
built-in TCP Wrapper access control to reject SMTP connections from
unregistered hosts (i.e. hosts whose name is unknown).
A week ago I found that sendmail 8.8.8 passes incorrect data into
my TCP Wrapper library routines. The resultis that unknown hosts
are treated as if their hostname is known.
The workaround below is based on discussions with one of the sendmail
maintainers. A similar fix will be part of the next Sendmail release.
Wietse
*** ./conf.c- Mon Oct 20 11:41:38 1997
--- ./conf.c Mon Nov 17 18:14:46 1997
***************
*** 4106,4111 ****
--- 4106,4115 ----
char *hostname;
ENVELOPE *e;
{
+ #if TCPWRAPPERS
+ char *host;
+ #endif
+
if (tTd(48, 3))
printf("validate_connection(%s, %s)\n",
hostname, anynet_ntoa(sap));
***************
*** 4118,4124 ****
}
#if TCPWRAPPERS
! if (!hosts_ctl("sendmail", hostname, anynet_ntoa(sap), STRING_UNKNOWN))
{
if (tTd(48, 4))
printf(" ... validate_connection: BAD (tcpwrappers)\n");
--- 4122,4132 ----
}
#if TCPWRAPPERS
! if (hostname[0] == '[' && hostname[strlen(hostname) - 1] == ']')
! host = STRING_UNKNOWN;
! else
! host = hostname;
! if (!hosts_ctl("sendmail", host, anynet_ntoa(sap), STRING_UNKNOWN))
{
if (tTd(48, 4))
printf(" ... validate_connection: BAD (tcpwrappers)\n");