lördag den 6 februari 2010 klockan 15:53 skrev Asheesh Laroia detta: > That's thrilling. Mats, are you a DD? If not, then if the maintainer No! > > Also, can you check and see how they do it in Fedora? Better that we and > Fedora share code, I figure, than do things differently. Will do, but have not yet done so. After further testing, I decided it to be important to loop through all possible addresses, in case some do not answer, so I make a revised NMUdiff public with this message. The new patch will proceed to a IPv4 query, should the host deny access to IPv6-finger, just as is to be expected. My previous suggestion did not explicitly do that. This patchedd fingerd has been checked under xinetd with IPv6, IPv4-only, and disabled service. The patched client finger captures all functionality. Regards Mats E A
diff -u bsd-finger-0.17/debian/changelog bsd-finger-0.17/debian/changelog --- bsd-finger-0.17/debian/changelog +++ bsd-finger-0.17/debian/changelog @@ -1,3 +1,14 @@ +bsd-finger (0.17-13.1) unstable; urgency=low + + * Non-maintainer upload. + * Implement IPv6-support. + + debian/patches/10-fingerd-ipv6.patch: New file. + + debian/patches/20-finger-ipv6.patch: New file. + * debian/fingerd.examples: Adds debian/local/finger.xinetd. + * [lintian] New file debian/README.source, conditioned on Quilt. + + -- Mats Erik Andersson <mats.andersson@gisladisker.se> Tue, 09 Feb 2010 17:08:38 +0100 + bsd-finger (0.17-13) unstable; urgency=low * Priority is optional diff -u bsd-finger-0.17/debian/patches/series bsd-finger-0.17/debian/patches/series --- bsd-finger-0.17/debian/patches/series +++ bsd-finger-0.17/debian/patches/series @@ -2,0 +3,2 @@ +10-fingerd-ipv6.patch +20-finger-ipv6.patch only in patch2: unchanged: --- bsd-finger-0.17.orig/debian/README.source +++ bsd-finger-0.17/debian/README.source @@ -0,0 +1,6 @@ +This package uses quilt to manage all modifications to the upstream +source. Changes are stored in the source package as diffs in +debian/patches and applied during the build. + +See /usr/share/doc/quilt/README.source for a detailed explanation. + only in patch2: unchanged: --- bsd-finger-0.17.orig/debian/fingerd.examples +++ bsd-finger-0.17/debian/fingerd.examples @@ -0,0 +1 @@ +debian/local/finger.xinetd only in patch2: unchanged: --- bsd-finger-0.17.orig/debian/local/finger.xinetd +++ bsd-finger-0.17/debian/local/finger.xinetd @@ -0,0 +1,13 @@ +service finger +{ + disable = no + socket_type = stream + protocol = tcp + flags = IPv6 + wait = no + user = nobody + server = /usr/sbin/in.fingerd + server_args = -l -w + log_type = SYSLOG daemon info + log_on_success = HOST +} only in patch2: unchanged: --- bsd-finger-0.17.orig/debian/patches/10-fingerd-ipv6.patch +++ bsd-finger-0.17/debian/patches/10-fingerd-ipv6.patch @@ -0,0 +1,30 @@ +Description: Implement IPv6 capacity for the server Fingerd. +Author: Mats Erik Andersson <debian@gisladisker.se> +Forwarded: no +Last-Update: 2010-02-09 +--- bsd-finger-0.17/fingerd/fingerd.c.debian ++++ bsd-finger-0.17/fingerd/fingerd.c +@@ -112,7 +112,7 @@ main(int argc, char *argv[]) + int k, nusers; + char *s, *t; + const char *fingerpath = NULL; +- struct sockaddr_in sn; ++ struct sockaddr_storage sn; + socklen_t sval = sizeof(sn); + + +@@ -182,11 +182,13 @@ main(int argc, char *argv[]) + } + + if (welcome) { +- char buf[256]; ++ char buf[256] = ""; + struct hostent *hp; + struct utsname utsname; + + uname(&utsname); ++ /* gethostbyname() only retrieves the local hostname. ++ * This does not disturb IPv6 in any manner. */ + gethostname(buf, sizeof(buf)); + if ((hp = gethostbyname(buf))) { + /* paranoia: dns spoofing? */ only in patch2: unchanged: --- bsd-finger-0.17.orig/debian/patches/20-finger-ipv6.patch +++ bsd-finger-0.17/debian/patches/20-finger-ipv6.patch @@ -0,0 +1,117 @@ +Description: Implement IPv6 capability for the client Finger. +Author: Mats Erik Andersson <debian@gisladisker.se> +Forwarded: no +Last-Updated: 2010-02-09 +--- bsd-finger-0.17/finger/finger.c.debian ++++ bsd-finger-0.17/finger/finger.c +@@ -93,7 +93,7 @@ + int main(int argc, char *argv[]) { + int ch; + int err = 0; +- struct sockaddr_in sin; ++ struct sockaddr_storage sin; + socklen_t slen = sizeof(sin); + + while ((ch = getopt(argc, argv, "lmps")) != EOF) { +@@ -137,6 +137,8 @@ int main(int argc, char *argv[]) { + * Also check stdin for nofinger processing, because of older + * fingerds that make stdout a pipe for CRLF handling. + */ ++ slen = sizeof(slen); /* For safety: sockaddr_in and sockaddr_in6 */ ++ + if (getsockname(STDIN_FILENO, (struct sockaddr *)&sin, &slen)==0) { + enable_nofinger = 1; + } +--- bsd-finger-0.17/finger/net.c.debian ++++ bsd-finger-0.17/finger/net.c +@@ -53,13 +53,12 @@ + + int netfinger(const char *name) { + register FILE *fp; +- struct in_addr defaddr; + register int c, sawret, ateol; +- struct hostent *hp, def; ++ struct addrinfo hints, *result, *resptr; + struct servent *sp; +- struct sockaddr_in sn; +- int s; +- char *alist[1], *host; ++ struct sockaddr_storage sn; ++ int s, status; ++ char *host; + + host = strrchr(name, '@'); + if (!host) return 1; +@@ -72,38 +71,46 @@ int netfinger(const char *name) { + eprintf("finger: tcp/finger: unknown service\n"); + return 1; + } +- sn.sin_port = sp->s_port; ++ memset(&hints, 0, sizeof(hints)); ++ hints.ai_flags = AI_CANONNAME | AI_ADDRCONFIG; ++ hints.ai_family = AF_UNSPEC; ++ hints.ai_socktype = SOCK_STREAM; ++ hints.ai_protocol = IPPROTO_TCP; ++ ++ status = getaddrinfo(host, "finger", &hints, &result); ++ if (status != 0) { ++ eprintf("finger: unknown host: %s\n", host); ++ eprintf("getaddrinfo: %s\n", gai_strerror(status)); ++ return 1; ++ } + +- hp = gethostbyname(host); +- if (!hp) { +- if (!inet_aton(host, &defaddr)) { +- eprintf("finger: unknown host: %s\n", host); +- return 1; ++ for ( resptr = result; resptr; resptr = resptr->ai_next) { ++ ++ if ((s = socket(resptr->ai_family, resptr->ai_socktype, ++ resptr->ai_protocol)) < 0) ++ continue; ++ ++ ++ /* print hostname before connecting, in case it takes a while */ ++ /* This should probably be removed. */ ++ xprintf("[%s]\n", result->ai_canonname); ++ ++ if (connect(s, resptr->ai_addr, resptr->ai_addrlen) < 0) { ++ close(s); ++ continue; + } +- def.h_name = host; +- def.h_addr_list = alist; +- def.h_addr = (char *)&defaddr; +- def.h_length = sizeof(struct in_addr); +- def.h_addrtype = AF_INET; +- def.h_aliases = 0; +- hp = &def; +- } +- sn.sin_family = hp->h_addrtype; +- if (hp->h_length > (int)sizeof(sn.sin_addr)) { +- hp->h_length = sizeof(sn.sin_addr); +- } +- memcpy(&sn.sin_addr, hp->h_addr, hp->h_length); + +- if ((s = socket(hp->h_addrtype, SOCK_STREAM, 0)) < 0) { +- eprintf("finger: socket: %s\n", strerror(errno)); +- return 1; ++ /* Connection is now established. ++ /* Assemble the gained information. */ ++ memcpy(&sn, resptr->ai_addr, resptr->ai_addrlen); ++ break; + } + +- /* print hostname before connecting, in case it takes a while */ +- xprintf("[%s]\n", hp->h_name); +- if (connect(s, (struct sockaddr *)&sn, sizeof(sn)) < 0) { ++ freeaddrinfo(result); ++ ++ if ( resptr == NULL ) { ++ /* Last error is still providing the correct clue. */ + eprintf("finger: connect: %s\n", strerror(errno)); +- close(s); + return 1; + } +
Attachment:
signature.asc
Description: Digital signature