Re: Bug#533601: [sparc] tcpd fails reverse name resolution

To: "Marco d'Itri" <md@Linux.IT>
Cc: 533601@bugs.debian.org, debian-sparc@lists.debian.org
Subject: Re: Bug#533601: [sparc] tcpd fails reverse name resolution
From: Hermann Lauer <Hermann.Lauer@iwr.uni-heidelberg.de>
Date: Mon, 6 Jul 2009 12:33:29 +0200
Message-id: <20090706103329.GA10285@lemon.iwr.uni-heidelberg.de>
In-reply-to: <20090629083110.GA7872@lemon.iwr.uni-heidelberg.de>
References: <20090619083317.8463.68045.reportbug@skylla.iwr.uni-heidelberg.de> <20090619084413.GA18410@bongo.bofh.it> <20090619090118.GB3939@lemon.iwr.uni-heidelberg.de> <20090619093829.GB20650@bongo.bofh.it> <20090627235810.GA28160@bongo.bofh.it> <20090629083110.GA7872@lemon.iwr.uni-heidelberg.de>

On Mon, Jun 29, 2009 at 10:31:10AM +0200, Hermann Lauer wrote:
> I looked at the tcpd sources and saw some debug options,
> but did not found the time to try something yet.
> 
> slapd's libwrap0 is also still failing
> substring matching in domain names (e.g ".iwr.uni-heidelberg.de"), 
> which I reported already in etch (see: 
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=470261)
> 
> Probably it's ultrasparc specific, so I cc to debian sparc
> hoping somebody tell's us "It's working here".

When putting in the debug patch attached things became clearer:

Jul  6 11:46:01 tantalus in.tftpd[16375]: string=(129.206.xxx.xxx), tok=(.iwr.uni-heidelberg.de)
Jul  6 11:46:01 tantalus in.tftpd[16375]: string=(xxx.iwr.uni-heidelberg.de), tok=(.iwr.uni-heidelberg.de)
Jul  6 11:46:01 tantalus in.tftpd[16375]: connect from xxx.iwr.uni-heidelberg.de (129.206.xxx.xxx)
Jul  6 11:46:01 tantalus atftpd[16375]: Advanced Trivial FTP server started (0.7)
Jul  6 11:46:01 tantalus atftpd[16375]: string=(129.206.xxx.xxx), tok=(.iwr.uni-heidelberg.de)
Jul  6 11:46:01 tantalus atftpd[16375]: string=(unknown), tok=(.iwr.uni-heidelberg.de)
Jul  6 11:46:01 tantalus atftpd[16375]: Connection refused from 129.206.xxx.xxx

It's atftpd which blocks itself with a call to the libwrap0 code, not tcpd. 

But I wounder that there must be a bug in tcpd too,
as the hostname macros are not filled when called from tcpd (which did reverse 
hostname resolution correct, see above). 

And in slapd the same happens:

Jul  6 11:57:23 install3 slapd[3435]: string=(129.206.xxx.xxx), tok=(.iwr.uni-heidelberg.de)
Jul  6 11:57:23 install3 slapd[3435]: string=(unknown), tok=(.iwr.uni-heidelberg.de)
Jul  6 11:57:23 install3 slapd[3435]: fd=14 DENIED from unknown (129.206.xxx.xxx)

Probably the next test should be on a x86 machine. The comments on the debian-sparc lists where not
helpfull.

Greetings,
  Hermann

-- 
Netzwerkadministration/Zentrale Dienste, Interdiziplinaeres 
Zentrum fuer wissenschaftliches Rechnen der Universitaet Heidelberg
IWR; INF 368; 69120 Heidelberg; Tel: (06221)54-8236 Fax: -5224
Email: Hermann.Lauer@iwr.uni-heidelberg.de

--- hosts_access.c	2009-07-06 11:37:37.000000000 +0200
+++ tcp-wrappers-7.6.q/hosts_access.c	2009-07-06 12:38:29.000000000 +0200
@@ -380,7 +380,6 @@
 #endif    
     if (tok[0] == '.') {			/* suffix */
 	n = strlen(string) - strlen(tok);
-	syslog(3, "string=(%s), tok=(%s)", string, tok);
 	return (n > 0 && STR_EQ(tok, string + n));
     } else if (STR_EQ(tok, "ALL")) {		/* all: match any */
 	return (YES);

Reply to:

Prev by Date: Re: Bug#533601: [sparc] tcpd fails reverse name resolution
Next by Date: Please remove sticky Dep-Wait: libvtk5 (>= 5.2.1-3) on gdcm
Previous by thread: Re: Bug#533601: [sparc] tcpd fails reverse name resolution
Next by thread: Please remove sticky Dep-Wait: libvtk5 (>= 5.2.1-3) on gdcm
Index(es):
- Date
- Thread