- Use fnmatch(3) for domanname matching of -a options.
- Document the patten matching. - Document -S flag in SYNOPSIS.
This commit is contained in:
hrs
parent
e73132be39
commit
558fb217fd
@ -28,7 +28,7 @@
|
||||
.\" @(#)syslogd.8 8.1 (Berkeley) 6/6/93
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd June 16, 2015
|
||||
.Dd December 21, 2016
|
||||
.Dt SYSLOGD 8
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -44,6 +44,7 @@
|
||||
.Op Fl m Ar mark_interval
|
||||
.Op Fl P Ar pid_file
|
||||
.Op Fl p Ar log_socket
|
||||
.Op Fl S Ar logpriv_socket
|
||||
.Sh DESCRIPTION
|
||||
The
|
||||
.Nm
|
||||
@ -154,16 +155,9 @@ for the sender address.
|
||||
The meaning of
|
||||
.Ar service
|
||||
is as explained above.
|
||||
.It Xo
|
||||
.Sm off
|
||||
.No * Ar domainname Op \&: Ar service
|
||||
.Sm on
|
||||
.Xc
|
||||
Same as before, except that any source host whose name
|
||||
.Em ends
|
||||
in
|
||||
.Ar domainname
|
||||
will get permission.
|
||||
can contain special characters of a shell-style pattern such as
|
||||
.Ql Li \&* .
|
||||
.El
|
||||
.Pp
|
||||
The
|
||||
|
||||
@ -98,6 +98,7 @@ __FBSDID("$FreeBSD$");
|
||||
#include <err.h>
|
||||
#include <errno.h>
|
||||
#include <fcntl.h>
|
||||
#include <fnmatch.h>
|
||||
#include <libutil.h>
|
||||
#include <limits.h>
|
||||
#include <paths.h>
|
||||
@ -2476,8 +2477,7 @@ static int
|
||||
validate(struct sockaddr *sa, const char *hname)
|
||||
{
|
||||
int i;
|
||||
size_t l1, l2;
|
||||
char *cp, name[NI_MAXHOST], ip[NI_MAXHOST], port[NI_MAXSERV];
|
||||
char name[NI_MAXHOST], ip[NI_MAXHOST], port[NI_MAXSERV];
|
||||
struct allowedpeer *ap;
|
||||
struct sockaddr_in *sin4, *a4p = NULL, *m4p = NULL;
|
||||
#ifdef INET6
|
||||
@ -2558,23 +2558,11 @@ validate(struct sockaddr *sa, const char *hname)
|
||||
else
|
||||
continue;
|
||||
} else {
|
||||
cp = ap->a_name;
|
||||
l1 = strlen(name);
|
||||
if (*cp == '*') {
|
||||
/* allow wildmatch */
|
||||
cp++;
|
||||
l2 = strlen(cp);
|
||||
if (l2 > l1 || memcmp(cp, &name[l1 - l2], l2) != 0) {
|
||||
dprintf("rejected in rule %d due to name mismatch.\n", i);
|
||||
continue;
|
||||
}
|
||||
} else {
|
||||
/* exact match */
|
||||
l2 = strlen(cp);
|
||||
if (l2 != l1 || memcmp(cp, name, l1) != 0) {
|
||||
dprintf("rejected in rule %d due to name mismatch.\n", i);
|
||||
continue;
|
||||
}
|
||||
if (fnmatch(ap->a_name, name, FNM_NOESCAPE) ==
|
||||
FNM_NOMATCH) {
|
||||
dprintf("rejected in rule %d due to name "
|
||||
"mismatch.\n", i);
|
||||
continue;
|
||||
}
|
||||
}
|
||||
dprintf("accepted in rule %d.\n", i);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user