From 879920959bfc1bae6b9b0bc3c513b3a4e5fcefd6 Mon Sep 17 00:00:00 2001
From: Jan F <jfch@cauvin.jagda.eu>
Date: Wed, 4 May 2011 10:33:20 +0200
Subject: [PATCH] Add support for IPv4 /prefix notation (#698464)

---
 tcp_wrappers-7.6-bug698464.patch | 62 ++++++++++++++++++++++++++++++++
 tcp_wrappers.spec                |  5 +++
 2 files changed, 67 insertions(+)
 create mode 100644 tcp_wrappers-7.6-bug698464.patch

diff --git a/tcp_wrappers-7.6-bug698464.patch b/tcp_wrappers-7.6-bug698464.patch
new file mode 100644
index 0000000..43a5931
--- /dev/null
+++ b/tcp_wrappers-7.6-bug698464.patch
@@ -0,0 +1,62 @@
+--- tcp_wrappers_7.6/hosts_access.5.orig	2011-04-20 16:10:25.000000000 -0600
++++ tcp_wrappers_7.6/hosts_access.5	2011-04-20 16:29:50.000000000 -0600
+@@ -90,6 +90,9 @@ bitwise AND of the address and the `mask
+ pattern `131.155.72.0/255.255.254.0\' matches every address in the
+ range `131.155.72.0\' through `131.155.73.255\'.
+ .IP \(bu
++An expression of the form `n.n.n.n/m\' is interpreted as a
++`net/prefixlen\' pair, as below, for IPv4 addresses.
++.IP \(bu
+ An expression of the form `[n:n:n:n:n:n:n:n]/m\' is interpreted as a
+ `[net]/prefixlen\' pair. An IPv6 host address is matched if
+ `prefixlen\' bits of `net\' is equal to the `prefixlen\' bits of the
+--- tcp_wrappers_7.6/tcpd.h.orig	2011-04-20 16:10:25.000000000 -0600
++++ tcp_wrappers_7.6/tcpd.h	2011-04-20 16:11:56.000000000 -0600
+@@ -101,6 +101,7 @@ extern void refuse __P((struct request_i
+ extern char *xgets __P((char *, int, FILE *));	/* fgets() on steroids */
+ extern char *split_at __P((char *, int));	/* strchr() and split */
+ extern unsigned long dot_quad_addr __P((char *)); /* restricted inet_addr() */
++extern unsigned long prefix_to_netmask __P((char *)); /* 0-32 prefix length */
+ 
+ /* Global variables. */
+ 
+--- tcp_wrappers_7.6/misc.c.orig	2011-04-20 16:10:25.000000000 -0600
++++ tcp_wrappers_7.6/misc.c	2011-04-20 16:13:39.000000000 -0600
+@@ -107,3 +107,22 @@ char   *str;
+     }
+     return (runs == 4 ? inet_addr(str) : INADDR_NONE);
+ }
++
++/* prefix_to_netmask - convert prefix (0-32) to netmask */
++
++unsigned long prefix_to_netmask(str)
++char   *str;
++{
++    unsigned long prefix;
++    char *endptr;
++
++    if (!isdigit(str[0]))
++	return INADDR_NONE;
++
++    prefix = strtoul(str, &endptr, 10);
++    if ((endptr == str) || (*endptr != '\0') || (prefix > 32))
++	return INADDR_NONE;
++
++    return (~0UL << (32 - prefix));
++}
++
+--- tcp_wrappers_7.6/hosts_access.c.orig	2011-04-20 16:10:25.000000000 -0600
++++ tcp_wrappers_7.6/hosts_access.c	2011-04-20 16:21:07.000000000 -0600
+@@ -427,8 +427,11 @@ char   *string;
+ 	return (NO);
+     if ((net = dot_quad_addr(net_tok)) == INADDR_NONE
+ 	|| ((mask = dot_quad_addr(mask_tok)) == INADDR_NONE
+-	    && strcmp(mask_tok, "255.255.255.255"))) {
++	    && strcmp(mask_tok, "255.255.255.255")
++	    && (mask = prefix_to_netmask(mask_tok)) == INADDR_NONE
++	    && strcmp(mask_tok, "32"))) {
+ 	/* 255.255.255.255 == INADDR_NONE, separate check needed. TJ. */
++	/* 32 == INADDR_NONE, separate check needed. philipp */
+ #ifndef INET6
+ 	tcpd_warn("bad net/mask expression: %s/%s", net_tok, mask_tok);
+ #endif
diff --git a/tcp_wrappers.spec b/tcp_wrappers.spec
index 5327cf7..c032821 100644
--- a/tcp_wrappers.spec
+++ b/tcp_wrappers.spec
@@ -35,6 +35,7 @@ Patch20: tcp_wrappers-7.6-sigchld.patch
 Patch21: tcp_wrappers-7.6-196326.patch
 Patch22: tcp_wrappers_7.6-249430.patch
 Patch23: tcp_wrappers-7.6-inetdconf.patch
+Patch24: tcp_wrappers-7.6-bug698464.patch
 # required by sin_scope_id in ipv6 patch
 BuildRequires: glibc-devel >= 2.2
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -92,6 +93,7 @@ develop applications with tcp_wrappers support.
 %patch21 -p1 -b .196326
 %patch22 -p1 -b .249430
 %patch23 -p1 -b .inetdconf
+%patch24 -p1 -b .698464
 
 %build
 make RPM_OPT_FLAGS="$RPM_OPT_FLAGS -fPIC -DPIC -D_REENTRANT -DHAVE_STRERROR" LDFLAGS="-pie" MAJOR=%{LIB_MAJOR} MINOR=%{LIB_MINOR} REL=%{LIB_REL} linux
@@ -149,6 +151,9 @@ rm -rf ${RPM_BUILD_ROOT}
 %{_mandir}/man3/*
 
 %changelog
+* Wed May  4 2011 Jan F. Chadima <jchadima@redhat.com> - 7.6-61
+- Add support for IPv4 /prefix notation (#698464)
+
 * Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7.6-60
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild