[Pkg-erlang-devel] Bug#585416: Please make epmd support tcpwrappers
Joerg Dorchain
joerg at dorchain.net
Thu Jun 10 12:30:59 UTC 2010
Package: erlang-base
Version: 1:13.b.4-dfsg-5
Severity: wishlist
Tags: upstream, patch
Hello,
when used in conjunction with ejabberd, I only need to run erlang
programs on one single machine without the need for internetwide
connections. epmd unfortunately does not come with any kind of
access restriction by itself.
The following patch allows using libwrap as a kind of
minimalistic access restriction. It is lightweight and easy to
configure.
Please consider for inclusion.
Bye,
Joerg
--- erts/epmd/src/Makefile.in.orig 2010-06-10 14:19:48.000000000 +0200
+++ erts/epmd/src/Makefile.in 2010-06-10 14:20:44.000000000 +0200
@@ -54,7 +54,7 @@
WFLAGS = @WFLAGS@
CFLAGS = @CFLAGS@ @DEFS@ $(TYPE_FLAGS) $(WFLAGS)
LD = @LD@
-LIBS = @LIBS@
+LIBS = @LIBS@ -lwrap
LDFLAGS = @LDFLAGS@
--- erts/epmd/src/epmd_srv.c.orig 2010-06-09 11:20:27.000000000 +0200
+++ erts/epmd/src/epmd_srv.c 2010-06-10 14:18:52.000000000 +0200
@@ -23,6 +23,7 @@
#endif
#include "epmd.h" /* Renamed from 'epmd_r4.h' */
#include "epmd_int.h"
+#include <tcpd.h>
/*
*
@@ -393,6 +394,8 @@
int msgsock;
struct EPMD_SOCKADDR_IN icli_addr; /* workaround for QNX bug - cannot */
int icli_addr_len; /* handle NULL pointers to accept. */
+ char buf[64];
+ char *addr;
icli_addr_len = sizeof(icli_addr);
@@ -403,6 +406,15 @@
dbg_perror(g,"error in accept");
return EPMD_FALSE;
}
+#if FAMILY == AF_INET6
+ addr=inet_ntop(FAMILY, &icli_addr.sin6_addr,buf,64);
+#else
+ addr=inet_ntop(FAMILY, &icli_addr.sin_addr,buf,64);
+#enidif
+ if ((!addr) || (!hosts_ctl("epmd", STRING_UNKNOWN, buf, STRING_UNKNOWN))) {
+ close(msgsock);
+ return EPMD_FALSE;
+ }
return conn_open(g,msgsock);
}
More information about the Pkg-erlang-devel
mailing list