lmtp delivery to cyrus store over unix socket requires /etc/hosts.allow entry. why?

Tue Oct 18 13:50:06 EDT 2005

Hi,

>>>>> On Tue, 18 Oct 2005 09:32:58 -0700
>>>>> OpenMacNews <openmacnews at gmail.com> said:

openmacnews> QUESTION: why is a hosts.allow entry required in the 1st
openmacnews> place for lmtpunix transport over a UNIXsocket?

I don't know about MacOS X, but there was similar bug in FreeBSD.  So,
our port still applies following patch to avoid the bug in old version
of FreeBSD:

Index: master/service-thread.c
diff -u master/service-thread.c.orig master/service-thread.c

--- master/service-thread.c.orig	Wed Jan 22 22:52:36 2003
+++ master/service-thread.c	Wed Jan 22 23:09:52 2003
@@ -99,6 +99,9 @@
     struct sockaddr_storage sin;
     socklen_t len = sizeof(sin);
     
+    /* XXX: old FreeBSD didn't fill sockaddr correctly against AF_UNIX */
+    sin.ss_family = AF_UNIX;
+
     /* is this a connection from the local host? */
     if (getpeername(fd, (struct sockaddr *) &sin, &len) == 0) {
 	if (((struct sockaddr *)&sin)->sa_family == AF_UNIX) {


openmacnews> and, why "0.0.0.0" for localhost, rather than 127.0.0.1
openmacnews> or 'localhost' in hosts.allow?

UNIX domain socket is not localhost.  Perhaps, getpeername() doesn't
fill sockaddr against UNIX domain socket.  So, it matches with
0.0.0.0.

Sincerely,

--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume at mahoroba.org  ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/

