On 2006-05-15, Yiorgos Adamopoulos <[EMAIL PROTECTED]> wrote: > Hi! > > I upgraded two servers to 1.5.3-PREVIEW and noticed that although sshd is > compiled to use libwrap.so, it does not consult it (server name mangled): > > [snip] > > XYZW# cat /etc/hosts.allow > ALL: 127.0.0.1 : ALLOW > ALL: ALL : DENY > > However, ssh connections to XYZW are allowed and accepted.
Hi just looked at the diffs for /usr/src/secure/lib/libssh/config.h between version 1.6 and 1.7 from the CVSWeb tool. It seems that: In version 1.6: /* Define if you want TCP Wrappers support */ #define LIBWRAP 1 and in version 1.7: /* Define if you want TCP Wrappers support */ /* #undef LIBWRAP */ Assuming that if tcp_wrappers were to be called, then a strings /usr/sbin/sshd | grep request_init would produce output, while now it does not. So although sshd is *linked* with libwrap, it does not call request_init(), fromhost() and refuse() because LIBWRAP is undefined in config.h for libssh, right? -- #include <std/disclaimer.h> /* Yiorgos Adamopoulos */
