[Maybe SOLVED] Re: Strange sshd problem with 1.5.3-PREVIEW

Yiorgos Adamopoulos adamo at central.tee.gr
Mon May 15 13:33:08 PDT 2006


On 2006-05-15, Yiorgos Adamopoulos <adamo at xxxxxxxxxxxxxx> wrote:
> Hi!
>
> I upgraded two servers to 1.5.3-PREVIEW and noticed that although sshd is
> compiled to use libwrap.so, it does not consult it (server name mangled):
>
> [snip]
>
> XYZW# cat /etc/hosts.allow
> ALL: 127.0.0.1 : ALLOW
> ALL: ALL : DENY
>
> However, ssh connections to XYZW are allowed and accepted.

Hi just looked at the diffs for /usr/src/secure/lib/libssh/config.h between
version 1.6 and 1.7 from the CVSWeb tool.  It seems that:

In version 1.6:

/* Define if you want TCP Wrappers support */ 	 
 #define LIBWRAP 1

and in version 1.7:

/* Define if you want TCP Wrappers support */
/* #undef LIBWRAP */

Assuming that if tcp_wrappers were to be called, then a 

strings /usr/sbin/sshd | grep request_init

would produce output, while now it does not.  So although sshd is *linked*
with libwrap, it does not call request_init(), fromhost() and refuse()
because LIBWRAP is undefined in config.h for libssh, right?
-- 
#include <std/disclaimer.h> /* Yiorgos Adamopoulos */





More information about the Bugs mailing list