1# 2# Copyright 2005 Sun Microsystems, Inc. All rights reserved. 3# Use is subject to license terms. 4# 5# ident "%Z%%M% %I% %E% SMI" 6# 7 8LIBRARY = libwrap.a 9MAJOR = .1 10MINOR = .0 11VERS = $(MAJOR)$(MINOR) 12OBJECTS = hosts_access.o options.o shell_cmd.o rfc931.o eval.o \ 13 hosts_ctl.o refuse.o percent_x.o clean_exit.o \ 14 fromhost.o fix_options.o socket.o tli.o workarounds.o \ 15 update.o misc.o diag.o percent_m.o 16 17include ../../Makefile.lib 18 19LIBS = $(DYNLIB) $(LINTLIB) 20ROOTLIBDIR = $(ROOTSFWLIB) 21SONAME = $(LIBRARY:.a=.so)$(MAJOR) 22ROOTLINKS += $(ROOTLIBDIR)/$(LIBLINKS)$(MAJOR) 23SRCDIR = .. 24$(LINTLIB) := SRCS = $(SRCDIR)/$(LINTSRC) 25DYNFLAGS += -M $(SRCDIR)/mapfile 26LDLIBS += -lsocket -lnsl -lc 27 28CPPFLAGS += $(NETGROUP) $(TLI) $(ALWAYS_HOSTNAME) $(AUTH) \ 29 $(STYLE) $(TABLES) $(DOT) $(BUGS) \ 30 -DRFC931_TIMEOUT=$(RFC931_TIMEOUT) \ 31 -I$(SRCDIR) 32CFLAGS += $(CCVERBOSE) -erroff=E_FUNC_EXPECTS_TO_RETURN_VALUE \ 33 -erroff=E_IMPLICIT_DECL_FUNC_RETURN_INT \ 34 -erroff=E_OLD_STYLE_DECL_HIDES_PROTO \ 35 -_gcc=-Wno-return-type 36 37DISTFILES = clean_exit.c diag.c eval.c fix_options.c fromhost.c \ 38 hosts_access.c hosts_ctl.c misc.c mystdarg.h options.c \ 39 patchlevel.h percent_m.c percent_x.c refuse.c rfc931.c \ 40 setenv.c shell_cmd.c socket.c tcpd.h tli.c update.c \ 41 workarounds.c 42 43ROOTSFWSRC = $(ROOTSFWSHSRC)/tcp_wrappers 44ROOTSFWSRCFILES = $(DISTFILES:%=$(ROOTSFWSRC)/%) 45 46.KEEP_STATE: 47 48all: $(LIBS) 49 50lint: lintcheck 51 52$(ROOTLIBS): $(ROOTLIBDIR) 53 54$(ROOTLIBDIR): $(ROOTSFW) 55 $(INS.dir) 56 57$(ROOTLIBDIR)/$(LIBLINKS)$(MAJOR): $(ROOTLIBDIR)/$(LIBLINKS)$(VERS) 58 $(INS.liblink) 59 60$(ROOTSFWSRCFILES) := FILEMODE = 0444 61$(ROOTSFWSRCFILES): $(ROOTSFWSRC) 62 63$(ROOTSFWSRC): $(ROOTSFWSHSRC) 64 $(INS.dir) 65 66$(ROOTSFWSHSRC): $(ROOTSFW)/share 67 $(INS.dir) 68 69$(ROOTSFWSRC)/%: $(SRCDIR)/% 70 $(INS.file) 71 72$(ROOTSFW)/share: $(ROOTSFW) 73 $(INS.dir) 74 75$(ROOTSFW): 76 $(INS.dir) 77 78include ../../Makefile.targ 79 80 81# The rest of this file contains definitions more-or-less directly from the 82# original Makefile of the tcp_wrappers distribution. 83 84############################## 85# System parameters appropriate for Solaris 9 86 87TLI = -DTLI 88BUGS = -DGETPEERNAME_BUG -DBROKEN_FGETS -DLIBC_CALLS_STRTOK 89NETGROUP = -DNETGROUP 90 91############################## 92# Start of the optional stuff. 93 94########################################### 95# Optional: Turning on language extensions 96# 97# Instead of the default access control language that is documented in 98# the hosts_access.5 document, the wrappers can be configured to 99# implement an extensible language documented in the hosts_options.5 100# document. This language is implemented by the "options.c" source 101# module, which also gives hints on how to add your own extensions. 102# Uncomment the next definition to turn on the language extensions 103# (examples: allow, deny, banners, twist and spawn). 104# 105STYLE = -DPROCESS_OPTIONS # Enable language extensions. 106 107########################### 108# Optional: Reduce DNS load 109# 110# When looking up the address for a host.domain name, the typical DNS 111# code will first append substrings of your own domain, so it tries 112# host.domain.your.own.domain, then host.domain.own.domain, and then 113# host.domain. The APPEND_DOT feature stops this waste of cycles. It is 114# off by default because it causes problems on sites that don't use DNS 115# and with Solaris < 2.4. APPEND_DOT will not work with hostnames taken 116# from /etc/hosts or from NIS maps. It does work with DNS through NIS. 117# 118# DOT= -DAPPEND_DOT 119 120################################################## 121# Optional: Always attempt remote username lookups 122# 123# By default, the wrappers look up the remote username only when the 124# access control rules require them to do so. 125# 126# Username lookups require that the remote host runs a daemon that 127# supports an RFC 931 like protocol. Remote user name lookups are not 128# possible for UDP-based connections, and can cause noticeable delays 129# with connections from non-UNIX PCs. On some systems, remote username 130# lookups can trigger a kernel bug, causing loss of service. The README 131# file describes how to find out if your UNIX kernel has that problem. 132# 133# Uncomment the following definition if the wrappers should always 134# attempt to get the remote user name. If this is not enabled you can 135# still do selective username lookups as documented in the hosts_access.5 136# and hosts_options.5 manual pages (`nroff -man' format). 137# 138#AUTH = -DALWAYS_RFC931 139# 140# The default username lookup timeout is 10 seconds. This may not be long 141# enough for slow hosts or networks, but is enough to irritate PC users. 142 143RFC931_TIMEOUT = 10 144 145######################################################## 146# Optional: Changing the access control table pathnames 147# 148# The HOSTS_ALLOW and HOSTS_DENY macros define where the programs will 149# look for access control information. Watch out for the quotes and 150# backslashes when you make changes. 151 152TABLES = -DHOSTS_DENY=\"/etc/hosts.deny\" -DHOSTS_ALLOW=\"/etc/hosts.allow\" 153 154######################################## 155# Optional: turning off hostname lookups 156# 157# By default, the software always attempts to look up the client 158# hostname. With selective hostname lookups, the client hostname 159# lookup is postponed until the name is required by an access control 160# rule or by a %letter expansion. 161# 162# In order to perform selective hostname lookups, disable paranoid 163# mode (see previous section) and comment out the following definition. 164 165ALWAYS_HOSTNAME= -DALWAYS_HOSTNAME 166 167## End configuration options 168############################ 169