1# 2# CDDL HEADER START 3# 4# The contents of this file are subject to the terms of the 5# Common Development and Distribution License (the "License"). 6# You may not use this file except in compliance with the License. 7# 8# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9# or http://www.opensolaris.org/os/licensing. 10# See the License for the specific language governing permissions 11# and limitations under the License. 12# 13# When distributing Covered Code, include this CDDL HEADER in each 14# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15# If applicable, add the following below this CDDL HEADER, with the 16# fields enclosed by brackets "[]" replaced with your own identifying 17# information: Portions Copyright [yyyy] [name of copyright owner] 18# 19# CDDL HEADER END 20# 21# Copyright 2009 Sun Microsystems, Inc. All rights reserved. 22# Use is subject to license terms. 23# 24# Copyright 2011 Nexenta Systems, Inc. All rights reserved. 25# 26 27LIBRARY = libwrap.a 28MAJOR = .1 29MINOR = .0 30VERS = $(MAJOR)$(MINOR) 31OBJECTS = hosts_access.o options.o shell_cmd.o rfc931.o eval.o \ 32 hosts_ctl.o refuse.o percent_x.o clean_exit.o \ 33 fromhost.o fix_options.o socket.o tli.o workarounds.o \ 34 update.o misc.o diag.o percent_m.o libvars.o 35 36include ../../Makefile.lib 37 38LIBS = $(DYNLIB) $(LINTLIB) 39SONAME = $(LIBRARY:.a=.so)$(MAJOR) 40ROOTLINKS += $(ROOTLIBDIR)/$(LIBLINKS)$(MAJOR) 41$(LINTLIB) := SRCS = $(SRCDIR)/$(LINTSRC) 42 43MAPFILES = ../mapfile 44 45LDLIBS += -lsocket -lnsl -lc 46 47CPPFLAGS += $(NETGROUP) $(TLI) $(ALWAYS_HOSTNAME) $(AUTH) \ 48 $(STYLE) $(TABLES) $(DOT) $(BUGS) \ 49 -DRFC931_TIMEOUT=$(RFC931_TIMEOUT) \ 50 -I$(SRCDIR) 51CFLAGS += $(CCVERBOSE) 52 53CERRWARN += -erroff=E_FUNC_EXPECTS_TO_RETURN_VALUE 54CERRWARN += -erroff=E_IMPLICIT_DECL_FUNC_RETURN_INT 55CERRWARN += -erroff=E_OLD_STYLE_DECL_HIDES_PROTO 56 57CERRWARN += -_gcc=-Wno-return-type 58CERRWARN += -_gcc=-Wno-parentheses 59CERRWARN += -_gcc=-Wno-unused-variable 60CERRWARN += -_gcc=-Wno-uninitialized 61 62.KEEP_STATE: 63 64all: $(LIBS) 65 66lint: lintcheck 67 68$(ROOTLIBDIR)/$(LIBLINKS)$(MAJOR): $(ROOTLIBDIR)/$(LIBLINKS)$(VERS) 69 $(INS.liblink) 70 71include ../../Makefile.targ 72 73 74# The rest of this file contains definitions more-or-less directly from the 75# original Makefile of the tcp_wrappers distribution. 76 77############################## 78# System parameters appropriate for Solaris 9 and later 79 80TLI = -DTLI 81BUGS = -DGETPEERNAME_BUG -DBROKEN_FGETS -DLIBC_CALLS_STRTOK 82NETGROUP = -DNETGROUP 83 84############################## 85# Start of the optional stuff. 86 87########################################### 88# Optional: Turning on language extensions 89# 90# Instead of the default access control language that is documented in 91# the hosts_access.5 document, the wrappers can be configured to 92# implement an extensible language documented in the hosts_options.5 93# document. This language is implemented by the "options.c" source 94# module, which also gives hints on how to add your own extensions. 95# Uncomment the next definition to turn on the language extensions 96# (examples: allow, deny, banners, twist and spawn). 97# 98STYLE = -DPROCESS_OPTIONS # Enable language extensions. 99 100########################### 101# Optional: Reduce DNS load 102# 103# When looking up the address for a host.domain name, the typical DNS 104# code will first append substrings of your own domain, so it tries 105# host.domain.your.own.domain, then host.domain.own.domain, and then 106# host.domain. The APPEND_DOT feature stops this waste of cycles. It is 107# off by default because it causes problems on sites that don't use DNS 108# and with Solaris < 2.4. APPEND_DOT will not work with hostnames taken 109# from /etc/hosts or from NIS maps. It does work with DNS through NIS. 110# 111# DOT= -DAPPEND_DOT 112 113################################################## 114# Optional: Always attempt remote username lookups 115# 116# By default, the wrappers look up the remote username only when the 117# access control rules require them to do so. 118# 119# Username lookups require that the remote host runs a daemon that 120# supports an RFC 931 like protocol. Remote user name lookups are not 121# possible for UDP-based connections, and can cause noticeable delays 122# with connections from non-UNIX PCs. On some systems, remote username 123# lookups can trigger a kernel bug, causing loss of service. The README 124# file describes how to find out if your UNIX kernel has that problem. 125# 126# Uncomment the following definition if the wrappers should always 127# attempt to get the remote user name. If this is not enabled you can 128# still do selective username lookups as documented in the hosts_access.5 129# and hosts_options.5 manual pages (`nroff -man' format). 130# 131#AUTH = -DALWAYS_RFC931 132# 133# The default username lookup timeout is 10 seconds. This may not be long 134# enough for slow hosts or networks, but is enough to irritate PC users. 135 136RFC931_TIMEOUT = 10 137 138######################################################## 139# Optional: Changing the access control table pathnames 140# 141# The HOSTS_ALLOW and HOSTS_DENY macros define where the programs will 142# look for access control information. Watch out for the quotes and 143# backslashes when you make changes. 144 145TABLES = -DHOSTS_DENY=\"/etc/hosts.deny\" -DHOSTS_ALLOW=\"/etc/hosts.allow\" 146 147######################################## 148# Optional: turning off hostname lookups 149# 150# By default, the software always attempts to look up the client 151# hostname. With selective hostname lookups, the client hostname 152# lookup is postponed until the name is required by an access control 153# rule or by a %letter expansion. 154# 155# In order to perform selective hostname lookups, disable paranoid 156# mode (see previous section) and comment out the following definition. 157 158ALWAYS_HOSTNAME= -DALWAYS_HOSTNAME 159 160## End configuration options 161############################ 162