| @@ -0,0 +1,39 @@
+--- hosts_access.c.orig
++++ hosts_access.c
+@@ -63,6 +63,7 @@ static char sep[] = ", \t\r\n";
+
+ #define YES 1
+ #define NO 0
++#define ERR -1
+
+ /*
+ * These variables are globally visible so that they can be redirected in
+@@ -125,7 +126,6 @@ int hosts_access(request)
+ struct request_info *request;
+ {
+ int verdict;
+-
+ /*
+ * If the (daemon, client) pair is matched by an entry in the file
+ * /etc/hosts.allow, access is granted. Otherwise, if the (daemon,
+@@ -148,9 +148,9 @@ struct request_info *request;
+ return (verdict == AC_PERMIT);
+ if (table_match(hosts_allow_table, request) == YES)
+ return (YES);
+- if (table_match(hosts_deny_table, request))
+- return (NO);
+- return (YES);
++ if (table_match(hosts_deny_table, request) == NO)
++ return (YES);
++ return (NO);
+ }
+
+ /* table_match - match table entries with (daemon, client) pair */
+@@ -194,6 +194,7 @@ struct request_info *request;
+ (void) fclose(fp);
+ } else if (errno != ENOENT) {
+ tcpd_warn("cannot open %s: %m", table);
++ match = ERR;
+ }
+ if (match == YES) {
+ if (hosts_access_verbose > 1)
|
