Subject: pkg/28658: security/libident needs several patches to avoid causing many core dumps
To: None <pkg-manager@netbsd.org, gnats-admin@netbsd.org,>
From: Greg A. Woods <woods@weird.com>
List: pkgsrc-bugs
Date: 12/14/2004 17:58:00
>Number:         28658
>Category:       pkg
>Synopsis:       security/libident needs several patches to avoid causing many core dumps
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Dec 14 17:58:00 +0000 2004
>Originator:     Greg A. Woods
>Release:        NetBSD
>Organization:
Planix, Inc.; Toronto, Ontario; Canada
>Environment:
System: all
Architecture: any
Machine: any
>Description:

	security/libident causes a few nasty core dumps

	unfortunately it's current maintainer hasn't been very
	responsive and the patches I've made to fix these bugs haven't
	been incorporated into a new release yet.

	FYI I'm considering making my own release of libident, but it
	would be _very_ nice if NetBSD incorporated libident into the
	base OS release to go along with the identd already provided.
	This would make it much easier to maintain too, for NetBSD!  ;-)

>How-To-Repeat:

	use libident for anything...  :-)

>Fix:

	I keep the following in my local patches/patch-zz:

cvs diff: Diffing .
Index: INSTALL
===================================================================
RCS file: /cvs/misc/lib/libident/INSTALL,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -c -r1.1.1.1 -r1.2
*** INSTALL	14 Feb 1995 20:48:22 -0000	1.1.1.1
--- INSTALL	13 Apr 1998 02:02:51 -0000	1.2
***************
*** 4,10 ****
  
  where target can be one of:
  
! 	sunos5, sunos4, svr4, bsd, linux, nextstep3.0 or nextstep3.1
  
  For other systems you'll need to hack the Makefile (please do send
  me any patches you make so I can include them into the next version!)
--- 4,11 ----
  
  where target can be one of:
  
! 	sunos5, sunos4, svr4, bsd, bsd2.11, bsd4.4, linux, nextstep3.0,
! 	or nextstep3.1
  
  For other systems you'll need to hack the Makefile (please do send
  me any patches you make so I can include them into the next version!)
Index: README
===================================================================
RCS file: /cvs/misc/lib/libident/README,v
retrieving revision 1.1.1.3
retrieving revision 1.2
diff -c -r1.1.1.3 -r1.2
*** README	13 Apr 1998 00:55:33 -0000	1.1.1.3
--- README	22 Apr 2002 21:48:56 -0000	1.2
***************
*** 13,19 ****
  
  The official FTP site and location for libident is:
  
! 	ftp://ftp.lysator.liu.se/pub/ident/libs
  
  
  COMMENTS:
--- 13,19 ----
  
  The official FTP site and location for libident is:
  
! 	ftp://ftp.lysator.liu.se/pub/ident/libs/
  
  
  COMMENTS:
Index: id_close.c
===================================================================
RCS file: /cvs/misc/lib/libident/id_close.c,v
retrieving revision 1.1.1.1
retrieving revision 1.3
diff -c -r1.1.1.1 -r1.3
Index: id_open.c
===================================================================
RCS file: /cvs/misc/lib/libident/id_open.c,v
retrieving revision 1.1.1.4
retrieving revision 1.2
diff -c -r1.1.1.4 -r1.2
*** id_open.c	14 Mar 1999 22:37:07 -0000	1.1.1.4
--- id_open.c	22 Apr 2002 22:10:04 -0000	1.2
***************
*** 38,52 ****
  #endif
  
  
- /*
  ident_t *id_open __P3(struct in_addr *, laddr,
  		      struct in_addr *, faddr,
  		      struct timeval *, timeout)
- */
- 
- ident_t *id_open __P((	__STRUCT_IN_ADDR_P laddr,
- 			__STRUCT_IN_ADDR_P faddr,
- 			__STRUCT_TIMEVAL_P timeout))
  {
      ident_t *id;
      int res, tmperrno;
--- 38,46 ----
Index: id_parse.c
===================================================================
RCS file: /cvs/misc/lib/libident/id_parse.c,v
retrieving revision 1.1.1.5
diff -c -c -r1.1.1.5 id_parse.c
*** id_parse.c	14 Mar 1999 22:37:07 -0000	1.1.1.5
--- id_parse.c	24 Sep 2003 20:52:17 -0000
***************
*** 24,44 ****
  #include <sys/wait.h>
  #include <sys/time.h>
  
- #ifdef _AIX
- #  include <sys/select.h>
- #endif
- 
- #ifdef _AIX
- #  include <sys/select.h>
- #endif
  #ifdef VMS
  #  include <sys/socket.h>     /* for fd_set */
  #endif
  #define IN_LIBIDENT_SRC
  #include "ident.h"
  
  
- /*
  int id_parse __P7(ident_t *, id,
  		  struct timeval *, timeout,
  		  int *, lport,
--- 24,37 ----
  #include <sys/wait.h>
  #include <sys/time.h>
  
  #ifdef VMS
  #  include <sys/socket.h>     /* for fd_set */
  #endif
+ 
  #define IN_LIBIDENT_SRC
  #include "ident.h"
  
  
  int id_parse __P7(ident_t *, id,
  		  struct timeval *, timeout,
  		  int *, lport,
***************
*** 46,60 ****
  		  char **, identifier,
  		  char **, opsys,
  		  char **, charset)
- */
- 
- int id_parse __P((  ident_t *id,               
-                     __STRUCT_TIMEVAL_P timeout,
-                     int *lport,                
-                     int *fport,                
-                     char **identifier,         
-                     char **opsys,              
-                     char **charset))           
  {
      char c, *cp, *tmp_charset;
      fd_set rs;
--- 39,44 ----
***************
*** 98,110 ****
  	}
      }
      
!     /* Every octal value is allowed except 0, \n and \r */
!     while (pos < sizeof(id->buf) &&
! 	   (res = read(id->fd, id->buf + pos, 1)) == 1 &&
! 	   id->buf[pos] != '\n' && id->buf[pos] != '\r')
  	pos++;
      
!     if (res < 0)
  	return -1;
      
      if (res == 0)
--- 82,102 ----
  	}
      }
      
!     /* Every 8-bit value is allowed except 0, \n, and \r */
!     while (pos < (sizeof(id->buf) - 1) &&
! 	   (res = read(id->fd, &(id->buf[pos]), 1)) == 1 &&
! 	   id->buf[pos] != '\n' &&
! 	   id->buf[pos] != '\r')
!     {
! 	if (id->buf[pos] == '\0')
! 	{
! 	    errno = EINVAL;
! 	    return -1;
! 	}
  	pos++;
+     }
      
!     if (res < 0)		/* errno set by read() */
  	return -1;
      
      if (res == 0)
***************
*** 122,128 ****
      ** Get first field (<lport> , <fport>)
      */
      cp = id_strtok(id->buf, ":", &c);
!     if (!cp)
  	return -2;
      
      if (sscanf(cp, " %d , %d", &lp, &fp) != 2)
--- 114,120 ----
      ** Get first field (<lport> , <fport>)
      */
      cp = id_strtok(id->buf, ":", &c);
!     if (!cp || !*cp)
  	return -2;
      
      if (sscanf(cp, " %d , %d", &lp, &fp) != 2)
***************
*** 145,157 ****
      ** Get second field (USERID or ERROR)
      */
      cp = id_strtok((char *)0, ":", &c);
!     if (!cp)
  	return -2;
      
      if (strcmp(cp, "ERROR") == 0)
      {
  	cp = id_strtok((char *)0, "\n\r", &c);
! 	if (!cp)
  	    return -2;
  	
  	if (identifier)
--- 137,149 ----
      ** Get second field (USERID or ERROR)
      */
      cp = id_strtok((char *)0, ":", &c);
!     if (!cp || !*cp)
  	return -2;
      
      if (strcmp(cp, "ERROR") == 0)
      {
  	cp = id_strtok((char *)0, "\n\r", &c);
! 	if (!cp || !*cp)
  	    return -2;
  	
  	if (identifier)
***************
*** 169,175 ****
  	** Get first subfield of third field <opsys>
  	*/
  	cp = id_strtok((char *) 0, ",:", &c);
! 	if (!cp)
  	    return -2;
  	
  	if (opsys)
--- 161,167 ----
  	** Get first subfield of third field <opsys>
  	*/
  	cp = id_strtok((char *) 0, ",:", &c);
! 	if (!cp || !*cp)
  	    return -2;
  	
  	if (opsys)
***************
*** 184,191 ****
  	*/
  	if (c == ',')
  	{
! 	    cp = id_strtok((char *)0, ":", &c);
! 	    if (!cp)
  		return -2;
  	    
  	    tmp_charset = cp;
--- 176,183 ----
  	*/
  	if (c == ',')
  	{
! 	    cp = id_strtok((char *)0, ",:", &c);
! 	    if (!cp || !*cp)
  		return -2;
  	    
  	    tmp_charset = cp;
***************
*** 200,206 ****
  	    ** We have even more subfields - ignore them
  	    */
  	    if (c == ',')
! 		id_strtok((char *)0, ":", &c);
  	}
  	
  	if (tmp_charset && strcmp(tmp_charset, "OCTET") == 0)
--- 192,198 ----
  	    ** We have even more subfields - ignore them
  	    */
  	    if (c == ',')
! 		(void) id_strtok((char *)0, ":", &c);
  	}
  	
  	if (tmp_charset && strcmp(tmp_charset, "OCTET") == 0)
***************
*** 208,214 ****
  	else
  	    cp = id_strtok((char *)0, "\n\r", &c);
  	
! 	if (identifier)
  	{
  	    *identifier = id_strdup(cp);
  	    if (*identifier == NULL)
--- 200,206 ----
  	else
  	    cp = id_strtok((char *)0, "\n\r", &c);
  	
! 	if (identifier && cp && *cp)
  	{
  	    *identifier = id_strdup(cp);
  	    if (*identifier == NULL)
Index: id_query.c
===================================================================
RCS file: /cvs/misc/lib/libident/id_query.c,v
retrieving revision 1.1.1.4
retrieving revision 1.5
diff -c -r1.1.1.4 -r1.5
*** id_query.c	14 Mar 1999 22:37:08 -0000	1.1.1.4
--- id_query.c	22 Apr 2002 22:10:04 -0000	1.5
***************
*** 18,52 ****
  #  include <unistd.h>
  #endif
  
- #include <sys/types.h>
  #include <sys/wait.h>
- #include <sys/time.h>
  
- #ifdef _AIX
- #  include <sys/select.h>
- #endif
- 
- #ifdef _AIX
- #  include <sys/select.h>
- #endif
  #ifdef VMS
  #  include <sys/socket.h>     /* for fd_set */
  #endif
  #define IN_LIBIDENT_SRC
  #include "ident.h"
  
  
- /*
  int id_query __P4(ident_t *, id,
  		  int, lport,
  		  int, fport,
  		  struct timeval *, timeout)
- */
- 
- int    id_query __P((	ident_t *id,                 
- 			int lport,                   
- 			int fport,                   
- 			__STRUCT_TIMEVAL_P timeout))
  {
  #ifdef SIGRETURNTYPE
      SIGRETURNTYPE (*old_sig)();
--- 18,37 ----
  #  include <unistd.h>
  #endif
  
  #include <sys/wait.h>
  
  #ifdef VMS
  #  include <sys/socket.h>     /* for fd_set */
  #endif
+ 
  #define IN_LIBIDENT_SRC
  #include "ident.h"
  
  
  int id_query __P4(ident_t *, id,
  		  int, lport,
  		  int, fport,
  		  struct timeval *, timeout)
  {
  #ifdef SIGRETURNTYPE
      SIGRETURNTYPE (*old_sig)();
Index: ident.3
===================================================================
RCS file: /cvs/misc/lib/libident/ident.3,v
retrieving revision 1.1.1.2
retrieving revision 1.4
diff -c -r1.1.1.2 -r1.4
*** ident.3	11 Aug 1995 18:06:59 -0000	1.1.1.2
--- ident.3	22 Apr 2002 21:54:23 -0000	1.4
***************
*** 1,11 ****
  .\" Pär Emanuelsson <pell@lysator.liu.se> 1993-03-28
  .ds : \h'\w'u'u/5'\z"\h'-\w'e'u/5'
! .TH IDENT 3N "4 April 1993" "Lysator ACS"
  .SH NAME
! ident_lookup, ident_id, ident_free, id_open, id_close, id_query, id_parse,
! id_fileno \- query remote IDENT server
  .SH SYNOPSIS
  .nf
  .B #include <ident.h>
  .LP
  .I High-level calls
--- 1,21 ----
  .\" Pär Emanuelsson <pell@lysator.liu.se> 1993-03-28
  .ds : \h'\w'u'u/5'\z"\h'-\w'e'u/5'
! .TH IDENT 3N "12 April 1998" "Lysator ACS"
  .SH NAME
! ident_lookup, ident_id, ident_free, id_open, id_close, id_query, id_parse, id_fileno \- query remote IDENT server
  .SH SYNOPSIS
  .nf
+ .B #if TIME_WITH_SYS_TIME
+ .B # include <sys/time.h>
+ .B # include <time.h>
+ .B #else
+ .B # if HAVE_SYS_TIME_H
+ .B #  include <sys/time.h>
+ .B # else
+ .B #  include <time.h>
+ .B # endif
+ .B #endif
+ .B #include <netinet/in.h>
  .B #include <ident.h>
  .LP
  .I High-level calls
***************
*** 18,44 ****
  .LP
  .I Low-level calls
  .LP
! .B id_t *id_open(laddr, faddr, timeout)
  .B struct in_addr *laddr, *faddr;
  .B struct timeval *timeout;
  .LP
  .B int id_close(id)
! .B id_t *id;
  .LP
  .B id_query(id, lport, fport, timeout)
! .B id_t *id;
  .B int lport, fport;
  .B struct timeval *timeout;
  .LP
  .B int id_parse(id, timeout, lport, fport, identifier,
! .B		opsys, charset)
! .B id_t *id;
  .B struct timeval *timeout;
  .B int *lport, *fport;
  .B char **identifier, **opsys, **charset;
  .LP
  .B int id_fileno(id)
! .B id_t *id;
  .fi
  .SH DESCRIPTION
  .LP
--- 28,54 ----
  .LP
  .I Low-level calls
  .LP
! .B ident_t *id_open(laddr, faddr, timeout)
  .B struct in_addr *laddr, *faddr;
  .B struct timeval *timeout;
  .LP
  .B int id_close(id)
! .B ident_t *id;
  .LP
  .B id_query(id, lport, fport, timeout)
! .B ident_t *id;
  .B int lport, fport;
  .B struct timeval *timeout;
  .LP
  .B int id_parse(id, timeout, lport, fport, identifier,
! .B \ \ \ \ \ \ \ \ \ \ \ \ \ opsys, charset)
! .B ident_t *id;
  .B struct timeval *timeout;
  .B int *lport, *fport;
  .B char **identifier, **opsys, **charset;
  .LP
  .B int id_fileno(id)
! .B ident_t *id;
  .fi
  .SH DESCRIPTION
  .LP
***************
*** 50,57 ****
  which should be a socket file descriptor.
  .I timeout
  is the longest permissible time to block waiting for an answer, and is
! given in seconds. A value of 0 (zero) means wait indefinitely (which in the
! most extreme case will normally be until the underlying network times out).
  .B ident_lookup
  returns a pointer to an
  .I IDENT
--- 60,68 ----
  which should be a socket file descriptor.
  .I timeout
  is the longest permissible time to block waiting for an answer, and is
! given in seconds.  A value of 0 (zero) means wait indefinitely (which in
! the most extreme case will normally be until the underlying network
! times out).
  .B ident_lookup
  returns a pointer to an
  .I IDENT
***************
*** 65,71 ****
  	int fport;		/* Far (remote) port */
  	char *identifier;	/* Normally user name */
  	char *opsys;		/* OS */
! 	char *charset;		/* Charset (what did you expect?) */
  } IDENT;
  .ft R
  .fi
--- 76,82 ----
  	int fport;		/* Far (remote) port */
  	char *identifier;	/* Normally user name */
  	char *opsys;		/* OS */
! 	char *charset;		/* for identifier & opsys */
  } IDENT;
  .ft R
  .fi
***************
*** 81,91 ****
  struct) points to malloc'd data, which can be freed with a call to
  .B ident_free.
  .B ident_lookup
! returns 0 on error or timeout. Presently, this should normally be taken to
! mean that the remote site is not running an
  .SM IDENT
! server, but it might naturally be caused by other network related problems
! as well.
  .B Note that
  all fields of the
  .SM IDENT
--- 92,102 ----
  struct) points to malloc'd data, which can be freed with a call to
  .B ident_free.
  .B ident_lookup
! returns 0 on error or timeout.  Presently, this should normally be taken
! to mean that the remote site is not running an
  .SM IDENT
! server, but it might naturally be caused by other network related
! problems as well.
  .B Note that
  all fields of the
  .SM IDENT
***************
*** 110,118 ****
  .ce
  .I Low-level calls
  .LP
! The low-level calls can be used when greater flexibility is needed. For
! example, if non-blocking I/O is needed, or multiple queries to the
! same host are to be made.
  .LP
  .B id_open
  opens a connection to the remote
--- 121,129 ----
  .ce
  .I Low-level calls
  .LP
! The low-level calls can be used when greater flexibility is needed.  For
! example, if non-blocking I/O is needed, or multiple queries to the same
! host are to be made.
  .LP
  .B id_open
  opens a connection to the remote
***************
*** 128,138 ****
  .B select(2).
  .B id_open
  returns a pointer to an
! .B id_t
! datum, which is an opaque structure to be used as future reference
! to the opened connection. When using non-blocking I/O it might however
! be useful to access the underlying socket file descriptior, which
! can be gotten at through the
  .B id_fileno
  macro described below.
  .LP
--- 139,149 ----
  .B select(2).
  .B id_open
  returns a pointer to an
! .B ident_t
! datum, which is an opaque structure to be used as future reference to
! the opened connection.  When using non-blocking I/O it might however be
! useful to access the underlying socket file descriptior, which can be
! gotten at through the
  .B id_fileno
  macro described below.
  .LP
***************
*** 156,162 ****
  .B id_open.
  If successful,
  .B id_query
! returns the number of bytes sent to the remote server. If not, -1 is
  returned and
  .B errno
  is set.
--- 167,173 ----
  .B id_open.
  If successful,
  .B id_query
! returns the number of bytes sent to the remote server.  If not, -1 is
  returned and
  .B errno
  is set.
***************
*** 179,205 ****
--- 190,222 ----
  .RS
  .TP
   1
+ .\"
  If completely successful.
  .TP
  -3
+ .\"
  Illegal reply type from remote server.
  .I identifier
  is set to the illegal reply.
  .TP
  -2
+ .\"
  Cannot parse the reply from the server.
  .I identifier
  is normally set to the illegal reply.
  .TP
  -1
+ .\"
  On general errors or timeout.
  .TP
   0
+ .\"
  When non-blocking mode is set and
  .B id_parse
  has not finished parsing the reply from the remote server.
  .TP
   2
+ .\"
  Indicates the query/reply were successful, but the remote server
  experienced some error.
  .I identifier
***************
*** 212,229 ****
  .LP
  .B id_fileno
  is a macro that takes an
! .B id_t
! handle and returns the actual socket file descriptor used for
! the connection to the remote server.
  .SH ERRORS
  .TP 15
  ETIMEDOUT
  The call timed out and non-blocking I/O was not set.
  .SH EXAMPLES
  .LP
! Here's an example how to handle the reply from id_reply() in
! the case that non-blocking I/O is set. Note that id_reply() will
! return 0 as long as it's not finished parsing a reply.
  .LP
  .RS
  .nf
--- 229,256 ----
  .LP
  .B id_fileno
  is a macro that takes an
! .B ident_t
! handle and returns the actual socket file descriptor used for the
! connection to the remote server.
  .SH ERRORS
+ In addition to the
+ .B errno
+ values that may be returned by interally used system calls, these
+ additional values may be returned:
  .TP 15
  ETIMEDOUT
  The call timed out and non-blocking I/O was not set.
+ .TP 15
+ ENOTCONN
+ The connection was lost while reading the reply.
+ .TP 15
+ EINVAL
+ The the reply contained invalid characters.
  .SH EXAMPLES
  .LP
! Here's an example how to handle the reply from id_reply() in the case
! that non-blocking I/O is set.  Note that id_reply() will return 0 as
! long as it's not finished parsing a reply.
  .LP
  .RS
  .nf
***************
*** 236,259 ****
  
   ...
  
! while ((rcode = id_parse(idp, timeout,
! 			 &lport, &fport, &id, &op, &cs)) == 0)
! 	;
  
! if (rcode < 0)
! {
!   if (errno == ETIMEDOUT)
!     foo();	/* Lookup timed out */
!   else
!     bar();      /* Fatal error */
! }
! else if (rcode == 1)
! {
!   /* Valid USERID protocol reply */
! }
! else if (rcode == 2)
! {
!   /* Protocol ERROR reply */
  }
  .fi
  .RE
--- 263,281 ----
  
   ...
  
! while ((rcode = id_parse(idp, timeout, &lport,
!                          &fport, &id, &op, &cs)) == 0)
! 	; /* not finished parsing reply - loop */
  
! if (rcode < 0) {
! 	if (errno == ETIMEDOUT)
! 		foo();		/* Lookup timed out */
! 	else
! 		bar();		/* Fatal error */
! } else if (rcode == 1) {
! 	/* Valid USERID protocol reply */
! } else if (rcode == 2) {
! 	/* Protocol ERROR reply */
  }
  .fi
  .RE
***************
*** 270,276 ****
  .B ident_lookup
  and
  .B ident_id
! the blocking time in extreme cases might be as much as three times
! the value given in the
  .I timeout
  parameter.
--- 292,298 ----
  .B ident_lookup
  and
  .B ident_id
! the blocking time in extreme cases might be as much as three times the
! value given in the
  .I timeout
  parameter.
Index: ident.c
===================================================================
RCS file: /cvs/misc/lib/libident/ident.c,v
retrieving revision 1.1.1.3
retrieving revision 1.3
diff -c -r1.1.1.3 -r1.3
*** ident.c	13 Apr 1998 00:55:46 -0000	1.1.1.3
--- ident.c	13 Apr 1998 01:47:34 -0000	1.3
***************
*** 18,24 ****
  
  #include <errno.h>
  
- #include <sys/types.h>
  #include <sys/socket.h>
  
  #define IN_LIBIDENT_SRC
--- 18,23 ----
***************
*** 27,34 ****
  #include <arpa/inet.h>
  
  
- 
- 
  /* Do a complete ident query and return result */
  
  IDENT *ident_lookup __P2(int, fd,
--- 26,31 ----
***************
*** 39,49 ****
      
      len = sizeof(remoteaddr);
      if (getpeername(fd, (struct sockaddr*) &remoteaddr, &len) < 0)
! 	return 0;
      
      len = sizeof(localaddr);
      if (getsockname(fd, (struct sockaddr *) &localaddr, &len) < 0)
! 	return 0;
  
      return ident_query( &localaddr.sin_addr, &remoteaddr.sin_addr,
  		       ntohs(localaddr.sin_port), ntohs(remoteaddr.sin_port),
--- 36,46 ----
      
      len = sizeof(remoteaddr);
      if (getpeername(fd, (struct sockaddr*) &remoteaddr, &len) < 0)
! 	return (IDENT *)0;
      
      len = sizeof(localaddr);
      if (getsockname(fd, (struct sockaddr *) &localaddr, &len) < 0)
! 	return (IDENT *)0;
  
      return ident_query( &localaddr.sin_addr, &remoteaddr.sin_addr,
  		       ntohs(localaddr.sin_port), ntohs(remoteaddr.sin_port),
***************
*** 74,80 ****
      if (!id)
      {
  	errno = EINVAL;
! 	return 0;
      }
    
      if (timeout)
--- 71,77 ----
      if (!id)
      {
  	errno = EINVAL;
! 	return (IDENT *)0;
      }
    
      if (timeout)
***************
*** 85,97 ****
      if (res < 0)
      {
  	id_close(id);
! 	return 0;
      }
      
      ident = (IDENT *) malloc(sizeof(IDENT));
      if (!ident) {
  	id_close(id);
! 	return 0;
      }
      
      if (timeout)
--- 82,94 ----
      if (res < 0)
      {
  	id_close(id);
! 	return (IDENT *)0;
      }
      
      ident = (IDENT *) malloc(sizeof(IDENT));
      if (!ident) {
  	id_close(id);
! 	return (IDENT *)0;
      }
      
      if (timeout)
***************
*** 113,119 ****
      {
  	free(ident);
  	id_close(id);
! 	return 0;
      }
      
      id_close(id);
--- 110,116 ----
      {
  	free(ident);
  	id_close(id);
! 	return (IDENT *)0;
      }
      
      id_close(id);
Index: ident.h
===================================================================
RCS file: /cvs/misc/lib/libident/ident.h,v
retrieving revision 1.1.1.3
retrieving revision 1.4
diff -c -r1.1.1.3 -r1.4
*** ident.h	13 Apr 1998 00:55:30 -0000	1.1.1.3
--- ident.h	22 Apr 2002 22:10:30 -0000	1.4
***************
*** 13,22 ****
  #endif
  
  /* Sigh */
! #ifdef __STDC__
! #  if __STDC__ == 1
! #    define IS_STDC 1
! #  endif
  #endif
  
  #ifdef __P
--- 13,20 ----
  #endif
  
  /* Sigh */
! #if (0 - __STDC__) <= -1
! #  define IS_STDC 1
  #endif
  
  #ifdef __P
***************
*** 45,51 ****
  
  #  define __P7(t1,a1,t2,a2,t3,a3,t4,a4,t5,a5,t6,a6,t7,a7) \
      (t1 a1, t2 a2, t3 a3, t4 a4, t5 a5, t6 a6, t7 a7)
! #endif
      
  #else
  
--- 43,49 ----
  
  #  define __P7(t1,a1,t2,a2,t3,a3,t4,a4,t5,a5,t6,a6,t7,a7) \
      (t1 a1, t2 a2, t3 a3, t4 a4, t5 a5, t6 a6, t7 a7)
! #endif /* IN_LIBIDENT_SRC */
      
  #else
  
***************
*** 82,88 ****
      t5 a5; \
      t6 a6; \
      t7 a7;
! #endif
  #endif
  
  #ifdef IS_STDC
--- 80,86 ----
      t5 a5; \
      t6 a6; \
      t7 a7;
! #endif /* IN_LIBIDENT_SRC */
  #endif
  
  #ifdef IS_STDC
***************
*** 96,129 ****
  #  include <bstring.h>
  #endif
  #include <sys/types.h>
  #include <netinet/in.h>
- #include <sys/time.h>
  
  #if defined(VMS) && !defined(FD_SETSIZE)
  #  define FD_SETSIZE 64
  #endif
  
- /*
-  * Sigh, GCC v2 complains when using undefined struct tags
-  * in function prototypes...
-  */
- #if defined(__GNUC__) && !defined(INADDR_ANY)
- #  define __STRUCT_IN_ADDR_P	void *
- #else
- #  define __STRUCT_IN_ADDR_P	struct in_addr *
- #endif
- 
- #if defined(__GNUC__) && !defined(DST_NONE)
- #  define __STRUCT_TIMEVAL_P	void *
- #else
- #  define __STRUCT_TIMEVAL_P	struct timeval *
- #endif
- 
- #if defined(__sgi) && defined(_POSIX_SOURCE)
- #  undef  __STRUCT_TIMEVAL_P
- #  define __STRUCT_TIMEVAL_P	void *
- #endif
- 	
  #ifndef IDBUFSIZE
  #  define IDBUFSIZE 2048
  #endif
--- 94,115 ----
  #  include <bstring.h>
  #endif
  #include <sys/types.h>
+ #if TIME_WITH_SYS_TIME
+ # include <sys/time.h>
+ # include <time.h>
+ #else
+ # if HAVE_SYS_TIME_H
+ #  include <sys/time.h>
+ # else
+ #  include <time.h>
+ # endif
+ #endif
  #include <netinet/in.h>
  
  #if defined(VMS) && !defined(FD_SETSIZE)
  #  define FD_SETSIZE 64
  #endif
  
  #ifndef IDBUFSIZE
  #  define IDBUFSIZE 2048
  #endif
***************
*** 149,167 ****
  /* Low-level calls and macros */
  #define id_fileno(ID)	((ID)->fd)
  
! extern ident_t * id_open __P((__STRUCT_IN_ADDR_P laddr,
! 			   __STRUCT_IN_ADDR_P faddr,
! 			   __STRUCT_TIMEVAL_P timeout));
    
  extern int    id_close __P((ident_t *id));
    
  extern int    id_query __P((ident_t *id,
  			    int lport,
  			    int fport,
! 			    __STRUCT_TIMEVAL_P timeout));
    
  extern int    id_parse __P((ident_t *id,
! 			    __STRUCT_TIMEVAL_P timeout,
  			    int *lport,
  			    int *fport,
  			    char **identifier,
--- 135,153 ----
  /* Low-level calls and macros */
  #define id_fileno(ID)	((ID)->fd)
  
! extern ident_t * id_open __P((struct in_addr * laddr,
! 			   struct in_addr * faddr,
! 			   struct timeval * timeout));
    
  extern int    id_close __P((ident_t *id));
    
  extern int    id_query __P((ident_t *id,
  			    int lport,
  			    int fport,
! 			    struct timeval * timeout));
    
  extern int    id_parse __P((ident_t *id,
! 			    struct timeval * timeout,
  			    int *lport,
  			    int *fport,
  			    char **identifier,
***************
*** 174,180 ****
  
  extern char  *ident_id __P((int fd, int timeout));
  
! extern IDENT *ident_query __P(( __STRUCT_IN_ADDR_P laddr, __STRUCT_IN_ADDR_P raddr, int lport, int rport, int timeout));
  
  extern void   ident_free __P((IDENT *id));
  
--- 160,166 ----
  
  extern char  *ident_id __P((int fd, int timeout));
  
! extern IDENT *ident_query __P(( struct in_addr * laddr, struct in_addr * raddr, int lport, int rport, int timeout));
  
  extern void   ident_free __P((IDENT *id));
  
Index: lookup-tester.c
===================================================================
RCS file: /cvs/misc/lib/libident/lookup-tester.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -c -r1.1.1.1 -r1.2
*** lookup-tester.c	14 Feb 1995 20:48:22 -0000	1.1.1.1
--- lookup-tester.c	13 Apr 1998 01:48:58 -0000	1.2
***************
*** 15,22 ****
  #  include <unistd.h>
  #endif
  
- #include <sys/types.h>
- 
  /* Need this to make fileno() visible when compiling with strict ANSI */
  #ifndef _POSIX_C_SOURCE
  #  define _POSIX_C_SOURCE
--- 15,20 ----