*** nama.c	1997/03/31 16:57:54	1.10
--- nama.c	1997/04/02 16:09:53
***************
*** 10,16 ****
   *	Author: Marcus J. Ranum, Trusted Information Systems, Inc.
   *	Added "?" wildcard matching from William Gianopoulos, gianowa@eo.ray.com
   */
! static	char	RcsId[] = "$Header: /usr/home/rick/fwtk2.0/fwtk/lib/RCS/nama.c,v 1.10 1997/03/31 16:57:54 rick Exp $";
  
  #include	<stdio.h>
  #include	<sys/types.h>
--- 10,16 ----
   *	Author: Marcus J. Ranum, Trusted Information Systems, Inc.
   *	Added "?" wildcard matching from William Gianopoulos, gianowa@eo.ray.com
   */
! static	char	RcsId[] = "$Header: /usr/home/rick/fwtk2.0/fwtk/lib/RCS/nama.c,v 1.11 1997/04/02 16:09:46 rick Exp $";
  
  #include	<stdio.h>
  #include	<sys/types.h>
***************
*** 344,349 ****
--- 344,350 ----
  	if(*p != '\0') {
  		long		f;
  		char		*p = nam;
+ 		char		*rev;
  
  		eq = 0;
  		while(*p != '\0' && (*p == '.' || isdigit(*p)))
***************
*** 378,389 ****
  		if(hp == (struct hostent *)0)
  			return(namatch(pat,"unknown"));
  
  		while((hp_addr = (struct in_addr *)*hp->h_addr_list++) != (struct in_addr *)0) {
- 			if(hp->h_length > sizeof(f)) {
- 				syslog(LLEV,"securityalert: invalid host address length (%d) hostname %.512s", hp->h_length, nam);
- 				return(0);
- 			}
  
  			if(bcmp(hp_addr,&f,hp->h_length) == 0) {
  				eq = 1;
  				break;
--- 379,392 ----
  		if(hp == (struct hostent *)0)
  			return(namatch(pat,"unknown"));
  
+ 		if(hp->h_length > sizeof(f)) {
+ 			syslog(LLEV,"securityalert: invalid host address length (%d) hostname %.512s", hp->h_length, nam);
+ 			return(0);
+ 		}
  		while((hp_addr = (struct in_addr *)*hp->h_addr_list++) != (struct in_addr *)0) {
  
+ 			if (hp_addr && !rev)
+ 				rev = inet_ntoa(*hp_addr);
  			if(bcmp(hp_addr,&f,hp->h_length) == 0) {
  				eq = 1;
  				break;
***************
*** 392,398 ****
  
  		if(!eq) {
  			syslog(LLEV,"securityalert: possible spoof - DNS lookup for address %.20s gives name %.512s but the reverse lookup is %.20s",
! 				name,nam,inet_ntoa(hp_addr));
  			return(namatch(pat,"unknown"));
  		}
  
--- 395,401 ----
  
  		if(!eq) {
  			syslog(LLEV,"securityalert: possible spoof - DNS lookup for address %.20s gives name %.512s but the reverse lookup is %.20s",
! 				name,nam,rev);
  			return(namatch(pat,"unknown"));
  		}