by a repository copy from 1.1.5 and patched back to Lite1) and
rbootd/bootdir/SYSHPBSD (which is binary). All changed files have
already left the vendor branch.
on malformed /etc/group entries. This is a band-aid until I can pull
in the newer group parsing code from getgrent .
Pointed out by: branson@belmakor.hq.ferg.com (Branson Matheson)
Add a -Bforcedynamic option which generates a dynamic object even
if no shared libraries were given in the link.
Make RRS in text section warnings conditional on "-assert pure-text"
so that I can link non-PIC kernel modules without tons of link
errors. Changes to bsd.lib.mk to follow.
Fix a couple of bugs exposed by the fact that the kernel is not
linked at zero.
Reviewed by: jdp
calls. The cost is a little more up-front memory allocation, but the
effect seems minimal.
Problem noticed-by: bde
Added syslog at LOG_ERR when referencing an unknown gettytab entry
and for other cgetent() failues (circular reference et al).
To be merged into 2.2 after a few days testing.
modules from src/bin/ls, and handling exec(_PATH_LS,..) as a
special case, very useful in an environment where many users
are given chroot access. "~/etc/{s}pwd.db" files are still
needed if uid/gid->user/group translation is desired.
To enable this it must be compiled with the make variable
FTP_INTERNAL_LS defined, either in /etc/make.conf or the
environment.
ld-specific flags. LDFLAGS is really for ld-related flags for cc,
not for ld, and some flags, e.g., -Bshareable, mean completely
different things to cc and ld. Having the wrong things in LDFLAGS
also broke the standard ${PROG} target. This was kludged around
by using a special rule that depended on LDFLAGS being bogus.
Fixing `make depend' broke the special rule but fixed the standard
rule (except in the DESTDIR case, which was handled more strictly
here than elsewhere).
'sane' standard (not raw) settings before abort/exiting; move
responsibility of setting raw mode for chat-handling out of
chat.c to avoid doing redundant tc{s,g}etattr()s; move DE
pause prior setting standard mode before issue/login prompt to
avoid echoing modem connect strings. Fixed up comment styles
in a couple of places.
Rev 1.16 deraadt:
do not warn about valid options; invalid options correctly quit
Rev 1.15 deraadt:
need not clear options since bad ones cause exit;
provos@ws1.physnet.uni-hamburg.de
Rev 1.14 deraadt:
IPOPT_LSRR/IPOPT_SSRR must exit() due to tcp sequencing; pointed
out by provos@wserver.physnet.uni-hamburg.de. also another 1-char
buffer overflow.
Reviewed by: Peter Wemm
Obtained from: OpenSBD
Rev 1.13 deraadt:
do not warn about valid options; invalid options correctly quit
Rev 1.12 deraadt:
need not clear options since bad ones cause exit;
provos@ws1.physnet.uni-hamburg.de
Rev 1.11 deraadt:
IPOPT_LSRR/IPOPT_SSRR must exit() due to tcp sequencing; pointed
out by provos@wserver.physnet.uni-hamburg.de. also another 1-char
buffer overflow.
Reviewed by: Peter Wemm
Obtained from: OpenSBD
If it is set to a nonempty string, then simply skip any missing
shared libraries. This came up in a discussion long ago as a
potentially useful feature at sysinstall time. For example, an
X11 utility could be used without the X libraries being present,
provided the utility had a mode in which no X functions were actually
called.
- Use MAP_FAILED instead of the constant -1 to indicate
failure (required by POSIX).
- Removed flag arguments of '0' (required by POSIX).
- Fixed code which expected an error return of 0.
- Fixed code which thought any address with the high bit set
was an error.
- Check for failure where no checks were present.
Discussed with: bde
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
nonempty string, then function calls are relocated at program start-up
rather than lazily. This variable is standard on Sun and SVR4 systems.
The dlopen() function now supports both lazy and immediate binding, as
determined by its "mode" argument, which can be either 1 (RTLD_LAZY) or
2 (RTLD_NOW). I will add defines of these symbols to <dlfcn.h> as soon
as I've done a little more checking to make sure they won't cause
collisions or bootstrapping problems that would break "make world".
The "LD_*" environment variables which alter dynamic linker behavior are
now treated as unset if they are set to the empty string. This agrees
with the standard SVR4 conventions for the dynamic linker.
Add a work-around for programs compiled with certain buggy versions of
crt0.o. The buggy versions failed to set the "crt_ldso" member of the
interface structure. This caused certain error messages from the
dynamic linker to begin with "(null)" instead of the pathname of the
dynamic linker.
nonempty string, then function calls are relocated at program start-up
rather than lazily. This variable is standard on Sun and SVR4 systems.
The dlopen() function now supports both lazy and immediate binding, as
determined by its "mode" argument, which can be either 1 (RTLD_LAZY) or
2 (RTLD_NOW). I will add defines of these symbols to <dlfcn.h> as soon
as I've done a little more checking to make sure they won't cause
collisions or bootstrapping problems that would break "make world".
more manageable and convenient referencing by login.conf (login
class database) and (e.g.) login.access.
This is the first of a group of commits which implements the login
class capabilities database.
emitting the initial prompt.
This is useful in a number of circumstances :
- you have (a) stupid modem(s) that assert(s) DCD too soon.
- you have dialin users with stupid diallers and poorly
written chatscripts. (esp. some Winsock diallers)
BSD/OS also has this capability.
Submitted by: damian@cablenet.net (Damian Hamill)
matches what's in ypserv/yp_extern.h (which I changed when I added the
async DNS stuff). The conflict broke the build of rpc.yppasswdd.
Pointed out by: bde
do it themselves. (Some of these programs actually depended on this
beyond compiling the definition of struct ifinfo!) Also fix up some
other #include messes while we're at it.
it is both uneeded and breaks certain lock-step timing in the rexec
protocol.
Yes, an attacker can "relay" connections using this trick, but a properly
configured firewall that would make this sort of subterfuge necessary in the
first place (instead of direct packet spoofing) would also thwart useful
attacks based on this.
succeeded.
Never allow the reverse channel to be to a privileged port.
Cannidate for: 2.1 and 2.2 branches
Reviewed by: pst (with local cleanups)
Submitted by: Cy Shubert <cy@cwsys.cwent.com>
Obtained from: Jaeger <jaeger@dhp.com> via BUGTRAQ
