that was lost during the lite-2 merge. From the original commit message:
Initialize the group list so that any filter programs that are
run by lpd are not run with root's groups.
was having its last element zero'd. It turns out not to be a security
hole or to have any real effect on the code because 'from' was previously
pointing to a buffer of the same size as 'fromb', and the last
element in fromb is already 0 anyway due to the use of sizeof(fromb)-1
in the strncpy() call. But I'm not pressing my luck so only the type-o
is being fixed.
with remote hosts feeding it, so that some hosts have their header
pages supressed and some don't. This is because lpd doesn't know
how to rewrite a print job before forwarding it to a remote lpd.
In particular this causes problems with p rinters that contain
their own lpd, eg. HP jet direct cards, because they can't suppress
headers. It's not possible to have headers supressed by putting
'sh' in any printcap in the lpd chain, it is up to the originating
lpr to have a '-h' option specified at run time.
Lpr has been modified to allow _it_ to honour the 'sh' flag in the
local print cap. This allows the administrator to switch off
headers for a particular printer (on a particular host) irrespective
of whether that printer is local to the machine or remote.
This doesn't break anything, because in the case of a remote printer
the 'sh' flag would have had no meaning, in the case of the local
printer it would have been on anyway.
Submitted by: Scott James Remnant <scott@pavilion.net>
Remove src/contrib/bind/bin/nslookup/commands.c as it is generated by lex
from commands.l.
Submitted by: lpc/cdcontrol patches originally by msmith.
Reviewed by: msmith (in theory)
track.
The Id line is normally at the bottom of the main comment block in the
man page, separated from the rest of the manpage by an empty comment,
like so;
.\" $Id$
.\"
If the immediately preceding comment is a @(#) format ID marker than the
the $Id$ will line up underneath it with no intervening blank lines.
Otherwise, an additional blank line is inserted.
Approved by: bde
However, it doesn't check if the remote printer name it
is sending it to is the same as the local printer name,
and so chokes 'cos "laser" is not a real printer.
PR: 7081
Submitted by: David Malone <dwmalone@maths.tcd.ie>
arguments to be numbers. Also use '0' base to allow hex, octal or
decimal numbers.
This was done by me based on ideas in pr 3556, submitted by Uwe
Laubenstein and commented upon by j@uriah.heep.sax.de (J Wunsch).
PR: 3556
libraries so that `ld -f' in can create correct dependencies for
yet-to-be-built libraries.
Get the default BINDIR correctly (by including ../Makefile.inc recursively.
Override the default it it is wrong.
Don't override defaults when the defaults are correct.
GCC suppresses the warning for ``standard'' header files, but since the
headers do not come from the ``standard'' place in a ``make world'', GCC
doesn't get it.
- Get rid of a lot of the static variables which were shared by
many routines and programs in the suite.
- Create an abstract interface to the printcap database, so that
other retrieval and iteration mechanisms could be developed
(e.g., YP, Hesiod, or automatic retrieval from a trusted server).
- Give each capability a human-readable name in addition to the historic
two-character one.
- Otherwise generally clean up a lot of dark corners. Many still remain.
- When submitting jobs, use the official login name record (from getlogin())
if there is one, rather than reverse-mapping the uid.
More to come...
Properlay clean the global RM variable if cgetstr() failed for it.
Otherwise, a connection attempt to a remote machine was made (and a
bogus result code printed) if a local printer followed a remote one in
printcap, and you did a `lpq -a', since checkremote() falsely assumed
the printer to be a remote one.
While i was at it, removed a gratuituous newline printed in front of
the remote machine's name, thus making the output more consistent (and
better machine-parseable) now.
connection timeout controllable by a new printcap(5) capability named
`ct' (connectiom timeout), defaulting to 120 seconds (which is the
default TCP connection timeout).
Would anybody see a problem with merging all this into RELENG_2_2?
with libc's version.
lpd: use getopt(3), err(3), add usage(), allow specification of a port #
on the command line as the documentation suggested for more than 10 years.
PR: docs/3290
diffes with NetBSD/OpenBSD. These changes seem to predate the NetBSD/OpenBSD
split, so it is hard to give proper credit for them.
Obtained from: OpenBSD.
overflow patches that were "near" to where these operations are taking
place. The buffer overflows are from OpenBSD. The setuid/seteuid patches
are from NetBSD by way of OpenBSD (they changed them a little), at least from
my read of the tree.
This is the first of a series of OpenBSD lpr/et al merges. It (and them)
should be merged back into 2.2 and/or 2.1 (if requested) branches when they
have been shaken out in -current.
Obtained from: OpenBSD
the hostname into. In theory the bind library should do this, but
in practice the limites between system defines and bind defines make
an attack using this vector possible. These patches have been in
use on my systems for three months now, so I am fairly confident about
them. I plan on commiting this to 2.2 and 2.1 in the near future,
as well as many other patches of this nature.
Rev 1.4 deraadt: (partial from full commit, other files not done yet)
proactive bounds checking; help from millert
Rev 1.5 millert:
Possible buf oflow.
Plus minor style nits to keep the style police happy (I hope)
Obtained from: OpenBSD
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
From NetBSD via OpenBSD to fix NetBSD PR #506
More descriptive message for printer status
(OpenBSD: 1.2)
Various warnings cleaned up (OpenBSD: 1.4)
lpc/lpc.c:
Various warnings cleaned up (OpenBSD: 1.3)
lpd/lpd.c:
Remove trailing blank lines (OpenBSD: 1.2)
Potential umask problem with creating /dev/printer
(OpenBSD: 1.4 and 1.5)
Ftp bounce attack (untested on FreeBSD)
(OpenBSD: 1.6, 1.8, 1.9)
Fencepost in strncpy
(OpenBSD: 1.6)
lpd/printjob.c:
Fix from freebsd for waiting for an exiting filter, that
appears not in the FreeBSD CVS tree.
(OpenBSD: 1.6)
lpd/recvjob.c:
Buffer overflow protection: use strncpy rather than strcpy.
(OpenBSD: 1.3)
lpr/lpr.c:
NetBSD change of return type for main()
(OpenBSD: 1.2)
Restrict time running as root
(OpenBSD: 1.7)
Use getcwd rather than getwd (from NetBSD)
Use snprintf rather than sprintf
(OpenBSD: 1.8)
Minor tweak to end of loop and buffer overflow sanity. card()
overflow already in FreeBSD
(OpenBSD: 1.9)
lptest/lptest.c:
void -> int return type of main, from NetBSD via OpenBSD
(OpenBSD: 1.2)
pac/pac.c:
void -> int return type of main, from NetBSD via OpenBSD
(OpenBSD: 1.3)
Obtained from: OpenBSD
buffer which could be made to lead to a root shell. This patch is
OpenBSD's solution to the problem, and will silently truncate the
output rather than overflow the buffer.
Obtained from: OpenBSD
having a hosts.lpd(5) manpage and some references to it from
within lpd(8) might help here. Close PR docs/1277
Submitted by: andreas@knobel.gun.de (Andreas Klemm)
orthogonal with the rest of the system (you can now use either -PPS or
-P PS), and makes the parser more intelligible. The only drawback is
that the old semantics for the -i flag in case a non-numeric argument
is following are no longer fully supported (only if -i is the very
last arg at all), since getopt(3) doesn't support the discticnction
between numeric and non-numeric arguments.
Make lpr also understand dashes as input pseudo filenames. This
finally makes lp(1) fully comply with Posix.2.
The removed files are no longer needed, they are actually labelled as
``Use only if you are not 4.4BSD''. (Yeah, the ol' crufty printcap.c
is really gone!)
Properly declare all external objects in files ending in .h, as
opposed to embed them into files ending in .c.
surprising how many trivial errors there have been... :-)
Some more cleanup is needed, but i'd like to separate the Lite2 changes
from other work, that's why this goes into a different commit.
People with serial printers should see whether i have broken the stty-
style printcap options (i hope not).
Inspired by: Sergey Shkonda <serg@bcs1.bcs.zaporizhzhe.ua>
man pages up to mdoc guidelines and fix some minor formatting glitches.
Also fixed a number of man pages to not abuse the .Xr macro to
display functions and path names and a lot of other junk.
printjob.c: Use termios instead of sgtty structs and ioctls; remove
support for fs/fc/xs/xc capabilities, and replace them with the ms
capability (stty-like words, instead of octal bit patterns).
modes.c: Modified from stty's file, parses comma-seperated list of
tty modes (e.g., "cs8,-paren,-opost").
Reviewed by: rgrimes, joerg
interface set at 57600 baud, and I found out the hard way that lpd doesn't
know about speeds greater than 38400, even though <sys/ttydev.h> also
permits 57600 and 115200 baud. Fix this by adding B57600 and B115200 to the
'bauds' table. (The Apple printer worked properly once I did this, BTW. :)
is writeable (by the real uid). if it is, lpr assumes that the file
can be unlinked. lpr does not check for directories with S_ISVTX set
Reviewed by: dima
>Number: 368
>Category: bin
>Synopsis: Lpd doesn't log errors after failed exec
>Description:
If an exec done by lpd fails, nothing is sent to the system log
indicating what went wrong. This is because lpd closes all of
the file descriptors before doing the exec, thus closing the syslog
file descriptor in the process.
[Fix applied]
Submitted by: pritc003@maroon.tc.umn.edu
This command is required to exist in terms of compatibility with the
Posix 1003.2 specification. It actually invokes the lpr service with
the proper options.
