limit sendmail to 500 messages per run
keeps the process from growing too large
sort the queue by host, not numeric priority
connecting to a host is too expensive,
once we got the connection, ram all the mail down his throat ;>
and the pre-Lite2 vfsconf interfaces.
For quot, just back out revs. 1.1 and 1.2 and change MNT_FFS to
"ufs", so that vfsconf isn't used at all. Revs. 1.1 and 1.2 were
hacks to get around f_fstypename not being in `struct statfs' in
Lite1.
When building a release, RELEASE_CRUNCH is defined for a `make' of
the objects required by the crunch of each program. The object list
is still obtained in the same way, so you must make sure that all
objects are built (empty if necessary) by this make. ppp/Makefile
provides an example.
Reviewed by: jkh
both /etc/aliases and /etc/majordomo.aliases
sendmail.cw is *not* optional
command and connection timeouts
common hoststat directory for all queues
add fakenames database
clean up spam filter rules
limit the number of message processed each queue run
dont need to check Vixie's RBL in both check_relay and check_mail
(I completely mis-read the rfc last time 'round!)
This means:
o Better CCP/WARN Reset diagnostics.
o After we've sent a REQ and before we've received an ACK, we drop
incoming compressed data and send another REQ.
o Before sending an ACK, re-sequence all pending PRI_NORMAL data in
the modem queue so that pending packets won't get to the peer
*after* the ResetAck.
o Send ACKs with the `identifier' from the REQ frame.
o After we've received a correct ACK, duplicate ACKs are ok (and will
reset our history).
o Incorrect ACKs (not matching the last REQ) are moaned about and dropped.
Also,
o Calculate the correct FCS after compressing a packet. DEFLATE
*may* produce an mbuf with more than a single link in the chain,
but HdlcOutput didn't know how to calculate the FCS :-(
o Make `struct fsm'::reqid a u_char, not an int.
This fix will prevent us from sending id `255' 2,000,000,000 times
before wrapping to `0' for another 2,000,000,000 sends :-/
o Bump the version number a little.
The end result: DEFLATE now works over an unreliable link layer.
I can txfr a 1.5Mb kernel over a (rather bad) null-modem
cable at an average of 21679 bytes per second using rcp.
Repeat after me: Don't test compression using a loopback ppp/tcp setup as
we never lose packets and therefore never have to reset!
With a keymap with accent key definitions loaded to syscons, you press
an accent key followed by a regular letter key to produce an accented
letter. Press an accent key followed by the space bar to get the
accent letter itself.
Code is based on the ideas and work by jmrueda@diatel.upm.es and
totii@est.is.
PR: i386/4016
- Added keywords for accent (dead) keys: dgra, dacu, dcir, dtil...
- Recognize accent map definitions.
<accent_map_definition> ::= <accent_key_name> <accent_char> <accent_map>
<accent_key_name> ::= dgra | dacu | dcir | dtil | dmac | dbre | ddot |
duml | dsla | drin | dced | dapo | ddac | dogo |
dcar
<accent_map> ::= <map_entry>
| <map_entry> <accent_map>
<map_entry> ::= ( <regular_letter_char> <accented_char> )
- Use ioctls PIO_DEADKEYMAP and GIO_DEADKEYMAP to set and get the accent
key map table in syscons.
- Made the output for the -L option more intelligible and look like
initializers in kbdtables.h.
- Reorganized print functions in order to print the accent key map.
o Allow a forth argument in ppp.secret, specifying a new
label. This gives control over which section of
ppp.link{up,down} is used based on the authenticated user.
o Support random address ranges in ppp.secret (not just in ppp.conf).
o Add a AUTHENTICATING INCOMING CONNECTIONS section to the man page.
o Add a bit more about DEFLATE in the man page.
o Fix the incorrect "you must specify a password in interactive
mode" bit of the manual.
o Space things in the man page consistently.
o Be more precice about where you can use MYADDR, HISADDR and INTERFACE
in the "add" command documentation.
not in -auto mode isn't a good idea, and that the
add should be done in ppp.linkup instead.
Change "add 0 0 HISADDR" to "add default HISADDR". It's
more intuitive.
interactive mode.
Use `netfd' in fcntl() and tc[gs]etattr() calls rather than
the hard coded descriptor 0.
Use _FILENO constants from unistd.h
This un-breaks things after my recent `close(0)' in interactive
mode.
Close STDIN_FILENO, and open _PATH_TTY O_RDONLY as `netfd'. This
has the effect of allowing `show route' to output more than about
a page of data (on FreeBSD, not OpenBSD....). I have no idea why,
except that it was a direct consequence of the tcsetattr() in
TtyCommandMode(). My previous fix (closing descriptor 0) `fixed'
this because all calls to tcsetattr() failed :-(
RTM_CHANGE if the RTM_ADD fails with an EEXIST.
Allow "delete! dst" (note the ``!'') to silently
fail if the RTM_DELETE fails with an ESRCH.
Also, make the ESRCH and EEXIST error conditions
more understandable to the casual observer.
interrupted with a SIGALRM. In fact, select() sets the
passed time to zero, making the previous implementation
terminate always after 1/10th of a second !
Also, deal with someone changing the clock while we're
sleeping (and restart the whole sleep).
Dangers pointed out by: Theo de Raadt <deraadt@cvs.openbsd.org>
When CCP is originally negotiated, the only thing we can be
sure about is that we've started adding data to the inflate
dictionary either before or at the same time as the peer. This
is ok, 'cos DEFLATE is a `sliding window' compressor.
Show the IP range (if specified) in "show ipcp".
Close unused descriptors 0 and 2 in interactive mode.
Pass (size_t *) rather than (int *) to sysctl().
Don't read(fd, buffer, 0) and think ppp has closed the
connection when `buffer' is full, instead, flush most of
buffer to the terminal and read() for a reasonable length.
This fixes "show route" when there's more than 2k of
routing output.
Based on the report from Dave Bodenstab.
- Turn off PnP COM device enumeration procedure if the user explicitly
specifies a protocol type with the "-t" option.
- Accept "-t auto". Now the user may entirely omit the "-t" option
in the command line, or specify "-t auto" in order to make moused
detect an appropriate protocol type automatically. In the
previous version, moused did so only if the "-t" option is absent
in the command line. ("-t auto" won't disable PnP COM device
enumeration.)
- Updated the man page.
strcpy(a, b); /* a and b are the same size */
with
strncpy(a, b, sizeof(a));
a[sizeof(a)-1] = '\0';
Making the code `correct at a glance'.
Suggested by: Theo de Raadt <deraadt@cvs.openbsd.org>
Disallow connections from port numbers <1024 as low port numbers
can only really mean trouble (ftp bounces etc.).
Discussed at length with: Theo de Raadt <deraadt@cvs.openbsd.org>
fd_set, make sure that all descriptors >2 are closed
when we start - otherwise we're asking for a dump in
FD_SET().
Problem pointed out by: Theo de Raadt <deraadt@cvs.openbsd.org>
when command logging is switched on.
o Display ******** for the authkey for "show auth"
o Document how \P should be used, and document the other chat escapes
while I'm there.
o Make sure the full command is displayed when a compound command
fails - ie, "set novar rubbish" should say "set novar: Invalid command"
rather than "novar: Invalid command"
Problem pointed out by: Theo de Raadt <deraadt@cvs.openbsd.org> (among others)
GCC suppresses the warning for ``standard'' header files, but since the
headers do not come from the ``standard'' place in a ``make world'', GCC
doesn't get it.
etc., so that (this part of) `LIBOWN=... make world' can be run by users
other than root. Actually, use BINOWN instead of LIBOWN, since the files
that we install in /usr/libdata are not libraries, and LIBOWN is not
used for anything else in /usr/libdata.
Rewrote all the rules and cleaned up.
etc., so that (this part of) `LIBOWN=... make world' can be run by users
other than root. Actually, BINOWN instead of LIBOWN, since fonts are not
libraries. Only one owner of (non-setuid) installed files is really
supported.
line is > LINE_LEN (512 bytes), we scribble (*blush*).
Hinted at by: Theo de Raadt <deraadt@cvs.openbsd.org>
Change sprintf(buf, "fixedstring") to strcpy(buf, "fixedstring").
all RTF_WASCLONED routes, and the second removes the
others. This avoids the situation where we've added an
RTF_CLONING route (such as ``default''), created some
clones, then deleted the CLONING route before the
WASCLONED route(s). Without the two passes, we get
errno (not rtm_errno) set to ESRCH when deleting the
WASCLONED route, despite the deletion succeeding !
Also:
Enhance the route operation failure diagnostics.
Make portability #ifdefs a bit more generic.
change from
ioctl(fd, PIOC<foo>, &i);
to
ioctl(fd, PIOC<foo>, i);
This is going from the _IOW to _IO ioctl macro. The kernel, procctl, and
truss must be in synch for it all to work (not doing so will get errors about
inappropriate ioctl's, fortunately). Hopefully I didn't forget anything :).
Validate the peers suggested IP by attempting to make a routing table
entry.
Give up IPCP negotiation if the peer NAKs us with an unusable IP.
Always SIOCDIFADDR then SIOCAIFADDR when configuring the tun device.
Using SIOCSIFDSTADDR allows duplicate dst addresses (which we don't
want)!!!
Allow up to 200 interface names (was 50) (now that ppp can play server
properly).
Up the version number (1.5 -> 1.6).
Cosmetic:
Log unexpected CCP packets in the CCP log rather than the ERROR log.
Log unexpected Config Reqs in the appropriate LCP/IPCP/CCP log rather
than the ERROR log.
Log failed route additions and deletions with WARN, not TCPIP.
Log the option id and length for unrecognised IPCP options.
Change some .Sq to .Ar in the man page.
Changed lots of %ld's in format strings back to %d. %ld was right
when daddr_t was long, but Lite2 changed daddr_t to int32_t which
is implemented as `int' on i386's.
We must call inflate again in case there's any pending output
despite our input buffer being empty. If the output buffer
is in fact already flushed, inflate() returns Z_BUF_ERROR.
There isn't really an error !
since we only store CIS_MAXSTR data, and the users may stick the
'entire' CIS string returned from the card in /etc/pccard.conf and
cause the comparison to (bogusly) fail.
Submitted by: Brad Karp <karp@eecs.harvard.edu>
I did the deflate re-org).
Make PAP & CHAP negotiation prettier in the log file.
If both PAP & CHAP are `enabled' and the peer NAKs CHAP
suggesting PAP, be friendly and REQ PAP the next time.
This is in line with the rfc.
protocols to recognized extra buttons and wheel/roller. It now has
PnP COM device support code, thus, some recent mouse products are
automatically detected and an appropriate protocol is selected.
The `-i' option will print the result of auto-detection.
- Added support for the following SERIAL mice:
ALPS GlidePoint, MS IntelliMouse, Kensington Thinking Mouse
(Genius NetMouse, NetMouse Pro, ASCII MieMouse, Logitech MouseMan+,
FirstMouse+ are compatible with MS IntelliMouse, when connected
to a serial port, thus requires no explicit support)
- Added PnP serial mouse identification capability as defined
by Microsoft and Hayes in "Plug and Play External COM Device
Specification, rev 1.00". This support will enable us to identify
the correct protocol to use, or choose a compatible protocol for the
given mouse.
- Utilize new ioctls defined in `mouse.h' to get hardware and protocol
information on PS/2 and bus mouse devices. Try to guess the correct
protocol and port combination based on the obtained info.
- Use MOUSE_SETLEVEL ioctl.
- Use constants defined in `mouse.h' rather than using own definitions.
- A New command line option. The -i option prints the information
collected though the PnP code and psm/mse ioctls mentioned above,
and just quits. This is to test `moused's ability, or inability, to
detect the correct protocol for the given mouse automatically.
- A new command line option. The -m option maps a physical button
to a logical button.
- A new command line option. The -z option maps the Z axis movement to
another axis or a pair of buttons.
- Add other options: -3, -C -F -P.
- Added a handler for SIGHUP. This has been suggested by somebody in the
past (I don't remember who). He wanted this because he wants to attach
or detach a mouse while his laptop is suspended. Now `moused' will
reopens and reinitialize the specified port whenever a SIGHUP is
received. I don't know how useful this can be...
Delete AF_LINK routes as well as AF_INET.
Allow the word `default' as the arg to `delete' or in place of the
first two args (dest & netmask) to `add'.
Accept INTERFACE as the third arg to `add'.
You can now say `add default interface' to create a default route
through the tun interface. It's reported that subsequent bind()s
will bind to a broadcast address and not to the address currently
assigned to the tun device - this is the first step towards
supporting that first connection that was around from before the
dynamic IP negotiation....
instead of htonl() !
This results in the int a,b,c,d changing to b,a,c,d,
but as it's subsequently coerced to a u_short, the
ultimate answer is correct.
If this isn't fixed properly soon (by the author) I'll
have a look at it again.
Noted by: eivind & ari@suutari.iki.fi
(I *really* meant to do this *before* committing the
deflate changes in the first place - oops).
Pppd is horribly broken in this respect - refer to the
ppp man page for details. Ppp *WON'T* negotiate deflate
with pppd by default - you must ``enable'' and ``accept''
``pppd-deflate'' in your config.
While I'm in there, update the cftypes in ccp.c so that
we recognise some more protocols (we don't actually do
anything with them - just send a REJ).
- Get rid of a lot of the static variables which were shared by
many routines and programs in the suite.
- Create an abstract interface to the printcap database, so that
other retrieval and iteration mechanisms could be developed
(e.g., YP, Hesiod, or automatic retrieval from a trusted server).
- Give each capability a human-readable name in addition to the historic
two-character one.
- Otherwise generally clean up a lot of dark corners. Many still remain.
- When submitting jobs, use the official login name record (from getlogin())
if there is one, rather than reverse-mapping the uid.
More to come...
break each ruleset into identified sections. (called groups).
note which groups can be reordered.
each group accepts and returns the same strings,
as much as possible.
reactivate Paul Vixie's RBL (in check_mail)
add rules to limit mail relaying to a list of hosts and domains
in the R class (check_rcpt, not active on hub.freebsd.org)
Submitted by: jmb
instead Do The Right Thing when the kernel states a card was
inserted/removed. This isn't a complete fix, but better than nothing.
Reviewed by: Guido van Rooij <guido@gvr.org>
Remove extraneous decls.
Add ``const'' to several places.
Allow ``make NOALIAS=1'' to remove IP aliasing.
Merge with OpenBSD - only the Makefiles vary.
We can now survive a compile with
-Wall -Wbad-function-cast -Wcast-align -Wcast-qual
-Winline -Wmissing-declarations -Wmissing-prototypes
-Wnested-externs -Wpointer-arith -Wredundant-decls
-Wshadow -Wstrict-prototypes -Wwrite-strings -Wchar-subscripts
(although the Makefile just contains -Wall).
Remove the timeout hack to notice that ppp has closed the connection.
Remove the ``special case'' hacks for "quit" and "bye", as pppctl
now exits immediately when the connection is closed by ppp.
Suggest a secure "set server" line for connecting ppp & pppctl.
Tidy up and correct a few man page typos.
avoids the situation where we specify label ``x'' on the command
line, and label ``x'' has a ``load y'' command embedded in it.
When the line comes up, we want to use ``x'' from ppp.linkup,
not ``y''.
allowing for a possible header on the front of all packets.
In OpenBSD, there's a structure containing the address
family here.
If we're building under OpenBSD, set up the ``flags'' part
of struct tuninfo (not there under FreeBSD) so that we config
the interface as POINTOPOINT.
Prefix prototypes with ``extern'' in os.c for consistency.
These changes are cosmetic under FreeBSD, but allow ppp to
build & work under OpenBSD (bar the srandomdev() stuff,
the inclusing of <net/if_var.h> and some Makefile symantecs).
Print out inteface names rather than numbers, and use the
same "find out the names" code in SetIfAddr(). This means
that the nasty ioctl(,SIOCGIFCONF,)/realloc loop is now
buried :-)
Ever since I first say the way the mount flags were used I've hated the
fact that modes, and events, internal and exported, and short-term
and long term flags are all thrown together. Finally it's annoyed me enough..
This patch to the entire FreeBSD tree adds a second mount flag word
to the mount struct. it is not exported to userspace. I have moved
some of the non exported flags over to this word. this means that we now
have 8 free bits in the mount flags. There are another two that might
well move over, but which I'm not sure about.
The only user visible change would have been in pstat -v, except
that davidg has disabled it anyhow.
I'd still like to move the state flags and the 'command' flags
apart from each other.. e.g. MNT_FORCE really doesn't have the
same semantics as MNT_RDONLY, but that's left for another day.
everything else. Add a "-t" option for outputting it in raw form.
Define and document the order in which raw values are printed when
more than one is requested on the command line.
o Add "allow" command:
"allow users a b c" gives access to users a, b and c.
"allow modes auto" gives those users access to auto mode only.
"allow users *" and "allow modes *" are accepted.
No users and all modes are allowed by default.
UID 0 can do anything.
o Set the current label with the "load" and "dial" commands
so that the call to ppp.linkdown makes sense.
o Up the verison number.
o Don't OR MODE_AUTO for -background and -ddial.
o Don't OR MODE_INTER when we get a diagnostic connection.
o Allow up to 40 args per line (was 20).
o "set ifaddr" only changes the interface in AUTO mode (with other
modes, it happens after IPCP negotiation).
o Sort command descriptions in the man page.
o Support -dedicated mode where we just talk ppp forever (no login etc).
to work on FreeBSD, man page written by me.)
Also change Makefile.yp a little to be more tolerane in the face of
missing source files. Print a message if we can't find /var/yp/master.passwd
telling the user what to do to fix things.
Stay as the invoking uid as much as possible.
Execution as a normal user is still forbidden for now,
so these changes are pretty ineffective.
The next commit will implement the modifications suggested
on -hackers a number of days ago.
ppp.secret to get a key value based on the peers name,
then send the value of AuthName with the encrypted result.
This is *way* too confusing.
Instead, always use AuthName and AuthKey as the documentation
says.
location. Also, instead of jumping ot the CPU's restart vector, just
call int 0x19 to reboot. (Writing hte 0x1234 was a little useless
otherwise.)
PR: bin/4901
Submitted by: Jonathan Mini <mini@d198-232.uoregon.edu>
Use getpwnam before getpwuid since two users with same uids can exists
(affects new login classes code only)
The same fixes as in inetd: by default run `system crontab things' with
daemon login class now, not restrict them to user class breaking
compatibility with old way (so-called nobody limits problem)
Implement user[:group][/login-class] syntax in system crontab
for more flexible control (the same as in inetd)
