Commit Graph

417 Commits

Author SHA1 Message Date
John Baldwin
c50897c392 Put back the openpty(3) and ptsname(3) fixes but don't disable ptsname(3)
on pts(4) devices this time.  This fixes the issues while leaving pts(4)
enabled on HEAD.
2008-01-15 15:36:23 +00:00
Colin Percival
d3f576839b Back out last commit, since it accidentally broke pts.
The security fix will be re-committed soon, hopefully without breaking
anything.
2008-01-15 13:59:13 +00:00
John Baldwin
16fd04e88e Update the manpage for openpty(3) to account for the recent fixes.
Specifically, remove the BUGS section and note that openpty(3) now always
does the various security-related steps.  Also, update the error return
value section.  The PR below is for the original bug rather than the doc
updates.

MFC after:	1 week
PR:		bin/9770
2008-01-14 23:49:56 +00:00
Colin Percival
160e76972a Fix issues which allow snooping on ptys. [08:01]
Fix an off-by-one error in inet_network(3). [08:02]

Security: FreeBSD-SA-08:01.pty
Security: FreeBSD-SA-08:02.libc
2008-01-14 22:56:05 +00:00
John Baldwin
889befc455 Invoke revoke(2) on the slave pty in the pts(4) case (new_openpty()) to
kick off any other users on the device line before using it since
openpty(3) is documented to do this.  Note that grantpt(3) does not
call revoke(2), it only adjusts permissions and ownership.

MFC after:	3 days
2007-12-20 21:10:06 +00:00
John Baldwin
790c2471b9 Bump up the number of ttys supported by pty(4) to 512 by making use of
[pt]ty[lmnoLMNO][0-9a-v].

MFC after:	3 days
Reviewed by:	rwatson
2007-11-19 20:49:42 +00:00
John Birrell
26fc37307b Constify the first argument to expand_number() so that it can
be called with a const without the compiler grisling.
2007-11-18 02:20:02 +00:00
Simon L. B. Nielsen
3dca093960 Minor mdoc cleanup: Every sentence should start on its own line. 2007-10-13 11:09:45 +00:00
Konstantin Belousov
fefc6803cf When pidfile is already locked and has zero length, do not return
success and zero pid from pidfile_read(). Return EAGAIN instead. Sleep
up to three times for 5 ms while waiting for pidfile to be written.

mount(8) does the kill(mountpid, SIGHUP). If mountd pidfile is truncated,
that would result in the SIGHUP delivered to the mount' process group
instead of the mountd.

Found and analyzed by:	Peter Holm
Tested by:	Peter Holm, kris
Reviewed by:	pjd
MFC after:	1 week
2007-10-12 10:38:05 +00:00
David E. O'Brien
61881b5283 Adjust history.
Approved by:	re(ken)
2007-09-28 15:31:44 +00:00
Pawel Jakub Dawidek
c0a6ac3ff0 - Fix strange for loop.
Reported by:	phk

- While here, check the unit before calculating the actually number.
  This way we can return EINVAL for invalid unit instead of ERANGE.

Approved by:	re (kensmith)
2007-09-05 14:27:13 +00:00
Pawel Jakub Dawidek
c2fc8cebdd Point expand_number(3) at humanize_number(3) and nive versa.
Suggested by:	trhodes
Approved by:	re (kensmith)
2007-09-05 14:25:16 +00:00
Pawel Jakub Dawidek
bd35b57de2 Implement expand_number(3), which is the opposite of humanize_number(3), ie.
a number in human-readable form is converted to int64_t, for example:
123b -> 123
10k -> 10240
16G -> 17179869184

First version submitted by:	Eric Anderson <anderson@freebsd.org>
Approved by:	re (bmah)
2007-09-01 06:19:11 +00:00
Dag-Erling Smørgrav
062044ebbe Back out previous commit until I figure out why my regression test fails.
Approved by:	re (kensmith)
2007-08-03 09:20:28 +00:00
Dag-Erling Smørgrav
7eb198c642 Use fcntl(2)-style locks instead of less-portable flock(2)-style locks.
Approved by:	re (kensmith)
2007-08-03 06:32:45 +00:00
Yaroslav Tykhiy
be89d8067c Document the quirks of ~/.login_conf and LOGIN_MECLASS. 2007-06-14 09:33:37 +00:00
Yaroslav Tykhiy
2e376efd52 Improve mdoc(7) markup. 2007-06-14 07:31:59 +00:00
Yaroslav Tykhiy
a742982378 Update some comments, mostly regarding LOGIN_MECLASS and ~/.login_conf. 2007-06-14 06:42:49 +00:00
Dag-Erling Smørgrav
4b5b992bba Nit: avoid shadowing truncate(2) with a local variable. 2007-05-23 12:09:33 +00:00
Dag-Erling Smørgrav
400f772943 Fix stupid braino in previous commit. 2007-05-23 10:06:03 +00:00
Dag-Erling Smørgrav
d75d56060e If (flags & O_TRUNC), don't truncate the file until we've successfully
locked it.

MFC after:	3 weeks
2007-05-23 08:12:34 +00:00
Daniel Eischen
419ecd5dee Bump library versions in preparation for 7.0.
Ok'd by:	kan
2007-05-21 02:49:08 +00:00
Dag-Erling Smørgrav
b31d5b56ec strlcpy() may be faster than snprintf(), but it is less portable, and this
is not performance critical code anyway.  Also, avoid using strlen() to
obtain information which we already have.

MFC after:	3 weeks
2007-05-11 11:10:05 +00:00
Dag-Erling Smørgrav
4d09ed1e67 Fix typo.
Submitted by:	Bård Skaflestad <bardsk@math.ntnu.no>
2007-05-10 18:15:30 +00:00
Dag-Erling Smørgrav
8f9085389f Well gag me with a spoon... I'm so used to working at high WARNS levels
that I make stupid fundamental mistakes like this when I don't.
2007-05-10 15:01:42 +00:00
Dag-Erling Smørgrav
b252bedcc9 Remove superfluous unexpanded RCS tag. 2007-05-10 14:56:07 +00:00
Dag-Erling Smørgrav
3884dc6768 Use flopen(3).
MFC after:	3 weeks
2007-05-10 14:54:53 +00:00
Dag-Erling Smørgrav
3dea593400 DTRT when O_NONBLOCK is specified.
MFC after:	3 weeks
2007-05-10 14:52:57 +00:00
Dag-Erling Smørgrav
9667055264 I'm tired of seeing this done incorrectly and non-portably, so add a
flopen(3) function which reliably opens and locks a file.

MFC after:	3 weeks
2007-05-10 14:43:31 +00:00
Yaroslav Tykhiy
f855462a24 Fix one kind of style(9) bug and a typo in a comment.
Tested with:	md5(1)
2007-05-01 18:50:33 +00:00
Warner Losh
ee7093a640 Remove California Regent's clause 3, per letter 2007-01-09 01:02:06 +00:00
Tom Rhodes
d3dc0c9de4 Fix a typo: "the give login class" to "the given login class."
PR:		75577
Submitted by:	Nobuyuki Koganemaru
2006-11-05 19:00:08 +00:00
Ruslan Ermilov
f0d43ae993 Fix markup in previous revision. 2006-10-10 08:15:08 +00:00
Tom Rhodes
5e058b334c Add information on how to escape a literal colon in a value or name.
PR:	101262
2006-10-09 22:35:02 +00:00
Ruslan Ermilov
ad136d1e29 Revise markup in recently added manpages. 2006-09-30 10:34:13 +00:00
Ruslan Ermilov
a73a3ab56b Markup fixes. 2006-09-17 21:27:35 +00:00
Thomas Quinot
3a1d9c271b Minor comment fix. 2006-09-08 08:14:32 +00:00
Thomas Quinot
71219ddbd1 (pw_copy): Handle the case of a malformed line in master.passwd
(copy it silently, do not dereference NULL pointer).

PR:             bin/102848
Reviewed by:    security-officer (cperciva)
MFC after:      1 week
2006-09-04 15:09:21 +00:00
Yaroslav Tykhiy
6599d1e129 Recognize the existence of auth' and auth-type'
capabilities but tell they do nothing in the base system.

This is a late responce to
http://docs.freebsd.org/cgi/mid.cgi?ED759F1DC5ADD74592DD063B1EDEDAF803ACD2B5
.

Obtained from:	OpenBSD (wording; with minor corrections)
2006-08-23 09:54:46 +00:00
Yaroslav Tykhiy
74d580d770 style.Makefile(5) is good for our eyes. 2006-07-27 12:36:46 +00:00
Warner Losh
d5fbc8f429 Note the convention that humanize_number follows.
Add 'engineering' numbers to table.
2006-07-15 20:53:36 +00:00
Maxim Konovalov
a07b02ef92 o Add missed comma, xref kld(4). 2006-07-12 14:33:52 +00:00
Brian Somers
25b5a928f7 Remove some unused variables 2006-06-23 01:42:03 +00:00
Maxim Konovalov
613c94ac78 o Typo: ownship -> ownership.
Obtained from:	DragonFlyBSD
2006-06-17 07:25:58 +00:00
Shunsuke Akiyama
b3c87f5c78 Specify default path for SHLIBDIR before bsd.own.mk does.
This fix shared library installed correct place.
2006-06-11 09:14:06 +00:00
Xin LI
db31b8ae3c Don't build IPv6 support if we have choosen not to have it. 2006-06-09 18:11:29 +00:00
Xin LI
aa5c5263bc - Add include for libutil.h and string.h for prototype.
- Cast the rvalue to be compared with the result of
   strlen() to size_t.
2006-05-25 04:01:04 +00:00
Hajimu UMEMOTO
794063c03f Bump library majro version for gethostbyaddr(3). 2006-05-21 15:15:21 +00:00
Christian Brueffer
b208d15b48 Document how the backoff delay is calculated.
Submitted by:	markus
MFC after:	3 days
2006-04-19 17:46:27 +00:00
John-Mark Gurney
4d5e876be3 use pwrite to always write at the begining of the file.. If multiple calls
to pidfile_write happen, the pidfile will have nul characters prepended
due to the cached file descriptor offset...

Reviewed by:	scottl
MFC after:	3 days
2006-04-11 23:10:02 +00:00