d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
112,339 Commits 72 Branches 135 Tags 3.2 GiB
78e3eed071
Commit Graph

32 Commits

Author SHA1 Message Date
Stefan Farfeleder
78e3eed071 Fix most cases where the address of an int is passed to a function expecting a 
socklen_t * argument.
 2005-02-14 17:42:58 +00:00
Stefan Farfeleder
28e1bf4689 Include <stdlib.h> for exit() and abort() prototypes. 
Approved by:	das (mentor)
 2004-05-24 13:21:24 +00:00
Dag-Erling Smørgrav
d6551d89a2 Unbreak static build and remove usage() that isn't usage(). 
Reviewed by:	bde
 2002-05-03 13:12:06 +00:00
Dag-Erling Smørgrav
7f5e4ed359 PAMify rexecd(8). 
Sponsored by:	DARPA, NAI Labs
 2002-05-02 05:06:32 +00:00
Hajimu UMEMOTO
b2b1845212 When opieverify() is fail, fallback to try unix password. 
Tested by:	kuriyama
 2002-04-16 10:54:30 +00:00
Hajimu UMEMOTO
859be0911a Add an IPv6 support. 
I dunno if there is an IPv6 supported rexec client.  So, it was
tested that this change doesn't break an IPv4.

Tested by:	kuriyama (IPv4 only)
 2002-04-16 10:15:30 +00:00
Jun Kuriyama
0d652d42ca Make this compilable without -DOPIE. 
Hint by:	ume
 2002-04-16 07:53:42 +00:00
Warner Losh
266ebcd391 o __P removal 
o register removal
o use new style prototypes and function definitions
 2002-02-07 23:57:01 +00:00
Sheldon Hearn
e1b4d8d074 Use STD{ERR,IN,OUT}_FILENO instead of their numeric values. The 
definitions are more readable, and it's possible that they're
more portable to pathalogical platforms.

Submitted by:   David Hill <david@phobia.ms>
 2001-07-26 11:02:39 +00:00
Mark Murray
20934175ae Goodbye S/Key, Hello OPIE. 
I believe I have done due dilligence on this, but I'd appreciate
decent test scenarios and sucess (or failure) reports.
 2001-07-09 17:34:22 +00:00
Brian Somers
7bc6d0158f Fix the type of the NULL arg to execl() 
Idea from: Theo de Raadt <deraadt@openbsd.org>
 2001-07-09 09:24:06 +00:00
David Malone
ea66ccbf96 Avoid a warning by making a variable a const char *. 2001-05-01 10:35:20 +00:00
Philippe Charnier
57757e9f36 Remove unused #include. Use getopt(3). Add usage() with syslog(3) cap. 2000-11-28 18:15:25 +00:00
Nick Sayer
0d9fb499eb Add -i (insecure) flag to rexecd, which allows uid == 0 logins 
(presuming that the user in question is not in /etc/ftpusers and
does not have a null password).
 2000-05-13 15:58:36 +00:00
Peter Wemm
7f3dea244c $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
Brian Somers
9e9a43bdec Ensure that things returned by gethostname() and 
friends are terminated and allow for a maximum
host name length of MAXHOSTNAMELEN - 1.
Put parenthesis around sizeof args.
Make some variables static.
Fix telnetd -u (broken by my last commit)

Prompted by: bde
 1999-04-07 08:27:45 +00:00
Brian Somers
32af26a501 Use realhostname() rather than various combinations of 
gethostbyaddr() & gethostbyname().

Remove brokeness in ftpd for hosts of MAXHOSTNAMELEN length.
 1999-04-06 23:06:00 +00:00
Philippe Charnier
6896720af3 Use err(3). -Wall cleaning. Use Pa for file names and add section in Xrefs. 1997-11-26 07:29:04 +00:00
Warner Losh
a51e2c9b04 Julian A's fix. Do chdir as user rather than as root. Fixes a minor NFS 
compatibility problem at the same time.  Some buffer made large enough
for worst case hostname.

fixes PR 2593.

Reviewed by:	Dan Cross and maybe others
 1997-03-24 05:57:28 +00:00
Peter Wemm
9e522f7a18 Revert $FreeBSD$ to $Id$ 1997-02-22 14:22:49 +00:00
Warner Losh
5b266377fd Buffer Overflow from OpenBSD 
rev 1.7 deraadt:
	buf oflow
Obtained from: OpenBSD
 1997-02-09 04:40:02 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$ 
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
 1997-01-14 07:20:47 +00:00
Paul Traina
a13e275f66 Back out recent security patch for rexecd. After more careful analysis, 
it is both uneeded and breaks certain lock-step timing in the rexec
protocol.

Yes, an attacker can "relay" connections using this trick,  but a properly
configured firewall that would make this sort of subterfuge necessary in the
first place (instead of direct packet spoofing) would also thwart useful
attacks based on this.
 1996-11-22 08:59:07 +00:00
Paul Traina
6c6cc60e38 Do not attempt to open reverse channel until authentication phase has 
succeeded.

Never allow the reverse channel to be to a privileged port.

Cannidate for:	2.1 and 2.2 branches

Reviewed by:	pst (with local cleanups)
Submitted by:	Cy Shubert <cy@cwsys.cwent.com>
Obtained from:	Jaeger <jaeger@dhp.com> via BUGTRAQ
 1996-11-19 18:03:16 +00:00
Wolfram Schneider
148531ef1e add forgotten $Id$ 1996-09-22 21:56:57 +00:00
Mike Pritchard
ae532ecb79 Check for expired passwords before allowing access to the system. 1995-08-28 21:30:59 +00:00
Peter Wemm
3f59b9c4ef rexecd was not calling "setlogin()" when it should have. This was causing 
getlogin() to return wrong answers (eg: "root").
Reviewed by:	davidg
Obtained from:	James Jegers, for NetBSD, slightly reworked by me.
 1995-07-29 15:21:15 +00:00
Rodney W. Grimes
6c06b4e2aa Remove trailing whitespace. 1995-05-30 05:51:47 +00:00
Paul Traina
9c48498989 make rexecd link against skeyaccess, not authfile 1994-09-30 06:38:43 +00:00
Paul Traina
cda3118c2e Tighen up rexecd(8) security (see manual page for details). 
Rexecd is a crock, it never should have been written,  however make it so
that people who have a need to run it don't hurt themselves so badly.

Obtained from: Ideas obtained from logdaemon 4.3 from Wietse Venema
 1994-09-29 09:23:58 +00:00
Guido van Rooij
a670645c57 Add skey support 
Reviewed by:
Submitted by:	guido
 1994-08-21 19:10:43 +00:00
Rodney W. Grimes
ea022d1687 BSD 4.4 Lite Libexec Sources 1994-05-27 12:39:25 +00:00