Commit Graph

1058 Commits

Author SHA1 Message Date
Andrey A. Chernov
f650a12484 Remove my workaround fallback since PAM now do it properly. 2002-01-21 19:07:15 +00:00
Dag-Erling Smørgrav
819a142080 Really back out ache's commits. These files are now precisely as they were
twentyfour hours ago, except for RCS ids.
2002-01-19 18:29:50 +00:00
Andrey A. Chernov
07977587ab Back out PAM_CRED_ERR addition 2002-01-19 18:06:05 +00:00
Andrey A. Chernov
3e4f7c7f99 Add PAM_CRED_ERR as valid failure case 2002-01-19 09:01:17 +00:00
Andrey A. Chernov
c0cbe6a9b8 Call opieunlock() only if we skip opieverify() part 2002-01-19 05:59:24 +00:00
Andrey A. Chernov
50356ef361 Remove conditional 'pwok' fallback for PAM which now
is implemented in pam_opie module

For non-PAM variant rewrite empty password checking code to do the right thing
and not disallow empty passwords in all cases.
2002-01-19 03:18:33 +00:00
Ruslan Ermilov
491a842962 yp(4) -> yp(8).
PR:		docs/30797
2002-01-14 16:59:03 +00:00
Mark Murray
a61a203e62 Build the TCP-wrapper helper "daemon" tcpd. This is not much use in
a bog-standard FreeBSD installation, as inetd(8) does that job, but
for inetd(8) replacemenrts such as xinetd, having this around makes
sense.
2002-01-12 13:31:30 +00:00
Ruslan Ermilov
bcf2b1b312 mdoc(7) police: tidy up. 2002-01-10 17:49:57 +00:00
David Malone
c507cedecf Be more careful about freeing memory after parsing commands.
Hiroyuki YAMAMORI gave a patch for the EPRT command in the
PR below. Problems with the rest of the patch are my fault.

PR:		33268
Reviewed by:	iedowse, sheldonh
2002-01-05 20:13:01 +00:00
Andrey A. Chernov
47499ecd7e Fix OPIE auth 2002-01-01 13:14:25 +00:00
Bruce Evans
6b96c275e9 Fixed missing DPADD in previous commit. Fixed most style bugs related to
DPADD and LDADD.
2001-12-29 12:06:59 +00:00
Josef Karthauser
481bfba66b Link with libm to take advantage of the -h flag to ls.
Submitted by:	Mike Makonnen <mike_makonnen@yahoo.com>
2001-12-29 10:22:13 +00:00
Ruslan Ermilov
85389b3dfa MFCrypto: Remove -r, -s, sort -p. 2001-12-14 14:46:51 +00:00
Mark Murray
7a32b4b1c6 Merge from master (crypto) telnet. WARNS fixes for alpha. 2001-12-03 12:41:19 +00:00
Mark Murray
33cc94ddaf Merge the (in)complete ANSIfication work from src/crypto/telnet. 2001-11-30 22:37:28 +00:00
Mark Murray
e895047b95 After running a "make unifdef", commit the resultant diffs.
This code is now a complete sunset of the crypto (master) code.
2001-11-30 22:03:20 +00:00
Mark Murray
b3c1c587b6 Diff-reduce WRT src/secure/*telnet*/Makefile.
Also, add an "unifdef:" target, so that the telnet sources can
be remade from the crypto sources in src/crypto/telnet.
2001-11-30 21:34:51 +00:00
Andrew R. Reiter
e75fedcfd5 - Change parameters of signal handlers in order to be correct (they are
handed a integer, not void).
- No need to set flags to zero when they already will be.
- It was also noted the manner in which the signal handling has changed
  might possibly generate some problems (hangs possibly) -- these, while
  remaining in the code, will be fixed shortly (within a day).

Submitted by: bde
2001-11-28 17:29:04 +00:00
Brian Feldman
0cf1f69300 Add lomac.c.
Found by:	ken
2001-11-27 06:15:12 +00:00
Andrew R. Reiter
82cd5074ab - Fix some poor signal handler usage.
Reviewed by: -audit (and their silence), jhb, maintainer's silence
2001-11-26 17:53:02 +00:00
Ruslan Ermilov
aa54a2e830 mdoc(7) police: minor spelling, markup and style fixes. 2001-11-22 16:08:45 +00:00
Benno Rice
14f0ab1c53 Change the failure mode in option parsing to silently bailing out of option
negotiation rather than rejecting the request.

Apple OpenFirmware 3.0f3 (the version in my iMac) adds trailing garbage to the
end of an otherwise valid request.  Without this change, the requests were
rejected which prevented me from booting.

Reviewed by:	obrien
2001-11-22 05:08:35 +00:00
Brian Somers
b5c025b829 Don't leave dodgy looking spaces in HISMACADDR 2001-11-22 04:38:02 +00:00
Brian Somers
10ecab16ce Mention that HISMACADDR is set in the environment of child processes 2001-11-22 01:49:41 +00:00
Brian Somers
49bc93d736 Set HISMACADDR in the environment before envoking ppp.
MFC after:	1 week
2001-11-21 03:29:43 +00:00
Yaroslav Tykhiy
4cd48bace6 Eliminate another instance of the old and well-known
DoS bug that the select(2)/accept(2) pair is called on
a socket that is in the blocking I/O mode.  The bug is
triggered if a selected connection dies before the accept(2)
leading to the accept(2) blocking virtually forever.

MFC after:	1 week
2001-11-19 21:52:03 +00:00
Peter Wemm
14a55adf36 Update rtld for the "new" ia64 ABI. In the old toolchain, the
DT_INIT and DT_FINI tags pointed to fptr records.  In 2.11.2, it points
to the actuall address of the function.  On IA64 you cannot just take
an address of a function, store it in a function pointer variable and
call it.. the function pointers point to a fptr data block that has the
target gp and address in it.  This is absolutely necessary for using
the in-tree binutils toolchain, but (unfortunately) will not work with
old shared libraries.  Save your old ld-elf.so.1 if you want to use
old ones still.  Do not mix-and-match.

This is a no-op change for i386 and alpha.

Reviewed by:	dfr
2001-10-29 10:10:10 +00:00
Peter Wemm
d4cf88ddc4 Fix a dependency violation (branch after alloc) 2001-10-29 10:05:32 +00:00
David E. O'Brien
83c54719ed When we set our UID to `nobody', set an appropriate group also.
Submitted by:	peter
2001-10-22 01:55:40 +00:00
Bill Fenner
b9d45cebf4 The interface index space may be sparsely populated (e.g. when an
interface in the middle is if_detach()'d).  Return (and handle)
 ENOENT when the ifmib(4) is accessed for a nonexistent interface.

MFC after: 14 days
2001-10-17 04:12:29 +00:00
Doug Rabson
b5393d9f78 Add ia64 support. Various adjustments were made to existing targets to
cope with a few interface changes required by the ia64. In particular,
function pointers on ia64 need special treatment in rtld.
2001-10-15 18:48:42 +00:00
Yaroslav Tykhiy
7a29d7da50 Don't let a user name in ftpd's proctitle
be mistaken for a status message.

PR:		misc/25217
MFC after:	7 days
2001-10-12 13:16:34 +00:00
Yaroslav Tykhiy
11342ab1d0 Be consistent about indent at least within one block of code. 2001-10-12 13:06:40 +00:00
Doug Rabson
97571220e2 The support for accelerating find_symdef() with a cache was broken. This
fixes the problem and improves startup times for large applications such
as KDE2 considerably.

Reviewed by:	jdp
MFC after:	1 week
2001-10-10 07:15:01 +00:00
Ruslan Ermilov
9f619f7956 Terminate the array of execv(3) pointers by a NULL pointer in the edge case.
PR:		bin/30913
Submitted by:	Dimitri Lommers <dimitri@hinttech.com>
2001-10-04 09:02:10 +00:00
Ruslan Ermilov
a8838c5351 mdoc(7) police: markup nits. 2001-10-01 12:58:03 +00:00
Kris Kennaway
2e1c178949 Migrate uucpd to ports as well.
Noticed by:	ru
2001-10-01 07:53:13 +00:00
Andrey A. Chernov
896bddb546 1) Use OPIE response only when OPIE keys really used
2) Use commonly used OPIE response form instead of self-made one
2001-09-29 19:22:24 +00:00
Ian Dowse
7fe354ba91 Avoid a few compiler warnings (printf codes, missing includes etc).
PR:		bin/30864
Obtained from:	Dan Lukes <dan@obluda.cz>
MFC after:	1 week
2001-09-29 11:37:13 +00:00
Ian Dowse
c2c0f1952e Missing `break' statements caused two error messages to become
"unkown error" [sic]. Add the missing breaks, and correct the
spelling typo.

PR:		bin/30865
Submitted by:	Dan Lukes <dan@obluda.cz>
MFC after:	1 week
2001-09-29 10:31:28 +00:00
David E. O'Brien
c937411511 RFC2349 (http://www.hypermail.org/rfcs/rfc2349.html) adds support
for negotiation of timeout and file size to the tftp protocol.  This
is required by some firmware like EFI boot managers (at least on
HP i2000 Itanium servers) in order to boot an image using tftp.  The
attached patch implements the RFC, and in doing so also implements
RFC2347; a generic tftp option extension.

PR:		30710
Submitted by:	Espen Skoglund <esk@ira.uka.de>
2001-09-27 20:50:14 +00:00
Ian Dowse
3f48bf186f RFC2132 is not clear about whether the "Maximum DHCP Message Size"
refers to the size of the whole ethernet packet, just the DHCP
message within the UDP payload, or something else. bootpd interpreted
it as a maximum UDP payload size, so it could end up sending
fragmented packets to clients (such as some versions of Etherboot)
that used different interpretations of the maximum message size.

Switch to the most conservative interpretation: ensure that the
ethernet packet containing the response is no larger than the
specified maximum message size. This matches the behaviour of
the ISC dhcpd.

MFC after:	1 week
2001-09-25 21:02:10 +00:00
Mike Heffner
9ba6d8e420 Improve the description on how to construct ~ftp/pub. Specifically,
don't instruct users to set the directory mode 777.

PR:		30690
Obtained from:	NetBSD (with modification)
MFC after:	2 weeks
2001-09-25 02:43:45 +00:00
Ruslan Ermilov
9de6241784 Fixed some of style bugs. 2001-09-12 10:04:42 +00:00
Mike Heffner
b3a0a7cd53 Remove a field width specifier that's not doing anything more than
what using snprintf() achieves. It was also being used incorrectly.
2001-09-10 18:46:07 +00:00
Dima Dorfman
f218b7fcbb Include ttymsg.h from ../../usr.bin/wall instead of rolling our own
prototype.
2001-09-09 14:30:11 +00:00
Sheldon Hearn
481435871c Do the best we can with respect to fixing command-line option disorder
in the SYNOPSIS and DESCRIPTION.

Note that -l remains an ugly exception, to which no known rules apply,
since the specification of a single option multiple times isn't normal
standards-compliant CLI behaviour.

While here, mark AF_INET* and LOG_* defined values up with Dv.
2001-09-04 09:22:21 +00:00
Andrey A. Chernov
1012cb601c File positions are off_t nowdays, not long, so:
atoi -> strtoll
    fseek -> fseeko

    NOTE: that fseek not works for >long offsets per POSIX:

    [EOVERFLOW] For fseek( ), the resulting file offset would be a value which
    cannot be represented correctly in an object of type long.

Fix minor cast too.
2001-09-03 05:06:48 +00:00
Sheldon Hearn
1cc9f0bb31 Extend the functionality offered by the -o option into a new option
-O, which limits the impact of the write-only restriction to guest
users.

*) The existing manual page's SYNOPSIS and option listing in the
   DESCRIPTION are already horribly disordered.  No attempt has been
   made to fix this.

*) The existing source's getopt() optstring and option handling switch
   are already horribly disordered.  No attempt has been made to fix
   this.

Discussed with: nik, -audit
2001-09-02 17:24:19 +00:00
Andrey A. Chernov
e4a7111409 long -> off_t
long -> time_t
%ld -> %qd
fseek -> fseeko

NOTE: that fseek not works for >long offsets per POSIX:

[EOVERFLOW] For fseek( ), the resulting file offset would be a value which
cannot be represented correctly in an object of type long.
2001-09-02 14:18:28 +00:00
Mark Murray
6b022d0047 Manually unifdef(1) CRAY, UNICOS, hpux and sun uselsess code. 2001-08-29 14:16:17 +00:00
Nik Clayton
62513e761e Add a new option, '-o', for "Write-only". Disables the RETR command,
preventing anyone from downloading files.  In conjunction with -A, and some
appropriate file permissions, this lets you create an anonymous FTP drop
box for people to upload files to.

The more obvious "-w" flag is already taken by NetBSD's ftpd.  "-o" was
available as an option letter in all three BSDs.
2001-08-28 11:59:21 +00:00
Brian Somers
d1c27021a4 Put a parenthesis in the right place (DUH!).
This fixes the apparent immediate client timeout problem.
2001-08-25 23:41:37 +00:00
Dima Dorfman
39b7ac5a89 Remove description of an option that only applies to UNICOS < 7.0.
That define may still be present in the source, but I don't think
anyone has plans to try to use it.

Obtained from:	NetBSD
2001-08-25 21:29:12 +00:00
Brian Somers
321d268b28 Understand that a return value of 0 from NgRecvMsg() means that the
socket was closed.

This prevents erroneous ``Unexpected netgraph version'' from turning
up in the log.
2001-08-24 14:52:38 +00:00
Ruslan Ermilov
ad0ffd0a22 Added netid(5) manpage.
PR:		docs/25657
Obtained from:	OpenBSD
2001-08-21 15:39:15 +00:00
Brian Somers
b632f81aaa Handle snprintf() returning < -1. 2001-08-20 18:13:50 +00:00
Brian Somers
2449bf28ad Handle snprintf() returning -1.
MFC after:	2 weeks
2001-08-20 12:50:21 +00:00
Mark Murray
aa71cb52b5 Feature merging and diff reduction between this code and crypto telnet.
Also remove conditional (AUTHENTICATION) code as we have never compiled
it here, and it is doubtful that it even works in this scenario.
2001-08-20 12:12:27 +00:00
Ruslan Ermilov
753d686d34 mdoc(7) police: s/BSD/.Bx/ where appropriate. 2001-08-14 10:01:54 +00:00
Ruslan Ermilov
57e4378bf6 mdoc(7) police: protect trailing full stops of abbreviations
with a trailing zero-width space: `e.g.\&'.
2001-08-10 13:45:36 +00:00
Ruslan Ermilov
c4d9468ea0 mdoc(7) police:
Avoid using parenthesis enclosure macros (.Pq and .Po/.Pc) with plain text.
Not only this slows down the mdoc(7) processing significantly, but it also
has an undesired (in this case) effect of disabling hyphenation within the
entire enclosed block.
2001-08-07 15:48:51 +00:00
Bruce Evans
a7dff00b1e Don't clobber the default for CFLAGS. 2001-08-03 21:45:54 +00:00
Jonathan Chen
685233abc5 Fixes file descriptor leak in standalone mode.
Prevents simultaneous calls to updatestat() as function is not reentrant.

PR:		bin/24857
Submitted by:	Martin Butkus <mb@bagheera.thgwf.de>
MFC after:	1 month
2001-08-03 00:23:37 +00:00
Brian Somers
a63c2b97d7 Don't use SA_RESETHAND here. We gain nothing.
Suggested by: bde
2001-07-31 15:29:50 +00:00
Brian Somers
e9ffffff4b Add a -l flag used to specify a label when no -p flag is given.
Start new sentences on new lines in pppoed.8.

MFC after: 1 week
2001-07-31 11:45:53 +00:00
Brian Somers
7042cfcdd6 Use sigaction() without SA_RESTART rather than signal() so that we
don't block in NgRecvData() after receiving a signal.

MFC after: 1 week
2001-07-31 09:53:20 +00:00
Mike Heffner
75dc5f1a82 Rename the GLOB_MAXPATH flag of glob(3) to GLOB_LIMIT to be compatible
with NetBSD and OpenBSD. glob(3) will now return GLOB_NOSPACE with
errno set to 0 instead of GLOB_LIMIT when we match more than `gl_matchc'
patterns. GLOB_MAXPATH has been left as an alias of GLOB_LIMIT to
maintain backwards compatibility.

Reviewed by:	sheldonh, assar
Obtained from:	NetBSD/OpenBSD
2001-07-29 00:52:37 +00:00
Sheldon Hearn
e1b4d8d074 Use STD{ERR,IN,OUT}_FILENO instead of their numeric values. The
definitions are more readable, and it's possible that they're
more portable to pathalogical platforms.

Submitted by:   David Hill <david@phobia.ms>
2001-07-26 11:02:39 +00:00
Kris Kennaway
5179b63f5d Xref to openssl(1) (i.e. "openssl passwd")
PR:		28885
Submitted by:	Gregory Bond <gnb@itga.com.au>
MFC After:	1 week
2001-07-26 02:41:53 +00:00
Dima Dorfman
3fd95272b3 yp_errno is an enum ypstat.
PR:		29190
Submitted by:	Cristan Szmajda <cristan@unsw.edu.au>
Reviewed by:	md5(1)
2001-07-24 12:33:08 +00:00
Kris Kennaway
5007eafa5e Save errno in signal handler
Obtained from:	OpenBSD
MFC After:	1 week
2001-07-24 05:41:13 +00:00
Kris Kennaway
66e9cfc57f MFcrypto/telnet/telnetd: Correct semantics of output_data*() and netflush()
to ensure deterministic operation
2001-07-23 22:00:51 +00:00
Kris Kennaway
3697d3f8ca by by -> by
Obtained from:	OpenBSD
MFC After:	1 week
2001-07-23 11:00:31 +00:00
Ruslan Ermilov
989a718dbb MFCrypto: fixed the remote buffer overflow. 2001-07-20 15:14:03 +00:00
David E. O'Brien
4b40ae1e46 Portability configuration data for LukeM ftpd. 2001-07-19 17:45:14 +00:00
Dima Dorfman
7ebcc426ef Remove whitespace at EOL. 2001-07-15 07:53:42 +00:00
Brian Somers
76dada465b Print the month number properly
MFC after: 1 week
2001-07-13 15:07:06 +00:00
Brian Somers
5d2ed9f13b Remove an extraneous space 2001-07-11 23:02:07 +00:00
Ruslan Ermilov
0efe23d669 mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 10:49:54 +00:00
Mark Murray
fa1746c93c Remove S/Key. PAM can do its job. Well, not quite - there is an issue
with the conversation function and challenges which needs to be
revisited, so in the interim a hack is introduced to provide
an OPIE challenge (which is random if OPIE does not apply)
at all non-anonymnous logins.
2001-07-09 17:46:24 +00:00
Mark Murray
20934175ae Goodbye S/Key, Hello OPIE.
I believe I have done due dilligence on this, but I'd appreciate
decent test scenarios and sucess (or failure) reports.
2001-07-09 17:34:22 +00:00
Dima Dorfman
70d51341bf mdoc(7) police: remove extraneous .Pp before and/or after .Sh. 2001-07-09 09:54:33 +00:00
Brian Somers
7bc6d0158f Fix the type of the NULL arg to execl()
Idea from: Theo de Raadt <deraadt@openbsd.org>
2001-07-09 09:24:06 +00:00
Ruslan Ermilov
5521ff5a4d mdoc(7) police: sort SEE ALSO xrefs (sort -b -f +2 -3 +1 -2). 2001-07-06 16:46:48 +00:00
Ruslan Ermilov
d7075b330a mdoc(7) police: sort xrefs. 2001-07-04 13:30:53 +00:00
Ruslan Ermilov
bbe745973d mdoc(7) police: removed hard sentence breaks. 2001-07-04 13:27:05 +00:00
Mike Heffner
33a22f46e0 stat(2) filesystem quotas act on, not filesystem quotas file resides on.
PR:		bin/4949
MFC after:	2 weeks
2001-06-19 04:45:50 +00:00
Jimmy Olgeni
c8c4ff4416 Fix some typos.
MFC after:	1 week
2001-06-15 11:25:26 +00:00
Dima Dorfman
ad442344b6 Move the definition of epsvall out of #ifdef VIRTUAL_HOSTING so that
the latter is not required for ftpd to compile.
2001-06-13 00:06:42 +00:00
Guy Helmer
7582054e10 Fix the number of bytes allocated by realloc when more space is needed
for the vector of arguments.

MFC after:	1 week
2001-06-07 20:05:18 +00:00
Yaroslav Tykhiy
db563f3175 Add 'df' string to gettytab - the strftime(3) format for %d
in the banner messages (of course, defaults to "%+").

Submitted by:	Gleb Smirnoff <glebius@tak.estra.ru>
2001-06-07 13:53:23 +00:00
Dima Dorfman
4513fdec5e In the "Message from Talk_Daemon" announcement, print the date as well
as the current time.  It's nice to know whether the talk request you
see was sent just a few minutes ago (assuming you didn't hear the
bell), or if it's been decaying for days (weeks?).
2001-06-07 05:26:57 +00:00
Maxim Sobolev
fe11f6f605 Correct cross-references:
ng_bpf.8    --> ng_bpf.4
  ng_ether.8  --> ng_ether.4
  ng_iface.8  --> ng_iface.4
  ng_pppoe.8  --> ng_pppoe.4
  ng_socket.8 --> ng_socket.4
  ng_tty.8    --> ng_tty.4
  ng_{type}.4 --> /dev/null

MFC after:	1 week
2001-06-05 12:40:03 +00:00
Ruslan Ermilov
4cf39050cc Use new backup feature of install(1). 2001-05-28 16:58:35 +00:00
John Polstra
c15e7faad5 Performance improvements for the ELF dynamic linker. These
particularly help programs which load many shared libraries with
a lot of relocations.  Large C++ programs such as are found in KDE
are a prime example.

While relocating a shared object, maintain a vector of symbols
which have already been looked up, directly indexed by symbol
number.  Typically, symbols which are referenced by a relocation
entry are referenced by many of them.  This is the same optimization
I made to the a.out dynamic linker in 1995 (rtld.c revision 1.30).

Also, compare the first character of a sought-after symbol with its
symbol table entry before calling strcmp().

On a PII/400 these changes reduce the start-up time of a typical
KDE program from 833 msec (elapsed) to 370 msec.

MFC after:	5 days
2001-05-05 23:21:05 +00:00
David E. O'Brien
5e6220d9d0 * include/elf.h has been repo copied to include/elf-hints.h, and it no
longer includes machine/elf.h.
* consumers of elf.h now use the minimalist elf header possible.

This change is motivated by Binutils 2.11.0 and too much clashing over
our base elf headers and the Binutils elf headers.
2001-05-02 23:56:21 +00:00
David Malone
ea66ccbf96 Avoid a warning by making a variable a const char *. 2001-05-01 10:35:20 +00:00
Mark Murray
3a6235e555 Replacement of the old error() routine with errx(3) was premature.
There are protocol issues to deal with.

Bring back this routine (renamed to avoid a library conflict in libssh)
and overhaul it for more 21st Century style coding.

Pointed out by:	bde
2001-04-29 17:50:29 +00:00
Mark Murray
c0264d438b Grrr. Fix a line that was fatfingered out during the cleanup.
Submitted by:	bde
Pointy hat:	markm
2001-04-29 09:03:52 +00:00
Mark Murray
c7d9dcd340 Cleaner method of making PAMable apps static (in the optional case of
wanting static apps).
2001-04-28 15:18:10 +00:00
Mark Murray
9c3f4f5208 Damn. That should be _enable_ static linking, not _force_ static linking. 2001-04-28 07:58:12 +00:00
Mark Murray
d0392caa7b Enable (optional) static linking.
Asked for by:	BDE
2001-04-28 07:56:49 +00:00
Mark Murray
618b0bba1f Change names of functions and variables with global scope that are
in conflict with library values of the same name. This allows static
linking.
2001-04-28 07:55:19 +00:00
Mark Murray
f9ebf4c2b5 Allow static linking.
Asked for by:	BDE
2001-04-28 07:44:37 +00:00
Mark Murray
8490ea92d6 Clean up the error handling code a bit. There is no need to "roll our
own" error() routine when errx() is available. This resolves a conflict
when linking statically.
2001-04-28 07:43:01 +00:00
Kris Kennaway
6e76e16fe6 Replace a strcat() with a strlcat(). Partial sync with OpenBSD; more
work is needed.

Submitted by:	"Andrew R. Reiter" <arr@watson.org>
Obtained from:	OpenBSD
2001-04-24 10:33:46 +00:00
Ruslan Ermilov
eb0838029f mdoc(7) police: normalize .Nd. 2001-04-18 15:54:10 +00:00
Ruslan Ermilov
5f95f24bf4 mdoc(7) police: uppercase document title. 2001-04-18 08:25:26 +00:00
Peter Wemm
70825609cf Previous clobbered a work-in-progress. Here is the merged result:
Limit the "pathname" glob to one item, as that is what all users of it
are expecting, except for LIST.

Always glob, instead of when the first character is a ~.  For example,
if you had directories ~/x1, and ~/x2, then "cwd x[1]" would fail, but
"cwd ~/x[1]" would work since it was globbed due to the ~ character.
Also, "cwd ~/x[12]" used to arbitarily work as it used the first
expansion (ie: x1) without an error.  Make it return '550 ambiguous'
instead of '550 not found' so that the user can see the difference.

For LIST, just use the user supplied string as the popen does the glob.

Problem noticed by:  Ajay Mittal <amittal@iprg.nokia.com>
2001-04-17 03:03:45 +00:00
Chris D. Faulhaber
6d3fe674ce Limit number of paths returned via glob() for authorized users
using tilde expansion.
2001-04-17 02:33:20 +00:00
Brian Feldman
7d6505e64e Support the empty "PASS\r\n" command. 2001-04-16 22:20:26 +00:00
Ruslan Ermilov
6a01974b78 Document that SITE extensions are disabled for anonymous logins.
Obtained from:	logdaemon package by Wietse Venema
2001-04-16 14:51:11 +00:00
Poul-Henning Kamp
53ba84a69e Add the "SITE MD5 filename" facility.
This allows you to determine if the file on the other side is the same
as the one you have without transferring the entire file to compare.

Needless to say, if the server end lies to you this check doesn't work,
but on the other hand, if it lies to you about the files checksum,
what can you trust from it ?
2001-04-15 20:59:29 +00:00
Ruslan Ermilov
b9ad8c8635 beforeinstall -> SCRIPTS. 2001-04-07 11:21:35 +00:00
Ruslan Ermilov
3e2b2e79c3 mdoc(7) police: cosmetics. 2001-04-04 10:33:13 +00:00
Ruslan Ermilov
4ecbb30346 Bye-bye /usr/lib/libtelnet.a. This should fix ``make release'' brokeness.
Approved by:	markm
2001-03-28 12:08:22 +00:00
Mark Murray
5bc9d93db3 Add full PAM support for account management and sessions.
The PAM_FAIL_CHECK and PAM_END macros in su.c came from the util-linux
package's PAM patches to the BSD login.c

Submitted by:	"David J. MacKenzie" <djm@web.us.uu.net>
2001-03-27 19:40:51 +00:00
Ruslan Ermilov
e5b5c66bca - Backout botched attempt to intoduce MANSECT feature.
- MAN[1-9] -> MAN.
2001-03-26 14:22:12 +00:00
Ruslan Ermilov
0dc44b5add Do not build (and install) both secure/ and standard versions
of libtelnet, telnetd, and telnet.  This only worked because
secure/ was listed late in SUBDIR in Makefile.inc1.

Reviewed by:	markm
2001-03-26 12:49:05 +00:00
Ruslan Ermilov
0414fc4dd0 Don't use MANDEPEND and MANSRC. 2001-03-26 07:28:26 +00:00
Alfred Perlstein
cc74aaddad change callrpc() from taking "char *" args, I'm quite sure they really meant
to use "void *".

remove a duplicate prototype for callrpc() from libexec/ypxfr/ypxfr_extern.h
2001-03-23 16:14:49 +00:00
Ruslan Ermilov
020ee2dc9f Set the default manual section for libexec/ to 8. 2001-03-20 18:10:13 +00:00
Jonathan Lemon
6d10cb2f6f Teach ftpd about the new GLOB_MAXPATH flag. 2001-03-19 19:11:00 +00:00
Dag-Erling Smørgrav
1f15c0d66c When the file was transferred using sendfile(2), we forgot to keep track
of the transferred byte count. MFC candidate.

PR:		bin/25699
2001-03-11 13:20:44 +00:00
Kris Kennaway
276c4a5d47 First appeared in 4.3, not 5.0 2001-03-04 09:15:55 +00:00
Dag-Erling Smørgrav
e22887cdda Change the read-only reply to "550 Permission denied.". 2001-02-19 21:51:26 +00:00
Jeroen Ruigrok van der Werven
7c63796828 Preceed/preceeding are not english words. Use precede or preceding. 2001-02-18 10:25:42 +00:00
Ruslan Ermilov
8654bd76ea mdoc(7) police: simplify construct. 2001-02-14 09:56:37 +00:00
Jeroen Ruigrok van der Werven
1debc9f69d Synch: Properly constify sccsid[].
Replace bcopy() with memmove().
2001-02-07 22:25:56 +00:00
Jeroen Ruigrok van der Werven
197640b1d7 Synch: Prefer memmove() over bcopy(). 2001-02-07 22:22:57 +00:00
Jeroen Ruigrok van der Werven
a4322ab2f6 Synch: Properly constify sccsid[]. 2001-02-07 22:20:44 +00:00
Jeroen Ruigrok van der Werven
6f76661f7f Synch: prefer memmove() over bcopy(), since the first is a C-standard
interface, whilst the latter is a BSD'ism.
2001-02-07 22:18:58 +00:00
Jeroen Ruigrok van der Werven
2fa72ea7d4 Fix typo: compatability -> compatibility.
Compatability is not an existing english word.
2001-02-06 12:05:58 +00:00
Jeroen Ruigrok van der Werven
9a01d32bfd Fix typo: seperate -> separate.
Seperate does not exist in the english language.

Submitted to look at by:	kris
2001-02-06 10:39:38 +00:00
Jeroen Ruigrok van der Werven
f09deb6962 Fix typo: wierd -> weird.
There is no such thing as wierd in the english language.
2001-02-06 09:25:10 +00:00
Jeroen Ruigrok van der Werven
67034ac6ad Fix tftpd and tftp to support file transfers of over 65535 blocks
(about 31 MB - 32 MB).

Submitted (partially)
	by: Pascal Hofstee <daeron@wit401305.student.utwente.nl>
2001-02-02 10:53:02 +00:00
Nik Clayton
e9f391478b Structure the options listing to be more standard.
The PR also included documentation for other options, but upon
inspection of the source these options aren't used.

PR:             docs/24149
Submitted by:   Jesse Monroy, Jr. <opentrax@email.com>
2001-02-02 03:29:09 +00:00
Ruslan Ermilov
d0353b836e mdoc(7) police: split punctuation characters + misc fixes. 2001-02-01 16:38:02 +00:00
Jeroen Ruigrok van der Werven
f043ac0627 Add static dependency to libisc to get isc_movefile().
Submitted by:	Munehiro Matsuda <haro@kubota.co.jp>
2001-01-29 07:56:34 +00:00
Bill Fumerola
1ed0e5d2e1 Add -c/C which chroots by IP of tftp client, (i.e. /tftproot/127.0.0.1/). 2001-01-25 04:20:25 +00:00
Chris D. Faulhaber
3fca54b652 Limit commands that can be issued when not logged in:
TYPE, STRU, MODE, ALLO, STAT, ABOR, SITE IDLE, SYST, REST

Reviewed by:	kris, sheldon
2001-01-20 01:34:22 +00:00
Chris D. Faulhaber
b27e228ca9 Check malloc() and strdup() return values
Reviewed by:	kris
2001-01-20 00:29:31 +00:00
Ruslan Ermilov
bd26f2dafc man(7) -> mdoc(7). 2001-01-16 13:12:21 +00:00
Ruslan Ermilov
896eb7d10c Prepare for mdoc(7)NG. 2001-01-16 09:15:57 +00:00
Doug Barton
10fe5181ec Move the process of storing entropy from /dev/random and reseeding with
it at boot time closer to the way we want it to be in the final version.

* Move the default directory to /var/db/entropy
* Run the entropy saving cron job every 11 minutes. This seems
  to be a better default, although still bikeshed material.
* Feed /dev/random some cheesy "entropy" from various commands
  and files before the disks are mounted. This gives /dev/random
  a better chance of running without blocking early.
* Move the reseeding with previously stored entropy to the point
  immediately after the disks are mounted.
* Make the harvesting script a little safer in regards to the
  possibility of accidentally overwriting something other
  than a regular file.
2001-01-14 07:18:31 +00:00
Doug Barton
27a803d631 Add a system to save entropy from /dev/random periodically so that
it can be used to reseed at boot time. This will greatly increase
the chances that there will be sufficient entropy available at
boot time to prevent long delays.

For /etc/rc, remove the vmstat and iostat runs from the attempt
to provide some cheesy randomness if the files fail, since
those programs are dynamically linked, and ldd seems to want
some randomness to do its magic.

Guidance and parameters for this project were provided by
Mark Murray, based on the requirements of the Yarrow
algorithm. Some helpful suggestions for implementation
(including the tip about iostat and vmstat) were provided
by Sheldon Hearn. All blame for problems or mistakes is
mine of course.
2001-01-11 13:01:20 +00:00
John Polstra
27e2c03506 Fix a bug in which a program called dlclose from a destructor and
got an assert failure in the dynamic linker.
2001-01-05 04:36:17 +00:00
Ruslan Ermilov
0f069ea22c Prepare for mdoc(7)NG. 2000-12-27 14:15:06 +00:00
Ruslan Ermilov
58eaff2332 Prepare for mdoc(7)NG. 2000-12-20 13:26:01 +00:00
Dan Moschuk
f6f0c4b90d In send_data(), use sendfile() instead of the mmap() algorithm. 2000-12-20 03:34:54 +00:00
Ruslan Ermilov
19a05e112f mdoc(7) police: removed hard sentence breaks, run through spell-checker. 2000-12-18 08:33:25 +00:00
Dmitry Sivachenko
3276496d94 Fix typo.
PR:		23591
Submitted by:	mavetju@chello.nl
2000-12-17 17:45:22 +00:00
Poul-Henning Kamp
a4b77a2aaa Add option -E to disable EPSV which throws certain stateful firewalls
into confusion.

Add option -r to make ftpd support only read-only operations.

Submitted by:	Flemming (F3) Jacobsen <fj@batmule.dk>
Reviewed by:	phk
2000-12-16 19:19:19 +00:00
Ruslan Ermilov
ed40311694 mdoc(7) police: removed history info from the .Os FreeBSD call. 2000-12-14 11:52:05 +00:00
Julian Elischer
05eff81e04 Add support for advertising the service we support if the
PADI packet contains a NULL service.  This is apparently the desired
behaviour in this case, though we only allow advertising one
service. You could run multiple pppoeds to advertise multiple services.
2000-12-13 00:27:33 +00:00
Ruslan Ermilov
e22bb3897a mdoc(7) police: .Os CMU -> .Os, split authors for better output. 2000-12-12 15:31:21 +00:00
Ruslan Ermilov
a2fd3702a3 mdoc(7) police: use canonical form of .Dd macro. 2000-12-11 15:15:20 +00:00
Assar Westerlund
ba688fa510 (scrub_env): change to only accept a listed set of variables,
including only non-filename contents for TERMCAP
2000-12-10 20:50:20 +00:00
David E. O'Brien
1a37aa566b Add `_PATH_DEVZERO'.
Use _PATH_* where where possible.
2000-12-09 09:35:55 +00:00
Ruslan Ermilov
114c43dcf8 Whitespace-only to sync with -stable. 2000-12-07 15:09:48 +00:00
Ruslan Ermilov
2961f2ed60 MFS: Silence compilation warnings. 2000-12-07 14:59:11 +00:00
Brian Somers
b884490bc0 Drop out of our main loop due to a signal rather than handling things in the
signal handler.
Fix a spelling error.

Subtley pointed out by: bde

Make some stuff static
2000-12-04 22:13:30 +00:00
David E. O'Brien
2c5569d6ff The GCC 2.96 snapshots have slightly different rules for finding include
files.  Mostly -I${.CURDIR} was needed -- especially for YACC generated
files as the new cpp does not look in the ultimate source file
(ie, the .y file)'s directory as told by the "#line" directive.  Some were
misspellings of "-I${.CURDIR}" as "-I.".
2000-12-01 09:39:28 +00:00
David E. O'Brien
d548f6db32 There is no src/contrib-crypto/ anything directory. So don't look for
include files in subdirs of it.
2000-12-01 06:34:44 +00:00
Philippe Charnier
57757e9f36 Remove unused #include. Use getopt(3). Add usage() with syslog(3) cap. 2000-11-28 18:15:25 +00:00
Kris Kennaway
b63695f384 Constify 2000-11-27 07:21:37 +00:00
Daniel O'Callaghan
3fbaa839f9 Prevent leakage of information about anonymous user's homedir
via 'QUOTE CWD'.

Reviewed by:	des
2000-11-26 23:33:36 +00:00
Kris Kennaway
97ad2a1bc4 Correct definition of MAXHOSTNAMELEN in ifdef'ed out code. 2000-11-26 22:18:11 +00:00
Kris Kennaway
f6fd83ed27 Correct definition of MAXHOSTNAMELEN in ifdef'ed code.
Submitted by:	Edwin Groothuis <mavetju@chello.nl>
PR:		bin/22787
2000-11-26 21:37:51 +00:00
Kris Kennaway
a16f31237a Constify 2000-11-26 10:21:54 +00:00
Kris Kennaway
18fdc5893a Don't hard-code a buffer size 2000-11-26 10:05:06 +00:00
Ruslan Ermilov
760819894e mdoc(7) police: use the new features of the Nm macro. 2000-11-20 14:42:24 +00:00
Kris Kennaway
ffd4007070 Format string paranoia 2000-11-19 13:30:36 +00:00
Kris Kennaway
3fb3b78f0f Format string paranoia 2000-11-19 12:46:16 +00:00
Kris Kennaway
e10471bbba L_SET -> SEEK_SET
Obtained from:	OpenBSD
2000-11-19 10:56:14 +00:00
Kris Kennaway
b601f693db Format string paranoia
Obtained from:	OpenBSD
2000-11-19 10:52:10 +00:00
Kris Kennaway
75dd9c65fa Don't use sizeof() on a pointer when we really wanted to measure
the length of the array.

Noticed by:	Christos Zoulas <christos@ZOULAS.COM>
Obtained from:	OpenBSD
2000-11-19 10:01:27 +00:00
John W. De Boskey
46ee285632 Check return code from login_tty. Allow getty to try and become
a daemon and session leader (thus allowing getty to be run from
a shell command line or script).

Partially Reviewed by:	bde
2000-11-19 02:10:25 +00:00
Brian Somers
80e2e6b62f Go back to populating data_len in struct ngpppoe_init_data. 2000-11-16 23:15:42 +00:00
Ben Smithurst
76a06f8483 remove trailing periods from SEE ALSO. 2000-11-15 17:27:54 +00:00
Ruslan Ermilov
b5c508fba3 Use Fx macro wherever possible. 2000-11-14 11:20:58 +00:00
Ruslan Ermilov
726b61ab5f Avoid use of direct troff requests in mdoc(7) manual pages. 2000-11-10 17:46:15 +00:00
Dirk Froemberg
59cc881262 Fix to=auto in bootptab.
PR:		misc/5574
Submitted by:	Bart Robinson <lomew@marker.cs.utah.edu>
Reviewed by:	wollman
2000-11-10 12:19:53 +00:00
John Polstra
c1ff193db4 Remove the superfluous call to _rtld_error() in symlook_default().
The function's callers generate the error message when appropriate.

This eliminates the message ``Undefined symbol "__register_frame_info"''
which was bogusly returned by dlerror() in some cases.
2000-11-07 22:41:53 +00:00
Kris Kennaway
4147bd4426 Filter out some more magic environment variables used by libraries linked
with telnetd. This should really be done with a positive filter - i.e.
only allow through a configured list of variables.

Also do some buffer-safety cleanups while I'm here - I don't think these
are exploitable.
2000-10-31 05:29:54 +00:00
Brian Somers
fbf0385368 Use the new-style ngpppoe_init_data structure.
Approved by: archie
2000-10-31 02:46:12 +00:00
Gregory Neil Shapiro
d1ba25f456 Add a MAINTAINER= line so people know who to blame 2000-10-26 23:02:36 +00:00
Guido van Rooij
ea413ab7ad Fix broken PAM with SKEY behaviour: the skey.access file checks
were broken because the code failed to set PAM_RHOST.
2000-10-12 10:21:05 +00:00
Ruslan Ermilov
6f1214d918 Removed broken PAM support from rshd(8) and rlogind(8). rshd does
not allocate a pty(4) so it is not suitable at all for interactive
PAM modules.  rlogind calls login(1) which is already PAM enabled.

Approved by:	markm
2000-10-12 07:18:20 +00:00
Gregory Neil Shapiro
c6cc60252d Style fixes 2000-10-11 05:04:21 +00:00
Gregory Neil Shapiro
1e1c8c164c mail.local(8) is no longer installed as a set-user-id binary.
Users may have to adjust their configuration to call mail.local as root
by adding the F=S flag to the local mailer.  Most probably already have this.
2000-10-10 18:12:30 +00:00
Garrett Wollman
eb2fc78027 Don't depend on <sys/stat.h> bogusly including <sys/time.h> (and thereby
<time.h>).
2000-10-10 01:50:26 +00:00
Ruslan Ermilov
9b376c9084 Make it compile without -DNO_PAM again. 2000-10-06 17:08:31 +00:00
Brian Somers
fd845ee4c3 o Load netgraph.ko, ng_ether.ko and ng_pppoe.ko as required (I'm sure this
used not to be necessary).
o Allow ``-n ngdebug'' to specify something to pass to NgSetDebug()
  and redirect NgSetDebug() output to syslog(8) in daemon() mode.
o Xref ng_ether(8) and NgSetDebug(4).
o Correct the type of the response passed to NgRecvData.
2000-10-03 20:41:00 +00:00
John Polstra
185db83c04 Add support for dlsym(RTLD_DEFAULT, ...). 2000-09-19 04:27:16 +00:00
Gregory Neil Shapiro
cf1fec423a Give users a way to alter the sendmail (and related utilities) build
environment so they can enable functionality such as SASL, LDAP, Hesiod.
2000-09-17 00:41:33 +00:00
Garrett Wollman
67c31d5008 Some more slight doco fixes: update date, and add a bit more to the history. 2000-09-14 19:20:17 +00:00
Garrett Wollman
f62eaadff1 Allow tftpd to run as a specified user, not just `nobody'.
Update documentation to reflect new option.  Also fix documentation
style and add missing references.

PR:		21268
Submitted by:	"Aleksandr A. Babaylov" <babolo@links.ru>
Reviewed by:	imp
2000-09-14 19:08:29 +00:00