Commit Graph

1142 Commits

Author SHA1 Message Date
Bill Fumerola
a273f3ae41 properly refuse a connection in the -c case if the client ip's subdirectory
does not exist.

PR:		bin/38303
Submitted by:	Woei-Luen, Shyu <m8535@cn.ee.ccu.edu.tw>
the committed patch differs from the submitted one, any inaccuracies are mine.
2003-04-19 10:14:43 +00:00
Matthew N. Dodd
623b6bd2f9 Code cleanups and sanity checking for config file parser. 2003-04-10 01:44:19 +00:00
Matthew N. Dodd
29ade36225 Dynamic object dependency mapping: libmap.
This is an optional feature, disabled by default.

This will be useful to people testing the various POSIX threading
libraries under -CURRENT but can easily serve other needs.
2003-04-07 16:21:26 +00:00
Juli Mallett
02a0965ef6 MFp4 @27667: WARNS=5 cleanup on i386.
Remove the unused FILE\ *tf from print_mesg args, and the
    bogus passing in of an uninitialised FILE* for it.

    Call a timeval 'now' instead of 'clock' due to shadowing.

    Remove a nested localtime declaration.

    Make the delete invite argument match the ID type, u_int32_t.

    Use const for pointers to const items.

    Cast to long where printing as such.

    Include netinet/in.h for htonl/htons.

Reviewed by:	imp
2003-04-03 05:13:27 +00:00
Ruslan Ermilov
4d63e8de71 Mark bits that do not require an object directory as such. 2003-04-01 12:37:54 +00:00
Mike Silbersack
d28af25586 Update the description of the -u option to mention that IP_PORTRANGE_HIGH
and _DEFAULT are the same for 5.x.

Committed under threat of action from:	The mdoc police
2003-03-25 22:20:02 +00:00
David Malone
f49c0dc0f2 Clean up some warnings that don't result in a change in the object file:
Constness, missing prototypes, non-ansi prototypes, missing
initialisers, unnecessary declarations, shadowing.

Reviewed by:	md5
2003-03-20 22:42:22 +00:00
Arun Sharma
35522a0aa1 Fix for ia64/48024 - ensure function pointer equality across elf
objects.

Programs such as sshd depend on two pointers to the same function being
equal in a given process. However, the current ia64 implementation
ensures that they're equal when both the pointers are instantiated in
the same ELF object. The attached patch ensures that they're equal
irrespective of where they're instantiated.

Reviewed by marcel@ (mentor) and kan@
2003-03-19 21:38:27 +00:00
Poul-Henning Kamp
7194d335cf Run a revision of the devstat interface:
Kernel:

Change statistics to use the *uptime() timescale (ie: relative to
boottime) rather than the UTC aligned timescale.  This makes the
device statistics code oblivious to clock steps.

Change timestamps to bintime format, they are cheaper.

Remove the "busy_count", and replace it with two counter fields:
"start_count" and "end_count", which are updated in the down and
up paths respectively.  This removes the locking constraint on
devstat.

Add a timestamp argument to devstat_start_transaction(), this will
normally be a timestamp set by the *_bio() function in bp->bio_t0.
Use this field to calculate duration of I/O operations.

Add two timestamp arguments to devstat_end_transaction(), one is
the current time, a NULL pointer means "take timestamp yourself",
the other is the timestamp of when this transaction started (see
above).

Change calculation of busy_time to operate on "the salami principle":
Only when we are idle, which we can determine by the start+end
counts being identical, do we update the "busy_from" field in the
down path.  In the up path we accumulate the timeslice in busy_time
and update busy_from.

Change the byte_* and num_* fields into two arrays: bytes[] and
operations[].

Userland:

Change the misleading "busy_time" name to be called "snap_time" and
make the time long double since that is what most users need anyway,
fill it using clock_gettime(CLOCK_MONOTONIC) to put it on the same
timescale as the kernel fields.

Change devstat_compute_etime() to operate on struct bintime.

Remove the version 2 legacy interface: the change to bintime makes
compatibility far too expensive.

Fix a bug in systat's "vm" page where boot relative busy times would
be bogus.

Bump __FreeBSD_version to 500107

Review & Collaboration by:	ken
2003-03-15 21:59:06 +00:00
Poul-Henning Kamp
a57042df90 Update to current devstat API. 2003-03-15 21:04:50 +00:00
Alexander Kabaev
63c1e7cb8d Free obj->priv field in obj_free functions. This field is NULL
on all architectures except ia64, which uses it to keep function
description table.
2003-03-14 21:11:28 +00:00
Alexander Kabaev
605f36fc1e No need to zero fill memory, mmapped anonymously. Kernel will
return pre-zeroed pages itself.

Noticed by:     jake
2003-03-14 21:10:13 +00:00
Ruslan Ermilov
ace5be682d mdoc(7) police: Scheduled sweep. 2003-02-24 22:53:26 +00:00
Ruslan Ermilov
af118f2db4 mdoc(7) police: expand contraction. 2003-02-23 01:45:51 +00:00
Alexander Kabaev
fa4a502e77 Do not remove object from the lists at the unref_dag() stage.
Introduce a new unlink_object() function and call it in
unload_object() instead. Removing the object in unref_dag() is
too early, rtld calls _fini() function after that and shared
objects might fail resolve their own symbols.
2003-02-17 20:58:27 +00:00
Poul-Henning Kamp
fd3a502df2 Add #include <sys/resource.h> 2003-02-16 15:21:26 +00:00
Poul-Henning Kamp
1b16b28926 Remove <sys/dkstat.h> #include 2003-02-16 14:09:16 +00:00
Alexey Zelkin
d9943f166b Advertize rtld(1) as ld.so(1) in manual pages world 2003-02-13 23:07:28 +00:00
Alexander Kabaev
2542b742f1 Fix a typo in rtld_dirname. 2003-02-13 22:47:41 +00:00
Alexander Kabaev
42d206e975 Implement dlinfo() function.
Introdice RTLD_SELF special handle and properly process it within
dlsym() and dlinfo() functions.

The intention is to improve our compatibility with Solaris and
to make a Java port easier.

Partially submitted by:	phantom
2003-02-13 17:47:44 +00:00
Alexander Kabaev
92b0ec0832 Add missing include files I forgot about in previous commit. 2003-02-13 17:35:00 +00:00
Alexander Kabaev
d38a104b75 Remove /usr/lib/elf from a default search path.
Move xprintf to malloc.c, it is only used there. Make static.

Submitted by:	phantom
2003-02-13 17:05:10 +00:00
Yaroslav Tykhiy
f29288c05e Kill unnecessary vertical whitespace. 2003-02-11 14:10:48 +00:00
Yaroslav Tykhiy
b8939f6fa6 Use LOG_AUTHPRIV to hide the username attempted during an invalid login
from everyone but sysadmins.

PR:		bin/29487
MFC after:	3 days
2003-02-11 11:58:33 +00:00
Alexander Kabaev
f8d7256a27 When unloading dependencies make sure they are removed from all the
associated lists:
   remove RTLD_GLOBAL objects from global objects list;
   remove the parent object from dldags list of its children.

Previosly we were doing that only to the top-level object OF the DAG
being unloaded and all its dependencies were ignored, leading to
mysterious crashes later.

Submitted by:	peter (partially)
2003-02-10 23:15:07 +00:00
Philippe Charnier
538015aa3b Add FBSDID. udp/bootps -> bootps/udp. Use err(3). 2003-02-05 13:45:25 +00:00
Yaroslav Tykhiy
31f77a4b49 Allow "~/" in pathnames to work for a chrooted user. 2003-02-05 11:11:32 +00:00
Yaroslav Tykhiy
6cfbc84115 Let tilde expansion be done even if a file/directory doesn't exist yet.
This makes such natural commands as "MKD ~user/newdir" or "STOR ~/newfile"
do what they are supposed to instead of failing miserably with the
"File not found" error.

This involves a bit of code reorganization.  Namely, the code doing
glob(3) expansion has been separated to a function; a new function
has been introduced to do tilde expansion; the latter function is
invoked on a pathname before the former one.  Thus behaviour mimicing
that of the Bourne shell has been achieved.
2003-02-04 17:50:38 +00:00
Yaroslav Tykhiy
50618d61ae RFC 959 doesn't list reply code 550 as a valid responce to STOR/STOU,
so return reply code 553 to indicate a error from open(2) for consistency,
as long as the code is used in the rest of the STOR/STOU handler.
2003-02-04 03:33:25 +00:00
David E. O'Brien
f7093daaae Add OPIE and PAM libs to the mix. 2003-02-02 21:11:15 +00:00
David E. O'Brien
99994ce124 OPIE and PAM bits to agument LukeMftpd.
Submitted by:	mikeh (reworked by me)
2003-02-02 21:06:10 +00:00
Yaroslav Tykhiy
ea7012261a Let real users access special files through FTP
if allowed by their filesystem permissions.

This doesn't break anything since using sendfile(2)
is triggered later by a separate S_ISREG conditional.

PR:		bin/20824
MFC after:	1 week
2003-01-31 13:18:55 +00:00
Yaroslav Tykhiy
88b707218e When searching for a unique file name in guniquefd(),
distinguish between the cases of an existing file and
a real system error, such as I/O failure, no access etc.

MFC after:	3 days
2003-01-29 17:04:07 +00:00
Yaroslav Tykhiy
c152df28e5 Add a new option to ftpd(8), "-h", to disable printing any
host-specific information in FTP server messages (so paranoid
admins can sleep at night :-)

PR:		bin/16705
MFC after:	1 week
2003-01-29 10:58:58 +00:00
Yaroslav Tykhiy
ce9287fc02 Give the code around chroot(2)/chdir(2) a major overhaul by
separating its part around chroot(2) from that around initial
chdir(2).  This makes the below changes really easy.

Move seteuid(to user's uid) to before calling chdir(2).  There are
two goals to achieve by that.  First, NFS mounted home directories
with restrictive permissions become accessible (local superuser
can't access them if not mapped to uid 0 on the remote side
explicitly.)  Second, all the permissions to the home directory
pathname components become effective; previously a user could be
carried to any local directory despite its permissions since the
chdir(2) was done with euid 0.  This reduces possible impact from
FTP server misconfiguration, e.g., assigning a wrong home directory
to a user.

Implement the "/./" feature.  Now a guest or user subject to chrooting
may have "/./" in his login directory, which separates his chroot
directory from his home directory inside the chrooted environment.
This works for ftpchroot(5) as well.

PR:		bin/17843 bin/23944
2003-01-29 10:07:27 +00:00
Yaroslav Tykhiy
341e476e25 Actually extract the second field from a line in ftpchroot(5)
instead of just using the rest of the line behind the first field.
2003-01-27 15:34:22 +00:00
Yaroslav Tykhiy
0ba71e2424 Allow more than one separator character between fields in ftpchroot(5). 2003-01-27 14:41:08 +00:00
Yaroslav Tykhiy
8657b576d8 Extend the format of /etc/ftpchroot so an alternative chroot
directory can be specified for a user or a group.

Add the manpage ftpchroot(5) since the file's format has grown
complex enough.

PR:			bin/45327
Portions submitted by:	Hideki SAKAMOTO <sakamoto@hlla.is.tsukuba.ac.jp>
MFC after:		1 week
2003-01-26 19:02:56 +00:00
Yaroslav Tykhiy
80f728d4ff GLOB_MAXPATH has been deprecated in favour of GLOB_LIMIT. 2003-01-25 14:59:48 +00:00
Yaroslav Tykhiy
63591ba5c8 - Add a new option, ``-P port'', to specify the port for ftpd(8)
to listen at in daemon mode.
- Use the port by 1 less than the control port as the default
  data port instead of always using hard-coded port 20.

Submitted by:	roam
MFC after:	1 week
2003-01-23 18:39:48 +00:00
Yaroslav Tykhiy
b7f470a943 Prevent server-side glob(3) patterns from expanding
to a pathname that contains '\r' or '\n'.

Together with the earlier STAT bugfix, this must solve
the problem of such pathnames appearing in the FTP control
stream.
2003-01-22 16:25:22 +00:00
Crist J. Clark
e509445689 The FTP daemon was vulnerable to a DoS where an attacker could bind()
up port 20 for an extended period of time and thus lock out all other
users from establishing PORT data connections. Don't hold on to the
bind() while we loop around waiting to see if we can make our
connection.

Being a DoS, it has security implications, giving it a short MFC
time.

MFC after:	1 day
2003-01-21 05:13:02 +00:00
Maxim Sobolev
0fd652782b Fix a typo (missed &&).
Submitted by:	marcus
2003-01-20 10:33:35 +00:00
Maxim Sobolev
9b76604885 Add a new gettytab(5) option - `pl', which if set tells getty that the line
in question is PPP-only line, i.e. no PPP-sequence detection is necessary and
PPP login program referenced by `pp' should be started automatically instead of
login(1)

Feature suggested and sponsored by:     United Networks of Ukraine
No reply from:  re
MFC after:	2 weeks
2003-01-19 20:59:52 +00:00
Yaroslav Tykhiy
f8a581a0c6 Prepend a space character if a line begins with a digit
in the output to the "STAT file" request.

This closes one discrepancy with RFC 959 (page 36.)

See also http://www.kb.cert.org/vuls/id/328867

Obtained from:	OpenBSD
2003-01-16 14:25:32 +00:00
Yaroslav Tykhiy
dcb4f239cd Replace the instances of literal "/bin/ls"
with the _PATH_LS macro to be consistent
with the rest of the ftpd(8) source.
2003-01-16 13:27:58 +00:00
David E. O'Brien
1e7812cb5f We have a usable 'LOGIN_NAME_MAX' now. 2003-01-06 04:42:20 +00:00
David E. O'Brien
e18083deb1 Need to prototype strsuftollx() to quiet a warning. 2003-01-06 04:09:20 +00:00
David E. O'Brien
c7940c49ba Make the "nbsd_20030105" import build. 2003-01-06 03:03:53 +00:00
Juli Mallett
d3951ad162 Implement POSIX grantpt(3) functionality, and add a pt_chown utility (akin
to Solaris, it is in /usr/libexec) to perform the handing over of tty nodes
to the user being granted the pty.

Submitted by:	Ryan Younce <ryany@pobox.com>
Reviewed by:	security-officer@, standards@, mike@
2003-01-02 20:44:41 +00:00