Commit Graph

44 Commits

Author SHA1 Message Date
Mark Murray
fa1746c93c Remove S/Key. PAM can do its job. Well, not quite - there is an issue
with the conversation function and challenges which needs to be
revisited, so in the interim a hack is introduced to provide
an OPIE challenge (which is random if OPIE does not apply)
at all non-anonymnous logins.
2001-07-09 17:46:24 +00:00
Mark Murray
c7d9dcd340 Cleaner method of making PAMable apps static (in the optional case of
wanting static apps).
2001-04-28 15:18:10 +00:00
Mark Murray
9c3f4f5208 Damn. That should be _enable_ static linking, not _force_ static linking. 2001-04-28 07:58:12 +00:00
Mark Murray
d0392caa7b Enable (optional) static linking.
Asked for by:	BDE
2001-04-28 07:56:49 +00:00
Mark Murray
5bc9d93db3 Add full PAM support for account management and sessions.
The PAM_FAIL_CHECK and PAM_END macros in su.c came from the util-linux
package's PAM patches to the BSD login.c

Submitted by:	"David J. MacKenzie" <djm@web.us.uu.net>
2001-03-27 19:40:51 +00:00
Ruslan Ermilov
e5b5c66bca - Backout botched attempt to intoduce MANSECT feature.
- MAN[1-9] -> MAN.
2001-03-26 14:22:12 +00:00
Ruslan Ermilov
020ee2dc9f Set the default manual section for libexec/ to 8. 2001-03-20 18:10:13 +00:00
David E. O'Brien
2c5569d6ff The GCC 2.96 snapshots have slightly different rules for finding include
files.  Mostly -I${.CURDIR} was needed -- especially for YACC generated
files as the new cpp does not look in the ultimate source file
(ie, the .y file)'s directory as told by the "#line" directive.  Some were
misspellings of "-I${.CURDIR}" as "-I.".
2000-12-01 09:39:28 +00:00
David E. O'Brien
d548f6db32 There is no src/contrib-crypto/ anything directory. So don't look for
include files in subdirs of it.
2000-12-01 06:34:44 +00:00
Josef Karthauser
141d77b8cb Switch over to using the new fflagstostr and strtofflags library calls. 2000-06-17 14:19:33 +00:00
Ruslan Ermilov
8780fb291e Finally unifdef -DINTERNAL_LS. 2000-03-13 11:20:09 +00:00
Josef Karthauser
418d67b0d9 Revert part of the last commit, remove {g|s}etflags from the libc
interface, and statically link them to the programs using them.
These functions, upon reflection and discussion, are too generically
named for a library interface with such specific functionality.
Also the api that they use, whilst ok for private use, isn't good
enough for a libc function.

Additionally there were complications with the build/install-world
process.  It depends heavily upon xinstall, which got broken by
the change in api, and caused bootstrap problems and general mayhem.

There is work in progress to address future problems that may be
caused by changes in install-chain tools, and better names for
{g|s}etflags can be derived when some future program requires them.
For now the code has been left in src/lib/libc/gen (it started off
in src/bin/ls).

It's important to provide library functions for manipulating file
flag strings if we ever want this interface to be adopted outside
of the source tree, but now isn't necessarily the right moment
with 4.0-release just around the corner.

Approved:	jkh
2000-02-05 18:42:36 +00:00
Yoshinobu Inoue
9ddb9015ff Remove unnecessary -g for CFLAGS.
-g for CFLAGS which was set at debugging time was mistakenly committed,
 so removed it.

Approved by: jkh
2000-02-03 10:01:11 +00:00
Yoshinobu Inoue
4dd8b5ab79 another tcp apps IPv6 updates.(should be make world safe)
ftp, telnet, ftpd, faithd
  also telnet related sync with crypto, secure, kerberosIV

Obtained from: KAME project
2000-01-27 09:28:38 +00:00
Josef Karthauser
edc2844c9f Moved flags_to_string and string_to_flags into libutil. It's used in
many places nowadays.
1999-12-30 13:15:15 +00:00
Mark Murray
6c9134c067 Fix for new Kerberos4. Make a fist cut at PAM-ising while I'm here. 1999-09-19 22:05:32 +00:00
Mark Murray
9891baa632 Add common error lib for the Kerberos case. 1999-09-06 06:32:02 +00:00
Peter Wemm
7f3dea244c $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
Peter Wemm
1713064734 unifdef -DINTERNAL_LS - it's too useful to be off by default. If anyone
really dislikes this, we could add a switch to disable it at runtime and
check in popen.c.
1999-08-26 00:45:36 +00:00
John Polstra
4700eb95cb Find "klogin.c" in "src/lib/libpam/modules/pam_kerberosIV" instead
of in "src/usr.bin/login".  The latter instance is going away.  As
soon as ftpd is PAMized, it won't need to use klogin.c at all.
1998-11-21 02:11:16 +00:00
Bruce Evans
ef87dd8703 Simplified by using new yacc rules and by not generating y.tab.h. 1998-05-04 18:20:18 +00:00
Jordan K. Hubbard
97fe7f477f Changes to support full make parallelism (-j<n>) in the world
target.
Reviewed by:	<many different folks>
Submitted by:	Nickolay N. Dudorov" <nnd@nnd.itfs.nsk.su>
1997-10-05 09:40:24 +00:00
David Nugent
ea4e54b942 Adds anon ftp virtual host capability to ftpd, using /etc/ftphosts for
definition of a system's virtual hosts.
1997-04-29 12:42:08 +00:00
David Nugent
af85d782fd Adds optional "internal ls" support for ftpd, by collecting
modules from src/bin/ls, and handling exec(_PATH_LS,..) as a
special case, very useful in an environment where many users
are given chroot access. "~/etc/{s}pwd.db" files are still
needed if uid/gid->user/group translation is desired.

To enable this it must be compiled with the make variable
FTP_INTERNAL_LS defined, either in /etc/make.conf or the
environment.
1997-04-26 12:12:10 +00:00
David Nugent
b071c689de Add basic login.conf (sans authentication) support. 1997-04-23 04:56:39 +00:00
Peter Wemm
9e522f7a18 Revert $FreeBSD$ to $Id$ 1997-02-22 14:22:49 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Mark Murray
9aca17cb12 Tidy up the Kerberised bits. While I'm here, fix some -Wall complaints. 1996-08-09 09:02:31 +00:00
Paul Traina
a5a4544e77 Convert STATS and PARANOID to run-time options.
Document the new -R (relax paranoia) option.

From NetBSD/Lite2: code and man page cleanups, Kerberos IV hooks
(relax, we're still exportable), and /etc/ftpchroot feature for
semi-anonymous accounts
1996-08-05 00:21:15 +00:00
Paul Traina
61f891a6df If PARANOID is set, do not allow PORT commands to remote ports less than 1024
or addresses other than the requestor's address.  This violates the FTP
protocol (hmm...as I write this, I'm going to change this to a run-time var.)

Require login before PASV and RNTO commands.

Close unused PASV ports so they don't hang around forever.

Do not allow file overwrites via rename or STOR when anonymous
(suspenders).

Clean up buffer utilization.

My code, but heavily inspired by Hobbit's changes to wu-ftpd as pointed out
by Mike Prettejohn and Kit Knox.
1996-08-04 22:40:35 +00:00
Poul-Henning Kamp
6b5139742c backout yacc changes 1996-06-02 17:10:13 +00:00
Peter Wemm
40e9d39e59 Use the sysctl settable data port ranges rather than the statically
compiled values.  see sysctl net.inet.ip.portrange.* and the IP_PORTRANGE
discussion in <netinet/in.h>
1996-05-31 03:10:25 +00:00
Poul-Henning Kamp
9ad70fa0b2 Fix yacc rule usage. 1996-05-30 21:29:03 +00:00
Peter Wemm
b63e1fe2c4 Make ftpd use setproctitle() from libutil
I've left the old code in there under #ifdef OLD_SETPROCTITLE in case
somebody wants to try to compile out ftpd on some other machine.
1996-01-01 08:35:11 +00:00
Paul Traina
4c450ad7a7 Use data ports in the range 40000..44999 by default to enhance FTP usability
in a firewall environment.  Original idea by Mark Tracy (?).

Reviewed by:	wollman
Submitted by:	pst
1995-08-05 19:12:05 +00:00
Rodney W. Grimes
6c06b4e2aa Remove trailing whitespace. 1995-05-30 05:51:47 +00:00
Nate Williams
79f5f586ac Change the library order so libcrypt is the last library in the list.
libskey contains references to _crypt and can't resolve it unless
-lcrypt occurs after it in the link command.  This only occurs when
linking statically.
1995-03-18 06:41:08 +00:00
Guido van Rooij
3eb568f24c Add some functionality to ftpd so it logs all anonymous file
transfers. It only does this when -S is set.
Reviewed by:
Submitted by:
Obtained from: logdaemon package
1995-02-26 19:36:59 +00:00
Paul Traina
2ddadf840c Include most of the logdaemon v4.4 S/key changes 1994-10-19 00:03:45 +00:00
Paul Traina
28dc19771b Clean up makefile 1994-09-30 21:19:58 +00:00
Guido van Rooij
726040de0e Put skey support in ftpd.
Reviewed by:
Submitted by:	 guido
1994-08-21 19:09:23 +00:00
Geoff Rehmet
4714bb15be LDADD= -lcrypt
Submitted by:	Geoff
1994-08-20 21:19:46 +00:00
Garrett Wollman
2a3c26c889 Update to new make macros and disable Kerberos because we haven't got it
set up right yet.
1994-08-05 21:24:58 +00:00
Rodney W. Grimes
ea022d1687 BSD 4.4 Lite Libexec Sources 1994-05-27 12:39:25 +00:00