Hajimu UMEMOTO
b2b1845212
When opieverify() is fail, fallback to try unix password.
...
Tested by: kuriyama
2002-04-16 10:54:30 +00:00
Hajimu UMEMOTO
859be0911a
Add an IPv6 support.
...
I dunno if there is an IPv6 supported rexec client. So, it was
tested that this change doesn't break an IPv4.
Tested by: kuriyama (IPv4 only)
2002-04-16 10:15:30 +00:00
Jun Kuriyama
0d652d42ca
Make this compilable without -DOPIE.
...
Hint by: ume
2002-04-16 07:53:42 +00:00
Warner Losh
266ebcd391
o __P removal
...
o register removal
o use new style prototypes and function definitions
2002-02-07 23:57:01 +00:00
Kris Kennaway
9357f4121d
Lock down with WFORMAT?=1, with overrides in the subdirectories which
...
are not yet warning-clean. Tested on i386 and alpha.
2002-02-04 02:33:51 +00:00
Bruce Evans
a7dff00b1e
Don't clobber the default for CFLAGS.
2001-08-03 21:45:54 +00:00
Sheldon Hearn
e1b4d8d074
Use STD{ERR,IN,OUT}_FILENO instead of their numeric values. The
...
definitions are more readable, and it's possible that they're
more portable to pathalogical platforms.
Submitted by: David Hill <david@phobia.ms>
2001-07-26 11:02:39 +00:00
Dima Dorfman
7ebcc426ef
Remove whitespace at EOL.
2001-07-15 07:53:42 +00:00
Ruslan Ermilov
0efe23d669
mdoc(7) police: removed HISTORY info from the .Os call.
2001-07-10 10:49:54 +00:00
Mark Murray
20934175ae
Goodbye S/Key, Hello OPIE.
...
I believe I have done due dilligence on this, but I'd appreciate
decent test scenarios and sucess (or failure) reports.
2001-07-09 17:34:22 +00:00
Brian Somers
7bc6d0158f
Fix the type of the NULL arg to execl()
...
Idea from: Theo de Raadt <deraadt@openbsd.org>
2001-07-09 09:24:06 +00:00
David Malone
ea66ccbf96
Avoid a warning by making a variable a const char *.
2001-05-01 10:35:20 +00:00
Ruslan Ermilov
e5b5c66bca
- Backout botched attempt to intoduce MANSECT feature.
...
- MAN[1-9] -> MAN.
2001-03-26 14:22:12 +00:00
Ruslan Ermilov
020ee2dc9f
Set the default manual section for libexec/ to 8.
2001-03-20 18:10:13 +00:00
Philippe Charnier
57757e9f36
Remove unused #include. Use getopt(3). Add usage() with syslog(3) cap.
2000-11-28 18:15:25 +00:00
Ruslan Ermilov
760819894e
mdoc(7) police: use the new features of the Nm macro.
2000-11-20 14:42:24 +00:00
Nick Sayer
210376ef16
Man page fixups
...
Submitted by: sheldonh@uunet.co.za
2000-05-15 14:06:07 +00:00
Nick Sayer
0d9fb499eb
Add -i (insecure) flag to rexecd, which allows uid == 0 logins
...
(presuming that the user in question is not in /etc/ftpusers and
does not have a null password).
2000-05-13 15:58:36 +00:00
Peter Wemm
7f3dea244c
$Id$ -> $FreeBSD$
1999-08-28 00:22:10 +00:00
Brian Somers
9e9a43bdec
Ensure that things returned by gethostname() and
...
friends are terminated and allow for a maximum
host name length of MAXHOSTNAMELEN - 1.
Put parenthesis around sizeof args.
Make some variables static.
Fix telnetd -u (broken by my last commit)
Prompted by: bde
1999-04-07 08:27:45 +00:00
Brian Somers
143b4dcdc7
Link with libutil
1999-04-06 23:40:25 +00:00
Brian Somers
32af26a501
Use realhostname() rather than various combinations of
...
gethostbyaddr() & gethostbyname().
Remove brokeness in ftpd for hosts of MAXHOSTNAMELEN length.
1999-04-06 23:06:00 +00:00
Philippe Charnier
6896720af3
Use err(3). -Wall cleaning. Use Pa for file names and add section in Xrefs.
1997-11-26 07:29:04 +00:00
Warner Losh
a51e2c9b04
Julian A's fix. Do chdir as user rather than as root. Fixes a minor NFS
...
compatibility problem at the same time. Some buffer made large enough
for worst case hostname.
fixes PR 2593.
Reviewed by: Dan Cross and maybe others
1997-03-24 05:57:28 +00:00
Peter Wemm
9e522f7a18
Revert $FreeBSD$ to $Id$
1997-02-22 14:22:49 +00:00
Warner Losh
5b266377fd
Buffer Overflow from OpenBSD
...
rev 1.7 deraadt:
buf oflow
Obtained from: OpenBSD
1997-02-09 04:40:02 +00:00
Jordan K. Hubbard
1130b656e5
Make the long-awaited change from $Id$ to $FreeBSD$
...
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Paul Traina
a13e275f66
Back out recent security patch for rexecd. After more careful analysis,
...
it is both uneeded and breaks certain lock-step timing in the rexec
protocol.
Yes, an attacker can "relay" connections using this trick, but a properly
configured firewall that would make this sort of subterfuge necessary in the
first place (instead of direct packet spoofing) would also thwart useful
attacks based on this.
1996-11-22 08:59:07 +00:00
Paul Traina
6c6cc60e38
Do not attempt to open reverse channel until authentication phase has
...
succeeded.
Never allow the reverse channel to be to a privileged port.
Cannidate for: 2.1 and 2.2 branches
Reviewed by: pst (with local cleanups)
Submitted by: Cy Shubert <cy@cwsys.cwent.com>
Obtained from: Jaeger <jaeger@dhp.com> via BUGTRAQ
1996-11-19 18:03:16 +00:00
Wolfram Schneider
148531ef1e
add forgotten $Id$
1996-09-22 21:56:57 +00:00
Mike Pritchard
ae532ecb79
Check for expired passwords before allowing access to the system.
1995-08-28 21:30:59 +00:00
Peter Wemm
3f59b9c4ef
rexecd was not calling "setlogin()" when it should have. This was causing
...
getlogin() to return wrong answers (eg: "root").
Reviewed by: davidg
Obtained from: James Jegers, for NetBSD, slightly reworked by me.
1995-07-29 15:21:15 +00:00
Rodney W. Grimes
6c06b4e2aa
Remove trailing whitespace.
1995-05-30 05:51:47 +00:00
Nate Williams
50dfa3861b
Don't rely on the shared library bringing in libmd, do it explicitly.
...
Change the library order so libcrypt is the last library in the list.
libskey contains references to _crypt and can't resolve it unless
-lcrypt occurs after it in the link command. This only occurs when
linking statically.
1995-03-18 06:50:00 +00:00
Paul Traina
9c48498989
make rexecd link against skeyaccess, not authfile
1994-09-30 06:38:43 +00:00
Paul Traina
cda3118c2e
Tighen up rexecd(8) security (see manual page for details).
...
Rexecd is a crock, it never should have been written, however make it so
that people who have a need to run it don't hurt themselves so badly.
Obtained from: Ideas obtained from logdaemon 4.3 from Wietse Venema
1994-09-29 09:23:58 +00:00
Guido van Rooij
a670645c57
Add skey support
...
Reviewed by:
Submitted by: guido
1994-08-21 19:10:43 +00:00
Geoff Rehmet
4714bb15be
LDADD= -lcrypt
...
Submitted by: Geoff
1994-08-20 21:19:46 +00:00
Garrett Wollman
2a3c26c889
Update to new make macros and disable Kerberos because we haven't got it
...
set up right yet.
1994-08-05 21:24:58 +00:00
Rodney W. Grimes
ea022d1687
BSD 4.4 Lite Libexec Sources
1994-05-27 12:39:25 +00:00