not based on gpl'ed code, just prototype and usage. I'm not 100% certain
they behave the same while the system is in trouble (eg: malloc() failing)
but in those circumstances all bets would be off anyway.
These routines work like sprintf() and vsprintf(), except that instead of
using a fixed buffer, they allocate memory and return it to the user
and it's the user's responsibility to free() it. They have allocate as
much memory as they need (and can get), so the size of strings it can deal
with is limited only by the amount of memory it can malloc() on your
behalf.
There are a few gpl'ed programs starting to use this interface, and it's
becoming more common with the scares about security risks with sprintf().
I dont like the look of the code that the various programs (including
cvs, gdb, libg++, etc) provide if configure can't find it on the system.
It should be possible to modify the stdio core code to provide this
interface more efficiently, I was more worried about having something
that worked and was secure. :-) (I noticed that there was once intended
to be a smprintf() routine when our stdio was written for 4.4BSD, but it
looks pretty stillborn, and it's intended interface is not clear). Since
Linux and gnu libc have this interface, it seemed silly to bring yet
another one onto the scene.
to call clnt_destroy() on a potentially NULL RPC handle. Somebody should
bang on this a bit to make sure the problem is really gone; I seem to
have difficulty reproducing it. Patch provided by Peter Wemm and
slightly tweaked by me.
- Don't call _yp_unbind() in individual ypclnt functions unless we encounter
an RPC error while making a clnt_call().
bugs in your code is to put it in the -stable branch. (Corollary: the
day you discover the bug is the day the Internet decides to route your
telnet session to the repository box via Zimbabwe.)
Remove one bogus free(result) (from _havemaster()) that slipped by me.
Flagged by: phkmalloc
Pointed out to me by: Stefan Esser
In a nutshell, this macroizes the local/global symbol scoping rules
that are different in a.out and ELF. It also makes the i386 assembler
stubs conform to i386 PIC calling conventions - the a.out ld.so didn't
object, but the ELF one needs it as it implements PIC jumps via PLT's as
well as calls. The a.out rtld only worked because it was accidently
snooping the grandparent calling function's return address off the stack..
This also affects the libc_r code a little, because of cpp macro nesting.
Each of the ypclnt functions does a _yp_dobind() when it starts and then
a _yp_unbind() when it finishes. This is not strictly necessary and it
wastes cycles: it means we do a new clnt_create() and clnt_destroy()
for each yp_whatever() call. In fact, you can do multiple clnt_call()s
using a single RPC client handle returned by clnt_create(). Ideally we only
have to create a handle to ypserv once (the first time we call a ypclnt
function) and then destroy it and rebind only if a call to ypserv fails.
- Modify _yp_dobind() so that it only creates a new RPC client handle
when establishing a new binding or when one of the ypclnt calls
invalidates an existing binding and calls _yp_dobind() to establish
a new one.
- Modify the various ypclnt functions to only call _yp_unbind() if a
call to ypserv fails.
If _ANSI_SOURCE or _POSIX_SOURCE is defined, then <ctype.h> had to
be included before <stddef.h> or <stdlib.h> to get rune_t declared.
Now rune_t is declared perfectly bogusly in all cases when <ctype.h>
is included.
This change breaks similar (but more convoluted) convolutions in the
stddef.h in gcc distributions. Ports of gcc should avoid using the
gcc headers.
In __initdb(), a failure to open the local password database is supposed
to result in a warning message being syslog()ed. This warning is only
supposed to be generated as long as the 'warned' flag hasn't been yet;
once the warning is generated, the flag should be set so that the message
is only syslog()ed once. However, while the state of the flag is checked
properly, the flag's state is never changed, so you always get multiple
warnings instead of just one.
Pointed out by: Peter Wemm
This commit covers the man pages for most of the ANSI library functions.
A few others such as strtol.3 have to mention <sys/types.h> because they
mix ANSI interfaces with less well designed extensions.
getnetgrent.c:
- Catch one bogon that snuck by: in _listmatch(), check for '\0'
rather than '\n'; strings returned from yp_match() are terminated
with a nul, not a newline.
getpwent.c:
- Rip out all of the +inclusion/-exclusion stuff from before and
replace it with something a little less grotty. The main problem
with the old mechanism was that it wasted many cycles processing
NIS entries even after it already knew they were to be exlcuded
(or not included, depending on your pointof view). The highlights
of these changes include:
o Uses an in-memory hash database table to keep track of all the
-@netgroup, -user, and -@group exclusions.
o Tries harder to duplicate the behavior normally obtained when using
NIS inclusions/exclusions on a flat /etc/passwd file (meaning things
come out in much the same order).
o Uses seperate methods for handling getpwent() and getpwnam()/getpwuid()
operations instead of trying to do everything with one general
function, which didn't work as well as I thought it would.
o Uses both getnetgrent() and innetgr() to try to save time where
possible.
o Use only one special token in the local password database
(_PW_KEYYPBYNUM) instead of seperate tokens to mark + and -
entries (and stop using the counter tokens too). If this new
token doesn't exist, the code will make due with the standard
_PW_KEYBYNUM token in order to support older databases that
won't have the new token in them.
All this is an attempt to make this stuff work better in environments
with large NIS passwd databases.
- Clear the _yp_innetgr flag immediately after calling setnetgrent() from
innetgr(). We only need the flag set to temporarily alter setnetgrent()'s
behavior. Previously, it was being cleared too late.
- When in NIS-only mode, innetgr() was wasting time doing unecessary
extra processing after it had already found a match.
- Remember to free memory allocated by the NIS functions during innetgr()
searches.
man pages up to mdoc guidelines and fix some minor formatting glitches.
Also fixed a number of man pages to not abuse the .Xr macro to
display functions and path names and a lot of other junk.
nonstandard normal version and the standard threaded version.
Removed a bogus L in a constant. fpos_t's aren't longs, and casting to
fpos_t would be verbose.
/var/run resides on an NFS filesystem (flock() always returns 0 in
this case, so we falsely assume that ypbind is dead and bail out).
Settle instead for better failure checking when using clnttcp_create()
and clnt_call() to interact with ypbind. We still try to flock()
/var/yp/binding/$DOMAINNAME.2, but if this doesn't work, we drop into
the code that retrieves the binding information from ypbind directly.
If that also fails, then we're toast. On NFS filesystems, this means
we'll be ignoring the binding file for no reason and always talking to
ypbind even though we don't have to, but at least things will work.
(I could just replace the flock(/var/run/ypbind.lock) check with
an RPC call to ypbind's NULLPROC procedure, but if the flock() of
the binding file doesn't pan out we're going to try to talk to
ypbind later anyway. *sigh* Is NFS file locking ever going to work?)
broken. The translation from network number to ASCII string was not
working correctly (you would sometimes get things like 0.244.0.0 instead
of 244.0.0).
Also copied results of yp_match() to a static buffer for consistency
with gethostbynis.c.
Note: _getnetbynisaddr() chops off trailing .0's, i.e. 244.0.0 is
truncated to 244. By contrast, getnetbyht.c code (for local /etc/networks
lookups) leaves the traling .0's in place. This means that the NIS
and local file lookups will match different things when looking up the
same network number. I'm not sure which is the correct behavior. (I
think the DNS lookup code tries all combinations -- should the NIS
and local host lookup routines do that too?)
the precision; ANSI X3J11 is not crystal clear but certainly says
that the precision specifies the number of /digits/, and signs
and "0x" aren't really digits.
NetBSD already has a similar patch.
of a successful map retrieval. (This has to do with a previous change
to xdr_ypresp_all_seq() and ypxfr_get_map(); originally, yp_all()
would look for a return value of YP_FALSE to signal success, but now
it should be looking for YP_NOMORE. It should not be passing YP_NOMORE
back up to the caller though.)
Noticed by: <aagero@aage.priv.no>
There is also another small bug here, which is that the call to
xdr_free() that happens immediately after the clnt_call() in yp_all()
clobbers the return status value. I've worked around this for now,
but I think the xdr_free() is actually bogus and should be removed.
I want to check some more before I do that though.
a machine with aliase ip addresses on the same subnet of an
interfaces' `real' ip addresses would generate <n> duplicate
broadcasts in clnt_broadcast().
Basically, this fix does a purge on the list of bradcast addresses.
- Fix problem described in PR #1079: _gethostbynisaddr() doesn't
work. Make it accept the same arguments as all the other
gethostby*addr() functions and properly convert the supplied IP
address into a text string so that yp_match() can find it in the
hosts.byaddr map.
- Also fix potential memory leak: copy the results of yp_match() to
a static buffer and free the result (yp_match() returns dynamically
allocated memory).
ether_addr.c:
- Since I was in the neighborhood, fix ether_ntohost() and
ether_hostton() so that they don't bogusly for a free(result)
when yp_match() fails.
matter much on some systems, but on ftp servers (like wcarchive) where
you run with special stripped group and pwd.db files in the anonymous
ftp /etc, this can be a major speedup for ls(1).
ss_flags to SS_DISABLE and SS_ONSTACK. SA_ONSTACK is still used in
struct sigaction. Nowhere in our entire source tree could I find a
single place these were used.
reconnect once using the saved openlog() parameters.
This helps one of the system startup race conditions. If syslogd takes too
long to get going, some daemons can fail the connection and forever log
to the console even though the syslogd is running. That is ..unfortunate..
the statically compiled PS_STRINGS and USRSTACK variables. This prevents
programs using setproctitle from coredumping if the kernel VM is increased,
and stops libkvm users (w, ps, etc) from needing to be recompiled if only
the VM layout changes.
explicit that it is global to the entire "session", and that setsid() or
daemon() are need to have been called at some point.
The most notable offender of setlogin() misuse is XFree86's xdm.
for "fts_open" was wrong. Also, the "fts_info" field of the FTSENT
structure was misleadingly described as containing "flags". Actually, it
contains a single integer value.
in the main text of various man pages.
Thanks to Warner Losh for adding an option to manck to allow
it to scan the entire man page looking for bogus xrefs, instead
of just checking the SEE ALSO section.
resides in read-only memory is going to cause the program to core dump,
and this is commmon with older pre-ANSI C programs.
(I've scratched my head over this one at 3 in the morning before
while trying to port some ancient program)
Suggested by: Gary Kline <kline@tera.com>
Also corrected a few minor formatting errors, file location and cross
references in some of the section 3 man pages.
This shuts up a lot of the output from "manck" for section 3.
Install (optional) libutil.h with prototypes for the functions and
document this in the man page.
minor cleanups to the various routines, include the prototype file, declare
return codes etc.
of signals. Signals are now properly caught, tty state is being
restored, and the previous sigaction triggered. Upon receipt of a
sigcont, echo is turned off again.
SIGTSTP causes a buffer flush, the man page mentions this. (Although
i rather think of it as a feature than a bug.)
This is likely to be my last FreeBSD action for 1995, xearth shows
me that our .au guys must already write 1996. :-)
looking at a high resolution clock for each of the following events:
function call, function return, interrupt entry, interrupt exit,
and interesting branches. The differences between the times of
these events are added at appropriate places in a ordinary histogram
(as if very fast statistical profiling sampled the pc at those
places) so that ordinary gprof can be used to analyze the times.
gmon.h:
Histogram counters need to be 4 bytes for microsecond resolutions.
They will need to be larger for the 586 clock.
The comments were vax-centric and wrong even on vaxes. Does anyone
disagree?
gprof4.c:
The standard gprof should support counters of all integral sizes
and the size of the counter should be in the gmon header. This
hack will do until then. (Use gprof4 -u to examine the results
of non-statistical profiling.)
config/*:
Non-statistical profiling is configured with `config -pp'.
`config -p' still gives ordinary profiling.
kgmon/*:
Non-statistical profiling is enabled with `kgmon -B'. `kgmon -b'
still enables ordinary profiling (and distables non-statistical
profiling) if non-statistical profiling is configured.
is really necessary. Going backwards on a P6 is much slower than forwards
and it's a little slower on a P5. Also moved the count mask and 'std'
down a few lines - it's a couple percent faster this way on a P5.
replace the dozen other various hacks in the code that do all sorts
of crude things including spamming the envrionment strings with the new
argv string.
This version is mainly inspired by the sendmail version, with a couple of
ideas taken from the NetBSD implementation as well.
XDR routines auto-generated by rpcgen don't quite match the format of
the original ones even though tey have the same names (that was one of
the things wrong with the old XDR routines).
rpcgen-erated on the fly (just like librpcsvc).
Makefile: Add rule for generating yp_xdr.c and yp.h.
xdryp.c: gut everything except the special ypresp_all XDR function
needed to to handle yp_all() (this one can't be created on
the fly), and xdr_datum(), which isn't used internally by
libc, but which as documented as being there in yp_prot.h,
so what the hell. We now get everything else from yp_xdr.c.
yplib.c: change a few structure member names to match those found in
yp.h instead of those declared in yp_prot.h.
via mmap() up around the shared library area. Previously the directory
was allocated from space from it's own memory pool. Because of the way it
was being extended on processes with large malloced data segments (ie: inn)
once the page directory was extended for some reason, it was not possible
to lower the heap size any more to return pages to the OS.
(If my understanding is correct, page directory expansion occurs at 4MB,
12MB, 20MB, 28MB, etc.) I was seeing INN allocate a large amount of short
term memory, pushing it over the 28MB mark, and once it's transient demands
hit 28MB, it never freed it's pages and swap space again.)
I've been running this in my libc for about a month...
Also, seperate MALLOC_STATS from EXTRA_SANITY.. I found it useful to call
malloc_dump() from within INN from a ctlinnd command to see where the hell
all the memory was going.. :-) I've left MALLOC_STATS enabled, as it has
no run-time or data storage cost.
Reviewed by: phk
it before before trying to establish a binding. If /var/run/ypbind.lock
doesn't exist, or if it exists and isn't locked, then ypbind isn't
running, which means NIS is either turned off or hosed.
- Have _yp_check() call yp_unbind() after it sucessfully calls yp_bind()
to make sure it frees resources correctly. (I don't think there's really
a memory leak here, but it seems somehow wrong to call yp_bind() without
making a corresponding call to yp_unbind() afterwards.)
This makes the NIS code behave a little better in cases where libc makes
calls to NIS, but it isn't running correctly (i.e. there's no ypbind).
This cleans up some strange libc behavior that manifests itself if
you have the system domain name set, but aren't actually running NIS.
In this event, the getrpcent(3) code could try to call into NIS and
cause several inexplicable "clnttcp_create error: RPC program not
registered" messages to appear. This happens because _yp_check() checks
if the system domain name is set and, if it is, proceeds to call
yp_bind() to attempt to establish a binding. Since there is no
binding file (remember: ypbind isn't running, so /var/yp/binding
will be empty), _yp_dobind() will attempt to contact ypbind to
prod it into binding the domain. And because ypbind isn't running,
the code generates the 'clnttcp_create' error. Ultimately the
_yp_check() fails and the getrpcent(3) code rolls over to the /etc/rpc
file, but the error messages are annoying, and the code should be
smart enough to forgo the binding attempt when NIS is turned off.
both call getservent() to do most of the work, so we only need to modify
this file to take care of everybody).
Note that there is only one NIS services map (services.byname) even
though there are getservbyname() and getservbyport() library functions.
but a commit mail got lost, it's the same as for this commit:
lib/libc/gen confstr.c crypt.c disklabel.c fstab.c getcap.c
getgrent.c getgrouplist.c getpass.c getpwent.c
initgroups.c nlist.c psignal.c pwcache.c setmode.c
sleep.c sysconf.c sysctl.c syslog.c usleep.c
lib/libc/locale none.c read_runemagi.c setlocale.c
lib/libc/net gethostbydns.c getnetbydns.c getnetbynis.c
lib/libc/nls msgcat.c
lib/libc/quad Makefile.inc
lib/libc/regex engine.c regcomp.c regerror.c
Minor cleanup, mostly unused vars and missing #includes.
Limit the number of quad functions we pull in for 'i386'.
I still belive the quad stuff should go back into gcc.
Add compile-time warnings about crypt functions.
- Fix buffer overflow problem once and for all: do away with the buffer
copies to 'user' prior to calling _scancaches() and just pass a pointer
to the buffer returned by yp_match()/yp_first()/yp_next()/whatever.
(We turn the first ':' to a NUL first so strcmp() works, then change it
back later. Submitted by Bill Fenner <fenner@parc.xerox.com> and
tweaked slightly by me.
- Give _pw_breakout_yp() the 'more elegant solution' I promised way back when.
Eliminate several copies to static buffers and replace them with just
one copy. (The buffer returned by the NIS functions is at most
YPMAXRECORD bytes long, so we should only need one static buffer of
the same length (plus 2 for paranoia's sake).)
- Also in _pw_breakout_yp(): always set pw.pw_passwd to the username
obtained via NIS regardless of what pw_fields says: usernames cannot
be overridden so we have no choice but to use the name returned by
NIS.
- _Again_ in _pw_breakout_yp(): before doing anything else, check that
the first character of the NIS-returned buffer is not a '+' or '-'.
If it is, drop the entry. (#define EXTRA_PARANOIA 1 :)
- Probe for the master.passwd.* maps once during __initdb() instead
of doing it each time _getyppass() or _nextyppass() is called.
- Don't copy the NIS data buffers to static memory in _getyppass()
and _nextyppass(): this is done in _pw_breakout_yp() now.
- Test against phkmalloc and phkmalloc/2 (TNG!) to make sure we're
free()ing the yp buffers sanely.
- Put _havemaster(), _getyppass() and nextyppass() prototypes under
#ifdef YP. (Somehow they ended up on the wrong side of the #endif.)
- Remove unused variable ___yp_only.
- In some cases, we don't properly resolve _all_ possible group memberships.
If a user is a member of both local and NIS groups, we sometimes lose some
of the membership info from NIS. (Reported by: Thorsten Kukuk
<kukuk@uni-paderborn.de>)
- Make NIS +groupname overrides actually work the way the SunOS group(5)
man page says they should (make them work for all cases: getgrent(),
getgrnam() and getgrgid()).
- When not compiled with -DYP, grscan() should ignore entries that
begin with a '+'. When compiled _with_ -DYP, grscan() should ignore
+groupname entries that don't refer to real NIS groups.
- Remove redundant redeclaration of fgets(), strsep() and index() inside
grscan(). We already #include all the right header files for these.
Note: -groupname exclusion as specified in the Sun documentation still
isn't supported. This'll be a 2.2 addition. Right now I just want this
stuff to work.
What was happening, is if syslogd was not running, syslog() would do
a strcat("\r\n") on a non-null-terminated buffer, and write it to the console.
This meant that sometimes extra characters could be written to the console
during boot, depending on the stack contents.
This totally avoids the potential problem by using writev() like the rest
of the does, and avoid modifying the buffer after the trouble we've gone to
to carefully protect it.
This is actually a trivial fix, in spite of the long commit message.. :-)
It only appeared during boot and shutdown with syslogd stopped.
running on a tty. (Same as isatty()) The old-style TIOCGETP ioctl
wouldn't fly if the kernel didn't have COMPAT_43.
Submitted by: Carl Fongheiser <cmf@netins.net>
Performance is comparable to gnumalloc if you have sufficient RAM, and
it screams around it if you don't.
Compiled with "EXTRA_SANITY" until further notice.
see malloc.3 for more details.
control hooks.
It is similar to an unrolled multi-part snprintf(), in that a "FILE *" is
attached to a string buffer. There is also an optimisation for the case
where the syslog format string does not contain %m, which should improve
performance of "informational" logging, like from ftpd.
the group map after encountering a badly formatted entry.
getpwent.c: same as above for _nextyppass(), and also turn a couple of
sprintf()s into snprintf()s to avoid potential buffer overruns. (The
other day I nearly went mad because of a username in my NIS database
that's actually 9 characters long instead of 8. Stuffing a 9-character
username into an 8-character buffer can do some strange things.)
(This reminds me: I hope somebody's planning to fix the buffer overrun
security hole in syslog(3) before 2.1 ships.)
on, which is fine, except that _yp_dobind() is called before we check
the cache. The means we can return from the cache check (if we have
a hit) without calling _yp_unbind().
We should do the cache check first and _then_ drop into the section
that binds the server and does the yp_match query.
seperate function to avoid duplication. Also fix getpwent() a
small bit to properly handle the case where the magic NIS '+'
entry appears before the end of the password file.
getgrent.c: be a little more SunOS-ish. Make it look like the NIS
group map is 'inserted' at the the point(s) where the magic NIS '+'
entry/entries appear.
getgrent: fix a file descriptor leak: remember to close the netgroup
file after we determine that we're using NIS-only innetgr() lookups.
Since Bruce changed the #include <res_config.h> to #include "res_config.h"
this is no longer needed, and only makes the 'make' more verbose for
no real reason.
