Commit Graph

70 Commits

Author SHA1 Message Date
Jilles Tjoelker
05eb11cbc4 libc: Use O_CLOEXEC for various internal file descriptors.
This fixes a race condition where another thread may fork() before CLOEXEC
is set, unintentionally passing the descriptor to the child process.

This commit only adds O_CLOEXEC flags to open() or openat() calls where no
fcntl(fd, F_SETFD, FD_CLOEXEC) follows. The separate fcntl() call still
leaves a race window so it should be fixed later.
2012-09-29 11:54:34 +00:00
Dimitry Andric
5e0a19bdee Consistently set RPCGEN_CPP when running rpcgen, so the C preprocessor
set via ${CPP} is used, instead of always using hardcoded /usr/bin/cpp.

MFC after:	1 week
2012-02-07 09:27:07 +00:00
Guy Helmer
6890d15663 Handle malloc failures in yplib.c.
PR:		bin/83349
2011-12-23 02:13:42 +00:00
Guy Helmer
53fc6e1e4d Handle failures to malloc memory to hold key or val copies.
PR:		bin/83348
2011-12-23 01:56:25 +00:00
Rebecca Cran
ac095af538 Remove duplicate "in".
Suggested by:	Rob Farmer <rfarmer at predatorlabs.net>
MFC after:	3 days
2011-03-01 11:47:51 +00:00
Rebecca Cran
b633aa9451 Revert some of r177626. "in in" is valid in certain sentences.
PR:		121490
MFC after:	3 days
2011-02-28 10:03:48 +00:00
Garrett Wollman
0c0349bfa4 Eliminate more dead stores.
Found by:	Clang static analyzer
MFC after:	7 days
2009-11-25 04:45:45 +00:00
Christian Brueffer
662cac9f23 Fix some "in in" typos in comments.
PR:		121490
Submitted by:	Anatoly Borodin <anatoly.borodin@gmail.com>
Approved by:	rwatson (mentor), jkoshy
MFC after:	3 days
2008-03-26 07:32:08 +00:00
Simon L. B. Nielsen
33e6f9c10c Set timeout for all NIS RPC requests to 1 second and not just for
yp_next as revision 1.50 did.  This should fix, or at least very much
reduce the risk of, NIS timing out due to UDP packet loss for NIS
functions.

See also revision 1.50 for more details about the general problem.

Tested by:	nosedive, freefall, hub, mx1, brooks
MFC after:	1 week
Approved by:	re (mux)
2007-07-24 13:06:08 +00:00
Daniel Eischen
5f864214bb Use C comments since we now preprocess these files with CPP. 2007-04-29 14:05:22 +00:00
Simon L. B. Nielsen
2861f68d48 - Bump _yplib_timeout limit from 10 to 20 seconds to better handle
packet loss when talking to a NIS server.
- Set 1 second retry timeout to further realistically handle UDP
  packet loss for yp_next packet bursts.  If the packet hasn't come
  back within 1 second its rather unlikely to come back at all.  There
  is still back-off mechanism in RPC so if there is another reason
  than packet loss for the lack of response within 1 second, the NIS
  server will not be totally bombarded with requests.

This reduces the risk of NIS failing with:

     yp_next: clnt_call: RPC: Timed out

considerably.  This is mainly a problem if you have larger NIS maps
(like at FreeBSD.org) since enumerations of the lists will cause a UDP
packet bursts where a few packets being lost once in a while do
happen.

MFC after:	1 week
Discussed with:	peter
Problem mainly diagnosed by:	peter
2007-03-04 10:30:43 +00:00
Daniel Eischen
6fad3aaf15 Add each directory's symbol map file to SYM_MAPS. 2006-03-13 01:15:01 +00:00
Daniel Eischen
cce72e8860 Add symbol maps and initial symbol version definitions to libc.
Reviewed by:	davidxu
2006-03-13 00:53:21 +00:00
Hajimu UMEMOTO
d21de89a71 do mutex lock for each yp calls. with this,
http://cvsweb.netbsd.org/bsdweb.cgi/src/regress/lib/libpthread/resolv/
is working.
2005-05-03 20:30:31 +00:00
Hajimu UMEMOTO
1b482912d1 MUTEX_INITIALIZER should be used instead of
PTHREAD_MUTEX_INITIALIZER, here.
2005-04-06 15:16:04 +00:00
Hajimu UMEMOTO
069eb2cafb protect _yp_domain with mutex lock.
Inspired by:	NetBSD
2005-04-05 18:07:59 +00:00
Stefan Farfeleder
595e532309 Use socklen_t where appropriate. 2005-03-11 14:17:12 +00:00
Jacques Vidrine
d05090827f Back out the `hiding' of strlcpy and strlcat. Several people
vocally objected to this safety belt.
2003-05-01 19:03:14 +00:00
Jacques Vidrine
5723e501ab `Hide' strlcpy and strlcat (using the namespace.h / __weak_reference
technique) so that we don't wind up calling into an application's
version if the application defines them.

Inspired by:	qpopper's interfering and buggy version of strlcpy
2003-04-29 21:13:50 +00:00
Ruslan Ermilov
c51d717f0c libc_r wasn't so tied to libc for 22 months. 2002-11-18 09:50:57 +00:00
Dag-Erling Smørgrav
f249dbcc71 Spell void * as void * rather than caddr_t. This is complicated by the
fact that caddr_t is often misspelled as char *.

Sponsored by:	DARPA, NAI Labs
2002-04-28 15:18:50 +00:00
David E. O'Brien
333fc21e3c Fix the style of the SCM ID's.
I believe have made all of libc .c's as consistent as possible.
2002-03-22 21:53:29 +00:00
Mike Barcroft
fd8e4ebc8c o Move NTOHL() and associated macros into <sys/param.h>. These are
deprecated in favor of the POSIX-defined lowercase variants.
o Change all occurrences of NTOHL() and associated marcros in the
  source tree to use the lowercase function variants.
o Add missing license bits to sparc64's <machine/endian.h>.
  Approved by: jake
o Clean up <machine/endian.h> files.
o Remove unused __uint16_swap_uint32() from i386's <machine/endian.h>.
o Remove prototypes for non-existent bswapXX() functions.
o Include <machine/endian.h> in <arpa/inet.h> to define the
  POSIX-required ntohl() family of functions.
o Do similar things to expose the ntohl() family in libstand, <netinet/in.h>,
  and <sys/param.h>.
o Prepend underscores to the ntohl() family to help deal with
  complexities associated with having MD (asm and inline) versions, and
  having to prevent exposure of these functions in other headers that
  happen to make use of endian-specific defines.
o Create weak aliases to the canonical function name to help deal with
  third-party software forgetting to include an appropriate header.
o Remove some now unneeded pollution from <sys/types.h>.
o Add missing <arpa/inet.h> includes in userland.

Tested on:	alpha, i386
Reviewed by:	bde, jake, tmm
2002-02-18 20:35:27 +00:00
Dag-Erling Smørgrav
dc584ddbc5 ANSIfy and remove some dead code.
Sponsored by:	DARPA, NAI Labs
2002-02-06 15:26:07 +00:00
Dag-Erling Smørgrav
ed4d1c46a2 Apply the following mechanical transformations in preparation for
ansification and constification:

    s{\s+__P\((\(.*?\))\)}{$1}g;
    s{\(\s+}{\(}g;
    s{\s+\)}{\)}g;
    s{\s+,}{,}g;
    s{(\s+)(for|if|switch|while)\(}{$1$2 \(}g;
    s{return ([^\(].*?);}{return ($1);}g;
    s{([\w\)])([!=+/\*-]?=)([\w\(+-])}{$1 $2 $3}g;
    s{\s+$}{\n};g

Also add $FreeBSD$ where needed.

MFC after:	1 week
2002-02-06 13:30:31 +00:00
Alfred Perlstein
8d6301358e Fix cc -Wall, fix rcsid warnings, add missing prototypes,
change prototypes to be the same as in the original sun tirpc code.
Remove ()P macro in a file where the mayority had ()P already removed.
Add them if the mayority use ()P macros.

Submitted by: mbr
Requested by: bde
2002-02-05 23:43:43 +00:00
John Baldwin
7b5f59222e Fix some 32/64-bit bugs. IPv4 addresses are 32-bits, not longs. On the
alpha these bugs didn't cause any problems because it was little endian,
but on sparc64, we ended up with garbage for the IP address when we tried
to contact the server.  (Usually 3.253.0.0)

Not objected to by:	wpaul
2002-01-08 18:05:03 +00:00
Jim Pirzyk
d825ca42c9 Changed the clnt_perror string in yp_all because it was saying the
error came from yp_next

PR:	bin/13254
Submitted by:	Jim Pirzyk
Reviewed by:	jkh
MFC after: 1 week
2001-05-23 15:37:10 +00:00
Daniel Eischen
d201fe46e3 Remove _THREAD_SAFE and make libc thread-safe by default by
adding (weak definitions to) stubs for some of the pthread
functions.  If the threads library is linked in, the real
pthread functions will pulled in.

Use the following convention for system calls wrapped by the
threads library:
	__sys_foo - actual system call
	_foo - weak definition to __sys_foo
	foo - weak definition to __sys_foo

Change all libc uses of system calls wrapped by the threads
library from foo to _foo.  In order to define the prototypes
for _foo(), we introduce namespace.h and un-namespace.h
(suggested by bde).  All files that need to reference these
system calls, should include namespace.h before any standard
includes, then include un-namespace.h after the standard
includes and before any local includes.  <db.h> is an exception
and shouldn't be included in between namespace.h and
un-namespace.h  namespace.h will define foo to _foo, and
un-namespace.h will undefine foo.

Try to eliminate some of the recursive calls to MT-safe
functions in libc/stdio in preparation for adding a mutex
to FILE.  We have recursive mutexes, but would like to avoid
using them if possible.

Remove uneeded includes of <errno.h> from a few files.

Add $FreeBSD$ to a few files in order to pass commitprep.

Approved by:	-arch
2001-01-24 13:01:12 +00:00
Jason Evans
9233c4d942 Simplify sytem call renaming. Instead of _foo() <-- _libc_foo <-- foo(),
just use _foo() <-- foo().  In the case of a libpthread that doesn't do
call conversion (such as linuxthreads and our upcoming libpthread), this
is adequate.  In the case of libc_r, we still need three names, which are
now _thread_sys_foo() <-- _foo() <-- foo().

Convert all internal libc usage of: aio_suspend(), close(), fsync(), msync(),
nanosleep(), open(), fcntl(), read(), and write() to _foo() instead of foo().

Remove all internal libc usage of: creat(), pause(), sleep(), system(),
tcdrain(), wait(), and waitpid().

Make thread cancellation fully POSIX-compliant.

Suggested by:	deischen
2000-01-27 23:07:25 +00:00
Jason Evans
929273386f Add three-tier symbol naming in support of POSIX thread cancellation
points.  For library functions, the pattern is __sleep() <--
_libc_sleep() <-- sleep().  The arrows represent weak aliases.  For
system calls, the pattern is _read() <-- _libc_read() <-- read().
2000-01-12 09:23:48 +00:00
Kris Kennaway
83ac6cdcee Fix buffer overflows.
Reviewed by:	imp, audit@freebsd.org
1999-12-05 21:02:41 +00:00
Peter Wemm
7f3dea244c $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
Bruce Evans
ee4b699da3 Fixed the usual missing dependencies on headers generated by rpcgen.
Use rpcgen's -C option, although using it for non-headers breaks K&R
support.  A local copy of yp.h is built to avoid adding
-I/usr/include/rpcsvc to CFLAGS.  This version of yp.h differed from
<rpcsvc/yp.h> only in not declaring prototypes.

Fixed style bugs.
1998-05-09 15:10:53 +00:00
Bill Paul
4e6ace0853 Fix resource allocation problems:
- Completely recoded the ypmatch cache code. The old code could leak
  memory: it would allow the cache to grow, but never
  shrink. The new code imposes the following limits:

	o The cache is capped at a limit of 5 entries.
	o Each entry expires after five seconds, at which point
	  its slot is freed.
	o If an insertion is to be done and all five slots
	  are filled, the oldest entry is forcibly expired
	  to release its slot.

  Also, the cache is implemented on a per-binding basis rather than
  having a global cache covering all bindings. This means that each
  bound domain has its own 5 slot cache.

- Changed clntudp_create() to clntudp_bufcreate() so that the
  xmit/recv message buffer sizes can be set explicitly. NIS transactions
  are rarely much larger than 1024 bytes since YPMAXRECORD is 1024.
  The defaults chosen by clntudb_create() are actually much larger
  than needed. I set the xmit buffer to a little over 1024 and the
  recv buffer to a little over 2048. This saves a few Kbytes for each
  NIS binding.

- Add my name to the copyright. I think I've made enough changes to
  this file to merit it. :)

Note: these changes should go into the 2.2.x branch, but I'm waiting
on feedback from a tester to see if the cache fixes solve the reported
memory leak problem.
1998-03-07 05:06:10 +00:00
Satoshi Asami
6ded366aaa Use ${DESTDIR} correctly in front of absolute paths. 1997-05-23 08:24:00 +00:00
John Birrell
870039320f Changed all paths to be relative to src/lib instead of src/lib/libc
so that all these makefiles can be used to build libc_r too.

Added .if ${LIB} == "c" tests to restrict man page builds to libc
to avoid needlessly building them with libc_r too.

Split libc Makefile into Makefile and Makefile.inc to allow the
libc_r Makefile to include Makefile.inc too.
1997-05-03 03:50:06 +00:00
Bill Paul
6e8caff794 Don't even think about processing bogus domain names here. 1997-04-10 20:26:04 +00:00
Peter Wemm
7e546392b5 Revert $FreeBSD$ to $Id$ 1997-02-22 15:12:41 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Bill Paul
cc64a2bf11 Fix for bug noticed by Christoph Kukulies.
_yp_dobind() checks to see if a fork() happens (by checking PIDs) and
invalidates all bindings if it finds itself in a newly created child
process. (This avoids sharing RPC client handles and socket descriptors
with the parent, which would be bad.) Unfortunately, it summarily
calls clnt_destroy() on the handles, which may result in the destruction
of a descriptor that isn't really a socket.

This is fixed by replacing the explicit call to clnt_destroy() with a
call to _yp_unbind(), which deals with potentially hosed socket descriptors
an a safe manner.

This is basically a one-liner. Once I confirm that it fixes Christoph's
problem, I'd like permission to put it in the 2.2-RELENG branch.
1996-12-20 19:41:15 +00:00
Bill Paul
9fa75c1550 - Avoid possible SEGVs: never call clnt_destroy() without checking
for NULL RPC client handles. This should hopefully fix the problems
  Satoshi reported on -current.

- Add socket descriptor sanity checks to _yp_unbind().

- Fix yp_order() so that it handles the RPC_PROCUNAVAIL error gracefully.
  NIS+ in YP compat mode doesn't support the YPPROC_ORDER procedure.

This is a 2.2 candidate with bells on.
1996-11-08 01:42:02 +00:00
Bill Paul
56d18eda29 In _yp_dobind(), if we find ourselves required to contact the local ypbind
directly in order to obtain binding information, check that the local
ypbind is using a reserved port and return YPERR_YPBIND if it isn't.
We should not trust any ypbind running on a port >= IPPORT_RESERVED;
it may have been started by a malicious user hoping to trick us into
talking to a bogus ypserv.

Note that we do not check the ypserv port returned to us from ypbind.
It is assumed that ypbind has already done a reserved port test (or not,
depending on whether or not it was started with -s); if we trust the
authenticity of the local ypbind, we should also trust its judgement.

Obtained from: OpenBSD
1996-07-13 20:23:13 +00:00
Jordan K. Hubbard
51295a4d3e General -Wall warning cleanup, part I.
Submitted-By: Kent Vander Velden <graphix@iastate.edu>
1996-07-12 18:57:58 +00:00
James Raynard
ccbcef60f5 Code clean up:
Changed type of pid from int to pid_t. (Missed one!)
1996-06-04 17:35:15 +00:00
James Raynard
e75ad74a88 Code clean up:
Changed type of pid from int to pid_t.
1996-06-03 13:19:10 +00:00
James Raynard
0eb3435311 Code clean up:
Added missing headers for system functions.
1996-06-03 13:16:53 +00:00
Bill Paul
a230877213 Make _yp_dobind() a litle smarter:
Now that we preserve RPC handles instead of rebuilding them each time
a ypcln function is called, we have to be careful about keeping our sockets
in a sane state. It's possible that the caller may call a ypclnt
function, and then decide to close all its file descriptors. This would
also close the socket descriptor held by the yplib code. Worse, it
could re-open the same descriptor number for its own use. If it then calls
another ypclnt function, the subsequent RPC will fail because the socket
will either be gone or replaced with Something Completely Different. The
yplib code will recover by rebinding, but it doing so it may wreck the
descriptor which now belongs to the caller.

To fix this, _yp_dobind() needs to label the descriptor somehow so
that it can test it later to make sure it hasn't been altered between
ypclnt calls. It does this by binding the socket, thus associating a port
number with it. It then saves this port number in the dom_local_port member
of the dom_binding structure for the given domain. When _yp_dobind() is
called again (which it is at the start of each ypclnt function), it checks
to see if the domain is already bound, and if it is, it does a getsockname()
on the socket and compares the port number to the one it saved. If the
getsockname() fails, or the port number doesn't match, it abandons the
socket and sets up a new client handle.

This still incurs some syscall overhead, which is what I was trying to
avoid, but it's still not as bad as before.
1996-06-01 05:08:31 +00:00
Bill Paul
2694f9b9a8 - Patch around amd core dump problem: don't allow yp_unbind() or _yp_unbind()
to call clnt_destroy() on a potentially NULL RPC handle. Somebody should
  bang on this a bit to make sure the problem is really gone; I seem to
  have difficulty reproducing it. Patch provided by Peter Wemm and
  slightly tweaked by me.

- Don't call _yp_unbind() in individual ypclnt functions unless we encounter
  an RPC error while making a clnt_call().
1996-05-16 18:01:17 +00:00
Bill Paul
a169c9b1f9 NIS client-side performance tweak:
Each of the ypclnt functions does a _yp_dobind() when it starts and then
a _yp_unbind() when it finishes. This is not strictly necessary and it
wastes cycles: it means we do a new clnt_create() and clnt_destroy()
for each yp_whatever() call. In fact, you can do multiple clnt_call()s
using a single RPC client handle returned by clnt_create(). Ideally we only
have to create a handle to ypserv once (the first time we call a ypclnt
function) and then destroy it and rebind only if a call to ypserv fails.

- Modify _yp_dobind() so that it only creates a new RPC client handle
  when establishing a new binding or when one of the ypclnt calls
  invalidates an existing binding and calls _yp_dobind() to establish
  a new one.

- Modify the various ypclnt functions to only call _yp_unbind() if a
  call to ypserv fails.
1996-05-02 15:44:53 +00:00