which ypxfr links with. (Sorry: left over development bogon.)
Just a reminder: you must rebuild librpcsvc before you build
this program.
Pointed out by: Stephen Hocking
to fix the mega-commits spamming.
pst 96/05/29 20:09:25
Modified: secure/usr.bin/telnet Makefile main.c
Log:
Remove obsolete SOCKSv4 support
Submitted by: pst
Obtained from: A mirrored CVS repository that will disappear next SUP
If rpc.yppasswdd is invoked with the -i flag, password changes will
be made to the master.passwd template file and the hash map files
in-place, which means it won't have to run a complete map update.
Instead, it calls /var/yp/Makefile with the 'pushpw' target, which
just pushes the maps to the slaves and runs yp_mkdb -c to tell the
local ypserv to flush its database cache.
The server will check the passwd.byname and passwd.byuid maps to see
if they were built in 'insecure' or 'secure' mode (i.e. with real
encrypted passwords in them or without) and update them accordingly.
This combined with rpc.ypxfrd greatly reduces the amount of time it
takes to complete an NIS password change, especially with very large
passwd databases.
Also generallize the yp_dbwrite functions a little: allow the caller
to specify certain flags. I need this mostly for some changes to
rpc.yppasswdd to allow in-place updates.
Also change Makefile a little to use the same format as ypserv.
This server impliments an RPC-based file transfer protocol that allows
an NIS slave server to copy a raw map database file from an NIS master.
The goal here is to speed up the transfer of very large maps. If you
have, for example, an NIS password database with 30,000 records in it,
it can take around 8 to 10 minutes to regenerate it (four hash databases
are created). As it stands now, ypxfr(8) transfers a map by sucking all
the records from ypserv(8) on the master using yp_all() and writing them
to a new database using the db(3) library. This adds up to another 8 to 10
minutes, per slave. With as the number of slaves increases, this latency
becomes prohibitive.
With rpc.ypxfrd, all the slave has to do is copy the already-built
hash database file from the master and move it into place. Even with a
multi-megabyte file, this reduces the master to slave transfer time
to well under a minute. (This is using TCP.)
Access restrictions are applied using the same mechanism as in ypserv:
you can control access using /var/yp/securenets, and the server will
not transmit the master.passwd.* maps unless the transfer request originates
on a reserved port.
Note: this server is based on my hastily contrived protocol and is _NOT_
compatible with Sun's protocol of the same name. It can't be compatible
for a couple of reasons. For one thing, Sun's protocol has not been published
anywhere that I know of. It is not included in any of the SunRPC source
distributions that I've been able to find. Second, Sun's NIS v2 code
uses old style ndbm maps while FreeBSD uses Berkeley DB. The file formats
are incompatible, so being able to transfer maps between FreeBSD and SunOS
hosts wouldn't do any good anyway. (You could always port the FreeBSD NIS
code to SunOS if you really wanted to do it. :)
(There's also the little fact that SunOS/SPARC is big-endian and FreeBSD/i386
is little-endian. Berkeley DB can handle byte ordering differences; ndbm
probably can't.)
some problems with the page-table page management code, since it can't
deal with the notion of page-table pages being paged out or in transit.
Also, clean up some stylistic issues per some suggestions from
Stephen McKay.
Import a my own little ypxfrd protocol. Note that this protocol is
_NOT_ the same as Sun's, which is proprietary.
This basically impliments an RPC-based file transfer protocol which
lets a slave server suck over a raw map database file from the master.
This is many times faster than the normal method, which requires reading
the records from ypserv via yp_all() and then creating a new database
on the fly, particularly when you have many tens of thousands of
records in a map (e.g. a huge passwd database).
The protocol number I chose falls within the 'user-specified' range.
Maybe we should register it with Sun so we can get an official vendor
number for it. :)
- Add a 'pushpw' target that only yppushes the various passwd maps
and sends a YPPROC_CLEAR to the local ypserv. This will be used by
rpc.yppasswdd once I merge in the in-place update changes.
yp_access.c:
- Make the yp_access() function print RPC program and procedure numbers
that it doesn't know about in literal form. This will allow it to work
with other prgrams that it doesn't know about, like rpc.ypxfrd I'm going
to import shortly.
yp_dblookup.c:
- Take out the __inline keywords. They weren't really helping me anyway.
- Somehow I broke yp_next() when DB_CACHE wasn't #defined. Fix it.
- Also fix potential case where yp_next() might loop forever; make sure
it checks the return values of all the (dbp->seq)()/R_NEXT calls that
it does as well as comparing keys.
by W.Richard Ste vens. EINTR handling suggested by bde@freebsd.org).
Code cleanup:
1. Add missing return type.
2. Replace 'union wait' by int.
3. Use Posix-style signal handling instead of signal().
4. Use fork() instead of deprecated vfork().
5. Block signals before fork()'ing, instead of after.
6. Return -1 if fork() fails, instead of 0.
7. Add EINTR handling for waitpid() call.
Also add claim of Posix conformance to man page.
circumstances, caused perfectly good connections to be dropped. This
happened for connections over a LAN, where the retransmit timer
calculation TCP_REXMTVAL(tp) returned 0. If sending was blocked by flow
control for long enough, the old code dropped the connection, even
though timely replies were being received for all window probes.
Reviewed by: W. Richard Stevens <rstevens@noao.edu>
code without the B_READ flag being set. This is a problem when the
data is not cached, and the result will be a bogus attempted write.
Submitted by: Kato Takenori <kato@eclogite.eps.nagoya-u.ac.jp>
process during pmap_copy. This minimizes unnecessary swapping or creation of
swap space. If there is a hold_count flaw for page-table
pages, clear the page before freeing it to lessen the chance of a system
crash -- this is a robustness thing only, NOT a fix.
