Commit Graph

722 Commits

Author SHA1 Message Date
Kris Kennaway
4147bd4426 Filter out some more magic environment variables used by libraries linked
with telnetd. This should really be done with a positive filter - i.e.
only allow through a configured list of variables.

Also do some buffer-safety cleanups while I'm here - I don't think these
are exploitable.
2000-10-31 05:29:54 +00:00
Brian Somers
fbf0385368 Use the new-style ngpppoe_init_data structure.
Approved by: archie
2000-10-31 02:46:12 +00:00
Gregory Neil Shapiro
d1ba25f456 Add a MAINTAINER= line so people know who to blame 2000-10-26 23:02:36 +00:00
Guido van Rooij
ea413ab7ad Fix broken PAM with SKEY behaviour: the skey.access file checks
were broken because the code failed to set PAM_RHOST.
2000-10-12 10:21:05 +00:00
Ruslan Ermilov
6f1214d918 Removed broken PAM support from rshd(8) and rlogind(8). rshd does
not allocate a pty(4) so it is not suitable at all for interactive
PAM modules.  rlogind calls login(1) which is already PAM enabled.

Approved by:	markm
2000-10-12 07:18:20 +00:00
Gregory Neil Shapiro
c6cc60252d Style fixes 2000-10-11 05:04:21 +00:00
Gregory Neil Shapiro
1e1c8c164c mail.local(8) is no longer installed as a set-user-id binary.
Users may have to adjust their configuration to call mail.local as root
by adding the F=S flag to the local mailer.  Most probably already have this.
2000-10-10 18:12:30 +00:00
Garrett Wollman
eb2fc78027 Don't depend on <sys/stat.h> bogusly including <sys/time.h> (and thereby
<time.h>).
2000-10-10 01:50:26 +00:00
Ruslan Ermilov
9b376c9084 Make it compile without -DNO_PAM again. 2000-10-06 17:08:31 +00:00
Brian Somers
fd845ee4c3 o Load netgraph.ko, ng_ether.ko and ng_pppoe.ko as required (I'm sure this
used not to be necessary).
o Allow ``-n ngdebug'' to specify something to pass to NgSetDebug()
  and redirect NgSetDebug() output to syslog(8) in daemon() mode.
o Xref ng_ether(8) and NgSetDebug(4).
o Correct the type of the response passed to NgRecvData.
2000-10-03 20:41:00 +00:00
John Polstra
185db83c04 Add support for dlsym(RTLD_DEFAULT, ...). 2000-09-19 04:27:16 +00:00
Gregory Neil Shapiro
cf1fec423a Give users a way to alter the sendmail (and related utilities) build
environment so they can enable functionality such as SASL, LDAP, Hesiod.
2000-09-17 00:41:33 +00:00
Garrett Wollman
67c31d5008 Some more slight doco fixes: update date, and add a bit more to the history. 2000-09-14 19:20:17 +00:00
Garrett Wollman
f62eaadff1 Allow tftpd to run as a specified user, not just `nobody'.
Update documentation to reflect new option.  Also fix documentation
style and add missing references.

PR:		21268
Submitted by:	"Aleksandr A. Babaylov" <babolo@links.ru>
Reviewed by:	imp
2000-09-14 19:08:29 +00:00
Warner Losh
7c62d872a5 strerror is declared in <string.h>
errno is declared in <errno.h>
2000-09-04 05:48:09 +00:00
Warner Losh
53410a4824 remove redundant optreset declaration 2000-09-04 05:47:14 +00:00
John W. De Boskey
bde08d0072 Pass two pointer parameters to the r_debug_state() hook
function, thus allowing a debugger or other trace tool
to easily grab the addresses of the needed structures
off the stack.

This change is transparent to gdb, which locates the
link_map list and transfers it to debugger memory
for comparison purposes.

A sample program will be committed showing how this can
be used.

Reviewed by:    John Polstra <jdp@FreeBSD.org>
2000-08-26 05:13:29 +00:00
Sheldon Hearn
90906a46ea Don't set an arbitrary limit on username lengths; use MAXLOGNAME
instead.

PR:		20675
Submitted by:	Vladimir B Grebenschikov <vova@express.ru>
2000-08-17 12:31:17 +00:00
Ruslan Ermilov
2310b8c624 Fix `control socket: Protocol not supported' failure in
standalone -D mode when neither -4 nor -6 is specified.
2000-08-16 09:12:33 +00:00
Gregory Neil Shapiro
88c75941e6 The rest of the changes needed to support the new version of sendmail (8.11.0).
Beyond changes to the build system, this includes fixing up the sample
freebsd.mc configuration for changes in defaults and syntax, removing
outdated documentation, and updating the release notes.
2000-08-12 22:39:25 +00:00
Kris Kennaway
769ec4a81a sprintf() -> snprintf() paranoia. 2000-08-04 10:39:34 +00:00
Sheldon Hearn
028f24cffa Honour skey.access(5) by allowing UNIX passwords when skeyaccess(3)
has set pwok to a non-zero value.

Previously, the fact that skey.access(5) allowed UNIX passwords for
this connection attempt was ignored, even in the NOPAM case.

This only addresses the NOPAM case; when libpam is used, the problem
will persist.

PR:		20333
2000-08-01 13:58:55 +00:00
Nick Sayer
3d4a189e9f Add 'nc' flag to gettytab -- no carrier. Forces non-blocking open and
setting of CLOCAL. Necessary for 3 wire RS-232 setups with dumb
terminals.

PR:		5959
2000-07-31 23:47:57 +00:00
Hajimu UMEMOTO
21cca9bebe Make compilable without -DINET6.
With shut up unused variable warnings.

PR:		bin/20225
Submitted by:	Paul Herman <pherman@frenchfries.net>
2000-07-28 09:34:44 +00:00
John Polstra
44a028c369 Revamp the code that calls shared libraries' init and fini functions.
Formerly the init functions were called in the opposite of the
order in which libraries were loaded, and libraries were loaded
according to a breadth-first traversal of the dependency graph.
That ordering came from SVR4.0, and it was easy to implement but
not always sensible.

Now we do a depth-first walk over the dependency graph and call
the init functions in an order such that each shared object's needed
objects are initialized before the shared object itself.  At the
same time we build a list of finalization (fini) functions in the
opposite order, to guarantee correct C++ destructor ordering whenever
possible.  (It may not be possible if dlopen and dlclose are used
in strange ways, but we come as close as one can come.)

The need for this renovation has become apparent as more programs
have started using multithreading.  The multithreaded C library
libc_r requires initialization, whereas the standard libc does not.
Since virtually every other object depends on the C library, it is
important that it get initialized first.
2000-07-26 04:24:40 +00:00
Brian Feldman
119fc1a3ce We shouldn't use cp to save the old ld-elf.so.1. Use the sanctioned tool
${INSTALL} with -C -p instead.
2000-07-20 08:00:02 +00:00
Dag-Erling Smørgrav
6200918df7 Don't reply "not a plain file" when the requested file doesn't exist. 2000-07-17 22:24:52 +00:00
John Polstra
cf98e66403 Fix a bug which could cause programs with user threads packages to
lock against themselves, causing infinite spinning.  Brian Feldman
found this problem when testing with Mozilla and supplied the fix,
which I have revised slightly.

Here is the failure scenario.  A thread calls dlopen() and acquires
the writer lock.  While the thread still holds the lock, a signal
is delivered and caught.  The signal handler tries to call a function
which hasn't been bound yet.  It thus enters the dynamic linker
and tries to acquire the reader lock.  Since the writer lock is
already held, it will spin forever in the signal handler.  The
thread holding the lock won't be able to progress and release the
lock.

The solution is to block almost all signals while holding the
exclusive lock.

A similar problem could conceivably occur in the opposite order.
Namely, a thread is holding the reader lock and then a signal
handler calls dlopen() or dlclose() and spins waiting for the writer
lock.  We deal with this administratively by proclaiming that signal
handlers aren't allowed to call dlopen() or dlclose().  Actually
we don't have to proclaim a thing, since signal handlers aren't
allowed to call any system functions except those which are explicitly
permitted.

Submitted by:	Brian Fundakowski Feldman <green>
2000-07-17 17:18:13 +00:00
Kris Kennaway
fcee96bdc1 Don't call err() without a format string. 2000-07-11 23:53:22 +00:00
Ben Smithurst
a611641f01 Explain that the -S option only logs file downloads, not all transfers.
PR:		16934
Submitted by:	Kurt Zeilenga <kurt@OpenLDAP.org>
2000-07-11 11:42:29 +00:00
John Polstra
630df077ab Solve the dynamic linker's problems with multithreaded programs once
and for all (I hope).  Packages such as wine, JDK, and linuxthreads
should no longer have any problems with re-entering the dynamic
linker.

This commit replaces the locking used in the dynamic linker with a
new spinlock-based reader/writer lock implementation.  Brian
Fundakowski Feldman <green> argued for this from the very beginning,
but it took me a long time to come around to his point of view.
Spinlocks are the only kinds of locks that work with all thread
packages.  But on uniprocessor systems they can be inefficient,
because while a contender for the lock is spinning the holder of the
lock cannot make any progress toward releasing it.  To alleviate
this disadvantage I have borrowed a trick from Sleepycat's Berkeley
DB implementation.  When spinning for a lock, the requester does a
nanosleep() call for 1 usec. each time around the loop.  This will
generally yield the CPU to other threads, allowing the lock holder
to finish its business and release the lock.  I chose 1 usec. as the
minimum sleep which would with reasonable certainty not be rounded
down to 0.

The formerly machine-independent file "lockdflt.c" has been moved
into the architecture-specific subdirectories by repository copy.
It now contains the machine-dependent spinlocking code.  For the
spinlocks I used the very nifty "simple, non-scalable reader-preference
lock" which I found at

  <http://www.cs.rochester.edu/u/scott/synchronization/pseudocode/rw.html>

on all CPUs except the 80386 (the specific CPU model, not the
architecture).  The 80386 CPU doesn't support the necessary "cmpxchg"
instruction, so on that CPU a simple exclusive test-and-set lock
is used instead.  80386 CPUs are detected at initialization time by
trying to execute "cmpxchg" and catching the resulting SIGILL
signal.

To reduce contention for the locks, I have revamped a couple of
key data structures, permitting all common operations to be done
under non-exclusive (reader) locking.  The only operations that
require exclusive locking now are the rare intrusive operations
such as dlopen() and dlclose().

The dllockinit() interface is now deprecated.  It still exists,
but only as a do-nothing stub.  I plan to remove it as soon as is
reasonably possible.  (From the very beginning it was clearly
labeled as experimental and subject to change.)  As far as I know,
only the linuxthreads port uses dllockinit().  This interface turned
out to have several problems.  As one example, when the dynamic
linker called a client-supplied locking function, that function
sometimes needed lazy binding, causing re-entry into the dynamic
linker and a big looping mess.  And in any case, it turned out to be
too burdensome to require threads packages to register themselves
with the dynamic linker.
2000-07-08 04:10:38 +00:00
John Polstra
517191eede When installing the dynamic linker, save the previous version in
"ld-elf.so.1.old".  The dynamic linker is a critical component of
the system, and it is difficult to recover if it is damaged and
there isn't a working backup available.  For instance, parts of
the toolchain such as the assembler are dynamically linked, making
it impossible to build a new dynamic linker if the installed one
doesn't work.
2000-07-08 03:27:54 +00:00
Brian S. Dean
f2b5eea7aa Plug the hole where rshd would bypass a proper .rhosts check if the
password was empty.

Reviewed by:	Warner Losh <imp@freebsd.org>
2000-07-05 17:47:17 +00:00
Sheldon Hearn
cbe10916b3 Only punctuation is an allowed argument type for open-close macros
such as Po/Pc, as explained by phantom.

Reported by:	billf
2000-06-30 06:30:53 +00:00
David Nugent
b535a9bf12 Fix a problem in the virtual host address compare code which caused
duplicated host entries in /etc/ftphosts not to be folded. Make sure
we exit the loop on a match.

PR:		bin/19390
2000-06-26 05:36:09 +00:00
Josef Karthauser
141d77b8cb Switch over to using the new fflagstostr and strtofflags library calls. 2000-06-17 14:19:33 +00:00
Jonathan Lemon
7d664a2f47 Spelling fix: transfered --> transferred
Submitted by:  dan@dan.emsphone.com
2000-06-02 21:22:09 +00:00
Jake Burkholder
e39756439c Back out the previous change to the queue(3) interface.
It was not discussed and should probably not happen.

Requested by:		msmith and others
2000-05-26 02:09:24 +00:00
Nick Sayer
2db39860cf 1. Add IPv6 portrange restriction code (-U flag) to passive().
2. Add portrange restriction code (for both v4 and v6) to the EPSV
processing stuff.
2000-05-25 19:30:18 +00:00
Jake Burkholder
740a1973a6 Change the way that the queue(3) structures are declared; don't assume that
the type argument to *_HEAD and *_ENTRY is a struct.

Suggested by:	phk
Reviewed by:	phk
Approved by:	mdodd
2000-05-23 20:41:01 +00:00
John Polstra
a0f2601e13 Eliminate unaligned accesses that occurred when relocating the
DWARF2 exception tables emitted by the compiler for C++ sources.
These tables are tightly packed, and they contain some relocated
addresses which are not well-aligned.
2000-05-22 16:31:18 +00:00
Bruce Evans
86f792b120 Don't uselessly set MANDEPEND (it isn't used in this Makefile, and isn't
really used in bsd.man.mk).

Don't uselessly set MANSRC ("." is in the path by default, and there are
no ordering problems).

Fixed some other style bugs.
2000-05-15 15:01:13 +00:00
Nick Sayer
210376ef16 Man page fixups
Submitted by:	sheldonh@uunet.co.za
2000-05-15 14:06:07 +00:00
Hajimu UMEMOTO
cacdbc0d13 IPv6 support.
Reviewed by:	shin
2000-05-14 18:01:05 +00:00
Nick Sayer
0d9fb499eb Add -i (insecure) flag to rexecd, which allows uid == 0 logins
(presuming that the user in question is not in /etc/ftpusers and
does not have a null password).
2000-05-13 15:58:36 +00:00
Mike Pritchard
751f44657e Minor mdoc cleanup.
PR:		docs/13218
2000-05-05 02:21:45 +00:00
Jeroen Ruigrok van der Werven
2e79759062 Remove dead debug code.
This also removes a dependency/reference on COMPAT_43.
2000-04-29 12:02:00 +00:00
Sheldon Hearn
35add0e9a7 Cross-reference ldd(1) in rtld(1) and vice versa. 2000-03-28 09:01:04 +00:00
Bruce Evans
9d08570309 Fixed missing DPADDs.
Fixed some style bugs (some usual ones for LDADD, and misformatting of
$FreeBSD$).
2000-03-27 16:11:27 +00:00
Dan Moschuk
e4322bc6d3 Wrap uucpd behind the NOUUCP knob.
Noticed by: Doug Barton
2000-03-24 18:21:09 +00:00