lookup on the incoming IP, do a forward lookup on
the result and make sure that the IP is in the
resulting list. If it's not, put the IP number
in utmp/wtmp instead of the rogue name.
Stolen from: rlogind
Suggested by: sef
avoid crashing inside rtld (since it's easy) since everything else handles
it. Of course, if the target program checks argv[], it'll fall over.
Reviewed by: jdp
damn useful thing for using with serial consoles in clusters etc or secure
console locations. Using a custom gettytab entry for console with
an entry like 'al=root' means that there is *always* a root login ready on
the console. This should replace hacks like those which go with conserver
etc. (This is a loaded gun, watch out for those feet!)
Submitted by: "Andrew J. Korty" <ajk@purdue.edu>
There's not much point in having uucpd behave differently than
login(1) for this, and now uucpd is compatible to the default chat
script of Taylor UUCP which sends a single \r at first.
While i was at it, added a few strategic ``errno = 0;''s, so at least
an `Undefined error 0' will be returned for things like a closed
connection while reading the login ID or password, as opposed to an
even more bogus thing like `No such file or directory'.
on rshd and rlogind. However, note that:
1: rshd used to drop a connection with -a if the hostname != ip address.
This is unneeded, because iruserok() does it's own checking.
It was also wrong if .rhosts had an explicit IP address in it,
connections would be dropped from that host solely because the DNS was
mismatched even though it was explicitly intended to work by IP address.
2: rlogind and rshd check the hostname mappings by default now because that
is what goes into the utmp/wtmp and logs. If the hostname != ip address,
then it uses the IP address for logging/utmp/wtmp purposes. There isn't
much point logging ficticious hostnames.
3: rshd -a is now accepted (but ignored) for compatability. If you really
want to make life miserable for people with bad reverse DNS, use tcpd in
paranoid mode (which is questionable anyway, given DNS ttl tweaking).
Removed getuid() root check so ntalkd can be run from a tty sandbox.
It isn't suid root anyway, who knows why the getuid() check was even
in there in the first place!
rtld would accept the first shared library it found with the right
major version number, even if the minor version number was too low.
If a different version of the shared library with an adequate minor
version number appeared later in the search path, it would not be
found.
Now the rtld searches all locations first looking for a library
with a minor version that is high enough. Only if such a library
is not found will it fall back to accepting a minor version number
that is too low. As before, a warning comes out in that case.
This solves some problems encountered when building an older world
on a -current system.
References from GDB to "printf" and various other functions would
find the versions in the dynamic linker itself, rather than the
versions in the program's libc. This fix moves the GDB link map
entry for the dynamic linker to the end of the search list, where
its symbols will be found only if they are not found anywhere else.
It was suggested by Doug Rabson, though I implemented it a little
differently.
I personally would prefer to leave the dynamic linker's entry out
of the GDB search list altogether. But Doug argues that it is
handy there for such things as setting breakpoints on dlopen().
So it stays for now, at least.
Note, if we ever integrate the dynamic linker with libc (which has
several important benefits to recommend it), this whole problem
goes away.
dynamic linker itself dynamically allocated. All of them are
supposed to be dynamically allocated, but we cheated before. It
made gdb unhappy under some circumstances.
least 2 version numbers. This fixes the bug where the dynamic
linker would try to load an ELF shared library if it found one.
Note, this change also fixes the same thing in "ld", because the
code is shared.
For "ld" there is still a problem with ".a" libraries, which cannot
be distinguished by name. I haven't decided what, if anything, to
do about that.
a different file than the a.out hints, namely, "/var/run/ld-elf.so.hints".
These hints consist only of the directory search path. There is
no hash table as in the a.out hints, because ELF doesn't have to
search for the file with the highest minor version number. (It
doesn't have minor version numbers at all.)
A single run of ldconfig updates either the a.out hints or the ELF
hints, but not both. The set of hints to process is selected in
the usual way, via /etc/objformat, or ${OBJFORMAT}, or the "-aout"
or "-elf" command line option. The rationale is that you probably
want to search different directories for ELF than for a.out.
"ldconfig -r" is faked up to produce output like we are used to,
except that for ELF there are no minor version numbers. This should
enable "ldconfig -r" to be used for checking LIB_DEPENDS in ports
even for ELF.
I implemented the ELF functionality in a new source file, with an
eye toward eliminating the a.out code entirely at some point in
the future.
shared object. Note, this searches _only_ that object, and not its
needed objects, in accordance with the documentation.
Also fix dlopen(NULL, ...) so that the executable's needed objects
are searched as well as the executable itself.
it to sit right...
The __error() hack gave out the wrong address. It returned the address of
errno in ld.so instead of the address of errno in the main program. Oops.
The hack is now correct, just in time to be obsoleted by elf.
or Elf64 based on the inclusion of the machine dependent header.
I've left the addition of the extra fields to handle the relocation
structures with addend for a separate commit after jdp has had a chance
to review what I've done. The current change is needed to compile
csu/alpha/crt1.c
alternative, I present .. ta! da! .. the __error() hack.
This patch to the a.out dynamic loader provides old a.out binaries
with __error() if they are linked with an older libc that lacks it,
but are also linked against a library that needs it.
There is a smaller, tricker hack that takes advantage of the fact
that ld.so has __error() too, courtesy of the new libc, but this
hack is the straightforward version.
Move a.out libraries to /usr/lib/aout to make space for ELF libs.
Make rtld usr /usr/lib/aout as default library path.
Make ldconfig reject /usr/lib as an a.out library path.
Fix various Makefiles for LIBDIR!=/usr/lib breakage.
This will after a make world & reboot give a system that no
longer uses /usr/lib/*, infact one could remove all the old
libraries there, they are not used anymore.
We are getting close to an ELF make world, but I'll let this
all settle for a week or two...
output for local users. FTP protocol RFC also says that 'ls' output is
not machine-readable. "always UTC" still possible with TZ= in ftpd
environment by price of having UTC in log files too.
Fix INTERNAL_LS to sense new /etc/localtime after chroot
any case.
It makes no difference for anon account (since chroot already makes it GMT),
but if you do mirror with special non-anon login, in old variant
your mirror will be wholy retransmitted twice in the year due to
time zone changes (/etc/localtime plays bad role here)
quite a few enhancements and bug fixes. There are still some known
deficiencies, but it should be adequate to get us started with ELF.
Submitted by: John Polstra <jdp@polstra.com>
MOUNT_LFS to "lfs" in one place. The merge was painful because it
conflicted with cosmetic FreeBSD changes. lfs_cleanerd still compiles
cleanly but has aproximately the same chance of working as before (0).
emacs a.out file, self-generated by emacs's "unexec" function in
"unexsunos4.c", is invalid. In particular, its "_end" symbol has
the wrong value. The dynamic linker was using the value of that
symbol to initialize its sbrk break level.
The workaround is to peek at the executable's a.out header in
memory, and calculate what "_end" should be based on the segment
sizes.
I will work out a fix for emacs and send it to the FSF. This
dynamic linker workaround is still worthwhile, if only to avoid
forcing all emacs users to build a new version.
Note: xemacs gives a bogus warning at startup, for related reasons.
The warning is harmless and can safely be ignored. I will send a
patch to the xemacs maintainers to get rid of it, and meanwhile
add a patch file to our port.
things so that it uses the same malloc as is used by the program
being executed. This has several advantages, the big one being
that you can now debug core dumps from dynamically linked programs
and get useful information out of them. Until now, that didn't
work. The internal malloc package placed the tables describing
the loaded shared libraries in a mapped region of high memory that
was not written to core files. Thus the debugger had no way of
determining what was loaded where in memory. Now that the dynamic
linker uses the application's malloc package (normally, but not
necessarily, the system malloc), its tables end up in the regular
heap area where they will be included in core dumps. The debugger
now works very well indeed, thank you very much.
Also ...
Bring the program a little closer to conformance with style(9).
There is still a long way to go.
Add minimal const correctness changes to get rid of compiler warnings
caused by the recent const changes in <dlfcn.h> and <link.h>.
Improve performance by eliminating redundant calculations of symbols'
hash values.
This change changes the default handling of linemode so that older and/or
stupider telnet clients can still get wakeup characters like <ESC> and
<CTRL>D to work correctly multiple times on the same line, as in csh
"set filec" operations. It also causes CR and LF characters to be read by
apps in certain terminal modes consistently, as opposed to returning
CR sometimes and LF sometimes, which broke existing apps. The change
was shown to fix the problem demonstrated in the FreeBSD telnet client,
along with the telnet client in Solaris, SCO, Windows '95 & NT, DEC OSF,
NCSA, and others.
A similar change will be incorporated in the crypto version of telnetd.
This resolves bin/771 and bin/1037.
is asking for trouble (sequential database enumerations can get caught
in an infinite loop). The yp_mkdb(8) utility avoids putting such records
into a database, but ypxfr does not. Today I got bit by a NULL entry in
one of the amd maps on my network, which is served by a SunOS master.
The map was transfered successfully to my FreeBSD slave, but attempting
to dump it with ypcat(1) caused ypserv(8) to transmit the same record
over and over again, making the map appear to be infinitely large. I
finally noticed the problem while testing a new version of amd under
development at the Columbia CS department, which began gobbling up insane
amounts of memory while trying to swallow the map.
To deal with this problem, I'm modifying ypxfr to watch for records
with zero-length keys and turn them into something less destructive
before writing them to the database.
plain 0 should be used. This happens to work because we #define
NULL to 0, but is stylistically wrong and can cause problems
for people trying to port bits of code to other environments.
PR: 2752
Submitted by: Arne Henrik Juul <arnej@imf.unit.no>
by a repository copy from 1.1.5 and patched back to Lite1) and
rbootd/bootdir/SYSHPBSD (which is binary). All changed files have
already left the vendor branch.
on malformed /etc/group entries. This is a band-aid until I can pull
in the newer group parsing code from getgrent .
Pointed out by: branson@belmakor.hq.ferg.com (Branson Matheson)
Add a -Bforcedynamic option which generates a dynamic object even
if no shared libraries were given in the link.
Make RRS in text section warnings conditional on "-assert pure-text"
so that I can link non-PIC kernel modules without tons of link
errors. Changes to bsd.lib.mk to follow.
Fix a couple of bugs exposed by the fact that the kernel is not
linked at zero.
Reviewed by: jdp
calls. The cost is a little more up-front memory allocation, but the
effect seems minimal.
Problem noticed-by: bde
Added syslog at LOG_ERR when referencing an unknown gettytab entry
and for other cgetent() failues (circular reference et al).
To be merged into 2.2 after a few days testing.
modules from src/bin/ls, and handling exec(_PATH_LS,..) as a
special case, very useful in an environment where many users
are given chroot access. "~/etc/{s}pwd.db" files are still
needed if uid/gid->user/group translation is desired.
To enable this it must be compiled with the make variable
FTP_INTERNAL_LS defined, either in /etc/make.conf or the
environment.
ld-specific flags. LDFLAGS is really for ld-related flags for cc,
not for ld, and some flags, e.g., -Bshareable, mean completely
different things to cc and ld. Having the wrong things in LDFLAGS
also broke the standard ${PROG} target. This was kludged around
by using a special rule that depended on LDFLAGS being bogus.
Fixing `make depend' broke the special rule but fixed the standard
rule (except in the DESTDIR case, which was handled more strictly
here than elsewhere).
'sane' standard (not raw) settings before abort/exiting; move
responsibility of setting raw mode for chat-handling out of
chat.c to avoid doing redundant tc{s,g}etattr()s; move DE
pause prior setting standard mode before issue/login prompt to
avoid echoing modem connect strings. Fixed up comment styles
in a couple of places.
Rev 1.16 deraadt:
do not warn about valid options; invalid options correctly quit
Rev 1.15 deraadt:
need not clear options since bad ones cause exit;
provos@ws1.physnet.uni-hamburg.de
Rev 1.14 deraadt:
IPOPT_LSRR/IPOPT_SSRR must exit() due to tcp sequencing; pointed
out by provos@wserver.physnet.uni-hamburg.de. also another 1-char
buffer overflow.
Reviewed by: Peter Wemm
Obtained from: OpenSBD
Rev 1.13 deraadt:
do not warn about valid options; invalid options correctly quit
Rev 1.12 deraadt:
need not clear options since bad ones cause exit;
provos@ws1.physnet.uni-hamburg.de
Rev 1.11 deraadt:
IPOPT_LSRR/IPOPT_SSRR must exit() due to tcp sequencing; pointed
out by provos@wserver.physnet.uni-hamburg.de. also another 1-char
buffer overflow.
Reviewed by: Peter Wemm
Obtained from: OpenSBD
