Commit Graph

49 Commits

Author SHA1 Message Date
phk
7e3e58e307 Add an "internal" driver for the "ident" protocol (tcp/113).
It will return "ERROR:HIDDEN-USER" for all requests.

To use it add:
	ident   stream  tcp     nowait  root    internal
to inetd.conf
1998-11-04 19:39:46 +00:00
jb
1397d65617 Bruce says that %p is intended to format void pointers only. So use a void *
cast. There are pointers and then there are _pointers_. One day I'll
figure out which are which. 8-)
1998-08-18 02:10:05 +00:00
jb
30d13525cd Remove a cast and print the pointer value with %p instead of %x. 1998-08-17 06:16:59 +00:00
ache
d112dfdd6d Add (struct timezone *) cast to NULL for K&R 1998-07-24 08:28:33 +00:00
ache
979a336bf8 Use NULL as gettimeofday arg instead of 0 cast
Add missing arg to error diagnostic
Print yet one arg of error diagnostic
1998-07-23 20:05:02 +00:00
phk
1e1b756825 last patch misapplied. 1998-07-22 14:24:12 +00:00
phk
34321d0c1d This may apply to all known versions of inetd.
For a tcp/nowait connection, inetd invokes accept(2) for
each pending connection; this call returns a file descriptor
associated with the new connection.

Twelve years ago, code was added to inetd to detect "failing
servers".  The heuristic that identifies a failing server is
one that has been invoked a large number of times over some
specified interval (e.g., more than 128 ftp services started
in 60 seconds may flag the ftp service as "failing").  These
compile-time constants vary depending on vendor.

The problem is that, when a failing server is detected, the
code neglects to close the file descriptor returned by the
accept(2).

Security-Implications:
I suppose someone with ample free time could orchestrate an
attack buy pummeling services until the inetd process finally
runs out of file descriptors thus rendering inetd useless to
any new connections that require a new descriptor.

PR:		7286
Reviewed by:	phk
Submitted by:	Jeff Forys <jeff@forys.cranbury.nj.us>
1998-07-22 05:53:53 +00:00
phk
306618399a Spelling fixes.
PR:		6903
Reviewed by:	phk
Submitted by:	Josh Gilliam <josh@quick.net>
1998-06-10 12:34:27 +00:00
pb
214c44ebfb Small typo in T/TCP patch ("speicfy" -> "specify"). 1998-05-15 19:16:35 +00:00
guido
48e63b4853 On request of Garrett, ad a way to specify that a service should be
reachable via T/TCP
Reviewed by:	Garrett Wollman
1998-05-14 20:26:16 +00:00
bde
9c3f7a58b7 Fixed gross errors in previous commit. `sapipe' was used uninitialized
to attempt to unblock SIGCHLD, but we actually want to unignore SIGPIPE.

Obtained from:	OpenBSD

Finished conversion from sigvec to sigaction (don't assume that sa_mask
is a scalar...).  Didn't convert from sigblock to sigprocmask.  Didn't
fix missing error checking for sigaction...
1998-05-11 12:11:59 +00:00
guido
ad72c5288f Unblock SIGPIPE before execv(); convert from sigvec to sigaction
Obtained from: OpenBSD
1998-05-08 19:15:44 +00:00
guido
97ea5a2c79 Redo tcpmux stuff. tcpmux handling is now performed after inetd
forks. Furthermore, invalid input for tcpmux does not lead to
an exiting inetd.
This patch is recommended for people running tcpmux (which is NOT
enabled by default)
1998-05-07 18:32:00 +00:00
wollman
7ae5c76a1a Document the requirement for TCPMUX to also be enabled as an internal
service if any external TCPMUX servers are desired.

PR: 826
1998-04-13 15:05:14 +00:00
pst
4a2b594fb5 Make maxchild and max child-per-minute default values configurable from
the command line or Makefile.
1998-02-24 21:55:14 +00:00
dima
184b67423a Add possibility to specify maximum number of connections per minute
for a given IP address.
This should be very effective against DoS attacks.
1997-10-29 21:49:04 +00:00
ache
4ced996c66 Implement group part now, final syntax is:
user[:group][/login-class]
1997-10-28 13:46:52 +00:00
ache
e5187c0ea1 Implement login classes sepcification as user[/loginclass]
By default inetd run things with the same limits as from /etc/rc
(daemon class) to not break anything as in good old days.
1997-10-27 22:03:47 +00:00
charnier
7d1a811eb8 Use err(3). 1997-09-19 06:27:30 +00:00
imp
627ccc8bc8 Remove and odd sleep found by David Holland and posted to -security.
Reviewed by:	Theo de Raadt (who put it into OpenBSD)
Submitted by:	David Holland <dholland@eecs.harvard.edu>
1997-08-29 18:00:11 +00:00
davidn
5f5e8a9170 login_getclass() -> login_getpwclass(). 1997-05-10 19:02:03 +00:00
wollman
fcce031411 Condition SO_PRIVSTATE twiddling on the definedness of SO_PRIVSTATE.
(This was done as a #ifdef to keep source compatibility between 2.2 and 3.0.)
1997-04-28 13:55:07 +00:00
imp
15c4d207bc compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.
1997-03-31 05:11:47 +00:00
peter
32d6b795de Revert $FreeBSD$ to $Id$ 1997-02-22 16:15:28 +00:00
julian
a534d78518 The "-a" option for inetd specifies a specific IP address for the
server to bind to. This works until you send it a SIGHUP with a
new service defined ... the new service is bound to INADDR_ANY.

This patch fixes this bug (in both RELENG_2_2 and -current).

This is a 2.2 candidate..(i.e. pure bug fix)

Submitted by:	Archie Cobbs (archie@whistle.com)
1997-02-05 19:50:04 +00:00
wosch
00e37028d0 Sort cross references. 1997-01-20 00:03:00 +00:00
jkh
9c0cd3f9df Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
peter
b3c39c8b7a Implement minimal login class support (ie: does a setusercontext()).
Enabled by defining LOGIN_CAP in Makefile, on by default.
1997-01-13 02:52:30 +00:00
julian
d774c7b5f0 Reviewed by: Bill fenner
Submitted by:	Archie Cobbs (Archie@whistle.com)

Changes to allow inted to control the number of servers to
start on each service. This is a defence against a denial of service attack
in which the system is made unusable by
an external party. It also allows the behaviour of
small memory systems to be more accuratly predicted, by
bounding the extent to which processes can multiply.
1996-11-10 21:12:44 +00:00
julian
54ce0718d8 Reviewed by: Bill fenner
Submitted by:	 Archie Cobbs (archie@whistle.com)

changes to make inetd compile cleaner under -Wall
1996-11-10 21:07:27 +00:00
alex
c934956851 Fix incorrect length argument to memset() function. Closes PR#1937.
Submitted by:	Archie Cobbs <archie@whistle.com>
1996-11-01 01:42:08 +00:00
joerg
ca5a57741d Do not modify a malloc()ed pointer; instead, use memmove().
Detected by: phkmalloc - AJ :)
1996-10-28 23:02:38 +00:00
julian
29bd9ba0e6 Reviewed by: various
Submitted by:	archie@whistle.com

changes to allow inetd to bind to a single interface
for more complicated options see xinetd in ports.

Obtained from: whistle.com
1996-08-09 22:20:24 +00:00
dg
eb79ad5389 Increased listen() queue-depth limit to 64. 1996-07-17 15:00:28 +00:00
gpalmer
72aafa3661 Add $Id$ 1996-05-07 03:16:43 +00:00
wollman
aa67e718ba Call setsockopt(SO_PRIVSTATE) to renounce SS_PRIV on all the sockets
we create.  (Nothing being called from inetd should use it anyway,
but you can never be too careful.)

Translate the man page back into -mdoc.
1996-02-07 17:15:01 +00:00
mpp
029ea9012d Fix a bunch of spelling errors in a bunch of man pages. 1996-01-30 13:52:50 +00:00
peter
0471c4a45c Make inetd use setproctitle from libutil instead of it's own version.
The old code can probably still be compiled with #define OLD_SETPROCTITLE
1996-01-01 08:42:23 +00:00
peter
9e0f58ca76 Workaround for the setlogin()-in-same-session-as-inetd bug.
This causes:
1: inetd to clear it's getlogin() name at startup (in case the sysadmin
	logged in and su'ed to root and restarted inetd)
2: inetd to start each spawned process in it's own session.
3: inetd to call setlogin() on non-root processes (eg: uucp for uucico)
4: log failures more extensively

This means that root spawned processes from inetd remain responsible for
setting their login name if they change their uid. (eg: rshd, login, etc).

If they do not do so, it is safer for them to have no "login name" than a
wrong one (like "root") because the getlogin() system call is documented
as "secure" on 4.4BSD.  inetd when started from /etc/rc would have no login
name anyway, so this isn't really a change - it's making it consistant with
the bootup state...

The setsid() change *may* cause something to break that is doing a setsid()
itself and checking the result - it will fail now because it's already been
done.  The consensis seems to be that this is unlikely. David G. thinks
this is acceptable as it is cleaner from an architectural point of view.
1995-11-03 09:30:13 +00:00
adam
a0dd4a8e38 Implement simple quoting for command args.
Previously "abc xyz" became 2 args split at the space.
1995-10-30 14:03:00 +00:00
wollman
48d6205e5f Record PID in /var/run/inetd.pid and document same. 1995-10-12 16:43:27 +00:00
dg
d6d94a0b2a Correct the "default rate" - it's 256/minute not 1000/minute. 1995-10-09 23:34:07 +00:00
rgrimes
8f6e1a9b69 Merge RELENG_2_0_5 into HEAD 1995-06-11 19:33:05 +00:00
rgrimes
5a145b5eb1 Remove trailing whitespace. 1995-05-30 03:57:47 +00:00
wollman
f0a2efac04 Disable UDP service looping attack. 1994-12-21 19:08:45 +00:00
csgr
2f775c45b0 - increase TOOMANY, in line with 1.x
- add logging option from 1.x
1994-09-11 11:16:32 +00:00
csgr
0ab6086b38 Bring in handling of RPC services from 1.x
(Guess who forgot to replace his inetd until today ;-)
1994-09-11 10:48:02 +00:00
wollman
f19a26b912 Get rid of update. Make man page installation work with our scheme
(and rename a few in the process).
1994-08-05 16:31:05 +00:00
rgrimes
862fdf11a2 BSD 4.4 Lite usr.sbin Sources 1994-05-26 05:23:31 +00:00