more manageable and convenient referencing by login.conf (login
class database) and (e.g.) login.access.
This is the first of a group of commits which implements the login
class capabilities database.
(There may be a behavior difference between the 2.1 and 2.2/3.0 kernels
in this area, it seemed to work for me but I have a horribly hacked
select() that might have a bug in the handling of this)
Submitted by: wpaul
get installed.
The `install' target should only be overridden when the default one would
do something wrong and you're too lazy to fix the default one.
Restore the clamp on the return value from rpc_dtablesize().. Some programs
(eg: ypserv) use this as an indication of how large svc_fdset is in their
hand-rolled svc_run() loops. The svc_fdset table is maintained by the
rpc library explicitly for compatability with such programs. (It uses
a different variable-sized bitmap itself internally)
- prototypes now in include files
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
Note: potential bug here, It looks like there could be a null pointer
dereference depending on what has already been called to initialise some
shared data.
- kill non-FD_SETSIZE code
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
Note, there was a nasty bug with our old code here. It would trash the
stack if a fd > 31 was passed in. It was using a "long" as though it
was an "fd_set", ie: it was assuming that a long was 256 bits wide. :-(
This has been lurking here for a while, since the FD_SETSIZE #ifdef's
were first implemented.
- fix timeout code
- better sequence number generation (for long running daemons)
- dont close an unopen socket
- use standard functions
- 64 bit type safe for wire protocols
- unlimited file descriptors
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- ensure we're not spoofed/confused while trying to talk to the portmapper
- handle new get_myaddress failure cases
- prototype now in include file
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- fix timeout code
- better "random" initial transaction id for long running daemons
- unlimited number of file descriptors to select().
- 64 bit type safe wire protocol
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- typo (spelling police :-)
- dont die on select() that returns time remaining (on my systems)
- improve initial "random" sequence number, to make it harder to guess
in long running daemons.
- fix timeout code.
- unlimited number of fd's in select.
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- Protect against select() that returns time remaining (on my systems).
- don't exit. It's bad form for libc to exit() or abort() instead of
returning an error.
- only use loopback addresses after checking the real interfaces.
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- canonical function declaration
- use constants from includes, not magic numbers
- use standard functions
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- 64 bit long type safe (wire protocols specified in explicit sized types)
- Support systems that don't do unaligned accesses
- Support for explicit int16 and int32 sizes in xdr
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
RELENG_2_2!
This is part#2 of the previous commit to src/lib/libc/net to contain the
potential damage.
This provides stubs so that binaries linked in 2.2 will run on 3.0
needed, as he discovered when he tried to run vi. :-]
These files used to be stubs which used #ifdef PIC to decide whether to
use the real dlopen() version or the stub version from the src/contrib/tcl
sources. Now, with the our stubs gone, the .PATH directive causes them to
be compiled directly from src/contrib/tcl/{unix,generic}. You might need
to rebuild your depend rules though as they may have stale paths.
Also, this is a generated file. This should not have been edited here.
also add the missing declaration of forkpty() to libutil.h.
Btw., the calling interface for login(3) is crude. Some better
abstraction is needed, perhaps similar to logwtmp(3).
2.2 candidate, but i'll wait for the spelling police first. :)
- the .gz files are no longer used as intermediate files, it's in a pipe
now. (gunzip normally deleted them anyway, but this should not hurt)
- I accidently left a -p arg to install from testing. Bruce says it should
be ${COPY} instead, but almost everything else in the tree uses plain -c
anyway.
- Use "LINKS=" or two identical files are installed sepeately instead of
as links (doh!)
- Use "LIB..." instead of "BIN..." for install permissions. Note that we
still use bsd.prog.mk, not bsd.lib.mk because bsd.lib.mk has problems
(it can't install a library unless it compiles it).
- Define LIBCOMPATDIR in Makefile.inc instead of using BINDIR.
Mostly submitted by: bde
just return errors. This removes the need for awful hacks like that in
our build of libtcl which would get link errors when linked static.
John Polstra once mentioned that this was on his "todo" list.
Note that one can use:
cc -Wl,-Bstatic -o foo foo.o
and get an executable that has it's libraries statically linked, but has
a fully functional runtime linker so the executable can call dlopen() and
have it work. (I've tested this)
- getpwent:
o adjunctbuf should be NUL terminated after copying
o _pw_breakout_yp() needs to know the length of the buffer returned
from YP so it can properly NUL terminate its local buffer.
- getgrent:
o YP buffers should be YPMAXRECORD + 2 bytes long and NUL terminated.
(Previously they were hardcoded to 1024 bytes.)
- getnetgrent:
o YP data should be copied with snprintf(), not sprintf()
These are 2.2 candidates. I will wait a few days to make sure these don't
break anything and then, if there are no objections, move them to the 2.2
branch.
- getservent:
o put _yp_check() proto under #ifdef YP where it belongs
o local YP buffers should be YPMAXRECORD + 2 bytes long and should
be NUL terminated after copying
- gethostbynis:
o local YP buffer should be YPMAXRECORD + 2 bytes long
- getnetbynis:
o local YP buffer should be YPMAXRECORD + 2 bytes long and should
be NUL terminated after copying
- ether_addr:
o local YP buffers should be YPMAXRECORD + 2 bytes long and should
be NUL terminated after copying (in this case it's BUFSIZ + 2 bytes,
but it happens that BUFSIZ == YPMAXRECORD.
- gethostbydns:
o nuke stray 'return(NULL)' in __dns_getanswer() (harmless but looks silly)
These are 2.2 candidates. I will wait a few days to make sure these don't
break anything and then, if there are no objections, move them to the 2.2
branch.
line length limit anymore - now 500 members or 5000 members are
possible. For security group lines longer than 256K will be count as
an error. 256K should be enough for 65536 users.
Support comments (lines that begin with a #) if compiled with
option -DGROUP_IGNORE_COMMENTS.
Fortunately it seems that all system utilities which use getgrent()
functions are dynamically linked executables. So you need only
rebuild libc.so.3.0 if you want this change. Note: if you have
an old X server which depend on libc.so.2.* you should rebuild
libc.so.2.* too.
Not a 2.2 candidate.
lookup results. Without this, doing multiple host/addr lookups in a
single process yeilds strange results (the buffer is static, and
garbage may be left behind from previous lookups).
I just noticed this in 2.2-BETA. Unless somebody threatens to chop my
hands off with an axe, I'm going to move this to the 2.2-RELENG branch
shortly.
of BIND, we need to tweak some things to that gethostanswer() knows
whether or not we're dealing with an IPv4 or IPv6 address. (This'll
teach me to use a 2.1.0 system for NIS development -- but it's so nice
and stable I just can't being myself to upgrade it. :)
- A major 11th hour, last second, untested commit!
Build some infrastructure to clean up the compat lib distributions, and
also allow them to be installed from the source tree rather than having
to to and get the tarballs from freefall or a CD. Some tweaks to
/etc/make.conf are in the pipeline to enable it.
This came about because it became apparent that we'd have to change the
compat21.tgz tarball to fix the NIS problem with 2.1.x binaries. Since
it's tar..gz.uu, doing this would have caused a huge repository change
and we may as well try and fix it once and for all. Now, adding/removing
libraries should have MUCH less repository impact.
Peril sensative sunglasses: on!
Flame proof suit: on!
Concept reviewed by a stream of ascii representing the opinion of: jkh
Changes casually reviewed by: jkh (but not actually tested)
Without it, the last row and last column don't get their background updated.
I think this should be in 2.2.
Submitted by: Paul Koch <koch@thehub.com.au> (again)
Passing observation: The fixes that pst put in on 1996/09/22 then backed out
look like they should be put in again. If sysinstall is depending on bugs,
then it should be fixed.
_yp_dobind() checks to see if a fork() happens (by checking PIDs) and
invalidates all bindings if it finds itself in a newly created child
process. (This avoids sharing RPC client handles and socket descriptors
with the parent, which would be bad.) Unfortunately, it summarily
calls clnt_destroy() on the handles, which may result in the destruction
of a descriptor that isn't really a socket.
This is fixed by replacing the explicit call to clnt_destroy() with a
call to _yp_unbind(), which deals with potentially hosed socket descriptors
an a safe manner.
This is basically a one-liner. Once I confirm that it fixes Christoph's
problem, I'd like permission to put it in the 2.2-RELENG branch.
Vulnerable: all programs that use setlocale(LC_COLLATE),
setlocale(LC_CTYPE), or setlocale(LC_ALL). The only setuid/setgid
binary i've found for this is w(1).
Should go into 2.2.
I've added an installation from optical disk drive facility.
This enables FreeBSD to be installed from an optical disk, which
may be formatted in "super floppy" style or sliced into MSDOS-FS
and UFS partitions.
Note: ncr.c should be reviewed by Stefan Esser <se@freebsd.org>
and cd.c by Joerg Wunsch <joerg@freebsd.org> before bringing this
into 2.2.
Submitted-By: Shunsuke Akiyama <akiyama@kme.mei.co.jp>
in lots of unrelated junk from <net/if.h> and <net/if_ether.h>. These
functions still aren't prototyped anywhere (but should be in
<net/ethernet.h>---got that, Bill?).
and he said:
The 3rd agrument is new; looks like it was part of the upgrade to
a new BIND with some IPv6 support. The third argument here should be
AF_INET. In order for it to be anything else, I'd have to add new
NIS functions to support IPv6 lookups. I don't even know what those
look like yet.
So there ya go, add AF_INET as the 3rd argument to the call.
Submitted-by: wpaul
copy of insure++, too bad the runtime only works for BSD/OS. :-(
Maybe they'll be so impressed by my initial 15 entry bug report for it
that they'll take the FreeBSD version more seriously. :-) :-)
NIS map which is present on SunOS NIS servers with the SunOS C2 security
hack^Woption installed. I'm convinced that the C2 security option restricts
access to the passwd.adjunct.byname map in the same way that I restrict
access to the master.passwd.{byname,buid} maps (checking for reserved ports),
which means that we should be able to handle passwd.adjunct.byname map
correctly.
If _havemaster() doesn't find a master.passwd.byname map, it will now
test for a passwd.adjunct.byname map before defaulting back to the
standard non-shadowed passwd.{byname,byuid} maps. If _pw_breakout_yp()
sees that the adjunct map was found and the password from the standard
maps starts with ##, it will try to grab the correct password field
from the adjunct map. As with the master.passwd maps, this only happens
if the caller is root, so the shadowing feature is preserved; non-root
users just get back ##username as the encrypted password.
Note that all we do is grab the second field from the passwd.adjunct.byname
entry, which is designated to be the real encrypted password. There are
other auditing fields in the entry but they aren't of much use to us.
Also switched back to using yp_order() to probe for the maps (instead
of yp_first()). The original problem with yp_order() was that it barfed
with NIS+ servers in YP compat mode since they don't support the
YPPROC_ORDER procedure. This condition is handled a bit more gracefully
in yplib now: we can detect the error and just punt on the probing.
Since locale reading code not resistent against stack overflowing or
similar intruder attacks, don't allow PATH_LOCALE env variable action
for s-bit programs (non-standard locale path setting)
strdup() it to prevent unsetenv() or setenv() effects. Check its length to
not allow user to overflow internal locale buffer. Move PATH_LOCALE
handling code into one place.
POSIX: make better stub for LC_MONETARY & LC_NUMERIC, now it check
locale directory existance instead of refusing all non-C non-POSIX
locales. POSIX treats empty locale env variable as unset variable
while our old code treats it as "C" locale, fix it. Implement previous locale
restoring, if locale setting fails. Old code assumes success if some
of LC_ALL subset is successed even other fails, POSIX treats it as
failure with previous locale restoring, fix it.
Remove unneccessary length checking in currentlocale()
Garbage in `eacces' caused the wrong errno to be set for non-EACCES errors.
Garbage in `etxtbsy' caused a semi-random retry strategy for ETXTBSY errors.
Found by: NIST-PCTS. gcc -Wall reported the problem, but -Wall is not
enabled for libc.
FTP error return code because
1) They return NULL, it means that ftpErrno can't be used because
it takes file pointer
2) They don't have FILE-type argument as f.e. ftpGet/ftpPut to use
it for ftpErrno instead.
For that functions I add yet one int* type argument to store
FTP error return code. It is impossible to add some global variable
for that reason, because user can have multiply FTP connections
opened at the same time.
So, interface changed, major number bumped.
Userland changes will follows.
Minor bugfixes, the code:
Forget to close file in few places, when failure occurse
Forget to NULL cached host name, multiply free is possible
When malloc fails. don't try to memset NULL pointer, it cause core dump
Replace malloc+memset with calloc, theoretically it can do some
optimization of zeroing process internally
Improve error diagnostic
dealing w/the fixit floppy.
Also added the MNT_RELOAD, MNT_WANTRDWR, MNT_ASYNC, MNT_NOATIME,
MOUNT_UNION flags. Someone might want to check my description of MNT_RELOAD.
2.2-R candidate. Not a 2.1.6-R candidate -- some current flags aren't in
2.1.5-R's version.
for NULL RPC client handles. This should hopefully fix the problems
Satoshi reported on -current.
- Add socket descriptor sanity checks to _yp_unbind().
- Fix yp_order() so that it handles the RPC_PROCUNAVAIL error gracefully.
NIS+ in YP compat mode doesn't support the YPPROC_ORDER procedure.
This is a 2.2 candidate with bells on.
inside libc. Add collate_range_cmp as alias to __collate_range_cmp
for temp. backward compatibility.
collate_range_cmp will be replaced with direct code for each
external program for compatibility with the rest of world
No changes other than "instructions" for what other tools that use this
.. "interesting" .. system should name their shared libraries. This was
broken for some tools (eg: expect-5.21) even for the native tcl build (ie,
it would end up using libexpect521.so, not libexpect521.so.1.0)
1) Rename FNM_ICASE to FNM_CASEFOLD
2) Add FNM_LEADING_DIR
Add proper (unsigned char) casts to tolower().
Use 'char' function argument for proper sign extension
Add progname to warning/error message layout. (joerg)
Remove inline assembler, no speed impact, not need for the obfuscation (bde)
Remove on the fly calculation of parameters, no longer critical.
Make D & U flags valid even if we don't support them.
Don't call imalloc until we're done initializing.
Zap contents on free() if we have "Junk" set. [*]
Various nitpicking.
[*] As a sideeffect of this change, if you are worried about
sensitive data lingering in memory, you can use the 'Junk' option
now to make sure phkmalloc zaps memory when it is returned. add
char * malloc_options = "J";
to your source. Obviously there is a performance impact.
Somehow, I also managed to get quite some other changes in this file at
the same time. All I did was checkout the file and made a single change.
If someone has an explanation how these PURIFFY defines got in...
API and non-API functions and giving _sk_ prefix for all non-API
functions. Old names will be available by _SKEY_INTERNAL define
it allows not change anything in keyinit & key, only -D_SKEY_INTERNAL required.
Staticise some things.
dead kernel debugging. The previous code was a "do nothing".
The most obvious side effect of this is that you can now do things like
this and reasonably expect them to work:
dmesg -M /var/crash/vmcore.3 -N /var/crash/kernel.3
ps -axl -M /var/crash/vmcore.3 -N /var/crash/kernel.3
A good deal of this was lifted from the gdb code to do this, as well as
from NetBSD's libkvm (which has completely different VM macros)
and forwards compatable with version 3. This is needed to enable storing
a run-time library path in the dynamic linking headers. The crt startup
tries version 4 first, and falls back to version 3, so an executable that
is linked on -current will work with the ld.so on 2.1.x and less.
Reviewed by: nate, jdp
Obtained from: NetBSD
- removed references to nonexistent pathconf-related variables.
- document everything in CTL_MACHDEP(more than in sysctl.8) and
80% of the things in CTL_KERN (same as in sysctl.8).
- old static non-profiled libraries were removed in the wrong directory
if ${ORIG_SHLIBDIR} != ${LIBDIR}.
- old profiled libraries weren't removed.
- new shared compat libraries were installed in the wrong directory if
${ORIG_SHLIBDIR} != /usr/lib.
- some lines were too long.
Added some comments about cases that have caused problems. Changed
libfoo to ${LIB} so that libresolv/Makefile and libgnumalloc/Makefile
are almost identical.
complaints and suggestions about this over the last few days that I
cannot remember who has said what anymore. :-(
There is also a comment here about the intent of the process and another
explicit pointer to the etc/etc/rc change to that has been ignored by
quite a few people it seems.
stuff and detection for the "gnumalloc" port which doesn't exist and
nobody has cared enough about for the past 6 months or so to implement.
As has been pointed out to me (quite a few times) in email, the people
that had been bitten by the changes had failed to follow the instructions
about updating /etc/rc.
Bruce also pointed out that after my last commit, it was no longer
removing /usr/lib/libgnumalloc.so.2.0 as it should have been.
Hopefully this (and the comments in the Makefile) should defuse the problem
a bit.
Various neat features added. More documentation in the manpage.
If your machine has very little RAM, I guess that would be < 16M
these days :-(, you may want to try this:
ln -fs 'H<' /etc/malloc.conf
check the manpage.
Major version bumped (by me) since the ftpGet() public interface has
changed (an "int *" becomes and "off_t *")
Submitted by: Jason Thorpe <thorpej@nas.nasa.gov>, PR#1640
as done after a quasi-recursive call to free() had modified what we
thought we knew about the last chunk of pages.
This bug manifested itself when I did a "make obj" from src/usr.sbin/lpr,
then make would coredump in the lpd directory.
for gcc >= 2.5 and no-ops for gcc >= 2.6. Converted to use __dead2
or __pure2 where it wasn't already done, except in math.h where use
of __pure was mostly wrong.
conflict with the other declarations in other files. tputs() is
traditionally declared to return int, not void. curses.h has it as int.
ncurses has int and actually sets the return value. This problem has
been causing the ircII port to not compile.
(I've only minimally tested this, I do not have libtermcap on my systems)
as a PR to GNATs but it evidently went astray somehow since I can't find
it in the database now, nor does an assigned PR# appear on the mail I got.
Sorry about that, Danny!
Submitted-By: Danny R. Johnston <danny@simn.com>
built early enough to always be installed by the `includes' target
in /usr/src/Makefile. This is supposed to be handled by not
installing it if it doesn't exist. However, a stale, uninstallable
copy sometimes exists in the source directory, and the existence
test sometimes found the wrong copy.
"." means the object directory, so it is just confusing to use it
when nothing is included from the object directory unless the object
directory is also the source directory. It is confusing for "."
not to mean the source directory anyway, so used `-I.'s should be
replaced by `-I${.OBJDIR}'.
traditional BSD4.4 behavior (_POSIX_SAVED_IDS are OFF) was described
before.
Add some hooks to easily change this text when
POSIX_SAVED_IDS model will be changed.