Commit Graph

5837 Commits

Author SHA1 Message Date
Chris D. Faulhaber
e146d0bc6a Add more argument checking
Reviewed by:	rwatson
Obtained from:	TrustedBSD Project
2002-02-21 23:13:06 +00:00
Chris D. Faulhaber
c61eb011c4 static'ize and declare functions
Reviewed by:	rwatson
Obtained from:	TrustedBSD Project
2002-02-21 23:12:25 +00:00
Alfred Perlstein
5bcd0580d7 Prefix structure members to protect them against clashes with eg.
c++ keywords.

This keeps us in sync with NetBSD because they actually committed
my delta first.

Ok'd by: lennard
2002-02-20 20:47:21 +00:00
Maxim Sobolev
c80f5647cb Create /var/log/lastlog if it doesn't exist.
Submitted by:	des
2002-02-20 07:47:06 +00:00
Warner Losh
576541a9e6 Fixed divots that I created when I moved prototypes of group_from_gid
and user_from_uid to grp.h and pwd.h.  Update the man pages.

Submitted by: David Malone
Pointy hat to: imp
2002-02-19 00:05:59 +00:00
Mike Barcroft
fd8e4ebc8c o Move NTOHL() and associated macros into <sys/param.h>. These are
deprecated in favor of the POSIX-defined lowercase variants.
o Change all occurrences of NTOHL() and associated marcros in the
  source tree to use the lowercase function variants.
o Add missing license bits to sparc64's <machine/endian.h>.
  Approved by: jake
o Clean up <machine/endian.h> files.
o Remove unused __uint16_swap_uint32() from i386's <machine/endian.h>.
o Remove prototypes for non-existent bswapXX() functions.
o Include <machine/endian.h> in <arpa/inet.h> to define the
  POSIX-required ntohl() family of functions.
o Do similar things to expose the ntohl() family in libstand, <netinet/in.h>,
  and <sys/param.h>.
o Prepend underscores to the ntohl() family to help deal with
  complexities associated with having MD (asm and inline) versions, and
  having to prevent exposure of these functions in other headers that
  happen to make use of endian-specific defines.
o Create weak aliases to the canonical function name to help deal with
  third-party software forgetting to include an appropriate header.
o Remove some now unneeded pollution from <sys/types.h>.
o Add missing <arpa/inet.h> includes in userland.

Tested on:	alpha, i386
Reviewed by:	bde, jake, tmm
2002-02-18 20:35:27 +00:00
Gregory Neil Shapiro
095dae9d7a Update build infrastructure for sendmail 8.12. 2002-02-17 22:05:07 +00:00
Gregory Neil Shapiro
850dab1773 Add two new libraries which are part of sendmail 8.12. libsm is used only
for building sendmail and the associated utilities.  libmilter is a new
mail filtering API for sendmail.
2002-02-17 22:01:40 +00:00
Chris D. Faulhaber
e76872c11e o style and consistency fixes:
- if (!var) -> if (var == NULL)
  - return val; -> return (val);
o update copyright
2002-02-17 20:05:20 +00:00
Chris D. Faulhaber
efec00ac60 Error handling fixes for inflate. 2002-02-17 17:35:18 +00:00
Daniel Eischen
9e9c4443f6 Don't rely on <sys/signal.h> to include <sys/ucontext.h> 2002-02-17 17:21:27 +00:00
Ian Dowse
6112fceebd Fix two file descriptor leaks in the internal function local_rpcb()
that is used by a number of rpcbind-related library functions. Also
fix a rpc client leak in rpcb_set().

Submitted by:	mbr
Obtained from:	NetBSD
2002-02-16 17:05:49 +00:00
Garrett Wollman
5874617263 Document that the type of st_flags is now fflags_t. 2002-02-15 22:37:15 +00:00
Bruce Evans
bdc5bab2eb Don't leave stack garbage in the reserved fields of the header. 2002-02-15 02:37:08 +00:00
Bruce Evans
2c316efdf3 Fixed style bugs in rev.1.5:
- missing whitespace
- strange version of warn() built out of warnx() + strerror().  Just use
  warn().
- conversion of just one of the two perror()'s to warn*()

Actually use _warn() instead of _warn(), to keep up with namespace-
unpollution for warn().
2002-02-15 02:28:50 +00:00
Maxim Konovalov
b85282ba08 Prevent dup2(2) from closing internal libc_r pipe descriptors.
PR:		misc/28947
Reviewed by:	jasone, ru
Approved by:	jasone, ru
MFC after:	1 week
2002-02-14 15:26:59 +00:00
Maxim Konovalov
0878d2e5e9 Correct a typo pthread_attr_setscope() function fails unconditionally
due to.

PR:		misc/30699
Reviewed by:	jasone, ru
Approved by:	jasone, ru
MFC after:	1 week
2002-02-14 15:20:36 +00:00
Warner Losh
63195486ba Use new-style function declations. 2002-02-13 09:30:47 +00:00
Julian Elischer
65e4542fca I THINK this fixes 'make world'
I'll know as soon as I re-import it and compile it.. :-)
 There is no longer a 'pri' strict in the proc struct.
 the fields are scattered between the ksegrp and thread in question.
2002-02-13 00:10:04 +00:00
Dima Dorfman
c96bb7c5f2 Don't make it seem like vm.max_proc_mmap only affects MAP_FIXED.
PR:		34005
Submitted by:	Steven Grady <grady@digitaldeck..com>,
		Hiten Pandya <hitmaster2k@yahoo.com>
2002-02-10 21:07:56 +00:00
Robert Watson
c0858e0a77 Part III: Update extended attribute system call interface documentation.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-02-10 04:46:28 +00:00
Daniel Eischen
69c287d288 This has been sitting in my local tree long enough. Remove the use
of an alternate signal stack for handling signals.  Let the kernel
send signals on the stack of the current thread and teach the threads
signal handler how to deliver signals to the current thread if it
needs to.  Also, always store a threads context as a jmp_buf.  Eventually
this will change to be a ucontext_t or mcontext_t.

Other small nits.  Use struct pthread * instead of pthread_t in internal
library routines.  The threads code wants struct pthread *, and pthread_t
doesn't necessarily have to be the same.

Reviewed by:	jasone
2002-02-09 19:58:41 +00:00
Daniel Eischen
b68bb42b5c Silence a warning by initializing the return value. This wasn't
set in the case of a short write, and I think returning 0 for this
is what was intended.
2002-02-09 19:48:55 +00:00
Dag-Erling Smørgrav
7f28386a26 This file needs <syslog.h>.
Sponsored by:	DARPA, NAI Labs
2002-02-09 14:12:09 +00:00
Ruslan Ermilov
e47a40e7f7 Now that cross-tools ld(1) has been fixed to look for dynamic
dependencies in the correct place, record the fact that -lssh
depends on -lcrypto and -lz.

Removed false dependencies on -lz (except ssh(1) and sshd(8)).
Removed false dependencies on -lcrypto and -lutil for scp(1).

Reviewed by:	markm
2002-02-08 13:42:58 +00:00
Ruslan Ermilov
2ef702f52a FreeBSD 4.1 bootstrapping aid (__FBSDID is not there). 2002-02-08 09:34:17 +00:00
Julian Elischer
3daf63fc50 pre-emptively fix a KSE/M3 problem.
Make a slight change so that libkvm reaches the main thread via the
linked list, rather than assuming it is in the proc structure. Both
conditions are true in -current but only the first will be true in
the KSE M3 world.
2002-02-07 20:28:25 +00:00
Alfred Perlstein
866e3c9008 Move the AF_LOCAL check to the AF_INET check since portmap protocol
v. 2 only needs this. That also makes it shorter and simpler.

Submitted by: mbr
2002-02-06 19:14:02 +00:00
Mark Murray
30577d19fa Remove NO_WERROR, now that WARNS=n is gone. 2002-02-06 18:46:48 +00:00
Mark Murray
427e2d5c02 Comment out the WARNS= so as to not trample all over the GCC3 work. 2002-02-06 18:14:59 +00:00
Alfred Perlstein
d4210d7dba remove -M from RPCCOM, it slipped in with the tirpc upgrade.
Submitted by: mbr
2002-02-06 16:13:04 +00:00
Dag-Erling Smørgrav
dc584ddbc5 ANSIfy and remove some dead code.
Sponsored by:	DARPA, NAI Labs
2002-02-06 15:26:07 +00:00
Dag-Erling Smørgrav
ed4d1c46a2 Apply the following mechanical transformations in preparation for
ansification and constification:

    s{\s+__P\((\(.*?\))\)}{$1}g;
    s{\(\s+}{\(}g;
    s{\s+\)}{\)}g;
    s{\s+,}{,}g;
    s{(\s+)(for|if|switch|while)\(}{$1$2 \(}g;
    s{return ([^\(].*?);}{return ($1);}g;
    s{([\w\)])([!=+/\*-]?=)([\w\(+-])}{$1 $2 $3}g;
    s{\s+$}{\n};g

Also add $FreeBSD$ where needed.

MFC after:	1 week
2002-02-06 13:30:31 +00:00
Alfred Perlstein
1c71deff79 balance parens.
Submitted by: mbr
2002-02-05 23:56:29 +00:00
Alfred Perlstein
2abd9cf115 For RPC v2 we need to fill in ret->xp_raddr too. INET_6
is not supported in portmap, so we don't have to care about it.

Submitted by: mbr
2002-02-05 23:46:37 +00:00
Alfred Perlstein
8d6301358e Fix cc -Wall, fix rcsid warnings, add missing prototypes,
change prototypes to be the same as in the original sun tirpc code.
Remove ()P macro in a file where the mayority had ()P already removed.
Add them if the mayority use ()P macros.

Submitted by: mbr
Requested by: bde
2002-02-05 23:43:43 +00:00
Alfred Perlstein
e4db1131b8 Do not call addrinfo on local transport adresses, if returning a
server handle (for reuse or whatever). We just return now a handle
connected to the local rpcbind.

Do not try to call checkcache, if host = NULL;

Submitted by: mbr
2002-02-05 23:12:51 +00:00
Dag-Erling Smørgrav
5a51c23be3 Switch to a self-starting allocation scheme. 2002-02-05 22:15:16 +00:00
Dag-Erling Smørgrav
e19e6098b3 Reindent, and add parentheses to return statements. Some functions in
ftp.c and http.c now have exceedingly long lines due to deep nesting;
this will be corrected by reorganizing the code in a later revision.
2002-02-05 22:13:51 +00:00
Dag-Erling Smørgrav
551858f0b0 Eliminate a redundant loop. 2002-02-05 21:32:16 +00:00
Alfred Perlstein
49de9dcd8b style: return(x) -> return (x)
Submitted by: mbr
2002-02-05 19:31:16 +00:00
Alfred Perlstein
08760d5a57 Fix the credential handling code.
In NetBSD, Solaris, xprt->xp_p2 pointed directly to the credentials,
in FreeBSD xprt->xp_verf.oa_base was a pointer to a struct cmessage,
which is defined as follow:

struct cmessage {
        struct cmsghdr cmsg;
        struct cmsgcred cmcred;
};

The credentials were submitted the right way and xprt->xp_p2 pointed to them.
But cb_verf.oa_flavor was still empty. There was an assignment missing
in svc_recv() in svc_vc.c:

msg->rm_call.cb_verf.oa_flavor = AUTH_UNIX;

Also

+       if (addr.ss_family == AF_LOCAL) {
+               xprt->xp_raddr = *(struct sockaddr_in *)xprt->xp_rtaddr.buf;
+               xprt->xp_addrlen = sizeof (struct sockaddr_in);
+       }

was missing. But the first seems not to be needed:

I guess in rpc.yppasswdd there was a typo:

- transp>xp_verf.oa_flavor != AUTH_UNIX) {
+ rqstp->rq_cred.oa_flavor != AUTH_UNIX) {

This little fix does fix the breakage in rpc.yppasswdd :-)

+       if (msg.msg_controllen == 0 ||
+           (msg.msg_flags & MSG_CTRUNC) != 0)
+               return (-1);

We cannot set the cb_verf.oa_length in svc_recv() of svc_vc.c,
the credentials get overwritten then, and that's bad.

Submitted by: mbr
2002-02-05 19:30:30 +00:00
Alfred Perlstein
8858373f83 The clnt_create(KEYSERVSOCK, CRYPT_PROG, CRYPT_VERS, "unix") hacks
were removed and replaced them with clnt_tp_create, now the af_local
support is fixed.

I also removed the hack how rpcinfo contacted rpcbind, now we can
relay on clnt_tp_create create the client-handle for us.  Only
rpcbind itself needs a hardcoded socket-path.

Submitted by: mbr

Also add $FreeBSD
2002-02-05 19:26:04 +00:00
Dag-Erling Smørgrav
04f71c5352 Three times lucky: <stddef.h>, not <sys/param.h> 2002-02-05 08:01:32 +00:00
Dag-Erling Smørgrav
93cf4c1be3 Oops, the correct header to include for NULL is <sys/param.h>. 2002-02-05 07:53:00 +00:00
Dag-Erling Smørgrav
93deb2ae12 ANSIfy and constify.
Sponsored by:	DARPA, NAI Labs
2002-02-05 06:49:11 +00:00
Dag-Erling Smørgrav
0ae5018b3e #include <sys/types.h> for NULL (hidden by Linux-PAM header pollution)
Sponsored by:	DARPA, NAI Labs
2002-02-05 06:20:27 +00:00
Dag-Erling Smørgrav
8c66575de8 #include cleanup.
Sponsored by:	DARPA, NAI Labs
2002-02-05 06:08:26 +00:00
Jacques Vidrine
50ae594fa2 hex.c is new in libisc with 8.3.1-REL. 2002-02-04 19:18:23 +00:00
Mark Murray
34b28989d1 Explicitly declare (gcc internal) functions.
Submitted by:	ru
2002-02-04 17:59:25 +00:00
Dag-Erling Smørgrav
12b6e9a089 ssh_get_authentication_connection() gets its parameters from environment
variables, so temporarily switch to the PAM environment before calling it.

Submitted by:	Takanori Saneto <sanewo@ba2.so-net.ne.jp>
2002-02-04 17:15:44 +00:00
Mark Murray
95641278ef Protect "make buildworld" against -Werror, as this module does not
build cleanly.
2002-02-04 16:09:25 +00:00
Maxim Sobolev
c6de4ce791 Allow ldd(1) be used on shared libraries in addition to executables. 2002-02-04 10:33:48 +00:00
Mark Murray
21e5d74291 Add the other half of the salt-generating code. No functional
difference except that the salt is slightly harder to build
dictionaries against, and the code does not use srandom[dev]().
2002-02-04 00:28:54 +00:00
Mark Murray
63d770d8ea Turn on fascist warning mode. 2002-02-03 15:51:52 +00:00
Mark Murray
ac5699692e WARNS=n fixes (and some stylistic issues). 2002-02-03 15:17:57 +00:00
Dag-Erling Smørgrav
59057a6d6f Remove an unnecessary #include that trips up OpenPAM. The header in question
is an internal Linux-PAM header which shouldn't be used outside Linux-PAM
itself, and has absolutely zero effect on pam_ftp.

Sponsored by:	DARPA, NAI Labs
MFC after:	1 week
2002-02-02 17:51:39 +00:00
Bruce Evans
c973d5e76c Fixed world breakage in previous commit. The generated headers are in
the current directory which is rarely ${.CURDIR}.
2002-02-02 00:20:32 +00:00
Bruce Evans
49efc51214 Fixed tab lossage in vendor id and nearby style bugs in previous commit. 2002-02-01 23:26:32 +00:00
Bruce Evans
eb0a30f4c1 Fixed syntax error in previous commit. It was non-fatal because it was
in conditional code that happens not to be compiled, and because gcc
doesn't complain garbage after #endif by default.

Fixed some style bugs in previous commit, 1.8 and 1.1.
2002-02-01 23:16:39 +00:00
Dag-Erling Smørgrav
ab50ade43c Post-repocopy cleanup.
Sponsored by:	DARPA, NAI Labs
2002-02-01 22:25:07 +00:00
Maxim Sobolev
de78df64c7 Complete bzip2-1.0.2 import.
MFC in:		14 days
2002-02-01 16:33:40 +00:00
Dag-Erling Smørgrav
2d0a7148b6 Connect the pam_lastlog(8) and pam_login_access(8) modules to the build.
Sponsored by:	DARPA, NAI Labs
2002-02-01 08:49:53 +00:00
Peter Pentchev
b484faa5e0 Return ENONAME if getaddrinfo() is called with AI_NUMERICHOST
and the hostname given is not numeric.

PR:		34390
Submitted by:	Serge van den Boom <svdb@stack.nl>
Approved by:	silence from -net
MFC after:	1 month
2002-02-01 08:35:16 +00:00
David E. O'Brien
60e104f3f5 Fixed slipage in editor. 2002-02-01 07:26:00 +00:00
David E. O'Brien
26a2df7351 Cut-n-paste in `list' mode considered harmful. 2002-02-01 07:25:07 +00:00
David E. O'Brien
a99d101352 * Remove __P and convert to ANSI prototypes.
* Remove 'register'.  (some functions had 7+ register functions...)
* Fix SCM ID's.
2002-02-01 01:39:09 +00:00
David E. O'Brien
b231cb3945 * Remove __P and convert to ANSI prototypes.
* Remove 'register'.  (some functions had 7+ register functions...)
* Fix SCM ID's.
2002-02-01 01:32:19 +00:00
David E. O'Brien
22626efa0f * Remove 'register'. (some functions had 7+ register functions...)
* Fix SCM ID's.
2002-02-01 01:08:48 +00:00
David E. O'Brien
ea8d448a92 Fix SCM ID's. 2002-02-01 00:57:29 +00:00
David E. O'Brien
ec4c2e3605 Fix minor style nit. 2002-01-31 17:26:37 +00:00
Chris D. Faulhaber
ea018aa260 Revert last commit. stdio.h include is for perror(), not strerror() 2002-01-31 13:32:14 +00:00
Chris D. Faulhaber
066f7169c1 strerror(3) is in string.h, not stdio.h
MFC after:	1 week
2002-01-31 13:20:48 +00:00
Bruce Evans
56bcbf00e2 Fixed world breakage due to missing include of <sys/cdefs.h> in previous
commit.

Fixed related style bugs:
basename.c: misplaced '#if 0'
dirname.c: misplaced '#if 0'
getgrent.c: missing '#if 0', and tab lossage in vendor id (the previous
            commit fixed the complete corruption of the vendor id but
	    lost a tab)
getpwent.c: missing '#if 0'
2002-01-31 12:58:36 +00:00
David E. O'Brien
135b57f906 Fix FreeBSD IDs. 2002-01-30 21:36:57 +00:00
Dag-Erling Smørgrav
c60ed00a43 Still with asbestos longjohns on, completely PAMify login(1) and remove
code made redundant by various PAM modules (primarily pam_unix(8)).

Sponsored by:	DARPA, NAI Labs
2002-01-30 19:10:21 +00:00
Dag-Erling Smørgrav
e9cc7b1d92 With asbestos longjohns on, integrate most of the checks normally done by
login(1) (password & account expiry, hosts.access etc.) into pam_unix(8).

Sponsored by:	DARPA, NAI Labs
2002-01-30 19:09:11 +00:00
Dag-Erling Smørgrav
a2d20838b0 Move the code from pam_sm_authenticate() to pam_sm_acct_mgmt(). Simplify
it a little and try to make it more resilient to various possible failure
conditions.  Change the man page accordingly, and take advantage of this
opportunity to simplify its language.

Sponsored by:	DARPA, NAI Labs
2002-01-30 19:03:16 +00:00
Chris D. Faulhaber
60fba73589 Correct function's description.
Obtained from:	TrustedBSD Project
2002-01-29 12:18:45 +00:00
David E. O'Brien
2040953a71 GC code that moved to crtbrand.c. 2002-01-28 19:02:34 +00:00
Andrey A. Chernov
831e8f614c Do not try to convert to char already converted C monetary locale members.
Do this conversion on locale load stage instead.
2002-01-28 08:26:38 +00:00
Chris D. Faulhaber
d5af31a255 o return EINVAL if acl_to_text() have been sent a NULL acl. o update copyright dates.
Reviewed by:	rwatson
2002-01-26 19:32:50 +00:00
David Malone
ab09ef008f Use ctime_r to build the timestamp for syslog, so that we don't
clobber a ctime buffer which is passed in.

PR:		34022
Submitted by:	Hartmut Brandt <brandt@fokus.gmd.de>
MFC after:	2 weeks
2002-01-25 21:49:34 +00:00
David E. O'Brien
0f14df92a1 Add libfetch.so.2 from a 17-Dec-2001 4.5-RC (releng4) build. 2002-01-24 18:59:29 +00:00
Mark Murray
c2065008b5 WARNS=4 fixes. Protect with NO_WERROR for the modules that have
warnings that are hard to fix or that I've been asked to leave alone.
2002-01-24 18:37:17 +00:00
Dag-Erling Smørgrav
f748a713da PAM modules shouldn't call putenv(); pam_putenv() is sufficient. The
caller is supposed to check the PAM envlist and export the variables it
contains; if it doesn't, it's broken.

Sponsored by:	DARPA, NAI Labs
2002-01-24 17:26:27 +00:00
Dag-Erling Smørgrav
9201dc40bf Change the order in which pam_sm_open_session() updates the logs. This
doesn't really make any difference, except it matches wtmp(5) better.

Don't do anything in pam_sm_close_session(); init(8) will take care of
utmp and wtmp when the tty is released.  Clearing them here would make it
possible to create a ghost session by logging in, running 'login -f $USER'
and exiting the subshell.

Sponsored by:	DARPA, NAI Labs (but the bugs are all mine)
2002-01-24 17:15:04 +00:00
Dag-Erling Smørgrav
ca355e5451 Correctly interpret PAM_RHOST being unset as an indicator of a local
login.

Sponsored by:	DARPA, NAI Labs
2002-01-24 16:18:43 +00:00
Dag-Erling Smørgrav
d233082fbe Correctly interpret PAM_RHOST being unset as an indicator of a local
login.
2002-01-24 16:16:01 +00:00
Dag-Erling Smørgrav
e4536f1138 Style nits.
Sponsored by:	DARPA, NAI Labs
2002-01-24 16:14:56 +00:00
Alexey Zelkin
a2fb0481d7 get __time_load_locale() prototype from include file, rather than declare
own
2002-01-24 15:38:59 +00:00
Alexey Zelkin
bcbeac34ae * style(9)'fy
* declare prototype for __time_load_locale() in timelocal.h
2002-01-24 15:07:44 +00:00
David E. O'Brien
e95d27b9ae Fix problem where with PicoBSD the shell coredumps if it does not find an
entry for its terminal type in /etc/termcap.

Submitted by:	bde
2002-01-24 13:54:19 +00:00
Dag-Erling Smørgrav
f433d6afed Document the even_root option.
Sponsored by:	DARPA, NAI Labs
2002-01-24 13:35:06 +00:00
Dag-Erling Smørgrav
76f95f4dc2 Don't let root through unless the "even_root" option was specified.
Sponsored by:	DARPA, NAI Labs
2002-01-24 12:47:42 +00:00
David Malone
98d1592458 Change brk's prototype from char *brk(const char *) to int brk(const void *)
and sbrk's prototype from char *sbrk(int) to void *sbrk(intptr_t).

This makes us more consistant with NetBSD and standards which include
these functions. Bruce pointed out that ptrdiff_t would probably
have been better than intptr_t, but this doesn't match other
implimentations.

Also remove local declarations of sbrk and unnecessary casting.

PR:		32296
Tested by:	Harti Brandt <brandt@fokus.gmd.de>
MFC after:	1 month
2002-01-24 12:11:31 +00:00
Dag-Erling Smørgrav
16e058b5d6 Add a PAM module that records sessions in utmp/wtmp/lastlog.
Sponsored by:	DARPA, NAI Labs
2002-01-24 09:45:17 +00:00
Dag-Erling Smørgrav
c2d5249eaf Fix some pastos. Rather shoddy of me...
Sponsored by:	DARPA, NAI Labs
2002-01-24 09:44:22 +00:00
David E. O'Brien
fb609a2178 Add libfetch.so.2 from a 10-Dec-2001 releng4 build. 2002-01-24 00:54:44 +00:00
Dag-Erling Smørgrav
53f3167d07 Add a PAM module that provides an account management component for checking
either PAM_RHOST or PAM_TTY against /etc/login.access.o

This uncovers a problem with PAM_RHOST, in that if we always set it, there
is no way to distinguish between a user logging in locally and a user
logging in using 'ssh localhost'.  This will be fixed by first making sure
that all PAM modules can handle PAM_RHOST being unset (which is currently
not the case), and then modifying su(1) and login(1) to not set it for
local logins.

Sponsored by:	DARPA, NAI Labs
2002-01-23 17:42:16 +00:00
Dag-Erling Smørgrav
774a10071d Add an AUTHORS section crediting ThinkSec, DARPA and NAI Labs.
Sponsored by:	DARPA, NAI Labs
2002-01-23 17:16:00 +00:00
Ruslan Ermilov
0509dca0c3 Add pam_ssh support to the static PAM library, libpam.a:
- Spam /usr/lib some more by making libssh a standard library.
- Tweak ${LIBPAM} and ${MINUSLPAM}.
- Garbage collect unused libssh_pic.a.
- Add fake -lz dependency to secure/ makefiles needed for
  dynamic linkage with -lssh.

Reviewed by:	des, markm
Approved by:	markm
2002-01-23 15:54:17 +00:00
Dag-Erling Smørgrav
b6b756b58b Base the comparison on UIDs, not on user names.
Sponsored by:	DARPA, NAI Labs
2002-01-23 15:16:01 +00:00
Ruslan Ermilov
fd4ca9e02d Make libssh.so useable (undefined reference to IPv4or6).
Reviewed by:	des, markm
Approved by:	markm
2002-01-23 15:06:47 +00:00
Ruslan Ermilov
0e65089b79 The sixth argument to the NET_RT_IFLIST sysctl is actually 0 for
all interfaces, and ifnet.if_index value for a single interface.
2002-01-23 12:48:08 +00:00
David Greenman
2e4bf827e5 Undo the work-around for the sendfile bug where nbytes needed the hdr/trl
size added to it in order for it to work properly when nbytes != 0.

Reviewed by:	alfred
MFC after:	3 days
2002-01-22 23:35:09 +00:00
Andrey A. Chernov
ff7448f849 Restore C99 standard conformance information, isblank() _is_ in final
standard document

Pointed by: "Jacques A. Vidrine" <n@nectar.cc>
2002-01-22 20:14:35 +00:00
Mark Murray
5567b258eb Use the proper type (gid_t) for (group)->gr_gid to be orthogonal
with uid_t usage and (user)->pw_uid.

PR:		3242
2002-01-22 17:32:53 +00:00
Ruslan Ermilov
0dc5e09ec6 Fix the description of the O_NONBLOCK flag to match reality.
Prodded by:	Maxim Konovalov <maxim@macomnet.ru>
Obtained from:	BSD/OS
2002-01-22 14:18:55 +00:00
Ruslan Ermilov
0c7f152b7b Fix a typo I made in revision 1.5.
Submitted by:	trevor
2002-01-22 12:38:43 +00:00
Ruslan Ermilov
fe42e96eff Finish cleanup in kvm.c revisions 1.10 and 1.11 -- mark sf (swapfile)
argument to kvm_open() and kvm_openfiles() as unused.

BSD didn't read swap since kvm.c CSRG revision 5.21 (u-area is pageable
under new VM.  no need to read from swap.)

The old !NEWVM code was removed in CSRG revision 5.23 (~ten years ago).
2002-01-22 10:07:03 +00:00
Dag-Erling Smørgrav
1e22a4f048 Link pam_opieaccess, pam_self and pam_ssh into the static library.
Sponsored by:	DARPA, NAI Labs
2002-01-21 20:43:01 +00:00
Dag-Erling Smørgrav
b0aa095ad0 On second thought, getpwnam() failure should be treated just as if the user
existed, but had no OPIE key, i.e. PAM_IGNORE.

Pointed out by:	ache
Sponsored by:	DARPA, NAI Labs
2002-01-21 19:05:45 +00:00
Dag-Erling Smørgrav
b4b56d051a Return PAM_SERVICE_ERR rather than PAM_USER_UNKNOWN if getpwnam() fails, as
PAM_USER_UNKNOWN will break the chain, revealing to an attacker that the
user does not exist.

Sponsored by:	DARPA, NAI Labs
2002-01-21 18:53:03 +00:00
Dag-Erling Smørgrav
03adba96a0 Further changes to allow enabling pam_opie(8) by default:
- Ignore the {try,use}_first_pass options by clearing PAM_AUTHTOK before
   challenging the user.  These options are meaningless for pam_opie(8)
   since the user can't possibly know the right response before she sees
   the challenge.

 - Introduce the no_fake_prompts option.  If this option is set, pam_opie(8)
   will fail - rather than present a bogus challenge - if the target user
   does not have an OPIE key.  With this option, users who haven't set up
   OPIE won't have to wonder what that "weird otp-md5 s**t" means :)

Reviewed by:	ache, markm
Sponsored by:	DARPA, NAI Labs
2002-01-21 18:46:25 +00:00
Dag-Erling Smørgrav
f460490260 Add a new module, pam_opieaccess(8), which is responsible for checking
/etc/opieaccess and ~/.opiealways so we can decide what to do after
pam_opie(8) fails.

Sponsored by:	DARPA, NAI Labs
Reviewed by:	ache, markm
2002-01-21 13:43:53 +00:00
Andrey A. Chernov
186caeedcb snprintf bloat -> strlcpy
Add getpwnam return check

Approved by:	des, markm
2002-01-20 20:56:47 +00:00
Dag-Erling Smørgrav
e6f0a33e68 Check the return value from read() when reading the CR/LF at the end of a
chunk.

PR:		bin/33608
MFC after:	2 weeks
2002-01-20 19:53:12 +00:00
Dag-Erling Smørgrav
e0583e0c23 Mark uploads as O_WRONLY, not O_RDONLY.
PR:		misc/34043
MFC after:	2 weeks
2002-01-20 19:52:25 +00:00
Yaroslav Tykhiy
b454be098e Minor typo fix: uquad_t -> u_quad_t. 2002-01-20 16:50:29 +00:00
Matthew Dillon
170ac683f2 I've been meaning to do this for a while. Add an underscore to the
time_to_xxx() and xxx_to_time() functions.  e.g. _time_to_xxx()
instead of time_to_xxx(), to make it more obvious that these are
stopgap functions & placemarkers and not meant to create a defacto
standard.  They will eventually be replaced when a real standard
comes out of committee.
2002-01-19 23:20:02 +00:00
Andrey A. Chernov
0b836dfaf1 Back out recent changes 2002-01-19 18:03:11 +00:00
Andrey A. Chernov
6874115893 If user not exist in OPIE system, return failure immediately instead
of producing fake prompts with random numbers which can be detected by
potential intruder in two tries and totally confuse non-OPIE users.
2002-01-19 10:09:05 +00:00
Andrey A. Chernov
3195cd6712 Back out second right-now-expired password check in pam_sm_chauthtok,
old expired password assumed there
2002-01-19 09:23:36 +00:00
Andrey A. Chernov
012400dfcd Previous commit was incomplete, use new error code PAM_CRED_ERR to
indicate die case, different from PAM_SUCCESS and PAM_AUTH_ERR
2002-01-19 08:36:47 +00:00
Andrey A. Chernov
d97cc81fa4 Rewrite 'pwok' fallback in the way it can be properly chained with pam_unix
Replace snprintf %s with strlcpy

Check for NULL returned from getpwnam()
2002-01-19 07:23:48 +00:00
Andrey A. Chernov
c8e3fac7a1 Add yet one expired-right-now password check, in pam_sm_chauthtok
srandomdev() can't be used in libraries, replace srandomdev()+random()
by arc4random()
2002-01-19 04:58:51 +00:00
Andrey A. Chernov
8c70adab72 Set pwok to 1 for non-OPIE users 2002-01-19 03:31:39 +00:00
Andrey A. Chernov
d54c36388e Add missing check for right-now-expired password 2002-01-19 02:45:24 +00:00
Andrey A. Chernov
3f9a326a7a Implement 'pwok', i.e. conditional fallback to unix password
as supposed by opieaccessfile() and opiealways()
2002-01-19 02:38:43 +00:00
Ruslan Ermilov
89ac4ecce1 mdoc(7) police: tidy up OpenBSD fixes. 2002-01-16 15:21:39 +00:00
Mike Barcroft
4681597d9a Add a few cleanups from rev 1.1:
o Restore vendor ID.
o Order variable types by size.
o Remove a gratuitous temporary variable.

Submitted by:	bde
2002-01-15 17:52:21 +00:00
Mike Barcroft
1936b2c83b o Add prototype for printf(3).
style(9):
o Order variables in declarations.
o Move initialization out of declaration.
o Fix over-indents in previous delta.
2002-01-15 08:50:28 +00:00
Mike Barcroft
f601b5ba4b style(9)
Submitted by:	Joseph Mallett <jmallett@xmach.org>
Reviewed by:	md5(1)
2002-01-15 08:26:58 +00:00
Ruslan Ermilov
491a842962 yp(4) -> yp(8).
PR:		docs/30797
2002-01-14 16:59:03 +00:00
Crist J. Clark
971730fc67 Merge some updates and markup fixes from OpenBSD. This is mainly
motivated by the new "CAVEATS" section.

Inspired by:	alfred noting NetBSD's merging OpenBSD's changes
Obtained from:	OpenBSD
2002-01-14 02:08:02 +00:00
Doug White
2b8877f486 Add xref for timeradd(3).
PR:		13079
2002-01-14 00:38:41 +00:00
Jake Burkholder
f2602cd538 Comment out the retrieval of a termination function from %g1. It is
doubtful this will ever be used by anything and rtld uses %g1.
Comment out references to _init and _fini for now too.
2002-01-13 06:17:19 +00:00
Daniel Eischen
aee4cebfe7 Include <stddef.h> to fix build problem when namespace pollution
by <signal.h> (including <time.h> so that NULL is accidentally defined)
is removed.

Style nits.

Submitted by:	bde
2002-01-11 19:46:08 +00:00
Bruce Evans
b9c35b6942 Fixed unsorting and splitting of SRCS in previous commit. 2002-01-11 17:10:35 +00:00
Bruce Evans
614acf2fad Fixed missing backslash in previous commit. 2002-01-11 16:08:49 +00:00
Bruce Evans
b944866c25 Fixed accumulated unsorting and some other style bugs (long lines). 2002-01-11 15:59:30 +00:00
Bruce Evans
afac94af5c Replaced bogus cross references by the usual one for the ctype family
(ctype(3)).
2002-01-11 15:39:50 +00:00
Bruce Evans
87e0032026 Removed assertion that isblank() conforms to C90 too. This assertion
is correct but less than useful.  There is some uncertainty about whether
isblank() is in C99, but it is certainly not in C90.  It just conforms
to C89 because it is a conforming extension.
2002-01-11 15:21:03 +00:00
Bruce Evans
5fb3acfaaf Fixed unsorting of almost all lists in previous commit.
Removed assertion that isblank() is in C99 here too.
2002-01-11 15:15:17 +00:00
Bruce Evans
758671eb0d Fixed unsorting of MLINKS in previous commit.
Fixed unsorting of SRCS in rev.1.18.
2002-01-11 14:57:11 +00:00
Nik Clayton
6a3003ce51 Remove assertion that isblank() is in C99, pointed out by ache. 2002-01-10 12:22:00 +00:00
Daniel Eischen
b66b8326e5 Add getcontext, setcontext, makecontext, and swapcontext. These
functions are defined in SUSv2 and the latest POSIX spec.

Thanks to Bernd Walter <ticso@cicely8.cicely.de> for helping debug my
alpha assembly.

Approved by:	-arch
2002-01-10 02:40:59 +00:00
Sheldon Hearn
7f6a22a549 Document behaviour with respect to interval timers.
PR:		33156
Submitted by:	Peter Jeremy <peter.jeremy@alcatel.com.au>
2002-01-09 14:44:06 +00:00
Ruslan Ermilov
58c0fdd850 mdoc(7) police: add missing markup bits for ``errno''. 2002-01-09 14:03:54 +00:00
Ruslan Ermilov
ce9df6eefc mdoc(7) police:
Stop abusing the .%J macro for where the .Pa macro should have been used.
2002-01-09 14:01:22 +00:00
Nik Clayton
26dabb6003 From the PR:
1. ctype.h defines digittoint(), isnumber() and ishexnmber(), yet
        they are not documented in any of the manpages.

        2. The ctype manpage references a non-existent manpage for
        digittoint().

        3. The isascii() manpage claims it is standards compliant, when
        it isn't.

        4. isblank() claims it is _not_ standards compliant, when it
        is.

Fix by including the appropriate .Nm entries, and with a new digittoint.3
page.

PR:		docs/26451
Submitted by:	Adrian Filipi-Martin <adrian@ubergeeks.com>
2002-01-09 13:43:31 +00:00
John Baldwin
7b5f59222e Fix some 32/64-bit bugs. IPv4 addresses are 32-bits, not longs. On the
alpha these bugs didn't cause any problems because it was little endian,
but on sparc64, we ended up with garbage for the IP address when we tried
to contact the server.  (Usually 3.253.0.0)

Not objected to by:	wpaul
2002-01-08 18:05:03 +00:00
Chris D. Faulhaber
98a32f6de6 Correct phrase 'get an ACL' to 'set an ACL'.
PR:		33660
Submitted by:	Rich Morin <rdm@cfcl.com>, Tom Rhodes <darklogik@pittgoth.com>
2002-01-07 22:46:14 +00:00
Matthew Dillon
d010343b82 Modify Delete_Chunk() into Delete_Chunk2() which can take a flags
argument.  Leave a compatibility shim for Delete_Chunk().

Implement DELCHUNK_RECOVER flag so sysinstall can ask libdisk
to recover space when deleting a chunk.
2002-01-07 07:47:25 +00:00
Dima Dorfman
bfe4f323ec We are munmap(2), so there's no need to list ourselves in the SEE ALSO
section; instead, list our partner in crime, mmap(2).

PR:		33153
Submitted by:	Faried Nawaz <fn@hungry.org>
2002-01-07 06:12:25 +00:00
Dima Dorfman
cf1b88ff74 Nuke the paragraph that says "One can obtain user connection request
data without confirming the connection by issuing a recvmsg(2) [...]".
There's no such code in the kernel.

PR:		26861
Submitted by:	Richard A Steenbergen <ras@e-gerbil.net>,
		Tom Rhodes <darklogik@pittgoth.com>
2002-01-07 06:10:37 +00:00
Dima Dorfman
b06e8b97a9 Suggest using memmove(3) if src and dst may overlap.
PR:		33298
Submitted by:	Tim J. Robbins <tim@robbins.dropbear.id.au>
2002-01-07 06:03:37 +00:00
Chris Costello
6ba681a185 All information from the "BUGS" section not belonging in "SECURITY
CONSIDERATIONS" moved to "COMPATIBILITY".

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-01-06 21:48:37 +00:00
Chris Costello
e125c135a8 Add new "SECURITY CONSIDERATIONS" sections.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-01-06 21:16:41 +00:00
Kelly Yancey
2adfea6f6c Enable WARNS?=2. 2002-01-06 08:47:19 +00:00
Chris Costello
41f91cb492 Add a new `SECURITY CONSIDERATIONS' section. Sample code similar to
the first revision of strcpy(3)'s section is included, but should be
removed as the Security Architecture document is committed and
completed.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-01-05 20:44:34 +00:00
Chris Costello
80080d642e Include a section cross-reference to EXAMPLES' in SECURITY
CONSIDERATIONS' as a source for relevant sample code.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-01-05 20:36:47 +00:00
Chris Costello
8680aaea87 Remove the example from SECURITY CONSIDERATIONS. This is mostly
duplicated code from EXAMPLES.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-01-05 20:24:38 +00:00
Yaroslav Tykhiy
f381837242 Minor grammar and punctuation fixes
in the SO_ACCEPTFILTER description.
2002-01-04 18:17:07 +00:00
Yaroslav Tykhiy
996d4dc275 State clearly that one should call listen(2) on a socket
at first and try to set an accept_filter(9) on it only after that.
Also document errno value that will be set if installing the
filter on a non-listening socket.
2002-01-04 18:12:38 +00:00
Andrey A. Chernov
50a5189f9e Turn off USER_LOCKING which allows intruder to completely disable OPIE
for some user just by entering user name and doing nothing on password prompt
2002-01-03 16:04:57 +00:00
Chris Costello
17dc85f4d0 Copy the sample `SECURITY CONSIDERATIONS' section from sec-doc.7.
This will be trimmed as the FreeBSD Security Architecture document
is fleshed out and committed.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-01-02 19:56:57 +00:00
Jake Burkholder
fbeabbfad6 Add ifdef sparc64. 2002-01-02 06:54:18 +00:00
Jake Burkholder
29c3ea8424 Connect user trap code to the build. 2002-01-01 21:59:53 +00:00
Jake Burkholder
6ce4e876a7 Add libc side of user trap handling.
Add support for handling floating point disabled traps mostly in userland
for the simple single threaded case.  Not yet enabled by default.
Implement __sparc_utrap_install as specified by the sparc abi.
2002-01-01 21:58:32 +00:00
Dag-Erling Smørgrav
d6811c6851 Remove long-obsolete README. 2002-01-01 16:27:26 +00:00
Dag-Erling Smørgrav
a8e9bd8750 In verbose mode, display the full error message from the server, stripping
it of HTML tags and comments.

PR:		bin/32989
MFC after:	1 week
2002-01-01 16:25:29 +00:00
Dag-Erling Smørgrav
f67efa37d6 Remove VT100 escapes from debugging messages now that they're enabled by
default.

PR:		32988
MFC after:	3 days
2002-01-01 14:48:09 +00:00
Andrey A. Chernov
f7388e0d38 Back out errno preserving 2001-12-30 03:34:46 +00:00
Jake Burkholder
e5a86020b0 Adapt to new kernel tsb structure. 2001-12-29 06:43:36 +00:00
Jake Burkholder
1b46a084f3 Make sure curbrk is well aligned. 2001-12-29 06:40:58 +00:00
Jake Burkholder
c0c4d2cf25 Use jmpbuf offsets, not ucontext_t. 2001-12-29 06:40:35 +00:00
Jake Burkholder
cd4f8a8c2c Add .register directives for gcc3.
Adapt to jmpbuf no longer being a ucontext_t.
Restore the context "by hand" in longjmp and call sigprocmask, instead
of just using sigreturn.
2001-12-29 06:39:53 +00:00
Jake Burkholder
c5a29982d3 __infinity is not const. 2001-12-29 06:38:31 +00:00
Jake Burkholder
c1682cb423 Add jmpbuf offsets. Remove ucontext offsets. 2001-12-29 06:38:06 +00:00
Jake Burkholder
5b3fb165d9 Add .register directives for gcc3.
Adapt to jmpbuf no longer being a ucontext_t.
Call abort if longjmperror returns.
2001-12-29 06:37:33 +00:00
Jake Burkholder
cafb96f2df Include utrap.h for soft trap types. 2001-12-29 06:36:07 +00:00
Jake Burkholder
024675337e We use HIDENAME(minbrk) on sparc64 too. 2001-12-29 06:35:19 +00:00
Bruce Evans
b2035c2b74 Fixed a missing "const". 2001-12-28 20:59:44 +00:00
Jake Burkholder
be5fa99a1e Fix typo (unclosed comment). 2001-12-28 17:55:15 +00:00
Mike Pritchard
432fda11a4 Add xref to jail(2).
PR:		docs/33177
Submitted by:	Tom Rhodes <darklogik@pittgoth.com>
2001-12-28 09:26:45 +00:00
Hajimu UMEMOTO
676e98714d - Make it possible to turn on RES_INSECURE[12] with /etc/resolv.conf.
- Don't connect datagram socket if RES_INSECURE1.
- Needed to implement IPv6 anycast UDP DNS queries as documented in
  <draft-ietf-ipngwg-dns-discovery-03.txt>.

Obtained from:	KAME
2001-12-26 21:21:10 +00:00
Andrey A. Chernov
98b870fa7b Add "except the handling of errors" into "equivalent to" paragraph.
Pointed by:	bde
Inspired by:	POSIX
2001-12-25 08:43:35 +00:00
Andrey A. Chernov
b12990ca58 Preserve errno.
According to C99:
"The  functions  atof,  atoi,  atol, and atoll need not
affect the value of  the  integer  expression  errno  on  an
error.   If  the  value of the result cannot be represented,
the behavior is undefined."
2001-12-25 04:10:50 +00:00
Alexey Zelkin
0388ec7cac Back out recent replacement of LC_MESSAGES file with directory.
Requested by:   ache
2001-12-24 11:49:49 +00:00
Poul-Henning Kamp
257bc17600 Sort the disknames when we get them from the kernel.
Submitted by:	<anarcat@anarcat.dyndns.org>
2001-12-23 21:43:48 +00:00
Chris Costello
d06a764812 o Change the layout of the tagged lists to be like those in acl(3).
o Document the following capabilities: CAP_NET_ADMIN, CAP_SYS_RAWIO,
  CAP_SYS_ADMIN, and CAP_SYS_TTY_CONFIG.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2001-12-23 00:19:48 +00:00
Daniel Eischen
2d170746c7 Use the real function address (instead of function address + 8) for the
return address when modifying a jmp_buf to create a new thread context.
Also set t12 with the return address.

This should fix libc_r on alpha.

With much detective work by: Bernd Walter <ticso@cicely.de>
2001-12-22 06:11:06 +00:00
Daniel Eischen
8572518672 Save and restore t12 in the jmp_buf. t12 is used during function
calls.

This change allows libc_r to create thread contexts with a different
stack and return address.

With much detective work by: Bernd Walter <ticso@cicely.de>
2001-12-22 06:06:17 +00:00
Alexey Zelkin
aca736a60e add missing MLINKS 2001-12-21 18:26:01 +00:00
Peter Wemm
57c3d698c2 The VM_STACK option is long dead. MAP_STACK is available everywhere. 2001-12-21 17:24:10 +00:00
Alexey Zelkin
709eed76bd Slightly re-work locale messages storage scheme. Before this commit
LC_MESSAGES related data was installed to <locale>/LC_MESSAGES file.
Now it go to <locale>/LC_MESSAGES/SYS_LC_MESSAGES file. LC_MESSAGES
directory is supposed to be storage of message catalogs of userland tools.
This should allow us to avoid many potential problems with future
libintl related functionality introduction.

Thanks for useful suggestions about correct way how to replace plain
files with directories at installworld stage to: Ruslan Ermilov <ru>
2001-12-21 13:14:02 +00:00
Alexey Zelkin
f43a321bf0 style(9)'ify 2001-12-20 18:28:52 +00:00
Sheldon Hearn
d7e394992c Supply SMB_CFG_FILE in CFLAGS. The newly imported smbfs-1.4.2
allows us to supply our own value for this, overriding the
default /usr/local/etc/nsmb.conf, which is not appropriate for
base system configuration files.
2001-12-20 16:21:47 +00:00