Commit Graph

103 Commits

Author SHA1 Message Date
Jacques Vidrine
248aee623c Add nsswitch support. By creating an /etc/nsswitch.conf file, you can
configure FreeBSD so that various databases such as passwd and group can be
looked up using flat files, NIS, or Hesiod.

= Hesiod has been added to libc (see hesiod(3)).

= A library routine for parsing nsswitch.conf and invoking callback
  functions as specified has been added to libc (see nsdispatch(3)).

= The following C library functions have been modified to use nsdispatch:
    . getgrent, getgrnam, getgrgid
    . getpwent, getpwnam, getpwuid
    . getusershell
    . getaddrinfo
    . gethostbyname, gethostbyname2, gethostbyaddr
    . getnetbyname, getnetbyaddr
    . getipnodebyname, getipnodebyaddr, getnodebyname, getnodebyaddr

= host.conf has been removed from src/etc.  rc.network has been modified
  to warn that host.conf is no longer used at boot time.  In addition, if
  there is a host.conf but no nsswitch.conf, the latter is created at boot
  time from the former.

Obtained from:	NetBSD
2000-09-06 18:16:48 +00:00
Kris Kennaway
ed9ee320b0 Don't call syslog() without a format string. 2000-07-12 00:50:49 +00:00
Brian Somers
03806e0da0 Further protection against comments in /etc/{passwd,group}
Submitted by:	Andre Albsmeier <andre.albsmeier@mchp.siemens.de>
PR:		14269
2000-06-28 09:31:31 +00:00
Brian Somers
6874ee7305 Handle comments and empty lines when generating YP passwd and group files
PR:		14269
Submitted by:	howard@ee.utah.edu
2000-06-15 15:51:49 +00:00
Jeroen Ruigrok van der Werven
c192455b47 Fix typo.
PR:		18845
Submitted by:	Kevin <kevin@ns1.stcp.net>
2000-06-04 16:15:56 +00:00
Jake Burkholder
e39756439c Back out the previous change to the queue(3) interface.
It was not discussed and should probably not happen.

Requested by:		msmith and others
2000-05-26 02:09:24 +00:00
Jake Burkholder
740a1973a6 Change the way that the queue(3) structures are declared; don't assume that
the type argument to *_HEAD and *_ENTRY is a struct.

Suggested by:	phk
Reviewed by:	phk
Approved by:	mdodd
2000-05-23 20:41:01 +00:00
Jeroen Ruigrok van der Werven
e9a4553da8 Remove a bogus include. 2000-04-29 12:28:44 +00:00
Sheldon Hearn
4e86fcacf6 Remove more single-space hard sentence breaks. 2000-03-02 14:54:02 +00:00
Sheldon Hearn
f2e366a105 Remove single-space hard sentence breaks. These degrade the quality
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
2000-03-01 14:09:25 +00:00
Mike Pritchard
14201ae6dc Fix various man pages to stop abusing the .Bx macro to generate
the string "FreeBSD".  Use the .Fx macro instead.
2000-01-23 02:10:01 +00:00
Peter Wemm
97d92980a9 $Id$ -> $FreeBSD$ 1999-08-28 01:35:59 +00:00
Bill Paul
b22e036ea0 Modify yp_mkdb so that it only checks for bogus '+' and '-' characters
in source input if the -f flag is used, and modify Makefile.yp to only
use -f for the passwd, master.passwd and group maps. These should be
the only ones for which the + and - characters have special meaning
that make it important for us to avoid letting them into any of the map
databases. In some cases (namely the automounter maps) we have to allow
at least the - character through in order to create the map properly.

This closes PR #8699.
1999-08-22 15:34:47 +00:00
Mike Pritchard
32fdc70513 Various man page cleanup:
- Sort xrefs.
- FreeBSD.ORG -> FreeBSD.org
- Be consistent with section names as outlined in mdoc(7).
- Other misc mdoc cleanup.

PR:		doc/13144
Submitted by:	Alexey M. Zelkin <phantom@cris.net>
1999-08-15 08:47:11 +00:00
Nick Hibma
81d3029772 Fix typo (missing double quote) 1999-06-24 17:20:54 +00:00
Bill Paul
c167b71a1b Close PR #10971: flush the database cache after forking in ypproc_all_2_svc()
so that parent and child don't share DB handles.
1999-04-30 16:59:48 +00:00
Bill Paul
dc273a2f07 Close PR #10970: exit at the end of ypproc_all_2_svc() instead of returning.
This really fixes the condition where a child creates children of its own.
I'm leaving the previous sanity tests in though, since they shouldn't hurt,
and will give an indication if this ever happens again.
1999-04-30 16:44:17 +00:00
Bill Paul
2dfb116a5a Add some extra checks to make sure that a child ypserv process doesn't
try to fork() a child of its own, which could result in several children
ypservs running at once. I'm still not sure exactly what leads to this
condition, but these fixes should stop it from causing trouble. A new
function, yp_fork() checks to see if the current process is already a
child of the parent ypserv, and returns failure (and logs an error message)
rather than spawning another child.
1999-04-29 20:24:00 +00:00
Bill Paul
68cd974800 Close PR #11122: check key length before calling strncmp()
in yp_next_record().
1999-04-14 04:05:59 +00:00
Guy Helmer
86bf56f58b Fix reference to rpc.yppasswdd.
PR:		docs/10171
1999-03-02 04:14:53 +00:00
Guy Helmer
42e3d43b56 Add a reference to the ypinit(8) command.
PR:		docs/7679 (in spirit)
1999-02-23 03:49:14 +00:00
Bill Paul
eb822b5612 Add some tweaks to hopefully fix a problem I've started to notice recently.
Under certain conditions (possibly associated with heavy load), ypserv will
fork() child processes that don't exit like they're supposed to. I think
this is because of some suspect logic in the ypproc_all procedure. I updated
it to use what I hope is a more bulletproof approach.

Also tweaked yp_svc_run() a little so that the 'are we a child?' test happens
at every pass through the for(;;) loop, not just immediately after returning
from svc_getreqset2().
1999-02-10 16:16:14 +00:00
Wolfram Schneider
acd8019083 Sort cross references. 1998-08-31 16:41:09 +00:00
Bill Paul
9e8aac2526 DNS lookups for partially qualified hosts didn't work right. I was trying
to be clever by avoiding the 'check all domains in the search list'
cycle in certain cases, but this would lose if handed a name like
"foo.ctr" which refers to an FQDN of "foo.ctr.columbia.edu". If
"columbia.edu" is in the search list in /etc/resolv.conf then the
DNS lookup code should resolve it, but it didn't.
1998-08-10 19:43:33 +00:00
Poul-Henning Kamp
3939bb662d A comment in /usr/src/usr.sbin/ypserv/Makefile.yp
(a.k.a. /var/yp/Makefile.dist) refers to an obsoleted usage of the
-m option of rpc.yppasswdd.  It is currently taken over by the -t
option.  -m is used for a different purpose now.

PR:		7279
Reviewed by:	phk
Submitted by:	Amakawa Shuhei <amakawa@nebula.sf.t.u-tokyo.ac.jp>
1998-07-22 06:01:13 +00:00
Dag-Erling Smørgrav
19111ad381 Allow blank lines in /var/yp/securenets. 1998-07-15 11:56:28 +00:00
Warner Losh
67d3ec9a0f If we get back too much data to fit in result, return NULL. This avoids
a buffer overflow, but might negatively impact those hosts who have
enough aliases to fill MAXHOSTNAMELEN * 2 characters in them.

Good candidate for merging back into -stable.  Lightly tested by me, but
it came from OpenBSD a while ago.

Obtained from: OpenBSD
1998-06-09 05:06:27 +00:00
Bill Paul
7d1c23760d Protect errno in signal handlers, like in portmap. 1998-06-04 15:11:32 +00:00
Bruce Evans
67b780b03b Fixed double slashes in pathnames. 1998-05-31 11:32:38 +00:00
Bruce Evans
930ef4e26d Removed bogus dependencies of generated .c files on generated headers. 1998-05-10 16:03:17 +00:00
Philippe Charnier
f12a14713b .Sh AUTHOR -> .Sh AUTHORS. Use .An/.Aq. 1998-03-23 08:31:20 +00:00
Bruce Evans
df3175a04b Fixed `make -jN' for large N, as usual. Too usual for yp programs. 1998-03-06 14:51:35 +00:00
Bill Paul
32b14f697c *sigh* I will not commit late at night. I will not commit late at night.
I will not commit late at night. I will not commit late at night.

I swear it's been Monday all week for me.

Apply proper fix for services target submitted by Andre Albsmeier
<andre.albsmeier@mchp.siemens.de>. Sorry for botching this that last
time, Andre. (Could have been worse: t least I didn't break the build.)
1998-02-21 18:14:30 +00:00
Bill Paul
98df2816d1 Arghhh.... another missing backslash. Yes, I feel stupid. 1998-02-20 04:00:48 +00:00
Bill Paul
9ac2a83a11 Doh! Replace backslash that got eaten by gremlins in the last commit. 1998-02-18 04:11:49 +00:00
Bill Paul
f44298df59 Close PR #2206: fix the services.byname target so that it can handle
/etc/services entries with any protocol instead of just udp and tcp.
Rather thani having the awk script explicitly search for 'udp' or 'tcp'
in the second field using index(), use split() to break up the field
at the '/' character if it exists, which extracts the protocol from
the field no matter what it is.

PR: 2206
1998-02-13 03:38:41 +00:00
Bill Paul
0d15a95009 Fix a bug in the database handle caching. This has to do with the way the
underlying database code works. When dealing with first/next queries, you
have the notion of a database 'cursor,' which is essentially a file pointer
for the database. To select the first entry, you do a fetch with the
R_FIRST flag set, then you can use the R_NEXT flag to enumerate the other
entries in the database. Unfortunately, doing a direct fetch with no flag
does _not_ set the 'cursor,' so you can't do a direct fetch and then
enumerate the table from there.

The bug is that cached handles generated as the result of a YPPROC_MATCH
were being treated as though they were the same as handles generated by
a YPPROC_FIRST, which is not the case. The manifestation is that if you
do a 'ypmatch first-key-in-map map' followed by a yp_first()/yp_next()
pair, the yp_first() and yp_next() both return the first key in the
table, which makes the entry appear to be duplicated.

A couple smaller things since I'm here:

- yp_main.c and yp_error.c both have a global 'int debug' in them.
  For some reason, our cc/ld doesn't flag this as a multiply defined
  symbol even though it should. Removed the declaration from yp_main.c;
  we want the one in yp_error.c.

- The Makefile wasn't installing ypinit in the right place.
1998-02-11 19:15:32 +00:00
Bill Paul
1754677b27 Fix Makefile.yp so that it no longer creates a temporary file called
/tmp/ypmake, thereby fixing problems with successive map updates
possibly reading stale copies of this file left behind by a previous
failed run.

PR:	 5571
1998-02-04 16:16:58 +00:00
Steve Price
0f87b00d6b Allow comments to begin with multiple '#' characters.
PR:		4452
Submitted by:	Joao Carlos Mendes Luis <Jonny@mailhost.coppe.ufrj.br>
1998-01-25 17:51:10 +00:00
Bill Paul
d8207d546d Some touchups courtesy of Philippe Charnier. 1997-11-16 03:49:12 +00:00
Bill Paul
13170f18a2 Add a ypinit script and man page (script lifted from OpenBSD and haqued
to work on FreeBSD, man page written by me.)

Also change Makefile.yp a little to be more tolerane in the face of
missing source files. Print a message if we can't find /var/yp/master.passwd
telling the user what to do to fix things.
1997-11-10 22:17:13 +00:00
Justin M. Seger
50aedc813b Fix typo: 129.168.128.0 -> 192.168.128.0
PR:		docs/4871
Submitted by:	sec@42.org
1997-11-01 15:55:09 +00:00
Philippe Charnier
988345234d Typos in man page. Cosmetics in error strings. 1997-10-29 07:25:05 +00:00
Bill Paul
0485539e17 Don't initialize structures from other variables; gcc -ansi -pedantic
doesn't allow it. Use proper constants instead.
1997-08-10 20:37:48 +00:00
Bill Paul
9934af38df Fix for PR #4147: apparently BIND now returns a status of NO_RECOVERY
at the end of gethostanswer()/getanswer()/whatever where it used to
return TRY_AGAIN. This breaks the domain list traversal in ypserv's
async DNS lookup module: it would only retry using the domain(s) from
the 'domain' or 'search' lines in /etc/resolv.conf if __dns_getanswer()
returned TRY_AGAIN.

Changed the test so that either TRY_AGAIN or NO_RECOVERY will work.
This seemed to me the best solution in the event somebody tries to
compile this code on an older system with a different version of BIND.
(You shouldn't do that of course, but then there's a lot of things
in the world that you shouldn't do and people do them anyway.)
1997-07-28 14:13:57 +00:00
Bill Paul
7deb24a6ae Fix a bug in the async DNS resolver that can crash ypserv. yp_prune_dnsq()
is not sane: if the TTL on a pending but unanswered query hits 0 and the
circular queue entry is removed and free()d, the for() loop may still try
to use the entry pointer (which now points at no longer valid memory).
usually, deleting only the last entry off the end of the queue worked, but
if more than one was deleted, the server would crash. I changed things a
bit so this shouldn't happen anymore.

Also arranged to call the prune routine a bit more often.
1997-07-27 03:41:53 +00:00
Bill Paul
9ecc3726d9 Fix a very stupid heap corruption bug: in ypproc_match_2_svc(), when
we decide to do a DNS lookup, we NUL terminate the key string provided
by the client before passing it into the DNS lookup module. This is
actually wrong. Assume the key is 'foo.com'. In this case, key.keydat_val
will be "foo.com" and key.keydat_len will be 7 (seven characters; the
string is not NUL-terminated so it is not 8 as you might expect).
The string "foo.com" is actually allocated by the XDR routines when the
RPC request is decoded; exactly 7 bytes are allocated. By adding a NUL,
the string becomes "foo.com\0", but the '\0' goes into an 8th byte which
was never allocated for this string and which could be anywhere. The result
is that while the initial request may succeed, we could trash other
dynamically allocated structures (like, oh, I dunno, the circular map
cache queue?) and SEGV later. This is in fact what happens.

The fix is to copy the string into a larger local buffer and NUL-terminate
that buffer instead.

Crash first reported by: Ricky Chan <ricky@come.net.uk>
Bug finally located with: Electric Fence 2.0.5
1997-07-21 17:39:39 +00:00
Bill Paul
cc7ff6f503 Back out one of my paranoia tests from the last commit here; yp_access()
already deals with it appropriately. (You know you've been working too
hard when you forget how your own code works.)
1997-04-28 14:18:38 +00:00
John-Mark Gurney
6ecb7b2027 fix some typos, and some slight clean up...
Closes PR#3266
1997-04-15 07:41:10 +00:00
Bill Paul
832035088b Add a sanity test to ypproc_xfr_2_svc(): check that the map and domain
in the transfer request actually exist. Technically ypxfr can do this too,
but why waste the cycles getting ypxfr off the ground for a transfer we
already know is going to fail.

Also apply stricter access control rules; ypproc_xfr_2_svc() is in a
different class than the normal map access procedures procedures.
1997-04-10 14:12:51 +00:00