INADDR_NONE: Incoming packets go to the alias address (the default)
INADDR_ANY: Incoming packets are not NAT'd (direct access to the
internal network from outside)
anything else: Incoming packets go to the specified address
Change a few inaddr::s_addr == 0 to inaddr::s_addr == INADDR_ANY
while I'm there.
redirected and when no target address has been specified, NAT
the destination address to the alias address rather than
allowing people direct access to your internal network from
outside.
some reason. This will prevent an infinite loop if (say) a sigalarm is
being scheduled at a more frequent interval than the poll timeout.
PR: 2191, 8847, 10553
thread waiting on an event (I/O, condvar, etc) will, when resumed using
pthread_resume_np, return with EINTR. For example, suspending and resuming
a thread blocked on read() will not requeue the thread for the read, but
will return -1 with errno = EINTR. If the suspended thread is in a critical
region, the thread is suspended as soon as it leaves the critical region.
Fix a bogon in pthread_kill() where a signal was being delivered twice
to threads waiting in sigwait().
Reported by (suspend/resume bug): jdp
Reviewed by: jasone
and gids bigger than 16 bits. Added checks for uids and gids that are
bigger than 32 bits.
Approved by: jkh (partly, this fix is bigger than I first intended)
Without this, kernel will panic at getsockopt() of IPSEC_POLICY.
Also make compilable libipsec/test-policy.c which tries getsockopt() of
IPSEC_POLICY.
Approved by: jkh
Submitted by: sakane@kame.net
optimization that generates code our current as doesn't understand.
The result is bad code that damages dynamic symbol locations at
runtime. Ouch. See PR bin/16862 and discussion in -current.
This change will be backed out when gcc and gas are back in sync.
PR: Fixes bin/16862, but not the underlying problem.
Submitted by: bde
Approved by: jdk
when connecting via IPv6, hostname was not recorded to utmp anymore.
Because, if hostname is longer than buffer size, getnameinfo() returns
with ENI_MEMORY.
Reviewed by: shin
Approved by: jkh
I'm not quite sure about this, I think it should be using -lssh_pic since
it's being linked into a .so, but nothing seems to complain ahd it does
work. (well, it works for using the authorized_keys file, but I have not
figured out how to get it to start a ssh-agent and cache the key for me)
PR: 17191
Submitted by: Adrian Pavlykevych <pam@polynet.lviv.ua>
-Added more description.
-Many grammer fix.
-Fix hard sentence break.
-Many other man style fix.
Thanks for bde finding out the problem.
Thanks for sheldon for the patient and thorough review.
:-)
Submitted by: bde
Reviewed by: sheldonh
This
This feature allows you to specify if mmap'd data is included in
an application's corefile.
Change the type of eflags in struct vm_map_entry from u_char to
vm_eflags_t (an unsigned int).
Reviewed by: dillon,jdp,alfred
Approved by: jkh
Sorry for the flapping, but no change will be done for 4.0 anymore.
Official standard will be published around April or later.
If different format would be adopted at that time, then support for
the new format will be added to the succeeding FreeBSD 4.x.
Approved by: jkh
run out of KVM through a mmap()/fork() bomb that allocates hundreds
of thousands of vm_map_entry structures.
Add panic to make null-pointer dereference crash a little more verbose.
Add a new sysctl, vm.max_proc_mmap, which specifies the maximum number
of mmap()'d spaces (discrete vm_map_entry's in the process). The value
defaults to around 9000 for a 128MB machine. The test is scaled for the
number of processes sharing a vmspace (aka linux threads). Setting
the value to 0 disables the feature.
PR: kern/16573
Approved by: jkh
returning the error directly.
For sem_post(), make sure that the correct thread is woken up. This has
unfortunate performance implications, but is necessary for POSIX compliance.
Approved by: jkh
fit in the static buffer. This fix causes it to look like there is no
data available, which is also wrong but is better than dumping core.
PR: bin/10344
Reviewed by: billf
Approved by: jkh
Now libutil depends on libc.so.4, so needs to update the major version.
Without this, old binaries which use libutil and build with libc.so.3
will coredump on recent 4.0.
Solicited comment for cvs-committers and there seems to be no objection.
Approved by: jkh
might it confuse people, but it causes a warning message with
nroff, and no version history mentions a 1.2 version of FreeBSD.
If anything, a ``HISTORY'' section should show which version this
appeared in.
Now libwrap depends on libc.so.4, so needs to update the major version.
Without this, old binaries which use libwrap and build with libc.so.3
will coredump on recent 4.0.
Approved by: jkh
Reviewed by: markm
-Should not error return when rresvport_af() failed for one of dest
addrs resolved by getaddrinfo().
Should retry until all dest addr fail.
Approved by: jkh
(shortend format, etc)
Current KAME getaddrinfo() supports only d.d.d.d format IPv4
addr. But traditionally inet_aton() and etc support other formats.
(shortend format and octal/deciaml/hex format)
Aboud this,
-As far as the discussion on freebsd-current, many people
think traditional format should also be supported by getaddrinfo().
-X/Open spec requires getaddrinfo() also support those
traditional IPv4 format.
-RFC2553 say nothing about it.
-As the result of confirmation in ietf/ipng list, there is
no clear concensus yet, and the reply was, "RFC2553 update
and X/Open spec will be in sync"
So takeing these conditions into account, I think
getaddrinfo() should also support traditional IPv4 format.
Specified by: Marc Schneiders <marc@oldserver.demon.nl>
Approved by: jkh
KAME scoped addr format is changed recently.
before: addr@scope
now: scope%addr
Because the end of IPv6 numeric addr is tend to be truncated in
`netstat -rn ` output, so placing scope part at starting of addr
will be convenient.
Approved by: jkh
Obtained from: KAME project
of the C++ stdlib. Our ctype.h uses symbols of the form _<X> to denote the
various character classes. Our ctype.h also extends the usual ctype.h
offering by adding the "_T" (special) class. Problem is parts of the STL
also use the symbol "_T" as its parameterized type. These two uses are
incompatible.
Thus change the form of the symbols used in ctype to something that fixes
the current problem and is less likely to cause conflicts in the future.
Requested by: Tomoaki NISHIYAMA <tomoaki@biol.s.u-tokyo.ac.jp>
Ok'ed by: JKH
interface, and statically link them to the programs using them.
These functions, upon reflection and discussion, are too generically
named for a library interface with such specific functionality.
Also the api that they use, whilst ok for private use, isn't good
enough for a libc function.
Additionally there were complications with the build/install-world
process. It depends heavily upon xinstall, which got broken by
the change in api, and caused bootstrap problems and general mayhem.
There is work in progress to address future problems that may be
caused by changes in install-chain tools, and better names for
{g|s}etflags can be derived when some future program requires them.
For now the code has been left in src/lib/libc/gen (it started off
in src/bin/ls).
It's important to provide library functions for manipulating file
flag strings if we ever want this interface to be adopted outside
of the source tree, but now isn't necessarily the right moment
with 4.0-release just around the corner.
Approved: jkh
Now when tcp_wrapper is enabled by inetd -wW,
several accesses which should be permitted are refused only for IPv6,
if hostname is used to decide the host to be allowed.
IPv6 users will be just upset.
About security related concern.
-All extensions are wrapped by #ifdef INET6, so people can completely
disable the extension by recompile libwrap without INET6 option.
-Access via IPv6 is not enabled by default.
People need to enable IPv6 access by changing /etc/inetd.conf at first,
by adding tcp6 and/or tcp46 entries.
-The base of patches are from KAME package and are actually daily used
for more than a year in several Japanese IPv6 environments.
-Patches are reviewed by markm.
Approved by: jkh
Submitted by: Hajimu UMEMOTO <ume@mahoroba.org>
Reviewed by: markm
Obtained from: KAME project
When libipsec library is created, no SHLIB numbers are
specified in the Makefile. Then the library version was set
to 2.(by default?)
So change it to 0.
For now it should not be problem, because the contents are same.
I'll also prepare an entry for UPDATING.
Some of rcmd related function is need to be updated to
support IPv6. Some of them are already updated as standard
document. But there is also several de-facto functions and
they are not listed in standard documents.
They are,
iruserok() (used by rlogind, rshd)
ruserok() (used by kerberos, etc)
KAME package updated those functions in original way.
iruserok_af()
ruserok_af()
But recently there was discussion on IETF IPng mailing
list about how to sync those API, and it is decided,
-Those function is not standard and not documented.
-But let BSDs sync their API as de-facto.
And after some discussion, it is announced that
-add update to iruserok() as iruserok_sa()
-no ruserok() API change(it is only updated internaly)
So I sync those API before 4.0 is released.
The changes are,
-prototype changes
-ruserok() internal update (use iruserok_sa() inside)
-removal of ruserok_af()
-change iruserok_af() as static functioin, and also prefix the name with __.
-add iruserok_sa() (Just call __iruserok_af() inside)
-adding flag AI_ALL to getipnodebyaddr() called from __icheckhost().
This is necessary to support IPv4 communication via AF_INET6 socket
could be correctly authenticated via iruserok_sa()
-irusreok_af() call is replaced to iruserok_sa() call
in rlogind, and rshd.
Approved by: jkh
For libc_r renamed syscalls, correct symbol naming from
_thread_sys_foo() <-- _foo() to _thread_sys_foo() <-- _foo() <-- foo(). This
is necessary for system calls which libc_r doesn't define foo().
Some weak symbols such as poll() are defined twice. From what I understand,
depending on one weak symbol or the other to be used is a bad idea. All
such weak symbols defined in the libc_r-specific code should therefore be
made strong (non-weak?).
Simplify PSEUDO() to not define any weak symbols, since they aren't ever
needed.
alpha/SYS.h:
Correct reversed usage of WEAK_ALIAS(), which has reversed arguments from
__weak_reference(). Also, fix reversal of symbols, so that syscall foo()
is a weak alias for _foo().
Add WEAK_ALIAS() call to PRSYSCALL(), which unlike the i386 version of
PRSYSCALL(), is not defined in terms of PSYSCALL().
Make PSEUDO() equivalent to the i386 version.
Introduce ACL man pages en masse for library calls, and general introduction.
Also, fix acl_valid.c non-portable calls to include _np in their names,
making them standard-happy as well as consistent with acl.h
strftime(3), add another one. :) %z yields the local timezone's offset
in hours and minutes, as used in RFC822 headers. There's a precedence
for this in Lunux' libc, and Internet software (like Perl scripts)
start using it.
OKed by (wrt. the code freeze): jkh
just use _foo() <-- foo(). In the case of a libpthread that doesn't do
call conversion (such as linuxthreads and our upcoming libpthread), this
is adequate. In the case of libc_r, we still need three names, which are
now _thread_sys_foo() <-- _foo() <-- foo().
Convert all internal libc usage of: aio_suspend(), close(), fsync(), msync(),
nanosleep(), open(), fcntl(), read(), and write() to _foo() instead of foo().
Remove all internal libc usage of: creat(), pause(), sleep(), system(),
tcdrain(), wait(), and waitpid().
Make thread cancellation fully POSIX-compliant.
Suggested by: deischen
string to u_long and back using two functions, flags_to_string and
string_to_flags, which co-existed with 'ls'. As time has progressed
more and more other tools have used these private functions to
manipulate the file flags.
Recently I moved these functions from /usr/src/bin/ls to libutil,
but after some discussion with bde it's been decided that they
really ought to go in libc.
There are two already existing libc functions for manipulating file
modes: setmode and getmode. In keeping with these flags_to_string
has been renamed getflags and string_to_flags to setflags.
The manual page could probably be improved upon ;)
o Do not override `environ' if realloc() fails, leave it intact.
o Set `alloced' only when memory is actually allocated.
PR: bin/5604 (2nd part)
Reviewed by: bde
Updated date. 1987 was a while ago.
Removed trailing comma in NAME section.
Uncapitalised Bindresvport and Bindresvport_sa in DESCRIPTION section.
Don't use .Nm there either.
Added bindresvport_sa() to the RETURN VALUES and ERROR sections.
- clean up unneeded AFS ID type
- Add Coda, NTFS, NWFS ACL types
- Add acl_dup() prototype
- Remove acl_calc_mask, which belongs in the editing library
- Introduce posix1e.3, a man page introducing POSIX.1e library calls
(more man pages to follow)
-changed bindresvport2 to bindresvport_sa
-merged the man into bindresvport.3
All discussion between Jean-Luc Richier <Jean-Luc.Richier@imag.fr>,
Theo de Raadt <deraadt@cvs.openbsd.org>, itojun, is reflected to
this code. (Actually Theo de Raadt write the code simultaneously as the
discussion change.)
obtained from itojun.
-don't filter address families which are not supported by system at
FQDN resolving.
-don't do reverse lookup
I think I checked all lib and tools which use getaddrinfo() if
this change affect them.
Obtained from: KAME project
adds _np to a couple of function prototypes that provided more broad/useful
interfaces than POSIX.1e interfaces included.
Also, move from using a heuristic to identify POSIX.1e-semantic ACLs to
using different ACL types for non-POSIX.1e ACLs. This should clean up the
existing fuzzy logic that determined when acl_sort() should be applied
before kernel submission.
are not supported by this implementation, and the error return values
from sem_init(), sem_open(), sem_close(), and sem_unlink() reflect this.
Approved by: jkh
signal handler. Explicitly check for jumps to anywhere other than the
current stack, since such jumps are undefined according to POSIX.
While we're at it, convert thread cancellation to use continuations, since
it's cleaner than the original cancellation code.
Avoid delivering a signal to a thread twice. This was a pre-existing bug,
but was likely unexposed until these other changes were made.
Defer signals generated by pthread_kill() so that they can be delivered on
the appropriate stack. deischen claims that this is unnecessary, which is
likely true, but without this change, pthread_kill() can cause undefined
priority queue states and/or PANICs in [sig|_]longjmp(), so I'm leaving
this in for now. To compile this code out and exercise the bug, define
the _NO_UNDISPATCH cpp macro. Defining _PTHREADS_INVARIANTS as well will
cause earlier crashes.
PR: kern/14685
Collaboration with: deischen
prettier (?) names, adding some const's around here, et al.
This is commit 4 out of 3, updating the userland library to reflect kernel
interface changes.
Reviewed by: bde
check for on the server may arise legitimately on the client. The
correct way to check for a zero record length is to check for it
without the LAST_FRAG marker in it, since it's legal to send a LAST_FRAG
marker with 0 bytes of data.
PR: misc/16028
the case that a CPU hungry main thread is prevented from being preempted
due to a negative calculation of its time slice.
Reported by: Alexander Litvin <archer@lucky.net>
libcrypt and libutil was not built before libpam.
The order here is currently unimportant, but ../Makefile should
descend here to build everything (which currently doesn't work
right) or at least to get the order using `make -V SUBDIR'.
Fixed bitrot in comments about library dependencies. The list has been
maintained better in ../Makefile.inc1, except it has been uninverted
there so it is hard to use manually.
interface. This commit introduces the library, as well as a modest
subset of the ACL calls, with some modifications to support multiple
ACL semantics.
Reviewed by: eivind
points. For library functions, the pattern is __sleep() <--
_libc_sleep() <-- sleep(). The arrows represent weak aliases. For
system calls, the pattern is _read() <-- _libc_read() <-- read().
I smite thee, vile buildworld breakage!
The story is that these were added to beforeinstall improperly. In our
beforeinstall, a full mtree has not been populated. Since the tree is
not populated, we explode from missing directories on doc install. It
should not be done in beforeinstall (includes) anyway.
* Add the 'h' ftp flag (allocate local port in high range)
* Add the 'd' flag (use direct connection even if proxy is defined)
* Make sure flags != NULL before calling strchr().
* Minor changes to some comments.
the initial thread). Instead, just leave an unmapped gap between thread
stacks and make sure that the thread stacks won't grow into these gaps,
simply by limiting the size of the stacks with the 'len' argument to
mmap(). This (if I understand correctly) reduces VM overhead
considerably.
Reviewed by: deischen
is an application space macro and the applications are supposed to be free
to use it as they please (but cannot). This is consistant with the other
BSD's who made this change quite some time ago. More commits to come.
handler. Thread-to-thread signals (pthread_signal) are treated differently
than process signals; a pthread_signal can wakeup a blocked thread if
a signal handler is not installed for that signal.
Found by: ACE tests
pointer" instead. The potential confusion arises because the string/*.3
pages use the term "null-terminated string" (which is permissable). Moreover,
this also makes these two manpages more consistent with the other string/*.3
manpages.
(1)added error check of if_nameindex() return value at getaddrinfo().
(2)print out more detailed information when getaddrinfo() error value
is EAI_SYSTEM.(in this case system error num is kept in errno)
(1) is Discovered by: jinmei@kame.net in KAME environment.
(From the author:)
Primarily, I have added built-in functions for manipulating the
environment, so putenv() is no longer used. XDM and its variants
should now work without modification. Note that the new code uses
the macros in <sys/queue.h>.
Submitted by: Andrew J. Korty <ajk@iu.edu>
locking functions. If an application loads a shared object with
dlopen() and the shared object has an init function which requires
lazy binding, then _rtld_bind is called when the thread is already
inside the dynamic linker. This leads to a recursive acquisition
of the lock, which I was not expecting -- hence the assert failure.
This work-around makes the default locking functions handle recursive
locking. It is NOT the correct fix -- that should be implemented
at the generic locking level rather than in the default locking
functions. I will implement the correct fix in a future commit.
Since the dllockinit() interface will likely need to change, warn
about that in both the man page and the header file.
Fix some ctype problems - isascii() caused a warning if fed an unsigned
char - it's always > 0 and libstand is compiled with -Wall.
Missing prototype/include in printf.c
and is module aware. Yes, this means that kvm_nlist(3) will find symbols
in loaded modules. The emulation of the nlist struct is pretty crude but
seems to work well enough for all the users in the tree that I found.
functions to be used by the dynamic linker. This can be called by
threads packages at start-up time. I will add the call to libc_r
soon.
Also add a default locking method that is used up until dllockinit()
is called. The default method works by blocking SIGVTALRM, SIGPROF,
and SIGALRM in critical sections. It is based on the observation
that most user-space threads packages implement thread preemption
with one of these signals (usually SIGVTALRM).
The dynamic linker has never been reentrant, but it became less
reentrant in revision 1.34 of "src/libexec/rtld-elf/rtld.c".
Starting with that revision, multiple threads each doing lazy
binding could interfere with each other. The usual symptom was
that a symbol was falsely reported as undefined at start-up time.
It was rare but not unseen. This commit fixes it.
Doing the "right thing" here is difficult, so create two ENTRY points for
each function (for example, __setjmp and setjmp are equivalent). This
isn't pretty, but it works for both aout and ELF.
libc symbol naming needs an overhaul in order to properly support function
wrapping, specifically in the case of a real libpthread, and these
duplicate entry points should be fixed as part of that overhaul.
Pointed out by: bde
takes an int arg and is prototyped in <string.h>. It has the opposite
interface botches to psignal(3) which takes a bogus unsigned arg but is
prototyped in the right place.
This is not the last of the interface problems for strsignal(). We
obtained it from NetBSD, but NetBSD has moved its prototype to
<unistd.h>. strsignal() should return const char *, but it returns
char * for historical reasons. NetBSD declares it as returning
__aconst char, where __aconst is normally empty but can be set to
`const' to give better error checking. glibc-2.1.1 prototypes
strsignal() in <string.h>.
lobotomized environment, say booted from a floppy with no /etc full
of password and group files, give sensible fallbacks for roots uid
and operators gid.
This might fix sysinstall.
this makefile update which should have been together with the file
removal.
Removed vlimit.3 and vtimes.3. Removed vlimit.c and vtimes.c from
the "MISSING" list. These were old variants of get/setrlimit() and
getrusage(), respectively, and were never implemented in FreeBSD.
vlimit.3 referred to <sys/vlimit.h> which was removed recently.
vtimes.3 referred to <sys/vtimes.h> which never existed in FreeBSD.
