261 Commits

Author SHA1 Message Date
Bruce Evans
372e515faa This gets() used \r\n, which is doggish. 1995-09-29 18:52:47 +00:00
Peter Wemm
fcc3b6999e Make ttyname() use posix-style tcgetattr() to check to see that it's
running on a tty.  (Same as isatty()) The old-style TIOCGETP ioctl
wouldn't fly if the kernel didn't have COMPAT_43.
Submitted by:	Carl Fongheiser <cmf@netins.net>
1995-09-22 17:01:28 +00:00
Poul-Henning Kamp
182b05e19e A buglet when dumping and a stylistic point from Mike.
Submitted by:	Mike Pritchard <mpp@mpp.minn.net>
1995-09-22 14:11:00 +00:00
Poul-Henning Kamp
81df7b69ef ``phkmalloc''
Performance is comparable to gnumalloc if you have sufficient RAM, and
it screams around it if you don't.
Compiled with "EXTRA_SANITY" until further notice.
see malloc.3 for more details.
1995-09-16 09:28:13 +00:00
Peter Wemm
7c8e2aa48c Fix security bugs with a "new approach", using stdio's powerful buffer
control hooks.
It is similar to an unrolled multi-part snprintf(), in that a "FILE *" is
attached to a string buffer.  There is also an optimisation for the case
where the syslog format string does not contain %m, which should improve
performance of "informational" logging, like from ftpd.
1995-09-15 13:53:39 +00:00
David Greenman
03a9df25d1 Indicate that backlog limit is 32. 1995-09-15 10:02:07 +00:00
Bill Paul
400b841301 getgrent.c: adjust _nextypgroup() slightly so that it continues processing
the group map after encountering a badly formatted entry.

getpwent.c: same as above for _nextyppass(), and also turn a couple of
sprintf()s into snprintf()s to avoid potential buffer overruns. (The
other day I nearly went mad because of a username in my NIS database
that's actually 9 characters long instead of 8. Stuffing a 9-character
username into an 8-character buffer can do some strange things.)

(This reminds me: I hope somebody's planning to fix the buffer overrun
security hole in syslog(3) before 2.1 ships.)
1995-09-05 19:52:59 +00:00
Bill Paul
4cc738f763 Clear up a minor bogosity in yp_match(): we have YPMATCHCACHE turned
on, which is fine, except that _yp_dobind() is called before we check
the cache. The means we can return from the cache check (if we have
a hit) without calling _yp_unbind().

We should do the cache check first and _then_ drop into the section
that binds the server and does the yp_match query.
1995-09-02 04:16:21 +00:00
Bill Paul
d454389cc2 getpwent.c: turn the code that checks the override caches into a
seperate function to avoid duplication. Also fix getpwent() a
small bit to properly handle the case where the magic NIS '+'
entry appears before the end of the password file.

getgrent.c: be a little more SunOS-ish. Make it look like the NIS
group map is 'inserted' at the the point(s) where the magic NIS '+'
entry/entries appear.

getgrent: fix a file descriptor leak: remember to close the netgroup
file after we determine that we're using NIS-only innetgr() lookups.
1995-09-02 04:08:55 +00:00
Andrey A. Chernov
85b3ab5887 National date/time representation in syslog logfiles looks ugly,
change strftime to ctime. Logfiles must have default (english) date/time
representation for access/view from various places.
1995-08-29 13:21:53 +00:00
Peter Wemm
613749bbf2 Remove the CFLAGS+=-I${CURDIR}/net that I previously added.
Since Bruce changed the #include <res_config.h> to #include "res_config.h"
this is no longer needed, and only makes the 'make' more verbose for
no real reason.
1995-08-21 17:50:01 +00:00
Bruce Evans
4fc61ca748 Define DEBUG as 1 instead of as nothing so that it doesn't conflict with
-DDEBUG in libresolv/Makefile.
1995-08-21 09:16:02 +00:00
Bruce Evans
e6507d611f Fix bogus include paths, some of which stopped libresolv from compiling. 1995-08-21 09:15:40 +00:00
Peter Wemm
e5ad4f8712 Update the resolver part of libc to bind-4.9.3-beta24 level (from beta9p1)
Note that this was done by selective patching from diffs, to not conflict
with the 4.4bsd base code..  This was *not* a trivial task..  I have been
testing this code (apart from cosmetic changes) in my libc for a while now.

Obtained from: Paul Vixie <paul@vix.com>
1995-08-20 20:03:06 +00:00
Peter Wemm
fdf4460bf9 fgetline does not exist.. fgetln is in it's place. Correct the X-Ref.
Noticed by:	Brian Tao, Bruce Evans
1995-08-18 14:22:00 +00:00
Joerg Wunsch
665994990b There is no such file as /usr/include/ufs/quota.h. There is a file
/usr/include/ufs/ufs/quota (#include <ufs/ufs/quota.h>) that seems to work
ok though.

Closes PR # docs/670: quotactl man page incorr...

Submitted by:	evans@scnc.k12.mi.us (Jeffrey Evans)
1995-08-15 19:38:00 +00:00
Bill Paul
97cb50947e Submitted by: Bill Fenner <fenner@parc.xerox.com>
Fix for PR #510. The original problem was that __ivaliduser() was
failing to grant access to a machine listed in a +@netgroup specified
in /etc/hosts.equiv, even though the host being checked was most
certainly in the +@netgroup.

The /etc/hosts.equiv file in question looked like this:

localhost
+@netgroup

The reason for the failure was had to do with gethostbyaddr(). Inside
the __ivaliduser() routine, we need to do a gethostbyaddr() in order
to get back the actual name of the host we're trying to validate since
we're only passed its IP address. The hostname returned by gethostbyaddr()
is later passed as an argument to innetgr(). The problem is that
__icheckhost() later does a gethostbyname() of its own, which clobbers
the buffer returned by gethostbyaddr().

The fix is just to copy the hostname into a private buffer and use
_that_ as the 'host' argument that gets passed to innetgr().

And here I was crawling all over the innetgr() code thinking the
problem was there. *sigh*
1995-08-14 23:52:49 +00:00
Andrey A. Chernov
48b9e85079 Forget to close file
Submitted by: SANETO Takanori sanewo@strg.sony.co.jp
1995-08-11 08:44:31 +00:00
Satoshi Asami
bfa4762780 Bump shlib minor because xdr_* functions have been enabled. Do NOT
bump it again if something else is added before 2.2.

The xdr_* functions are enabled only in the 2.2 (-current) branch
so far.  If that modification is moved to the 2.1 (-stable) branch,
this one should, too.

Reviewed by:	the mailing lists
1995-08-09 06:50:52 +00:00
Bill Paul
22397ec3c3 Fix _listmatch() so that it doesn't fall off the end of the list string. 1995-08-08 02:51:16 +00:00
Andrey A. Chernov
8df736f7dc Fix manpage to reflect current sources 1995-08-07 23:36:08 +00:00
Andrey A. Chernov
5ad178d854 Restore %s format support from previous version 1995-08-07 23:35:41 +00:00
Bill Paul
1e890b056a Just when you thought it was safe...
- getnetgrent.c: address some NIS compatibility problems. We really need
to use the netgroup.byuser and netgroup.byhost maps to speed up innetgr()
when using NIS. Also, change the NIS interaction in the following way:

If /etc/netgroup does not exist or is empty (or contains only the
NIS '+' token), we now use NIS exclusively. This lets us use the
'reverse netgroup' maps and is more or less the behavior of other
platforms.

If /etc/netgroup exists and contains local netgroup data (but no '+').
we use only lthe local stuff and ignore NIS.

If /etc/netgroup exists and contains both local data and the '+',
we use the local data nd the netgroup map as a single combined
database (which, unfortunately, can be slow when the netgroup
database is large). This is what we have been doing up until now.

Head off a potential NULL pointer dereference in the old innetgr()
matching code.

Also fix the way the NIS netgroup map is incorporated into things:
adding the '+' is supposed to make it seem as though the netgroup
database is 'inserted' wherever the '+' is placed. We didn't quite
do it that way before.

(The NetBSD people apparently use a real, honest-to-gosh, netgroup.db
database that works just like the password database. This is
actually a neat idea since netgroups is the sort of thing that
can really benefit from having multi-key search capability,
particularly since reverse lookups require more than a trivial
amount of processing. Should we do something like this too?)

- netgroup.5: document all this stuff.

- rcmd.c: some sleuthing with some test programs linked with my own
version of innetgr() has revealed that SunOS always passes the NIS
domain name to innetgr() in the 'domain' argument. We might as well
do the same (if YP is defined).

- ether_addr.c: also fix the NIS interaction so that placing the
'+' token in the /etc/ethers file makes it seem like the NIS
ethers data is 'inserted' at that point. (Chances are nobody will
notice the effect of this change, which is just te way I like it. :)
1995-08-07 03:42:14 +00:00
Bruce Evans
59eab48836 Install non-source files with the optional flag ${COPY}, not with the flag -c. 1995-08-06 12:41:07 +00:00
Bruce Evans
48cfb668fc Change install' to ${INSTALL}' so that default install flags can be
specified in the top level Makefiles.

Previously I missed dozens of Makefiles that skip the install after
using `cmp -s' to decide that the install isn't necessary.
1995-08-06 12:24:38 +00:00
Andrey A. Chernov
d0e0d9c4c5 Fix default %c to be ctime-compatible as supposed (by Solaris too) 1995-08-06 11:48:16 +00:00
Garrett Wollman
35482326b2 The European Commission went out and invented a new sort of summer-time
changeover, so we have to extend the format of timezone files (in a backward-
compatible way, of course).  This probably means that libc needs a minor
version number bump before 2.2 is released (or maybe not).
1995-08-05 20:28:08 +00:00
Garrett Wollman
21271a8c7a Don't depend on bogusly-installed <tzfile.h>. 1995-08-05 20:25:24 +00:00
Andrey A. Chernov
6240d16c20 Fix cut&paste error: LC_COLLATE should be LC_TIME 1995-08-05 17:32:06 +00:00
Andrey A. Chernov
e20b74fb9e Add time locale loading 1995-08-05 17:31:17 +00:00
Bruce Evans
f57698ff43 Move rtprio.2 from usr.sbin/rtprio to lib/libc/sys, overwriting the bogus
version in the latter directory.

Reviewed by:	davidg
1995-08-05 07:31:19 +00:00
Garrett Wollman
c28fbb7baa Implement locale-sensitive strftime () from ADO (heavily modified
by me).  This probably loses for multibyte characters, but I have no
way of telling.  I'll let ache decide whether to add this support to
startup_setlocale.  Note that for this to make any sense at all, the
symlinks in /usr/share/locale must go.  (For the moment, this doesn't
make any difference since there are no locales supplied.)

Obtained from:	Arthur David Olson <ado@elsie.nci.nih.gov>
1995-08-04 18:43:01 +00:00
Bill Paul
19f61b3433 Reviewed by: David Greenman
Back out the 'help NIS rebind faster' hack. This change used a
connect()/send() pair rather than the original sendto() to allow
RPC to pass ICMP host unreachable and similar errors up to RPC
programs that use UDP. This is not a terrible thing by itself, but it can
cause trouble in environments with multi-homed hosts: if the portmapper
on the multi-homed machine sends a reply with a source address
that's different than the one associated with the connection by
connect(), the kernel will send a port unreachable message and
drop the reply. For the sake of compatibility with everybody else
on the planet, it's best to revert to the old behavior.

*long, heavy sigh*
1995-08-02 09:14:23 +00:00
Andrey A. Chernov
765d5b0d6f Make strtod conforms manpage, use isspace to skip initial whitespaces
instead of hardcoded whitespaces
1995-08-01 22:20:16 +00:00
Andrey A. Chernov
e7241b8ffe Similar changes like in strtol, all this family is VERY broken
in 8bit environment (isalpha at the end of digits)
1995-08-01 22:04:57 +00:00
Andrey A. Chernov
2bdca0d9f0 strtol and atoi VERY broken in 8bit chars locale, i.e. if you pass something
like 38400<any 8bit char, isalpha> it not detect this stuff and
produce very big number instead. Fixed by operating with unsigned char
and checking for isascii. (secure/telnetd hits by it f.e.)
1995-08-01 21:38:00 +00:00
Mike Pritchard
a9680d7112 Null terminate all strings returned by the dummy uname() routine,
and make sure that the version string is somewhat sane.  This
closes out PR#462.

Reviewed by: Bruce Evans
1995-07-31 10:10:02 +00:00
Joerg Wunsch
fb2deeabfb bkr() returns an int, and not a pointer. Document this.
Closes PR #pending/630.

Pointed out by: phk

Obtained from:
1995-07-23 07:01:05 +00:00
Bruce Evans
8e3d84bb83 Confirmed to work by: rcarter@geli.com (Russell Carter)
Enable xdr_float.c.  I believe it works on i386's although it isn't
portable enough to be in a machine-independent directory.
1995-07-22 23:32:13 +00:00
Peter Wemm
acc7e87c9b Slight adjustment to previous fix for __ivaliduser(). It was checking for
the comment before checking for long lines, so there was a possibility
that the wrap-around might be used as an exploitable hostname.
Reviewed by:
Submitted by:
Obtained from:
1995-07-16 17:03:58 +00:00
Joerg Wunsch
8f26c8ef60 Make ruserok() accept the #-starting comment lines we used to have
in our default /etc/hosts.equiv.

Closes PR #conf/620: Default /etc/hosts.equiv...
1995-07-16 10:12:32 +00:00
Bruce Evans
4baa77295e The declaration of sigaction was missing a `const'. 1995-07-16 09:44:58 +00:00
Bruce Evans
52a69cb00b Fix the synopsis of signal() again. Now it is uglier but correct.
(Declarations of signal that don't use typedefs can't be formatted
in the standard man page form.)
1995-07-16 09:41:03 +00:00
Joerg Wunsch
2c413cbe50 Fix the prototypes for getservby{name,port}().
Closes PR #docs/568: minor manpage bug

Submitted by:	Michael Smith (email address no longer valid)
1995-07-09 08:17:01 +00:00
Bill Paul
bc8e373c9b The ypprot_err() function incorrectly maps YP_NODOM to YPERR_NODOM.
Strange as it sounds, it should map to YPERR_DOMAIN instead.

The YP_NODOM protocol error code is generally returned by ypserv when you
ask it for data from a domain that it doesn't support. By contrast,
the YPERR_NODOM error code means 'local domain name not set.'
Consequently, this incorrect mapping leads to yperr_string() generating
a very confusing error message. YPERR_DOMAIN says 'couldn't
bind to a server which serves this domain' which is much closer
to the truth.
1995-07-05 06:04:20 +00:00
Bill Paul
6c0828a6c6 Do the same sanity checking in _pw_breakout_yp() that we do in
_gr_breakout_yp(): if we encounter a NULL pointer generated as the
result of a badly formatted NIS passwd entry (e.g. missing fields),
we punt and return an error code, thereby silently skipping the
bad entry.
1995-06-26 16:04:57 +00:00
Bill Paul
e0ee807b3d Fix for a potential problem reported by a user I bumped into on IRC
last night:

_gr_breakout_yp() doesn't check for badly formatted NIS group entries.
For example, a bogus entry like this:

bootp::user1,user2,user3

will lead to a null pointer dereference and a SEGV (note that the GID
field is missing -- this results in one of the strsep(&result, ":")
returning NULL). The symtpom of this problem is programs dumping
core left and right the moment you add a + entry to /etc/group.
Note that while this is similar to an earlier bug, it's caused by a
different set of circumstances.

The fix is to check for the NULL pointers and have _gr_breakout_yp()
punt and return a failure code if it catches one. This is more or
less the behavior of SunOS: if a bad NIS group entry is encountered,
it's silently ignored. I don't think our standard (non-NIS) group
parsing code behaves the same way. It doesn't crash though, so I'm
citing the 'it ain't broken, don't fix it' rule and leaving it alone.

I'll probably have to add similar checks to _pw_breakout_yp() in
getpwent.c to ward off the same problems. It's rare that bad NIS
map entries like this occur, but we should handle them gracefully
when they do.
1995-06-26 14:59:46 +00:00
Bill Paul
dbf973c0c7 Fixes for PR #508 and #509 ('botched 'Bad netgroup' error message' and
'cycle in netgroup check too greedy').

PR #508 is apparently due to an inconsistency in the way the 4.4BSD
netgroup code deals with bad netgroups. When 4.4BSD code encounters
a badly formed netgroup entry (e.g. (somehost,-somedomain), which,
because of the missing comma between the '-' and 'somedomain,' has
only 2 fields instead of 3), it generates an error message and
then bails out without doing any more processing on the netgroup
containing the bad entry. Conversely, every other *NIX in the world
that usees netgroups just tries to parse the entry as best it can
and then silently continues on its way.

The result is that two bad things happen: 1) we ignore other valid entries
within the netgroup containing the bogus entry, which prevents
us from interoperating with other systems that don't behave this way,
and 2) by printing an error to stderr from inside libc, we hose certain
programs, in this case rlogind. In the problem report, Bill Fenner
noted that the 'B' from 'Bad' was missing, and that rlogind exited
immediately after generating the error. The missing 'B' is apparently
not caused by any problem in getnetgrent.c; more likely it's getting
swallowed up by rlogind somehow, and the error message itself causes
rlogind to become confused. I was able to duplicate this problem and
discovered that running a simple test program on my FreeBSD system
resulted in a properly formatted (if confusing) error, whereas triggering
the error by trying to rlogin to the machine yielded the missing 'B'
problem.

Anyway, the fixes for this are as follows:

- The error message has been reformatted so that it prints out more useful
  information (e.g. Bad entry (somehost,-somedomain) in netgroup "foo").
  We check for NULL entries so that we don't print '(null)' anymore too. :)

- Rearranged things in parse_netgrp()  so that we make a best guess at
  what bad entries are supposed to look like and then continue processing
  instead of bailing out.

- Even though the error message has been cleaned up, it's wrapped inside
  a #ifdef DEBUG. This way we match the behavior of other systems. Since we
  now handle the error condition better anyway, this error message becomes
  less important.

PR #507 is another case of inconsistency. The code that handles
duplicate/circular netgroup entries isn't really 'too greedy; -- it's
just too noisy. If you have a netgroup containing duplicate entries,
the code actually does the right thing, but it also generates an error
message. As with the 'Bad netgroup' message, spewing this out from
inside libc can also hose certain programs (like rlogind). Again, no
other system generates an error message in this case.

The only change here is to hide the error message inside an #ifdef DEBUG.
Like the other message, it's largely superfluous since the code handles
the condition correctly.

Note that PR #510 (+@netgroup host matching in /etc/hosts.equiv) is still
being investigated. I haven't been able to duplicate it myself, and I
strongly suspect it to be a configuration problem of some kind. However,
I'm leaving all three PRs open until I get 510 resolved just for the
sake of paranoia.
1995-06-23 14:47:54 +00:00
Jeffrey Hsu
e78bad2371 Don't cast void functions to void.
Obtained from: NetBSD commit by jtc on June 16, 1995.
1995-06-20 18:31:16 +00:00
Bill Paul
85e8f5bee2 Make _havemaster() use yp_first() (again) instead of yp_order() to
ward off possible NIS+ evil. (I might be overly paranoid with this,
but it doesn't hurt, so...)
1995-06-17 04:00:02 +00:00