Commit Graph

1315 Commits

Author SHA1 Message Date
Mark Murray
482d5f1f6a Make sure that a "make release" (more accurately the bit that makes
the crunched binary) get a non-cryptographic telnet. This is overkill
in that it covers stuff that is not normally used in a crunched binary.
2003-07-24 17:19:15 +00:00
Mark Murray
3665b7c29b Ensure that for the cryptographic instances of *telnet*, the "crypto"
distribution is used. This only affects release-building.
2003-07-24 07:19:55 +00:00
Mark Murray
acce0bcdb3 Test correct macro for "without crypto" option(s). 2003-07-20 23:29:46 +00:00
Yaroslav Tykhiy
0183b0b8b8 Prototype defttymode() instead of just declaring it. 2003-07-18 16:25:55 +00:00
Mark Murray
4afa371832 Very big makeover in the way telnet, telnetd and libtelnet are built.
Previously, there were two copies of telnet; a non-crypto version
that lived in the usual places, and a crypto version that lived in
crypto/telnet/. The latter was built in a broken manner somewhat akin
to other "contribified" sources. This meant that there were 4 telnets
competing with each other at build time - KerberosIV, Kerberos5,
plain-old-secure and base. KerberosIV is no longer in the running, but
the other three took it in turns to jump all over each other during a
"make buildworld".

As the crypto issue has been clarified, and crypto _calls_ are not
a problem, crypto/telnet has been repo-copied to contrib/telnet,
and with this commit, all telnets are now "contribified". The contrib
path was chosen to not destroy history in the repository, and differs
from other contrib/ entries in that it may be worked on as "normal"
BSD code. There is no dangerous crypto in these sources, only a
very weak system less strong than enigma(1).

Kerberos5 telnet and Secure telnet are now selected by using the usual
macros in /etc/make.conf, and the build process is unsurprising and
less treacherous.
2003-07-16 20:59:15 +00:00
Yaroslav Tykhiy
e25d3184d0 Block SIGURG while reading from the control channel.
Rationale:

SIGURG is configured by ftpd to interrupt system calls, which is useful
during data transfers.  However, SIGURG could interrupt I/O on the
control channel as well, which was mistaken for the end of the session.

A practical example could be aborting the download of a tiny file,
when the abort sequence reached ftpd after ftpd had passed the file
data to the system and returned to its command loop.

Reported by:	ceri
MFC after:	1 week
2003-07-09 13:54:33 +00:00
Yaroslav Tykhiy
39b96ba75d Improve error handling in getline():
- always check the return value from getc(3) for EOF;
- if the attempt to read the TELNET command byte has
  returned EOF, exit from the loop instead of using
  the EOF value as a normal character.

MFC after:	1 week
2003-07-09 13:15:32 +00:00
Yaroslav Tykhiy
39bce48245 Make a malloced copy of "chrootdir" even if it points to an absolute
pathname inside "residue" so "chrootdir" can be simply freed later.

PR:		bin/53435
Submitted by:	Yutaka Ishihara <yutaka at fandc.co.jp>
MFC after:	1 week
2003-07-09 12:46:24 +00:00
Gregory Neil Shapiro
dce6e6518b Remove MAINTAINER= lines from individual Makefiles in favor of the
MAINTAINER file (which already had entries for sendmail).
2003-07-07 03:54:04 +00:00
Jake Burkholder
d037213487 Avoid using the global offset table to get the address of _DYNAMIC in
rtld.  When _DYNAMIC is referenced normally from C the global offset
table is used implicitly, but newer versions of binutils don't initialize
it statically in the binary, so this doesn't work until rtld is relocated,
which _DYNAMIC is needed for...  So, as on other systems with the same
problem, we disassemble a call instruction to _DYNAMIC in order to get
its address.
2003-07-04 00:05:15 +00:00
Yaroslav Tykhiy
9581ecbd72 Don't declare unneeded extern variables,
leave alone specifying a wrong type for one of them.
2003-06-21 10:45:38 +00:00
Matthew N. Dodd
e2a474429e Fix warnings on 64 bit platforms.
Noticed by:	 jake
2003-06-19 16:09:18 +00:00
Matthew N. Dodd
5407dd5b82 Add function prototypes. 2003-06-19 05:28:26 +00:00
Matthew N. Dodd
ded0e52363 LD_DUMP_REL_PRE and LD_DUMP_REL_POST don't output to stderr; don't
claim that they do.
2003-06-19 04:34:09 +00:00
Matthew N. Dodd
c5d061c17a Provide a mechanism for dumping relocation information.
Setting the LD_DUMP_REL_PRE or LD_DUMP_REL_POST environment variables
cause rtld-elf to output a table of all relocations.

This is useful for debugging.
2003-06-19 03:55:38 +00:00
Matthew N. Dodd
94040887ee Move MD function prototypes together. 2003-06-19 02:42:04 +00:00
Matthew N. Dodd
2c297acb7a Fix warnings; no parameters in function prototypes. 2003-06-19 02:39:37 +00:00
Matthew N. Dodd
5952de4b1b Avoid a NULL pointer dereference. 2003-06-18 16:17:13 +00:00
Yaroslav Tykhiy
b19ab1ce69 - Use the initial terminal mode instead of the current mode
as the source of defaults for terminal device parameters.

- Do duplucate code reduction and simplification enabled by
  the above.

Reviewed by:	green
MFC after:	1 month
2003-06-18 13:22:44 +00:00
Matthew N. Dodd
7227105f74 Include libmap.h for prototypes. 2003-06-18 05:31:08 +00:00
Matthew N. Dodd
da9f245470 - Add support for DT_FLAGS.
- Define various things from the most recent ELF spec.
2003-06-18 03:34:29 +00:00
Doug Barton
da14abebe4 More correctly spell "-static" as "NOSHARED?=YES" 2003-06-17 20:07:49 +00:00
Yaroslav Tykhiy
ec754f0964 Improve the manpage language a bit.
A PPP login program is started _automatically_ (i.e., without
human intervention) even with the "pl" capability unset, as soon
as a PPP frame is detected.  But with "pl" set, a PPP login program
is started independently of the result of PPP detection (which is
rendered unnecessary then,) i.e. _unconditionally_.
2003-06-17 12:29:36 +00:00
Doug Barton
7c633f01f6 Link named-xfer -static. This is the only binary that needs to be
statically compiled for named to work chroot'ed, and we'd like
to be able to do that from /etc/rc.d without additional user
intervention.
2003-06-17 08:53:27 +00:00
Yaroslav Tykhiy
a278e092d3 If ftpd is run with an -h option (hide host-specific info,)
don't reveal the info in reply to the SYST command.

Get rid of using the "unix" macro at the same time.  It was a rather
poor way to check if the system was Unix since there were quite a
few Unix clones out there whose cc didn't define "unix" (e.g.,
NetBSD.)  It was also sensitive to the C standard used, which caused
unnecessary trouble:  With -std=c99, it should have been "__unix__",
and so on.

PR:		bin/50690
Submitted by:	Alex Semenyaka <alexs _at_ snark.ratmir.ru>
MFC after:	1 week
2003-06-16 11:30:23 +00:00
John-Mark Gurney
9bf69bf27a fix a couple typos in the comments
From NetBSD's bootpd (in src/usr.sbin/bootp)
2003-06-15 03:08:37 +00:00
John-Mark Gurney
b6a0d4720e fix bootpd to use fd_set. For some reason on Sparc, using int with
select is broken.
2003-06-15 03:05:14 +00:00
David E. O'Brien
457946d9bd Remove MAINTAINER lines. 2003-06-14 19:32:52 +00:00
Brian Feldman
7ce06101b8 In the last clean-up of this code, the fact that the default tty mode
information could only be gleaned from the the tty descriptor itself
was neglected, so never did the tty's default settings get copied from
the kernel.  Specifically, this caused all manner of ctrl-keys to not
work.  Fix this by calling dogettytab() in all the proper places, and
retrieving the terminfo temporarily in dogettytab().
2003-06-14 08:26:47 +00:00
Yaroslav Tykhiy
3cd7e22936 Read gettytab(5) soon enough to fill in all necessary values.
Re-read gettytab(5) only if needed.

This fixes bugs introduced as long ago as in getty/main.c rev.1.15.

PR:		bin/18181
MFC after:	1 month
2003-06-10 18:30:41 +00:00
Yaroslav Tykhiy
5f596fa5d0 Spot one more place where boolean variables were incremented
instead of just being assigned a truth value.
2003-06-10 16:34:03 +00:00
Yaroslav Tykhiy
8b52276d10 Coding style fix: Use "foo = 1" instead of "foo++" to assign
the truth value to a boolean variable, especially when inside
a loop.  The variable can overflow otherwise, at least in theory.
2003-06-10 15:38:35 +00:00
Yaroslav Tykhiy
018319c226 Break sentences.
MFC after:	1 week
2003-06-10 15:03:35 +00:00
Yaroslav Tykhiy
cefc03cb09 General mdoc(7) markup fixes:
- Use .Va, not .Em, to mark up variable-like identifiers
  (capability and database entry names.)
- Stop abusing .Tn (trademark) to emphasize general phrases.
- Spot unmarked capability references.
- Add a missing line break.

Discussed with:	ru
MFC after:	1 week
2003-06-10 14:46:43 +00:00
Yaroslav Tykhiy
cc5ded58d3 Improve the language and markup of the description of the pp and pl
capabilities:

- Mark up capability identifiers.
- Don't squeeze much text into the capability table given the options
  will be described below in detail.
- Keep the capability table sorted.
- Use a consistent term for a PPP login program.

MFC after:	1 week
2003-06-10 14:20:38 +00:00
Philippe Charnier
42161502bd Add section number to .Xr 2003-06-08 12:40:50 +00:00
Philippe Charnier
53abf632be The .Xr utility 2003-06-08 12:38:18 +00:00
Marcel Moolenaar
b615f6d2b1 Don't fail if we encounter a relocation of type "none". Just ignore
it. It's a no-op relocation.

Trigger case: ports/x11-toolkits/pango
2003-06-07 07:52:17 +00:00
Yaroslav Tykhiy
f648dfd929 Fix some minor bugs, namely:
- Initialize "rval", which would be used uninitialized
  if al or pl options were set.

- Don't pass an empty string to login(1) as a user name
  (this could be triggered by entering a name and then killing it
  with backspace or ^U.)

- Don't loop endlessly if the al option specifies a bogus (i.e.,
  not alphanumeric) auto-login name.

- Don't pass a bogus user name to login(1) if a good name were
  entered and then killed with ^U.

- Exit with status 0, not 1, on receiving an EOF character,
  since it's not a error condition.

MFC after:	1 week
2003-06-06 14:36:41 +00:00
Mark Murray
3c4304dd55 Drop MAINTAINER Bit. Not needed any more. 2003-06-04 15:59:13 +00:00
David E. O'Brien
8f17707c61 Set CSTD to gnu99. We can only use on of the gnu?9 C languages.
We can't use c89 due to use of 'inline', and c99 produces bad code.
2003-06-04 05:42:04 +00:00
Ruslan Ermilov
09f84dd1d3 Assorted mdoc(7) fixes. 2003-06-02 15:02:06 +00:00
David E. O'Brien
0c60c0c3bb Best we can do with this is c89. 2003-06-02 02:35:58 +00:00
David E. O'Brien
3d5f961224 Include stdlib.h to get exit()'s prototype. 2003-06-02 02:35:18 +00:00
David E. O'Brien
bd273f0c0b Add the variable's type to the declaration. 2003-06-02 02:34:36 +00:00
Ruslan Ermilov
052a8966eb Assorted mdoc(7) fixes. 2003-06-01 19:52:36 +00:00
Matthew N. Dodd
c930fec7a2 - use issetugid()
- be paranoid about honoring LD_LIBMAP_DISABLE.

Suggested by:	 rwatson
2003-05-31 15:24:29 +00:00
Matthew N. Dodd
341b3de62b Simplify map_object() by breaking out the ELF header validation bits
into a separate function.
2003-05-31 14:48:59 +00:00
Matthew N. Dodd
1aac1ed634 Provide function entry debugging messages. 2003-05-31 14:46:38 +00:00
Matthew N. Dodd
4df60d1cac Use the environment variable LD_LIBMAP_DISABLE to disable
libmap.conf(5) functionality.
2003-05-31 14:45:11 +00:00
Matthew N. Dodd
1340fc1015 Don't post-increment pointers inside a loop conditional.
While I'm here:
- Let lm_add() call strdup() on its own behalf.
- Use a temporary pointer when parsing constraints; only set the
  constraint pointer on a totally successful match.

PR:		 bin/52783
Submitted by:	 David P. Reese Jr. <daver@gomerbud.com>
Approved by:	 re (rwatson)
2003-05-30 00:49:16 +00:00
Alexander Kabaev
6d5d786f80 Allow threading libraries to register their own locking
implementation in case default one provided by rtld is
not suitable.

Consolidate various identical MD lock implementation into
a single file using appropriate machine/atomic.h.

Approved by:	re (scottl)
2003-05-29 22:58:26 +00:00
Peter Wemm
b82eca913d Do not exclude amd64 from rtld-elf builds.
Approved by:  re  (safe amd64 support commits)
2003-05-24 17:38:45 +00:00
Peter Wemm
9783a12b34 Initial pass at supporting shared libraries on amd64. There are still
a few missing relocation types in amd64/reloc.c, but I have not found
any of them in use yet. :-)

Approved by:  re (amd64/* blanket)
2003-05-24 17:37:51 +00:00
Dag-Erling Smørgrav
7691f66abf Retire the useless NOSECURE knob.
Approved by:	re (scottl)
2003-05-19 15:52:01 +00:00
Matthew N. Dodd
3467e8b8a0 - Use xmalloc() and xstrdup() instead of malloc() and strdup().
- Add a global mapping if we have a successful constrained match.

Approved by:	re
2003-05-19 07:10:12 +00:00
Robert Watson
94deb3f034 Since libmap.conf is referenced in rtld.1, include it in the references
section.

Approved by:	re (scottl)
2003-05-17 19:46:49 +00:00
Ruslan Ermilov
c00ee5e567 mdoc(7) police: Properly markup the previous revision.
Approved by:	re (blanket)
2003-05-16 21:36:10 +00:00
Ruslan Ermilov
60cdf2f1a0 mdoc(7) police: Normalize the FILES section.
Approved by:	re (blanket)
2003-05-16 21:34:21 +00:00
Mark Murray
1cec3c808d Allow a NOPIC "make world" to complete.
OK'ed by:	re(scottl)
2003-05-11 18:48:29 +00:00
Mark Murray
0813637235 Mrege from crypto telnet with "make unifdef". This gets a bunch of
$FreeBSD$ tags and some debug variable safety belts.
2003-05-11 18:27:49 +00:00
Peter Wemm
b2d14fd9bb Exclude rtld-elf for amd64. More porting is still needed.
Approved by:  re (scottl)
2003-05-08 06:37:12 +00:00
Alexander Kabaev
3ddc66d863 Rethink the way we count module references. Simply following
DT_NEEDED links is not flexible enough for cases where dynamically
loaded modules form a dependency cycle.

This should fix an infinite recursion problem encountered by Yahoo.

Approved by:	re (jhb)
2003-05-08 01:31:36 +00:00
Mark Murray
dbf104e68d Turn MAKE_KERBEROS5 into NO_KERBEROS by negating the logic. Some extra
cleanups were necessary in release/Makefile, and the tinderbox code
was syntax checked, not run checked.
2003-05-05 07:58:44 +00:00
David E. O'Brien
22e9bc15f9 Use __FBSDID vs. rcsid[]. 2003-05-04 00:59:13 +00:00
David E. O'Brien
78af18bd24 Fix signed/unsigned comparison warnings. 2003-05-04 00:56:00 +00:00
David E. O'Brien
8f5f415d44 Fix a sign/unsigned comparison. 2003-05-04 00:43:39 +00:00
Ruslan Ermilov
a52672e938 Build non-crypto telnet(1) and telnetd(8) if NO_OPENSSL is defined.
Submitted by:	Marius Strobl <marius@alchemy.franken.de>
2003-05-01 19:38:15 +00:00
Peter Wemm
7c1622ff28 Remove 80386 bandaids from code repocopied from i386. rtld_start.S still
todo.
2003-04-30 21:09:06 +00:00
Alexander Kabaev
486089f00c Remove redundant strlen checks, do not check the same
symbol twice.
2003-04-30 19:05:53 +00:00
Ruslan Ermilov
2266b8c0d4 Don't clobber Kerberos5 telnet(1) and telnetd(8) with non-crypto versions. 2003-04-30 07:24:35 +00:00
Warner Losh
706d0ee075 Add back # accidentally deleted in 1.54 2003-04-27 06:16:52 +00:00
Warner Losh
b4e225bef1 This is no longer needed after tw is gone.
Approved by: re@ (scottl)
2003-04-27 05:43:42 +00:00
Bill Fumerola
a273f3ae41 properly refuse a connection in the -c case if the client ip's subdirectory
does not exist.

PR:		bin/38303
Submitted by:	Woei-Luen, Shyu <m8535@cn.ee.ccu.edu.tw>
the committed patch differs from the submitted one, any inaccuracies are mine.
2003-04-19 10:14:43 +00:00
Matthew N. Dodd
623b6bd2f9 Code cleanups and sanity checking for config file parser. 2003-04-10 01:44:19 +00:00
Matthew N. Dodd
29ade36225 Dynamic object dependency mapping: libmap.
This is an optional feature, disabled by default.

This will be useful to people testing the various POSIX threading
libraries under -CURRENT but can easily serve other needs.
2003-04-07 16:21:26 +00:00
Juli Mallett
02a0965ef6 MFp4 @27667: WARNS=5 cleanup on i386.
Remove the unused FILE\ *tf from print_mesg args, and the
    bogus passing in of an uninitialised FILE* for it.

    Call a timeval 'now' instead of 'clock' due to shadowing.

    Remove a nested localtime declaration.

    Make the delete invite argument match the ID type, u_int32_t.

    Use const for pointers to const items.

    Cast to long where printing as such.

    Include netinet/in.h for htonl/htons.

Reviewed by:	imp
2003-04-03 05:13:27 +00:00
Ruslan Ermilov
4d63e8de71 Mark bits that do not require an object directory as such. 2003-04-01 12:37:54 +00:00
Mike Silbersack
d28af25586 Update the description of the -u option to mention that IP_PORTRANGE_HIGH
and _DEFAULT are the same for 5.x.

Committed under threat of action from:	The mdoc police
2003-03-25 22:20:02 +00:00
David Malone
f49c0dc0f2 Clean up some warnings that don't result in a change in the object file:
Constness, missing prototypes, non-ansi prototypes, missing
initialisers, unnecessary declarations, shadowing.

Reviewed by:	md5
2003-03-20 22:42:22 +00:00
Arun Sharma
35522a0aa1 Fix for ia64/48024 - ensure function pointer equality across elf
objects.

Programs such as sshd depend on two pointers to the same function being
equal in a given process. However, the current ia64 implementation
ensures that they're equal when both the pointers are instantiated in
the same ELF object. The attached patch ensures that they're equal
irrespective of where they're instantiated.

Reviewed by marcel@ (mentor) and kan@
2003-03-19 21:38:27 +00:00
Poul-Henning Kamp
7194d335cf Run a revision of the devstat interface:
Kernel:

Change statistics to use the *uptime() timescale (ie: relative to
boottime) rather than the UTC aligned timescale.  This makes the
device statistics code oblivious to clock steps.

Change timestamps to bintime format, they are cheaper.

Remove the "busy_count", and replace it with two counter fields:
"start_count" and "end_count", which are updated in the down and
up paths respectively.  This removes the locking constraint on
devstat.

Add a timestamp argument to devstat_start_transaction(), this will
normally be a timestamp set by the *_bio() function in bp->bio_t0.
Use this field to calculate duration of I/O operations.

Add two timestamp arguments to devstat_end_transaction(), one is
the current time, a NULL pointer means "take timestamp yourself",
the other is the timestamp of when this transaction started (see
above).

Change calculation of busy_time to operate on "the salami principle":
Only when we are idle, which we can determine by the start+end
counts being identical, do we update the "busy_from" field in the
down path.  In the up path we accumulate the timeslice in busy_time
and update busy_from.

Change the byte_* and num_* fields into two arrays: bytes[] and
operations[].

Userland:

Change the misleading "busy_time" name to be called "snap_time" and
make the time long double since that is what most users need anyway,
fill it using clock_gettime(CLOCK_MONOTONIC) to put it on the same
timescale as the kernel fields.

Change devstat_compute_etime() to operate on struct bintime.

Remove the version 2 legacy interface: the change to bintime makes
compatibility far too expensive.

Fix a bug in systat's "vm" page where boot relative busy times would
be bogus.

Bump __FreeBSD_version to 500107

Review & Collaboration by:	ken
2003-03-15 21:59:06 +00:00
Poul-Henning Kamp
a57042df90 Update to current devstat API. 2003-03-15 21:04:50 +00:00
Alexander Kabaev
63c1e7cb8d Free obj->priv field in obj_free functions. This field is NULL
on all architectures except ia64, which uses it to keep function
description table.
2003-03-14 21:11:28 +00:00
Alexander Kabaev
605f36fc1e No need to zero fill memory, mmapped anonymously. Kernel will
return pre-zeroed pages itself.

Noticed by:     jake
2003-03-14 21:10:13 +00:00
Ruslan Ermilov
ace5be682d mdoc(7) police: Scheduled sweep. 2003-02-24 22:53:26 +00:00
Ruslan Ermilov
af118f2db4 mdoc(7) police: expand contraction. 2003-02-23 01:45:51 +00:00
Alexander Kabaev
fa4a502e77 Do not remove object from the lists at the unref_dag() stage.
Introduce a new unlink_object() function and call it in
unload_object() instead. Removing the object in unref_dag() is
too early, rtld calls _fini() function after that and shared
objects might fail resolve their own symbols.
2003-02-17 20:58:27 +00:00
Poul-Henning Kamp
fd3a502df2 Add #include <sys/resource.h> 2003-02-16 15:21:26 +00:00
Poul-Henning Kamp
1b16b28926 Remove <sys/dkstat.h> #include 2003-02-16 14:09:16 +00:00
Alexey Zelkin
d9943f166b Advertize rtld(1) as ld.so(1) in manual pages world 2003-02-13 23:07:28 +00:00
Alexander Kabaev
2542b742f1 Fix a typo in rtld_dirname. 2003-02-13 22:47:41 +00:00
Alexander Kabaev
42d206e975 Implement dlinfo() function.
Introdice RTLD_SELF special handle and properly process it within
dlsym() and dlinfo() functions.

The intention is to improve our compatibility with Solaris and
to make a Java port easier.

Partially submitted by:	phantom
2003-02-13 17:47:44 +00:00
Alexander Kabaev
92b0ec0832 Add missing include files I forgot about in previous commit. 2003-02-13 17:35:00 +00:00
Alexander Kabaev
d38a104b75 Remove /usr/lib/elf from a default search path.
Move xprintf to malloc.c, it is only used there. Make static.

Submitted by:	phantom
2003-02-13 17:05:10 +00:00
Yaroslav Tykhiy
f29288c05e Kill unnecessary vertical whitespace. 2003-02-11 14:10:48 +00:00
Yaroslav Tykhiy
b8939f6fa6 Use LOG_AUTHPRIV to hide the username attempted during an invalid login
from everyone but sysadmins.

PR:		bin/29487
MFC after:	3 days
2003-02-11 11:58:33 +00:00
Alexander Kabaev
f8d7256a27 When unloading dependencies make sure they are removed from all the
associated lists:
   remove RTLD_GLOBAL objects from global objects list;
   remove the parent object from dldags list of its children.

Previosly we were doing that only to the top-level object OF the DAG
being unloaded and all its dependencies were ignored, leading to
mysterious crashes later.

Submitted by:	peter (partially)
2003-02-10 23:15:07 +00:00
Philippe Charnier
538015aa3b Add FBSDID. udp/bootps -> bootps/udp. Use err(3). 2003-02-05 13:45:25 +00:00
Yaroslav Tykhiy
31f77a4b49 Allow "~/" in pathnames to work for a chrooted user. 2003-02-05 11:11:32 +00:00
Yaroslav Tykhiy
6cfbc84115 Let tilde expansion be done even if a file/directory doesn't exist yet.
This makes such natural commands as "MKD ~user/newdir" or "STOR ~/newfile"
do what they are supposed to instead of failing miserably with the
"File not found" error.

This involves a bit of code reorganization.  Namely, the code doing
glob(3) expansion has been separated to a function; a new function
has been introduced to do tilde expansion; the latter function is
invoked on a pathname before the former one.  Thus behaviour mimicing
that of the Bourne shell has been achieved.
2003-02-04 17:50:38 +00:00
Yaroslav Tykhiy
50618d61ae RFC 959 doesn't list reply code 550 as a valid responce to STOR/STOU,
so return reply code 553 to indicate a error from open(2) for consistency,
as long as the code is used in the rest of the STOR/STOU handler.
2003-02-04 03:33:25 +00:00
David E. O'Brien
f7093daaae Add OPIE and PAM libs to the mix. 2003-02-02 21:11:15 +00:00
David E. O'Brien
99994ce124 OPIE and PAM bits to agument LukeMftpd.
Submitted by:	mikeh (reworked by me)
2003-02-02 21:06:10 +00:00
Yaroslav Tykhiy
ea7012261a Let real users access special files through FTP
if allowed by their filesystem permissions.

This doesn't break anything since using sendfile(2)
is triggered later by a separate S_ISREG conditional.

PR:		bin/20824
MFC after:	1 week
2003-01-31 13:18:55 +00:00
Yaroslav Tykhiy
88b707218e When searching for a unique file name in guniquefd(),
distinguish between the cases of an existing file and
a real system error, such as I/O failure, no access etc.

MFC after:	3 days
2003-01-29 17:04:07 +00:00
Yaroslav Tykhiy
c152df28e5 Add a new option to ftpd(8), "-h", to disable printing any
host-specific information in FTP server messages (so paranoid
admins can sleep at night :-)

PR:		bin/16705
MFC after:	1 week
2003-01-29 10:58:58 +00:00
Yaroslav Tykhiy
ce9287fc02 Give the code around chroot(2)/chdir(2) a major overhaul by
separating its part around chroot(2) from that around initial
chdir(2).  This makes the below changes really easy.

Move seteuid(to user's uid) to before calling chdir(2).  There are
two goals to achieve by that.  First, NFS mounted home directories
with restrictive permissions become accessible (local superuser
can't access them if not mapped to uid 0 on the remote side
explicitly.)  Second, all the permissions to the home directory
pathname components become effective; previously a user could be
carried to any local directory despite its permissions since the
chdir(2) was done with euid 0.  This reduces possible impact from
FTP server misconfiguration, e.g., assigning a wrong home directory
to a user.

Implement the "/./" feature.  Now a guest or user subject to chrooting
may have "/./" in his login directory, which separates his chroot
directory from his home directory inside the chrooted environment.
This works for ftpchroot(5) as well.

PR:		bin/17843 bin/23944
2003-01-29 10:07:27 +00:00
Yaroslav Tykhiy
341e476e25 Actually extract the second field from a line in ftpchroot(5)
instead of just using the rest of the line behind the first field.
2003-01-27 15:34:22 +00:00
Yaroslav Tykhiy
0ba71e2424 Allow more than one separator character between fields in ftpchroot(5). 2003-01-27 14:41:08 +00:00
Yaroslav Tykhiy
8657b576d8 Extend the format of /etc/ftpchroot so an alternative chroot
directory can be specified for a user or a group.

Add the manpage ftpchroot(5) since the file's format has grown
complex enough.

PR:			bin/45327
Portions submitted by:	Hideki SAKAMOTO <sakamoto@hlla.is.tsukuba.ac.jp>
MFC after:		1 week
2003-01-26 19:02:56 +00:00
Yaroslav Tykhiy
80f728d4ff GLOB_MAXPATH has been deprecated in favour of GLOB_LIMIT. 2003-01-25 14:59:48 +00:00
Yaroslav Tykhiy
63591ba5c8 - Add a new option, ``-P port'', to specify the port for ftpd(8)
to listen at in daemon mode.
- Use the port by 1 less than the control port as the default
  data port instead of always using hard-coded port 20.

Submitted by:	roam
MFC after:	1 week
2003-01-23 18:39:48 +00:00
Yaroslav Tykhiy
b7f470a943 Prevent server-side glob(3) patterns from expanding
to a pathname that contains '\r' or '\n'.

Together with the earlier STAT bugfix, this must solve
the problem of such pathnames appearing in the FTP control
stream.
2003-01-22 16:25:22 +00:00
Crist J. Clark
e509445689 The FTP daemon was vulnerable to a DoS where an attacker could bind()
up port 20 for an extended period of time and thus lock out all other
users from establishing PORT data connections. Don't hold on to the
bind() while we loop around waiting to see if we can make our
connection.

Being a DoS, it has security implications, giving it a short MFC
time.

MFC after:	1 day
2003-01-21 05:13:02 +00:00
Maxim Sobolev
0fd652782b Fix a typo (missed &&).
Submitted by:	marcus
2003-01-20 10:33:35 +00:00
Maxim Sobolev
9b76604885 Add a new gettytab(5) option - `pl', which if set tells getty that the line
in question is PPP-only line, i.e. no PPP-sequence detection is necessary and
PPP login program referenced by `pp' should be started automatically instead of
login(1)

Feature suggested and sponsored by:     United Networks of Ukraine
No reply from:  re
MFC after:	2 weeks
2003-01-19 20:59:52 +00:00
Yaroslav Tykhiy
f8a581a0c6 Prepend a space character if a line begins with a digit
in the output to the "STAT file" request.

This closes one discrepancy with RFC 959 (page 36.)

See also http://www.kb.cert.org/vuls/id/328867

Obtained from:	OpenBSD
2003-01-16 14:25:32 +00:00
Yaroslav Tykhiy
dcb4f239cd Replace the instances of literal "/bin/ls"
with the _PATH_LS macro to be consistent
with the rest of the ftpd(8) source.
2003-01-16 13:27:58 +00:00
David E. O'Brien
1e7812cb5f We have a usable 'LOGIN_NAME_MAX' now. 2003-01-06 04:42:20 +00:00
David E. O'Brien
e18083deb1 Need to prototype strsuftollx() to quiet a warning. 2003-01-06 04:09:20 +00:00
David E. O'Brien
c7940c49ba Make the "nbsd_20030105" import build. 2003-01-06 03:03:53 +00:00
Juli Mallett
d3951ad162 Implement POSIX grantpt(3) functionality, and add a pt_chown utility (akin
to Solaris, it is in /usr/libexec) to perform the handing over of tty nodes
to the user being granted the pty.

Submitted by:	Ryan Younce <ryany@pobox.com>
Reviewed by:	security-officer@, standards@, mike@
2003-01-02 20:44:41 +00:00
Jens Schweikhardt
9d5abbddbf Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup,
especially in troff files.
2003-01-01 18:49:04 +00:00
Jens Schweikhardt
d64ada501a Fix typos, mostly s/ an / a / where appropriate and a few s/an/and/
Add FreeBSD Id tag where missing.
2002-12-30 21:18:15 +00:00
Jens Schweikhardt
57bd0fc6e8 english(4) police. 2002-12-27 12:15:40 +00:00
Ruslan Ermilov
facc67676f mdoc(7) police: Deal with self-xrefs. 2002-12-24 13:41:48 +00:00
Ruslan Ermilov
463cfa804d Fixed the abuses of .Ql visible on stderr in troff mode.
PR:		docs/37176
2002-12-23 16:04:51 +00:00
Matthew Dillon
fa7dd9c5bc Change the way ELF coredumps are handled. Instead of unconditionally
skipping read-only pages, which can result in valuable non-text-related
data not getting dumped, the ELF loader and the dynamic loader now mark
read-only text pages NOCORE and the coredump code only checks (primarily) for
complete inaccessibility of the page or NOCORE being set.

Certain applications which map large amounts of read-only data will
produce much larger cores.  A new sysctl has been added,
debug.elf_legacy_coredump, which will revert to the old behavior.

This commit represents collaborative work by all parties involved.
The PR contains a program demonstrating the problem.

PR:		kern/45994
Submitted by:	"Peter Edwards" <pmedwards@eircom.net>, Archie Cobbs <archie@dellroad.org>
Reviewed by:	jdp, dillon
MFC after:	7 days
2002-12-16 19:24:43 +00:00
Ruslan Ermilov
8d5d039f80 Uniformly refer to a file system as "file system".
Approved by:	re
2002-12-12 17:26:04 +00:00
Alexander Kabaev
f94cc7e9ca Fix rtld to handle SPARC_R_UA{16,64} relocations correctly.
Approved by:	re (rwatson)
2002-12-05 16:58:31 +00:00
Peter Grehan
b9dea67fa8 rtld support for PowerPC. Mostly obtained from NetBSD, with mods
for binutils 2.13

Reviewed by:  benno

Approved by:  re (blanket)
2002-12-04 07:32:20 +00:00
Alexander Kabaev
999d9d2bd4 Put back a test for binaries with no PT_LOAD entries I over-jealosly
removed in r1.69.

Apploved by:	re (rwatson)
2002-11-29 16:41:31 +00:00
Ruslan Ermilov
d939fc70a7 mdoc(7) police:
Properly sort options, spell "file system" correctly, expand contraction.

Catch up to the src/etc/syslog.conf,v 1.23 change: ftpd(8) session logs
are now by default get logged to /var/log/xferlog.

Approved by:	re
2002-11-25 15:20:06 +00:00
Thomas Moestl
a42a42e9b9 Fix the handling of high PLT entries (> 32764) on sparc64. This requires
additional arguments to reloc_jmpslot(), which is why MI code and MD code
of other platforms had to be changed.

Reviewed by:	jake
Approved by:	re
2002-11-18 22:08:50 +00:00
Peter Wemm
f316609eb4 Oops. Some ut_time stuff slipped through the cracks. These turned out
to be non-fatal due to stack alignment roundups.
2002-11-17 23:46:45 +00:00
David E. O'Brien
a6f8d995f3 [DAIVD O'BRIEN's OPINION]
Head off what I think is an abuse of the TRB, and disable lukemftpd.
2002-11-12 17:31:12 +00:00
Maxim Konovalov
e1b57f44ef o Fix usage().
o Explicitly initialize domain pointer.
o Fix passwd file parsing.

PR:		bin/39671 (3)
MFC after:	2 weeks
2002-11-12 14:15:59 +00:00
David E. O'Brien
9bdc6053fb We don't use libpam, libopie, or libmd. 2002-11-12 07:41:59 +00:00
David E. O'Brien
606f5646b9 We have fparseln(3). Also libskey on RELENG_4. 2002-11-12 07:37:15 +00:00
David E. O'Brien
f17da7421b Update for version 1.2 Beta 2. 2002-11-12 06:48:35 +00:00
Yaroslav Tykhiy
1f75c13ee0 Don't free the current addrinfo list, or else a pointer to a freed
memory area would arise.  Only an addrinfo list from an earlier
call to getaddrinfo() should be freed there because it will be
substituted by the current list referenced by "res".

Reported by:	John Long <fbsd1@pruam.com>
MFC after:	5 days
2002-11-11 07:31:48 +00:00
Robert Watson
d9e2c4241f Have ftpd specify the LOGIN_SETMAC flag to setlogincontext() so that
MAC labels are set if MAC is enabled and configured for the user
logging in.

Note that lukemftpd is not considered a supported application when
MAC is enabled, as it does not use the standard system interfaces for
managing user contexts; if lukemftpd is used with labeled MAC policies,
it will not properly give up privileges when switching to the user
account.

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-24 16:19:52 +00:00
Jun Kuriyama
063469298e Unbreak by merging the change in r1.51 of src/libexec/ftpd/Makefile. 2002-10-24 04:55:25 +00:00
Robert Watson
4d33b62edc Teach "ls -Z" to use the policy-agnostic MAC label interfaces rather
than the LOMAC-specific interfaces for listing MAC labels.  This permits
ls to view MAC labels in a manner similar to getfmac, when ls is used
with the -l argument.  Next generation LOMAC will use the MAC Framework
so should "just" work with this and other policies.  Not the prettiest
code in the world, but then, neither is ls(1).

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-24 00:07:30 +00:00
Alexander Kabaev
8b7f25d41d Add support for binaries with arbitrary number of PT_LOAD sections.
Reviewed by:	peter
2002-10-23 01:43:29 +00:00
Alexander Kabaev
b2ce513208 Change the symbol lookup order to search RTLD_GLOBAL objects
before referencing object's DAG. This makes it possible for
C++ exceptions to work across shared libraries and brings
us closer to the search order used by Solaris/Linux.

Reviewed by:	jdp
Approved by:	obrien
MFC after:	1 month
2002-10-19 23:03:35 +00:00
Maxim Sobolev
d1cf9ea2c4 Fix a problem with RTLD_TRACE flag to dlopen(3), which sometimes can return
even if there was no error occured (when trying to dlopen(3) object that
already linked into executable which does dlopen(3) call). This is more
proper fix for `ldd /usr/lib/libc.so' problem, because the new behaviour
conforms to documentation.

Remove workaround from ldd.c (rev.1.32).

PR:		35099
Submitted by:	Nathan Hawkins <utsl@quic.net>
MFC after:	1 week
2002-10-19 10:18:29 +00:00
Kris Kennaway
ea63141090 Don't call report() without a format string.
MFC after:	3 days
2002-10-13 11:27:36 +00:00
Kris Kennaway
85fe8d4124 Mark the logerr() function __printflike().
MFC after:	3 days
2002-10-13 11:26:37 +00:00