Commit Graph

381 Commits

Author SHA1 Message Date
Daniel O'Callaghan
3401a71f4e Tell the chroot()ed user that "access restrictions apply". 1997-05-21 23:24:41 +00:00
Bill Paul
48d26cf410 Small tweak to the group parsing code to stop it from core dumping
on malformed /etc/group entries. This is a band-aid until I can pull
in the newer group parsing code from getgrent .

Pointed out by: branson@belmakor.hq.ferg.com (Branson Matheson)
1997-05-21 15:10:42 +00:00
Doug Rabson
3c0a9567e5 Changes to support the kernel linker:
Add a -Bforcedynamic option which generates a dynamic object even
	if no shared libraries were given in the link.

	Make RRS in text section warnings conditional on "-assert pure-text"
	so that I can link non-PIC kernel modules without tons of link
	errors.  Changes to bsd.lib.mk to follow.

	Fix a couple of bugs exposed by the fact that the kernel is not
	linked at zero.

Reviewed by:	jdp
1997-05-13 10:23:47 +00:00
Poul-Henning Kamp
798c69cd78 Don't rely on stderr to report bad news. 1997-05-11 14:27:03 +00:00
David Nugent
04a59e678a Fix memory leak caused by not freeing memory returned by cgetstr()
calls. The cost is a little more up-front memory allocation, but the
effect seems minimal.

Problem noticed-by: bde

Added syslog at LOG_ERR when referencing an unknown gettytab entry
and for other cgetent() failues (circular reference et al).

To be merged into 2.2 after a few days testing.
1997-05-11 10:25:38 +00:00
David Nugent
5d0bfe39ec login_getclass() -> login_getpwclass(). 1997-05-10 19:02:03 +00:00
John Polstra
aafb797228 Fix a bug that caused the relocs for linker set members in shared
libraries to come out as 1-byte relocations instead of 4-byte
relocations.

Submitted by:	Doug Rabson <dfr@nlsystems.com>
1997-04-30 05:18:08 +00:00
David Nugent
ea4e54b942 Adds anon ftp virtual host capability to ftpd, using /etc/ftphosts for
definition of a system's virtual hosts.
1997-04-29 12:42:08 +00:00
David Nugent
31fea7b8f2 YAMF2.2: Allow @group entries in /etc/ftpusers & /etc/ftpchroot to deny
and allow chroot access to entire groups.
1997-04-27 08:29:21 +00:00
David Nugent
334ab9fdd0 Document internal ls, how to compile it in and what it changes wrt
anon ftp and chrooted users.
1997-04-26 12:23:51 +00:00
David Nugent
af85d782fd Adds optional "internal ls" support for ftpd, by collecting
modules from src/bin/ls, and handling exec(_PATH_LS,..) as a
special case, very useful in an environment where many users
are given chroot access. "~/etc/{s}pwd.db" files are still
needed if uid/gid->user/group translation is desired.

To enable this it must be compiled with the make variable
FTP_INTERNAL_LS defined, either in /etc/make.conf or the
environment.
1997-04-26 12:12:10 +00:00
David Nugent
b071c689de Add basic login.conf (sans authentication) support. 1997-04-23 04:56:39 +00:00
David Nugent
80b3b7342f Added login.conf support. 1997-04-23 03:06:47 +00:00
Bruce Evans
9453d60b10 Fixed `make depend' and related bogons. LDFLAGS was used for
ld-specific flags.  LDFLAGS is really for ld-related flags for cc,
not for ld, and some flags, e.g., -Bshareable, mean completely
different things to cc and ld.  Having the wrong things in LDFLAGS
also broke the standard ${PROG} target.  This was kludged around
by using a special rule that depended on LDFLAGS being bogus.
Fixing `make depend' broke the special rule but fixed the standard
rule (except in the DESTDIR case, which was handled more strictly
here than elsewhere).
1997-04-16 11:31:32 +00:00
David Nugent
d95f252dfe Remove text about unsupported flags 'mdmbuf', 'local', 'crtscts' etc
that are in reality handled in gettytab.

Document the new 'dialin' and 'network' tty flags.
1997-04-13 21:29:50 +00:00
David Nugent
c4c1e98233 Submitted by: Philippe Charnier <charnier@xp11.frmug.org>
Fixes name size limitation (was hardcoded to 8).
Closes PR#3258
1997-04-12 01:04:50 +00:00
Mike Pritchard
eac60dd633 Ensure that the remote host name is Nul terminated.
Closes PR# 2589.
1997-04-08 20:36:36 +00:00
David Nugent
cbd13fcada Fix for expiration date test. Closes PR#3224. 1997-04-08 12:32:17 +00:00
Joerg Wunsch
758a95b7aa Use MAXHOSTNAMELEN, as opposed to an arbitrary number, and ensure
correct termination if it overflows.

Closes PR # misc/2982.

Submitted by:	Drew Derbyshire <ahd@kew.com>
1997-04-01 20:39:59 +00:00
Peter Wemm
f0ccf9018b Be a bit more careful about what port number we are using for the
second socket.  If we're going to check for reserved ports, we should
do it properly.
1997-03-29 12:35:06 +00:00
Warner Losh
91477cc4d7 compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.
1997-03-28 15:48:21 +00:00
David Nugent
ce862ff5d3 Don't trucate username to 8 characters. 1997-03-25 09:52:38 +00:00
Mike Pritchard
42946c8261 Remove some incorrect text on how passwords are validated.
Closes PR# 3050.

Submitted by:	 Dmitrij Tejblum <dima@tejblum.dnttm.rssi.ru>
1997-03-25 03:45:52 +00:00
Warner Losh
fca08b7cfa Fix non explloitable buffer overflows (since the largest packet processed
precludes it) to keep people from whining about it in the newsgroups and
mailing lists.
1997-03-24 06:04:08 +00:00
Warner Losh
0f5e6a0d00 Fix various buffer overflows that may or may not be exploitable.
Fixes PR 2588

Reviewed by:	Dan Cross?
Submitted by:	Julian Assange
1997-03-24 06:01:39 +00:00
Warner Losh
a51e2c9b04 Julian A's fix. Do chdir as user rather than as root. Fixes a minor NFS
compatibility problem at the same time.  Some buffer made large enough
for worst case hostname.

fixes PR 2593.

Reviewed by:	Dan Cross and maybe others
1997-03-24 05:57:28 +00:00
Mike Pritchard
b225fe2740 Change a reference to NetBSD to FreeBSD. 1997-03-14 06:09:04 +00:00
Peter Wemm
fce15c9ab3 Revert $FreeBSD$ to $Id$ 1997-02-22 15:48:31 +00:00
Peter Wemm
9e522f7a18 Revert $FreeBSD$ to $Id$ 1997-02-22 14:22:49 +00:00
Mike Pritchard
90ac6cd46a #include <string.h> to help silence -Wall. 1997-02-20 23:11:22 +00:00
Guido van Rooij
c65c314e66 Actually allow the -R flag. 1997-02-13 19:24:25 +00:00
David Nugent
26015440b9 Tidy-up modem-chat handling: ensure tty modes are restored to
'sane' standard (not raw) settings before abort/exiting; move
responsibility of setting raw mode for chat-handling out of
chat.c to avoid doing redundant tc{s,g}etattr()s; move DE
pause prior setting standard mode before issue/login prompt to
avoid echoing modem connect strings. Fixed up comment styles
in a couple of places.
1997-02-09 16:12:08 +00:00
Warner Losh
5b266377fd Buffer Overflow from OpenBSD
rev 1.7 deraadt:
	buf oflow
Obtained from: OpenBSD
1997-02-09 04:40:02 +00:00
Warner Losh
70dc969961 Some patches for source routed packets from OpenBSD.
Rev 1.16 deraadt:
	do not warn about valid options; invalid options correctly quit
Rev 1.15 deraadt:
	need not clear options since bad ones cause exit;
	provos@ws1.physnet.uni-hamburg.de
Rev 1.14 deraadt:
	IPOPT_LSRR/IPOPT_SSRR must exit() due to tcp sequencing; pointed
	out by provos@wserver.physnet.uni-hamburg.de. also another 1-char
	buffer overflow.

Reviewed by:    Peter Wemm
Obtained from:  OpenSBD
1997-02-09 04:18:43 +00:00
Warner Losh
2631d5a8d1 Some patches for source routed packets from OpenBSD.
Rev 1.13 deraadt:
	do not warn about valid options; invalid options correctly quit
Rev 1.12 deraadt:
	need not clear options since bad ones cause exit;
	provos@ws1.physnet.uni-hamburg.de
Rev 1.11 deraadt:
	IPOPT_LSRR/IPOPT_SSRR must exit() due to tcp sequencing; pointed
	out by provos@wserver.physnet.uni-hamburg.de. also another 1-char
	buffer overflow.

Reviewed by:	Peter Wemm
Obtained from:	OpenSBD
1997-02-09 04:16:27 +00:00
Jordan K. Hubbard
9a969423ea Fix a hop count datatype bogon pointed out in PR#2642 (though my fix
was slightly different than the one submitted).
Submitted by:	Elmar Bartel <bartel@informatik.tu-muenchen.de>
1997-02-07 20:03:49 +00:00
David Nugent
c2efe923b5 Increased username size to allow passing username:auth_method to
login.
1997-02-07 11:45:10 +00:00
David Nugent
635b1c4908 Make username size dependant on MAXLOGNAME in sys/param.h. Was
previously hard-coded at 16 characters (and possibly overflowing
the field when NUL terminating a username of exactly 16 characters
in length).
1997-02-02 14:43:32 +00:00
David Nugent
fe552114a3 Added:
ic=expect/send script    modem init script
    ac=expect/send script    modem answer script
    ct#val		     chat script timeout (seconds)
    rt#val		     recycle timeout (seconds) if 'ac' set
    dc#val		     debug bitmask for debugging chat scripts
    hw	(boolean)	     enable crtscts handshaking
    if=path		     'issue' file sent prior login prompt

chat.c is a simplistic expect/send chat module.
1997-02-02 14:24:57 +00:00
David Nugent
e91c4f7cc3 Fix bug in %s, %m, %r and %v macros not displaying data. 1997-02-02 07:38:26 +00:00
David Nugent
54472d02d2 Added support for %s (sysname) %m (machine) %r (release) and %v (version)
prompt macros to agree with getty(8).
1997-02-02 07:33:50 +00:00
David Greenman
ac7636cbfc Oops, fix white space in last commit. 1997-01-28 07:09:05 +00:00
David Greenman
0b4df2eec2 Fix signal handler race condition. 1997-01-28 07:06:54 +00:00
Joerg Wunsch
28f9fdc1ae Make even more copies of hostnames obtained by inet_ntoa(). iruserok()
could still clobber the static storage, yielding an error message with
a wrong hostname.
1997-01-27 15:38:46 +00:00
John Polstra
18be4a71df Use xmalloc instead of malloc in two places, so that out-of-memory
conditions will be detected.

Submitted by:	Philippe Charnier <charnier@xp11.frmug.org>
1997-01-24 00:07:03 +00:00
Paul Traina
dfe0d2158e Fix buffer overrun problem.
Cannidate for: 2.2	[must]

Obtained from: Lite/2 and BSDI's published patch
1997-01-18 08:30:01 +00:00
John Polstra
ac6c268b3d Pay attention to the environment variable "LD_IGNORE_MISSING_OBJECTS".
If it is set to a nonempty string, then simply skip any missing
shared libraries.  This came up in a discussion long ago as a
potentially useful feature at sysinstall time.  For example, an
X11 utility could be used without the X libraries being present,
provided the utility had a mode in which no X functions were actually
called.
1997-01-17 20:22:18 +00:00
Alexander Langer
8abdc2eb40 Sweep through the tree fixing mmap() usage:
- Use MAP_FAILED instead of the constant -1 to indicate
    failure (required by POSIX).
  - Removed flag arguments of '0' (required by POSIX).
  - Fixed code which expected an error return of 0.
  - Fixed code which thought any address with the high bit set
    was an error.
  - Check for failure where no checks were present.

Discussed with:	bde
1997-01-16 21:58:40 +00:00
John Polstra
20995a4fcc If a library is found in the hints file, but the library doesn't exist,
ignore the hint.

This is a straightforward fix, and it should go into 2.2 after a burn-in
period of a few days.

Noticed by:	bde
1997-01-14 17:53:55 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00