technique) so that we don't wind up calling into an application's
version if the application defines them.
Inspired by: qpopper's interfering and buggy version of strlcpy
may be built into libc (`static NSS modules') or dynamically loaded
via dlopen (`dynamic NSS modules'). Modules are loaded/initialized
at configuration time (i.e. when nsdispatch is called and nsswitch.conf
is read or re-read).
= Make the nsdispatch(3) core thread-safe.
= New status code for nsdispatch(3) `NS_RETURN', currently used to
signal ERANGE-type issues.
= syslog(3) problems, don't warn/err/abort.
= Try harder to avoid namespace pollution.
= Implement some shims to assist in porting NSS modules written for
the GNU C Library nsswitch interface.
Sponsored by: DARPA, Network Associates Laboratories
Only warnings that could be fixed without changing the generated object
code and without restructuring the source code have been handled.
Reviewed by: /sbin/md5
- port range check need to be done before htons. from deraadt
- %d/%u audit
- correct bad practice in the code - it uses two changing variables
to manage buffer (buf and buflen). we eliminate buflen and use
fixed point (ep) as the ending pointer.
- use snprintf, not sprintf
- pass correct name into q.name. from lukem@netbsd
- sync comment
Obtained from: KAME
MFC after: 1 week
and getipnodeby*() thread-safe.
Our res_*() is not thread-safe. So, we share lock between
getaddrinfo() and getipnodeby*(). Still, we cannot use
getaddrinfo() and getipnodeby*() in conjunction with other
functions which call res_*().
Requested by: many people
KAME did the modification only to _dns_getaddrinfo(). However,
it is not sufficient, and res_queryN() should be modified, too.
So, I did same modification to res_queryN().
Obtained from: KAME
insure enough space is available for the response, or be prepared
to resize the buffer and retry as necessary.
Do the conservative thing and make sure enough space is available.
Reviewed by: silence on freebsd-audit
to fail needlessly if a reverse DNS lookup of the IP address didn't
come up with a hostname. As a comment in the code clearly stated,
the "damn hostname" was looked up only for the purpose of netgroup
matching. But if that lookup failed, the function bailed out
immediately even though in many cases netgroup matching would not
be used.
This change marks the hostname as unknown but continues. Where
netgroup matching is performed, an unknown hostname is handled
conservatively. I.e., for "+@netgroup" (accept) entries an unknown
hostname never matches, and for "-@netgroup" (reject) entries an
unknown hostname always matches.
In the lines affected (only), I also fixed a few bogus casts. There
are others, and in fact this entire file would be a good candidate
for a cleanup sweep.
Reviewed by: imp (wearing his flourescent yellow Security Team cap)
MFC after: 2 days
supplied buffer in case the size of it was equal to
the number of characters the converted address consumed.
The bug occurred when converting an AF_INET address.
- Remove the SPRINTF macro and use sprintf instead.
- Do not do string formatting using sprintf(3) and a
temporary buffer which is copied when the supplied
buffer provides enough space. Instead, use snprintf(3)
and the real destination buffer, thus avoid the copy.
Reported by: Stefan Farfeleder <e0026813@stud3.tuwien.ac.at> (1)
PR: misc/41289
of our __restrict macro to the prototypes and function
definitions of inet_pton and inet_ntop.
- Use ANSI-C function argument lists.
- Adjust the prototypes in the manual page.
This will make the behavior robuster if many addresses are added
after the size estimation of storage at the first sysctl.
Reviewed by: JINMEI Tatuya <jinmei@isl.rdc.toshiba.co.jp>
MFC after: 1 week
- use strlcpy.
- snprintf can return negative value, so cope with it.
- tweak interface index on interface locals (ff01::/16).
- removed unused macros.
- removed a macro that uses only once (in a trivial context).
- explicitly say goodbye to ENI_xxx.
- constify struct afd.
Obtained from: KAME
MFC after: 1 week
deprecated in favor of the POSIX-defined lowercase variants.
o Change all occurrences of NTOHL() and associated marcros in the
source tree to use the lowercase function variants.
o Add missing license bits to sparc64's <machine/endian.h>.
Approved by: jake
o Clean up <machine/endian.h> files.
o Remove unused __uint16_swap_uint32() from i386's <machine/endian.h>.
o Remove prototypes for non-existent bswapXX() functions.
o Include <machine/endian.h> in <arpa/inet.h> to define the
POSIX-required ntohl() family of functions.
o Do similar things to expose the ntohl() family in libstand, <netinet/in.h>,
and <sys/param.h>.
o Prepend underscores to the ntohl() family to help deal with
complexities associated with having MD (asm and inline) versions, and
having to prevent exposure of these functions in other headers that
happen to make use of endian-specific defines.
o Create weak aliases to the canonical function name to help deal with
third-party software forgetting to include an appropriate header.
o Remove some now unneeded pollution from <sys/types.h>.
o Add missing <arpa/inet.h> includes in userland.
Tested on: alpha, i386
Reviewed by: bde, jake, tmm
change prototypes to be the same as in the original sun tirpc code.
Remove ()P macro in a file where the mayority had ()P already removed.
Add them if the mayority use ()P macros.
Submitted by: mbr
Requested by: bde
- Don't connect datagram socket if RES_INSECURE1.
- Needed to implement IPv6 anycast UDP DNS queries as documented in
<draft-ietf-ipngwg-dns-discovery-03.txt>.
Obtained from: KAME
o Hide nonstandard functions and types in <netinet/in.h> when
_POSIX_SOURCE is defined.
o Add some missing types (required by POSIX.1-200x) to <netinet/in.h>.
o Restore vendor ID from Rev 1.1 in <netinet/in.h> and make use of new
__FBSDID() macro.
o Fix some miscellaneous issues in <arpa/inet.h>.
o Correct final argument for the inet_ntop() function (POSIX.1-200x).
o Get rid of the namespace pollution from <sys/types.h> in
<arpa/inet.h>.
Reviewed by: fenner
Partially submitted by: bde
STANDARDS section of the page. Add one remark there about inet_pton(3)
only understanding decimal values (in contrast to inet_aton(3) and
friends who are happy with 0ac.020.25 for 172.16.0.25).
Caught by: ru
MFC after: 2 days
`warn'. Now a whole 2 members of the err() family don't cause pollution.
This fixes world breakage in awk for NOSHARED worlds. contrib/awk/msg.c
has had its own version of err() for a long time, but this somehow
didn't cause problems until the update to awk-3.1.0.
hosts:!!!!!!!!@@@@@$%^&*()()*$(files{}{}|||++!)(dns
exactly the same as:
hosts: files dns
Recover from parse errors by looking for the end of a line; this
allows entries without errors to still be parsed even if there is
an erroneous entry earlier in the file.
using rcmd directly. This has been in my tree for a long time, but we
may need to sync with OpenBSD before MFC.
Obtained from: openbsd
PR: 15830
MFC after: 2 months
