Commit Graph

134 Commits

Author SHA1 Message Date
David Malone
1051d92c68 Claim maintainership of inetd. 2000-10-21 09:44:46 +00:00
David Malone
f27a3b3e41 Don't leak a file discriptor if a service we've called accept() for
loops.

Submitted by:	Ian Dowse <iedowse@maths.tcd.ie>
2000-10-21 09:43:12 +00:00
David Malone
00205ff618 Make reconfiguring an external service as builtin service work.
PR:		21650
Submitted by:	ben
Tested by:	dan@ducky.nz.freebsd.org
2000-10-02 12:08:27 +00:00
David Malone
957672f9d4 Stop internal ident service spinning until the timeout if the
connection goes away. Spotted by people on -STABLE about 2 weeks
ago.

Submitted by:	Based on a patch by alfred and Maxime Henrion <mux@qualys.com>
2000-10-02 12:04:17 +00:00
David Malone
1b65d153ee Explain "-c" option more exactly and state the default in the man
page.

Add ability to run "inetd -R 0" to disable the default connection
per minute limit of 256 connections. Document this in man page.

Don't use maxchild as a boolean - instead check if it is greater
than zero.

Reviewed by:	sheldonh
Based on a patch by:	Alexander Langer <alex@big.endian.de>
2000-08-03 15:45:38 +00:00
David Malone
2968046ea1 specifer -> specifier 2000-08-03 15:33:39 +00:00
David Malone
8acc38283a Sleep for a second after tcp wrappers rejects a connection, so we
don't traumatise the parent inetd.

Requested by:	wietse@porcupine.org
Approved by:	markm
2000-07-31 13:10:52 +00:00
David Malone
7d37a2e661 Make builtin ident service work if the request arrives in more than
one packet. Also check that the whole request has been recieved
before processing it.

The patch isn't the exact one from the PR, but a slight varient
suggested by Brian.

PR:		16086
Submitted by:	Hajimu UMEMOTO <ume@mahoroba.org>
Reviewed by:	green
2000-07-12 20:49:06 +00:00
Brian Feldman
9e72c31886 Fix the ident server up more: use ssize_t/size_t/socklen_t/int all in the
proper places and make the fakeid parsing code a bit less stupid.  Also,
remove an "Rflag" that snuck in there (-R wouldn't be accepted by it,
anyway).
2000-05-30 22:51:05 +00:00
John Baldwin
1078172a77 Fix a 64-bit'ism in the handling of the ident service. sysctlbyname() takes
a size_t as its 3rd argument, which is 64-bits on the alpha.  The 'len'
variable used was a int, which is only 32-bits.  Use size_t as the type
for 'len' to work-around this.
2000-05-30 18:32:58 +00:00
Sheldon Hearn
6e26837e5f Clarify the use of the auth service's -d option for specifying
a fallback username.

Reviewed by:	green
2000-04-26 10:40:35 +00:00
Hajimu UMEMOTO
612c58996e Make sure to use IPv4 mapped IPv6 address when mapped address is
requested in /etc/inetd.conf.

Reviewed by:	shin
2000-04-02 16:11:14 +00:00
Sheldon Hearn
a3ad0852cc Optimize those services that send only one block of data: use send(2)
with the MSG_EOF flag set instead of write(2).

Submitted by:	David Malone <dwmalone@maths.tcd.ie>
Reviewed by:	wollman
2000-03-28 09:45:19 +00:00
Brian Feldman
7ef719fb93 Allow using "-d username" without "-r". Example:
auth   stream  tcp     nowait  root    internal        auth -d "Only fools trust ident"
2000-03-28 01:10:35 +00:00
Ruslan Ermilov
4049dbb5fc "can received" -> "can receive". 2000-03-22 16:07:32 +00:00
Yoshinobu Inoue
1a0760dd60 Make inetd compilable without INET6.
Approved by: jkh

Submitted by: jhb
2000-03-11 11:28:08 +00:00
Yoshinobu Inoue
a9a948a9bb Fix addr length argument value passed to sendto().
Some inetd internal udp servers didn't worked with problem.
Also fix recvfrom() "fromlen" arg type from int * to socklen_t *.

Approved by: jkh

Submitted by: bde
2000-03-09 15:07:38 +00:00
Sheldon Hearn
46c670939c Clarify the facility used for logging with and without the wrapping
options.

PR:		17017
Submitted by:	Doug Barton <Doug@gorean.org>
2000-03-01 08:20:17 +00:00
Sheldon Hearn
b588cf276b Remove broken hard sentence breaks, which mess up the typeset output. 2000-02-29 17:36:44 +00:00
Yoshinobu Inoue
58af74e6b8 Fix broken inet logging when wrapping options are not specified.
Approved by: jkh

Submitted by: Ben Smithurst <ben@scientia.demon.co.uk>
2000-02-22 00:27:53 +00:00
Luigi Rizzo
8f9196f4a4 Make inetd picobsd friendly, dont use ipsec when RELEASE_CRUNCH
is defined

Approved-by: jordan
2000-02-09 09:04:36 +00:00
Yoshinobu Inoue
ef9c54c751 Fix inetd wrong AF check for RPC services
Incorrect Address Family check is done for RPC services, and
   fail to initialize it.
   The error check is replaced to new one, which checks if IPv4
   bind is enabled or not. (It is disabled when IPv6 numeric
   addr is specified for -a bind address option.)

An review reqeust is once sent to des, but he quit MAINTAINER.

Approved by: jkh
2000-02-03 09:54:49 +00:00
Dag-Erling Smørgrav
e1bbe71749 Drop maintainership of inetd, since nobody respects it anyway. 2000-02-01 09:21:22 +00:00
Yoshinobu Inoue
49de1b5759 Fix inconsistent debug output. (syslog -> warnx)
Specified by: sheldonh

Reviewed by: des
2000-01-28 20:06:15 +00:00
Sheldon Hearn
a35bd5f6f8 Fix English, mdoc and layout of the previous commit, as requested by
the committer (shin).  While I don't have permission for this change
from the inetd maintainer (des), I assume that shin has permission
and I'm just fixing his contribution up for him.

Okay, I couldn't resist, I made some extra changes:

	* Replace ".Tn FreeBSD" with .Fx
	* Make the illegal TCPMUX and IPSEC sections legal subsections
	  of the IMPLEMENTATION NOTES section.

Requested by:	shin
2000-01-28 10:21:19 +00:00
Yoshinobu Inoue
f669e3af26 Avoid verbose error messages when ipsec initialization for sockets failed
usually, and print it only when debug is enabled.
(This always happens when kernel is configured without IPSEC option.)
2000-01-27 14:46:15 +00:00
Yoshinobu Inoue
0cac72f42c several tcp apps IPv6 update
-inetd
 -rshd
 -rlogind
 -telnetd
 -rsh
 -rlogin

Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
2000-01-25 14:52:10 +00:00
Philippe Charnier
e2b7d85745 Do not dot terminate sentences inside FILES section. Lowercase
inside error messages.
2000-01-23 20:17:41 +00:00
Brian Feldman
5a5e442acd I like base-36 better. 2000-01-20 01:49:41 +00:00
Brian Feldman
18338e9e0f Implement -g and -d options in my ident code. The -g flag uses a random
garbage value for the username (hex garbage, that is), and the -d flag
provides a default username for fallback purposes if the user cannot be
looked up.  That is very useful for the case where inetd auth is
running on a NAT box.

While I'm here updating the manpage, clean up an English error and a
few small nits.
2000-01-19 22:03:12 +00:00
Peter Wemm
0b8c4709dc Put the listening socket into non-blocking mode before doing an
accept(2).  This is a not really problem on -current as the accept race
is fixed, however it is a MFC candidate for -stable.

This could possibly be slightly more efficient and leave the listening
socket permanently in non-blocking mode, but I wasn't certain that I
could catch all the stream/wait (not nowait) mode implications.
1999-11-17 03:32:05 +00:00
Philippe Charnier
42474ae390 Do not dot or \n terminate syslog string. 1999-10-13 20:22:13 +00:00
Peter Wemm
97d92980a9 $Id$ -> $FreeBSD$ 1999-08-28 01:35:59 +00:00
Dag-Erling Smørgrav
5dcb6878e1 Pull on my asbestos undies and claim ownership of inetd to prevent further
flamage between our beloved messrs Hearn and Feldman. Further commits go
through me. I urge the contestants to direct their energies at cleaning
up main() in inetd.c, which has over time become a crawling horror.
1999-07-26 08:43:03 +00:00
Brian Feldman
019893b437 Here goes, the "clear up any possible confusion" commit.
I've taken time to write up comments for the ident code tonight,
so there should no longer be any confusion about the purpouse of
whatever is in there. Wow, me commenting code... who'd have thought
that would happen?

Reviewed by:	DES
1999-07-26 07:57:35 +00:00
Sheldon Hearn
daae13874a Bring two wayward memory allocation failure messages in line with
those featured in the rest of the code.
1999-07-26 06:39:46 +00:00
Brian Feldman
ecf12be032 More cleanups to ident_stream. Variables moved around, changed.
Got rid of an extra variable or two, while making corrections to
problems (that would probably not be a problem anyway, and worked.)

Partially Obtained from:	David Malone <dwmalone@maths.tcd.ie>
1999-07-25 23:15:03 +00:00
Brian Feldman
2404a15a12 Correct a groff error in macro usage ("foo : bar" becomes "``foo: bar''").
Document the auth -n flag.
1999-07-24 17:11:50 +00:00
Brian Feldman
2d878a1923 More cleanups, asprintf() usage (proper, as opposed to using snprintf()),
and addition of a -n .noident-checking flag.
1999-07-24 17:06:05 +00:00
Brian Feldman
b52c43b357 Clean up to match style(9) more closely. This should fix the problem of
people having ants in their pants ;)
1999-07-24 16:24:03 +00:00
Sheldon Hearn
9a16e31ade Use comments to group functions by service more clearly. I've used the
excuse of providing the RFC numbers for the associated services.
1999-07-24 13:02:09 +00:00
Sheldon Hearn
6f426a27c5 Style nits:
* Bring memory allocation failure handling in line with that of
	the rest of the code.
      * Nestle block curlies between case statements correctly.

I've left the in-block declarations alone, since style(9) says we should
conform to the existing style within the code, and inetd already does
this. I've left the asprintf()'s in there because that's how Brian wants
it.
1999-07-24 12:35:50 +00:00
Sheldon Hearn
3467b84849 Document the -o and -t options to the internal auth service and give an
example of their usage in the sample config. Merge the two examples
for the green internal auth service.

This commit failed the first time around because Brian beat me to the
punch on inetd.8 . I like my descriptions better and I'm pretty sure
Brian won't mind.
1999-07-23 15:49:34 +00:00
Brian Feldman
e1c77598be Ahem. Put things back a bit. I declare variables in the scope they're
used! I don't declare every variable at the top of a function because
that wastes stack space. I've clarified the error a bit (for if asprintf()
filas.)
1999-07-23 15:49:14 +00:00
Brian Feldman
763c487788 As per DES's prodding, document _all_ the arguments to inetd's auth
service. This includes the -o "operating system" argument and the -t
"timeout" argument.
1999-07-23 15:37:39 +00:00
Sheldon Hearn
56658bf1e6 Style cleanups for iderror() and ident_stream(). Looks like c++ hang-over.
;-)
1999-07-23 15:26:42 +00:00
Sheldon Hearn
3d1171b5b4 Fix auth -t argument handling. It was broken for the "sec.usec" case.
Add a warning for bogus -t arguments for the (debug) case.
1999-07-23 15:00:07 +00:00
Dag-Erling Smørgrav
fc2cff3185 Don't match up TCP services with UDP sockets. 1999-07-23 14:45:21 +00:00
Brian Feldman
e26aedfbf8 Fixed a braino: lack of spaces in sscanf caused ident parsing to fail.
Sorry, guys.
1999-07-23 03:51:52 +00:00
Brian Feldman
202a23238e "knobs are cheap". Here's a -t timeout option for the internal ident
service. It takes a number (w/ or w/out .usec) as an argument.
1999-07-22 21:42:49 +00:00