Commit Graph

72 Commits

Author SHA1 Message Date
des
6a749b9ddc PAMify.
Sponsored by:	DARPA, NAI Labs
2002-05-08 00:43:46 +00:00
des
c8ad3d5e37 YA patch I forgot to commit last night. 2002-03-06 15:23:18 +00:00
imp
905dfa5953 o const poison a few prototypes to avoid gcc3 warnings
o s/err/error/ in a couple places to avoid shadowing warnings
2002-02-07 05:07:04 +00:00
imp
2c6de49189 o __P removal
o new style definitions/declarations
o declare null_conv static and its arguments __unused
2002-02-07 04:58:29 +00:00
kris
c60495e0de Lock down with WFORMAT?=1, with overrides in the subdirectories which
are not yet warning-clean.  Tested on i386 and alpha.
2002-02-04 02:33:51 +00:00
kris
43a9d1849c Mark a function as __printf0like(). This exposes a warning which requires
some code changes to fix but should be possible.

MFC after:	1 week
2002-02-04 01:37:59 +00:00
dd
a145482cf6 Remove whitespace at EOL. 2001-07-15 07:53:42 +00:00
ru
5e14a6862e mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 10:49:54 +00:00
brian
8636b161b3 Fix the type of the NULL arg to execl()
Idea from: Theo de Raadt <deraadt@openbsd.org>
2001-07-09 09:24:06 +00:00
ru
05e503d80a mdoc(7) police: sort SEE ALSO xrefs (sort -b -f +2 -3 +1 -2). 2001-07-06 16:46:48 +00:00
markm
8fce913eef Replacement of the old error() routine with errx(3) was premature.
There are protocol issues to deal with.

Bring back this routine (renamed to avoid a library conflict in libssh)
and overhaul it for more 21st Century style coding.

Pointed out by:	bde
2001-04-29 17:50:29 +00:00
markm
8030ab2f51 Grrr. Fix a line that was fatfingered out during the cleanup.
Submitted by:	bde
Pointy hat:	markm
2001-04-29 09:03:52 +00:00
markm
92fb2502f8 Cleaner method of making PAMable apps static (in the optional case of
wanting static apps).
2001-04-28 15:18:10 +00:00
markm
1b58f2ae27 Allow static linking.
Asked for by:	BDE
2001-04-28 07:44:37 +00:00
markm
652660bca9 Clean up the error handling code a bit. There is no need to "roll our
own" error() routine when errx() is available. This resolves a conflict
when linking statically.
2001-04-28 07:43:01 +00:00
ru
398417e59b mdoc(7) police: cosmetics. 2001-04-04 10:33:13 +00:00
markm
f767ca7e60 Add full PAM support for account management and sessions.
The PAM_FAIL_CHECK and PAM_END macros in su.c came from the util-linux
package's PAM patches to the BSD login.c

Submitted by:	"David J. MacKenzie" <djm@web.us.uu.net>
2001-03-27 19:40:51 +00:00
ru
45d92a4319 - Backout botched attempt to intoduce MANSECT feature.
- MAN[1-9] -> MAN.
2001-03-26 14:22:12 +00:00
ru
a23a98f937 Set the default manual section for libexec/ to 8. 2001-03-20 18:10:13 +00:00
asmodai
7d76aced28 Fix typo: compatability -> compatibility.
Compatability is not an existing english word.
2001-02-06 12:05:58 +00:00
nik
0121023c6d Structure the options listing to be more standard.
The PR also included documentation for other options, but upon
inspection of the source these options aren't used.

PR:             docs/24149
Submitted by:   Jesse Monroy, Jr. <opentrax@email.com>
2001-02-02 03:29:09 +00:00
ru
8a6f8b5fe4 mdoc(7) police: split punctuation characters + misc fixes. 2001-02-01 16:38:02 +00:00
ru
1355982a7e Whitespace-only to sync with -stable. 2000-12-07 15:09:48 +00:00
ru
fda4c0a990 mdoc(7) police: use the new features of the Nm macro. 2000-11-20 14:42:24 +00:00
ben
5eea8e98aa remove trailing periods from SEE ALSO. 2000-11-15 17:27:54 +00:00
ru
1324e3deb9 Removed broken PAM support from rshd(8) and rlogind(8). rshd does
not allocate a pty(4) so it is not suitable at all for interactive
PAM modules.  rlogind calls login(1) which is already PAM enabled.

Approved by:	markm
2000-10-12 07:18:20 +00:00
bsd
688e243e64 Plug the hole where rshd would bypass a proper .rhosts check if the
password was empty.

Reviewed by:	Warner Losh <imp@freebsd.org>
2000-07-05 17:47:17 +00:00
asmodai
f2ebace3ac Remove dead debug code.
This also removes a dependency/reference on COMPAT_43.
2000-04-29 12:02:00 +00:00
markm
8a6c9808f4 Use libcrypto instead of libdes. 2000-02-24 21:18:08 +00:00
shin
9742b65930 sync iruserok() extension API with other BSDs
Some of rcmd related function is need to be updated to
  support IPv6. Some of them are already updated as standard
  document. But there is also several de-facto functions and
  they are not listed in standard documents.
  They are,

    iruserok()  (used by rlogind, rshd)
    ruserok()   (used by kerberos, etc)

  KAME package updated those functions in original way.

    iruserok_af()
    ruserok_af()

  But recently there was discussion on IETF IPng mailing
  list about how to sync those API, and it is decided,

    -Those function is not standard and not documented.
    -But let BSDs sync their API as de-facto.

  And after some discussion, it is announced that

    -add update to iruserok() as iruserok_sa()
    -no ruserok() API change(it is only updated internaly)

So I sync those API before 4.0 is released.
The changes are,
   -prototype changes
   -ruserok() internal update (use iruserok_sa() inside)
   -removal of ruserok_af()
   -change iruserok_af() as static functioin, and also prefix the name with __.
   -add iruserok_sa() (Just call __iruserok_af() inside)
   -adding flag AI_ALL to getipnodebyaddr() called from __icheckhost().
    This is necessary to support IPv4 communication via AF_INET6 socket
    could be correctly authenticated via iruserok_sa()
   -irusreok_af() call is replaced to iruserok_sa() call
    in rlogind, and rshd.

Approved by: jkh
2000-02-01 15:55:56 +00:00
shin
3f107b49a9 Fix rshd coredump when AF_INET socket is used.
Confirmed by: F. Heinrichmeyer <fritz.heinrichmeyer@fernuni-hagen.de>
2000-01-28 20:02:02 +00:00
shin
fc29f7bcf7 several tcp apps IPv6 update
-inetd
 -rshd
 -rlogind
 -telnetd
 -rsh
 -rlogin

Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
2000-01-25 14:52:10 +00:00
phantom
db3639c852 . mdoc(7)'fy
. add Xrs to hosts.equiv(5), auth.conf(5), services(5) to some pages
. sort Xrs in SEE ALSO sections

Patches based on PR:	docs/15680
Submitted by:		Christian Weisgerber <naddy@mips.rhein-neckar.de>
2000-01-07 13:14:32 +00:00
markm
0b2fe68756 Fix for new Kerberos4. Make a fist cut at PAM-ising while I'm here. 1999-09-19 22:05:32 +00:00
markm
b449d99ed7 Fix more Common Error brokenness. 1999-09-06 20:18:44 +00:00
peter
76f0c923fe $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
brian
c6c6c7de65 Ensure that things returned by gethostname() and
friends are terminated and allow for a maximum
host name length of MAXHOSTNAMELEN - 1.
Put parenthesis around sizeof args.
Make some variables static.
Fix telnetd -u (broken by my last commit)

Prompted by: bde
1999-04-07 08:27:45 +00:00
brian
a77173a7cd Use realhostname() rather than various combinations of
gethostbyaddr() & gethostbyname().

Remove brokeness in ftpd for hosts of MAXHOSTNAMELEN length.
1999-04-06 23:06:00 +00:00
asami
7df90d6ad0 Oops, I missed a few more /etc/nologin references yesterday. It appears
my check of the tree was incomplete.  Sorry guys.

Reported by:	Ben Smithurst <ben@scientia.demon.co.uk>
1999-01-12 14:09:23 +00:00
peter
b811a3806f As previously threatened, clean up the rshd -a option and make it default
on rshd and rlogind.  However, note that:
1: rshd used to drop a connection with -a if the hostname != ip address.
   This is unneeded, because iruserok() does it's own checking.
   It was also wrong if .rhosts had an explicit IP address in it,
   connections would be dropped from that host solely because the DNS was
   mismatched even though it was explicitly intended to work by IP address.
2: rlogind and rshd check the hostname mappings by default now because that
   is what goes into the utmp/wtmp and logs.  If the hostname != ip address,
   then it uses the IP address for logging/utmp/wtmp purposes.  There isn't
   much point logging ficticious hostnames.
3: rshd -a is now accepted (but ignored) for compatability.  If you really
   want to make life miserable for people with bad reverse DNS, use tcpd in
   paranoid mode (which is questionable anyway, given DNS ttl tweaking).
1998-12-16 07:20:45 +00:00
bde
1ece6223be Fixed long line in previous commit. 1998-12-03 05:45:18 +00:00
dg
24689f2c76 Added a -D option to turn on TCP_NODELAY. 1998-12-01 23:27:24 +00:00
jb
b3bc350baa Add -lcrypt when building kerberos. 1998-09-05 00:32:27 +00:00
markm
ec4dc9550e Fix LIBDIR (for aout/ELF). 1998-08-06 21:41:13 +00:00
rnordier
9eefc374c7 Replace _exit() with exit()
Pointed out by: Nathan Torkington <gnat@prometheus.frii.com> PR 5585
1998-05-05 00:28:51 +00:00
charnier
8a27726113 Typo. 1997-12-18 07:39:27 +00:00
charnier
a3ea3db575 No \n in syslog() strings. Add man page to Xrefs. Change null byte to NUL byte. 1997-12-02 12:30:04 +00:00
markm
6122273f59 Changes for the new KTH Kerberos4.
Also make -Wall a bit quieter
1997-09-28 08:38:04 +00:00
wosch
6c57ae296c Rshd print to much information if a user does not exists. 1997-07-18 21:04:19 +00:00
davidn
f766bd31c5 login_getclass() -> login_getpwclass(). 1997-05-10 19:02:03 +00:00